michael1991
-
Items
322 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door michael1991
-
linux verwijderen
michael1991 reageerde op michael1991's topic in Archief Linux, Mac OS & andere besturingssystemen
er is iets misgelopen mss wel me eigen fout maar windows werkt op zen geheel niet meer (zit op ander pc) dan maar de grove middelen en boeltje aant formateren nu :S natuurrlijk paar fotos kwijt -
linux verwijderen
michael1991 reageerde op michael1991's topic in Archief Linux, Mac OS & andere besturingssystemen
Ik denk dat ik voor het eerste zal kiezen. Tzal de letter F dragen want de D is al bezet recover en de E is me dvd station -
Activiteiten op computerscherm filmen
michael1991 reageerde op Dippie's topic in Archief Andere software
Hypercam 2 is ook een optie. Maar enig nadeel heb je een onopvallend watermerk rechtsboven Link -
linux verwijderen
michael1991 reageerde op michael1991's topic in Archief Linux, Mac OS & andere besturingssystemen
Hier de afbeelding Sorry voor de hele late reactie. Komt omdat ik een andere probleem had op een andere pc -
verbinding met modem, maar geen internet
michael1991 reageerde op michael1991's topic in Archief Internet & Netwerk
voorlopig klopt alles. Maar ik zou dat moeten checken als die weer op " alleen lokaal"' staat. -
virussen + internet zeer erg traag
michael1991 reageerde op michael1991's topic in Archief Bestrijding malware & virussen
veel verbeterd. bedankt voor de goede hulp Nog een vraagje was deze virussen ernstig? of viel het al bij al mee? -
verbinding met modem, maar geen internet
michael1991 reageerde op michael1991's topic in Archief Internet & Netwerk
soms verschijnt hij dus met "'alleen lokaal'' en kan je dus niet op internet.. ik zie dat mij ip adres niet klopt met wat dit erop staat: IPv4-adres. . . . . . . . . . . . : 192.168.0.142(voorkeur) en me ip adres is 178-119-228-11 normaal gezien Vroeger hadden we belgacom maar we zijn dus verhuist naar telenet. -
verbinding met modem, maar geen internet
michael1991 reageerde op michael1991's topic in Archief Internet & Netwerk
Windows IP-configuratie Hostnaam . . . . . . . . . . . . : rwema-PC Primair DNS-achtervoegsel . . . . : Knooppunttype . . . . . . . . . . : hybride IP-routering ingeschakeld . . . . : nee WINS-proxy ingeschakeld . . . . . : nee DNS-achtervoegselzoeklijst. . . . : lan_dn Adapter voor draadloos LAN Wireless Network Connection: Verbindingsspec. DNS-achtervoegsel: lan_dn Beschrijving. . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card Fysiek adres. . . . . . . . . . . : 00-22-5F-B8-2E-71 DHCP ingeschakeld . . . . . . . . : ja Autom. configuratie ingeschakeld : ja Link-local IPv6-adres . . . . . . : fe80::c185:8a61:c034:5852%12(voorkeur) IPv4-adres. . . . . . . . . . . . : 192.168.0.142(voorkeur) Subnetmasker. . . . . . . . . . . : 255.255.255.0 Lease verkregen . . . . . . . . . : vrijdag 27 mei 2011 14:21:45 Lease verlopen. . . . . . . . . . : vrijdag 27 mei 2011 17:39:59 Standaardgateway. . . . . . . . . : 192.168.0.1 DHCP-server . . . . . . . . . . . : 192.168.0.1 DHCPv6 IAID . . . . . . . . . . . : 201335391 DHCPv6-client DUID. . . . . . . . : 00-01-00-01-11-D3-BA-3A-00-22-19-F6-65-0B DNS-servers . . . . . . . . . . . : 195.130.130.133 195.130.131.133 NetBIOS via TCPIP . . . . . . . . : ingeschakeld Ethernet-adapter Local Area Connection: Mediumstatus. . . . . . . . . . . : medium ontkoppeld Verbindingsspec. DNS-achtervoegsel: lan_dn Beschrijving. . . . . . . . . . . : Broadcom NetLink Gigabit Ethernet Fysiek adres. . . . . . . . . . . : 00-22-19-F6-65-0B DHCP ingeschakeld . . . . . . . . : ja Autom. configuratie ingeschakeld : ja Tunnel-adapter Local Area Connection* 7: Verbindingsspec. DNS-achtervoegsel: Beschrijving. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Fysiek adres. . . . . . . . . . . : 02-00-54-55-4E-01 DHCP ingeschakeld . . . . . . . . : nee Autom. configuratie ingeschakeld : ja IPv6-adres. . . . . . . . . . . . : 2001:0:5ef5:79fd:18ce:445:4d88:1bf4(voorkeur) Link-local IPv6-adres . . . . . . : fe80::18ce:445:4d88:1bf4%10(voorkeur) Standaardgateway. . . . . . . . . : :: NetBIOS via TCPIP . . . . . . . . : uitgeschakeld Tunnel-adapter Local Area Connection* 11: Mediumstatus. . . . . . . . . . . : medium ontkoppeld Verbindingsspec. DNS-achtervoegsel: lan_dn Beschrijving. . . . . . . . . . . : isatap.lan_dn Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP ingeschakeld . . . . . . . . : nee Autom. configuratie ingeschakeld : ja -
virussen + internet zeer erg traag
michael1991 reageerde op michael1991's topic in Archief Bestrijding malware & virussen
ComboFix 11-05-25.01 - rwema 27-05-2011 14:33:54.6.2 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.4054.2125 [GMT 2:00] Lancé depuis: c:\users\rwema\Desktop\ComboFix.exe Commutateurs utilisés :: c:\users\rwema\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-04-27 au 2011-05-27 )))))))))))))))))))))))))))))))))))) . . 2011-05-27 21:46 . 2011-05-27 21:47 -------- d-----w- c:\windows\SysWow64\drivers\nl-NL 2011-05-27 21:46 . 2011-05-27 21:46 -------- d-----w- c:\windows\system32\drivers\UMDF\nl-NL 2011-05-27 21:46 . 2011-05-27 21:46 3584 ----a-w- c:\windows\system32\Spool\prtprocs\x64\nl-NL\LMPRTPRC.DLL.mui 2011-05-27 21:43 . 2011-05-27 21:43 -------- d-----w- c:\windows\system32\0413 2011-05-27 21:43 . 2011-05-27 21:47 -------- d-----w- c:\windows\nl-NL 2011-05-27 21:43 . 2011-05-27 21:46 -------- d-----w- c:\windows\system32\drivers\nl-NL 2011-05-27 21:43 . 2011-05-27 21:46 -------- d-----w- c:\windows\system32\nl 2011-05-27 21:43 . 2011-05-27 21:46 -------- d-----w- c:\windows\system32\wbem\nl-NL 2011-05-27 21:43 . 2011-05-27 21:47 -------- d-----w- c:\windows\SysWow64\nl 2011-05-27 21:43 . 2011-05-27 21:47 -------- d-----w- c:\windows\SysWow64\wbem\nl-NL 2011-05-27 21:41 . 2011-05-27 21:41 -------- d-----w- c:\windows\system32\Vistalizator 2011-05-27 20:51 . 2011-05-27 20:51 -------- d-----w- c:\program files (x86)\Common Files\Futuremark Shared 2011-05-27 12:48 . 2011-05-27 12:48 -------- d-----w- c:\users\rwema\AppData\Local\temp 2011-05-27 12:48 . 2011-05-27 12:48 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-05-27 12:28 . 2011-05-18 10:37 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7E7C4BC-C515-4D56-BC8E-0139685CB435}\mpengine.dll 2011-05-26 13:09 . 2011-05-10 11:59 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-05-26 13:09 . 2011-05-10 12:04 287576 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-05-26 13:09 . 2011-05-10 12:02 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-05-26 13:09 . 2011-05-10 11:59 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-05-26 13:09 . 2011-05-10 12:04 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-05-26 13:09 . 2011-05-10 12:10 253888 ----a-w- c:\windows\system32\aswBoot.exe 2011-05-26 13:09 . 2011-05-10 11:59 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-05-26 13:08 . 2011-05-10 12:10 40112 ----a-w- c:\windows\avastSS.scr 2011-05-26 13:08 . 2011-05-10 12:10 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-05-26 13:08 . 2011-05-26 13:08 -------- d-----w- c:\programdata\AVAST Software 2011-05-26 13:08 . 2011-05-26 13:08 -------- d-----w- c:\program files\AVAST Software 2011-05-26 13:01 . 2011-02-02 16:11 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-05-11 18:53 . 2011-04-07 12:02 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-05-11 18:53 . 2011-04-07 12:01 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat 2011-05-10 16:31 . 2011-05-10 16:31 -------- d-----w- c:\users\rwema\AppData\Roaming\pigeonplanner 2011-05-06 13:19 . 2011-05-06 13:19 -------- d-----w- c:\programdata\Hagel Technologies 2011-05-06 13:19 . 2011-05-06 13:19 -------- d-----w- c:\program files (x86)\DU Meter 2011-05-03 17:11 . 2011-05-03 17:11 -------- d-----w- c:\program files\Speccy 2011-04-30 16:06 . 2011-04-30 16:06 -------- d-----w- c:\users\rwema\AppData\Roaming\Malwarebytes 2011-04-30 16:05 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-04-30 16:05 . 2011-04-30 16:05 -------- d-----w- c:\programdata\Malwarebytes 2011-04-30 16:05 . 2011-04-30 16:05 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-04-30 16:05 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-04-28 10:40 . 2011-03-12 22:52 1653760 ----a-w- c:\windows\system32\XpsPrint.dll 2011-04-28 10:40 . 2011-03-12 21:55 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2011-04-28 10:39 . 2011-03-03 15:59 32256 ----a-w- c:\windows\system32\Apphlpdm.dll 2011-04-28 10:39 . 2011-03-03 15:40 28672 ----a-w- c:\windows\SysWow64\Apphlpdm.dll 2011-04-28 10:39 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\SysWow64\GameUXLegacyGDFs.dll 2011-04-28 10:39 . 2011-03-03 14:00 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-27 21:47 . 2011-05-27 21:47 3072 ----a-w- c:\windows\SysWow64\drivers\nl-NL\qwavedrv.sys.mui 2011-05-27 21:46 . 2011-05-27 21:46 3584 ----a-w- c:\windows\SysWow64\drivers\nl-NL\pacer.sys.mui 2011-05-27 21:43 . 2011-05-27 21:43 24576 ----a-w- c:\windows\web\ts\bin\nl\TSPortalWebPart.resources.dll 2011-03-10 17:18 . 2011-04-16 12:13 1360384 ----a-w- c:\windows\system32\mfc42u.dll 2011-03-10 17:18 . 2011-04-16 12:13 1398784 ----a-w- c:\windows\system32\mfc42.dll 2011-03-10 17:03 . 2011-04-16 12:13 1162240 ----a-w- c:\windows\SysWow64\mfc42u.dll 2011-03-10 17:03 . 2011-04-16 12:13 1136640 ----a-w- c:\windows\SysWow64\mfc42.dll 2011-03-03 16:02 . 2011-04-16 12:13 975872 ----a-w- c:\windows\system32\inetcomm.dll 2011-03-03 15:59 . 2011-04-28 10:39 100352 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2011-03-03 15:59 . 2011-04-28 10:39 331776 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2011-03-03 15:59 . 2011-04-28 10:39 284672 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2011-03-03 15:42 . 2011-04-16 12:13 739328 ----a-w- c:\windows\SysWow64\inetcomm.dll 2011-03-03 15:40 . 2011-04-28 10:39 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll 2011-03-03 15:40 . 2011-04-28 10:39 542720 ----a-w- c:\windows\apppatch\AcLayers.dll 2011-03-03 15:40 . 2011-04-28 10:39 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2011-03-03 15:40 . 2011-04-28 10:39 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll 2011-03-03 13:46 . 2011-04-16 12:13 2762240 ----a-w- c:\windows\system32\win32k.sys 2011-03-02 16:12 . 2011-04-16 12:13 117760 ----a-w- c:\windows\system32\dnsrslvr.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-05-26_12.35.18 ))))))))))))))))))))))))))))))))))))))))) . + 2011-05-27 21:47 . 2011-05-27 21:47 51788 c:\windows\SysWOW64\Printing_Admin_Scripts\nl-NL\prnqctl.vbs + 2011-05-27 21:47 . 2011-05-27 21:47 57516 c:\windows\SysWOW64\Printing_Admin_Scripts\nl-NL\prnport.vbs + 2011-05-27 21:47 . 2011-05-27 21:47 81922 c:\windows\SysWOW64\Printing_Admin_Scripts\nl-NL\prnmngr.vbs + 2011-05-27 21:47 . 2011-05-27 21:47 70444 c:\windows\SysWOW64\Printing_Admin_Scripts\nl-NL\prnjobs.vbs + 2011-05-27 21:47 . 2011-05-27 21:47 52506 c:\windows\SysWOW64\Printing_Admin_Scripts\nl-NL\prndrvr.vbs + 2011-05-27 21:43 . 2011-05-27 21:43 13312 c:\windows\SysWOW64\nl\mtedit.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 12608 c:\windows\SysWOW64\MUI\0413\mscorees.dll + 2011-05-27 21:46 . 2011-05-27 21:46 73728 c:\windows\SysWOW64\inetsrv\nl\Microsoft.Web.Management.resources.dll + 2011-05-27 21:46 . 2011-05-27 21:46 73728 c:\windows\SysWOW64\inetsrv\nl\Microsoft.Web.Management.AspnetClient.resources.dll + 2008-01-21 03:20 . 2011-05-27 12:22 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-01-21 03:20 . 2011-05-20 20:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-01-21 03:20 . 2011-05-20 20:50 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-01-21 03:20 . 2011-05-27 12:22 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-01-21 03:20 . 2011-05-20 20:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-01-21 03:20 . 2011-05-27 12:22 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-01-21 02:23 . 2011-05-27 21:55 66072 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2006-11-02 15:45 . 2011-05-27 12:23 91350 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2009-07-27 21:38 . 2011-05-27 12:23 21402 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3916401253-1491523390-1999398694-1000_UserData.bin + 2011-05-27 21:45 . 2011-05-27 21:45 51788 c:\windows\system32\Printing_Admin_Scripts\nl-NL\prnqctl.vbs + 2011-05-27 21:45 . 2011-05-27 21:45 57516 c:\windows\system32\Printing_Admin_Scripts\nl-NL\prnport.vbs + 2011-05-27 21:45 . 2011-05-27 21:45 81922 c:\windows\system32\Printing_Admin_Scripts\nl-NL\prnmngr.vbs + 2011-05-27 21:45 . 2011-05-27 21:45 70444 c:\windows\system32\Printing_Admin_Scripts\nl-NL\prnjobs.vbs + 2011-05-27 21:45 . 2011-05-27 21:45 52506 c:\windows\system32\Printing_Admin_Scripts\nl-NL\prndrvr.vbs + 2011-05-27 21:43 . 2011-05-27 21:43 13312 c:\windows\system32\nl\mtedit.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 12112 c:\windows\system32\MUI\0413\mscorees.dll + 2011-05-27 21:43 . 2011-05-27 21:43 38760 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\nl\WsatConfig.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 36864 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\nl\System.ServiceModel.Install.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 16232 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\nl\SMSvcHost.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 34672 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\nl\ServiceModelReg.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 28672 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\nl\Microsoft.Transactions.Bridge.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 38760 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\nl\ComSvcConfig.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 81920 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Web.Services.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 40960 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Web.Mobile.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 16384 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Transactions.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 40960 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.ServiceProcess.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 28672 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Security.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 11264 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Runtime.Serialization.Formatters.Soap.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 32768 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Runtime.Remoting.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 77824 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Messaging.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 13824 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Management.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 32768 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.EnterpriseServices.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 24576 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Drawing.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 40960 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.DirectoryServices.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 28672 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.DirectoryServices.Protocols.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 36864 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\system.data.sqlxml.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 49152 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Configuration.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 28672 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Configuration.Install.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 10752 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\sysglobl.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 93520 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\ShFusRes.dll + 2011-05-27 21:43 . 2011-05-27 21:43 11264 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\Regasm.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 13312 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\MSBuild.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 57344 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\Microsoft.VisualBasic.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 45056 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\Microsoft.JScript.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 10240 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\Microsoft.Build.Utilities.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 53248 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\Microsoft.Build.Engine.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 36864 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\caspol.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 36864 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\aspnet_regsql.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 88912 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\aspnet_rc.dll + 2011-05-27 21:43 . 2011-05-27 21:43 28496 c:\windows\Microsoft.NET\Framework64\v2.0.50727\MUI\0413\mscorsecr.dll + 2011-05-27 21:43 . 2011-05-27 21:43 10560 c:\windows\Microsoft.NET\Framework64\v2.0.50727\1043\CvtResUI.dll + 2011-05-27 21:43 . 2011-05-27 21:43 27984 c:\windows\Microsoft.NET\Framework64\v2.0.50727\1043\alinkui.dll + 2011-05-27 21:43 . 2011-05-27 21:43 38744 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\nl\WsatConfig.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 36864 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\nl\System.ServiceModel.Install.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 16232 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\nl\SMSvcHost.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 34672 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\nl\ServiceModelReg.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 28672 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\nl\Microsoft.Transactions.Bridge.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 38760 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\nl\ComSvcConfig.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Web.Services.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Web.Mobile.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 16384 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Transactions.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.ServiceProcess.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Security.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 11264 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Runtime.Serialization.Formatters.Soap.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Runtime.Remoting.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Messaging.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Management.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.EnterpriseServices.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Drawing.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.DirectoryServices.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.DirectoryServices.Protocols.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\system.data.sqlxml.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 49152 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Configuration.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Configuration.Install.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\sysglobl.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 93008 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\ShFusRes.dll + 2011-05-27 21:43 . 2011-05-27 21:43 11264 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\Regasm.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\MSBuild.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 57344 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\Microsoft.VisualBasic.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 45056 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\Microsoft.JScript.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 10240 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\Microsoft.Build.Utilities.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\Microsoft.Build.Engine.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\caspol.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\aspnet_regsql.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 89424 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\aspnet_rc.dll + 2011-05-27 21:43 . 2011-05-27 21:43 29008 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0413\mscorsecr.dll + 2011-05-27 21:43 . 2011-05-27 21:43 11072 c:\windows\Microsoft.NET\Framework\v2.0.50727\1043\CvtResUI.dll + 2011-05-27 21:43 . 2011-05-27 21:43 28496 c:\windows\Microsoft.NET\Framework\v2.0.50727\1043\alinkui.dll + 2011-05-27 21:43 . 2011-05-27 21:43 41976 c:\windows\inf\PERFLIB\0413\perfd.dat + 2011-05-27 21:43 . 2011-05-27 21:43 41976 c:\windows\inf\PERFLIB\0413\perfc.dat + 2011-05-27 21:43 . 2011-05-27 21:43 86016 c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_nl_31bf3856ad364e35\WindowsBase.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 10240 c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_nl_31bf3856ad364e35\UIAutomationTypes.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 12288 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_nl_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 36864 c:\windows\assembly\GAC_MSIL\system.workflow.runtime.resources\3.0.0.0_nl_31bf3856ad364e35\System.Workflow.Runtime.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 81920 c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Web.Services.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 40960 c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 16384 c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_nl_b77a5c561934e089\System.Transactions.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 61440 c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_nl_31bf3856ad364e35\System.Speech.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 40960 c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 36864 c:\windows\assembly\GAC_MSIL\system.servicemodel.install.resources\3.0.0.0_nl_b77a5c561934e089\System.ServiceModel.Install.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 28672 c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Security.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 90112 c:\windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_nl_b77a5c561934e089\System.RunTime.Serialization.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 11264 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 32768 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_nl_b77a5c561934e089\System.Runtime.Remoting.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 28672 c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_nl_31bf3856ad364e35\System.Printing.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 77824 c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Messaging.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 13824 c:\windows\assembly\GAC_MSIL\system.management.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Management.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 11264 c:\windows\assembly\GAC_MSIL\system.io.log.resources\3.0.0.0_nl_b03f5f7f11d50a3a\System.IO.Log.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 53248 c:\windows\assembly\GAC_MSIL\system.identitymodel.selectors.resources\3.0.0.0_nl_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 61440 c:\windows\assembly\GAC_MSIL\system.identitymodel.resources\3.0.0.0_nl_b77a5c561934e089\System.IdentityModel.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 32768 c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.EnterpriseServices.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 24576 c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Drawing.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 40960 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.DirectoryServices.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 28672 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 36864 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_nl_b77a5c561934e089\system.data.sqlxml.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 49152 c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Configuration.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 28672 c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Configuration.Install.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 10752 c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_nl_b03f5f7f11d50a3a\sysglobl.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 40960 c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_nl_31bf3856ad364e35\ReachFramework.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 53248 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_nl_31bf3856ad364e35\PresentationBuildTasks.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 40960 c:\windows\assembly\GAC_MSIL\napinit.resources\6.0.0.0_nl_31bf3856ad364e35\napinit.Resources.dll + 2011-05-27 21:46 . 2011-05-27 21:46 36864 c:\windows\assembly\GAC_MSIL\MMCEx.Resources\3.0.0.0_nl_31bf3856ad364e35\MMCEx.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 11776 c:\windows\assembly\GAC_MSIL\Microsoft.Windows.Bits.Iisextension.Resources\6.0.0.0_nl_31bf3856ad364e35\Microsoft.Windows.Bits.Iisextension.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 81920 c:\windows\assembly\GAC_MSIL\Microsoft.Web.Management.Resources\7.0.0.0_nl_31bf3856ad364e35\Microsoft.Web.Management.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 73728 c:\windows\assembly\GAC_MSIL\Microsoft.Web.Management.AspnetClient.Resources\7.0.0.0_nl_31bf3856ad364e35\Microsoft.Web.Management.AspnetClient.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 57344 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 28672 c:\windows\assembly\GAC_MSIL\microsoft.transactions.bridge.resources\3.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll + 2011-05-27 21:46 . 2011-05-27 21:46 73728 c:\windows\assembly\GAC_MSIL\Microsoft.Tpm.Resources\6.0.0.0_nl_31bf3856ad364e35\microsoft.tpm.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 61440 c:\windows\assembly\GAC_MSIL\Microsoft.Storage.NfsCommon.Resources\1.0.0.0_nl_31bf3856ad364e35\Microsoft.Storage.NfsCommon.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 57344 c:\windows\assembly\GAC_MSIL\Microsoft.RightsManagementServices.UpgradeWizard.resources\6.0.0.0_nl_31bf3856ad364e35\Microsoft.RightsManagementServices.UpgradeWizard.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 20480 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.Resources\1.0.0.0_nl_31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 16896 c:\windows\assembly\GAC_MSIL\Microsoft.ManagementConsole.Resources\3.0.0.0_nl_31bf3856ad364e35\Microsoft.ManagementConsole.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 45056 c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.JScript.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 10240 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.resources\2.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 53248 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 77824 c:\windows\assembly\GAC_MSIL\DfsrAdmin.Resources\1.0.0.0_nl_31bf3856ad364e35\DfsrAdmin.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 98304 c:\windows\assembly\GAC_MSIL\CfsCommonUIFx.Resources\1.0.0.0_nl_31bf3856ad364e35\CfsCommonUIFx.Resources.dll + 2011-05-27 21:47 . 2011-05-27 21:47 7466 c:\windows\SysWOW64\Printing_Admin_Scripts\nl-NL\pubprn.vbs + 2011-05-27 21:46 . 2011-05-27 21:46 7168 c:\windows\SysWOW64\inetsrv\nl\Microsoft.Web.Management.Iis.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 6144 c:\windows\SysWOW64\inetsrv\nl\Microsoft.Web.Management.Aspnet.resources.dll + 2011-05-27 21:46 . 2011-05-27 21:46 6656 c:\windows\SysWOW64\inetsrv\nl\Microsoft.Web.Administration.resources.dll + 2011-05-27 21:45 . 2011-05-27 21:45 7466 c:\windows\system32\Printing_Admin_Scripts\nl-NL\pubprn.vbs + 2011-05-27 12:20 . 2011-05-27 12:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-05-26 12:10 . 2011-05-26 12:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-05-27 12:20 . 2011-05-27 12:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-05-26 12:10 . 2011-05-26 12:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-05-27 21:43 . 2011-05-27 21:43 5120 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\nl\SMDiagnostics.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 5120 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\nl\Microsoft.Transactions.Bridge.Dtc.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 6144 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Drawing.Design.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 7168 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\JSC.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 4096 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\InstallUtil.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 5120 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\aspnet_regbrowsers.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 8704 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\aspnet_compiler.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 5120 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\nl\SMDiagnostics.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 5120 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\nl\Microsoft.Transactions.Bridge.Dtc.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 6144 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Drawing.Design.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\JSC.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 4096 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\InstallUtil.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\aspnet_regbrowsers.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 8704 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\aspnet_compiler.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 9216 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\NL\Microsoft.VisualBasic.Compatibility.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 9216 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\NL\Microsoft.VisualBasic.Compatibility.Data.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 5632 c:\windows\assembly\GAC_MSIL\wsbcmdlet.resources\6.0.0.0_nl_31bf3856ad364e35\wsbcmdlet.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 4608 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_nl_31bf3856ad364e35\WindowsFormsIntegration.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 4096 c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_nl_31bf3856ad364e35\UIAutomationProvider.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 4096 c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_nl_31bf3856ad364e35\UIAutomationClient.resources.dll + 2011-05-27 21:46 . 2011-05-27 21:46 6656 c:\windows\assembly\GAC_MSIL\TaskScheduler.Resources\6.0.0.0_nl_31bf3856ad364e35\TaskScheduler.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 6144 c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Drawing.Design.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 5120 c:\windows\assembly\GAC_MSIL\smdiagnostics.resources\3.0.0.0_nl_b77a5c561934e089\SMDiagnostics.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 4608 c:\windows\assembly\GAC_MSIL\MMCFxCommon.Resources\3.0.0.0_nl_31bf3856ad364e35\MMCFxCommon.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 6144 c:\windows\assembly\GAC_MSIL\Microsoft.Web.Management.Iis.Resources\7.0.0.0_nl_31bf3856ad364e35\Microsoft.Web.Management.Iis.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 6144 c:\windows\assembly\GAC_MSIL\Microsoft.Web.Management.Aspnet.Resources\7.0.0.0_nl_31bf3856ad364e35\Microsoft.Web.Management.Aspnet.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 7168 c:\windows\assembly\GAC_MSIL\Microsoft.Web.Administration.Resources\7.0.0.0_nl_31bf3856ad364e35\Microsoft.Web.Administration.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 9216 c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 9216 c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 5120 c:\windows\assembly\GAC_MSIL\microsoft.transactions.bridge.dtc.resources\3.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 8704 c:\windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.Resources\1.0.0.0_nl_31bf3856ad364e35\Microsoft.PowerShell.Security.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 9216 c:\windows\assembly\GAC_MSIL\EventViewer.Resources\6.0.0.0_nl_31bf3856ad364e35\EventViewer.resources.dll + 2011-05-27 21:47 . 2011-05-27 21:47 106640 c:\windows\SysWOW64\Printing_Admin_Scripts\nl-NL\prncnfg.vbs + 2011-05-27 21:47 . 2011-05-27 21:47 172032 c:\windows\SysWOW64\nl\AuthFWWizFwk.Resources.dll + 2011-05-27 21:46 . 2011-05-27 21:46 233472 c:\windows\SysWOW64\inetsrv\nl\Microsoft.Web.Management.IisClient.resources.dll + 2009-07-30 04:31 . 2011-05-27 19:24 327408 c:\windows\system32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2011-05-27 21:41 . 2011-05-27 21:48 121478 c:\windows\system32\Vistalizator\Languages.dat + 2011-05-27 21:45 . 2011-05-27 21:45 106640 c:\windows\system32\Printing_Admin_Scripts\nl-NL\prncnfg.vbs + 2006-11-02 12:46 . 2011-05-27 21:59 668178 c:\windows\system32\perfh009.dat - 2006-11-02 12:46 . 2011-05-04 12:28 668178 c:\windows\system32\perfh009.dat + 2006-11-02 12:46 . 2011-05-27 21:59 133776 c:\windows\system32\perfc009.dat - 2006-11-02 12:46 . 2011-05-04 12:28 133776 c:\windows\system32\perfc009.dat + 2011-05-27 21:43 . 2011-05-27 21:43 159744 c:\windows\system32\nl\Narrator.resources.dll + 2011-05-27 21:46 . 2011-05-27 21:46 172032 c:\windows\system32\nl\AuthFWWizFwk.Resources.dll - 2010-10-23 14:47 . 2011-05-26 12:04 316848 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2010-10-23 14:47 . 2011-05-26 23:07 316848 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2011-03-25 22:32 . 2011-05-25 18:41 317616 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-12288.dat + 2011-03-25 22:32 . 2011-05-26 14:56 317616 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-12288.dat + 2011-05-27 21:43 . 2011-05-27 21:43 368640 c:\windows\Microsoft.NET\Framework64\v3.0\WPF\nl\PresentationUI.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 921600 c:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\nl\infocard.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 163840 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.xml.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 446464 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Windows.Forms.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 626688 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Web.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 208896 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\system.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 544768 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Design.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 413696 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Deployment.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 348160 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Data.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 110592 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\System.Data.OracleClient.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 402256 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\mscorrc.dll + 2011-05-27 21:43 . 2011-05-27 21:43 303104 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\mscorlib.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 139264 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\Microsoft.Build.Tasks.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 315392 c:\windows\Microsoft.NET\Framework64\v2.0.50727\nl\aspnetmmcext.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 217416 c:\windows\Microsoft.NET\Framework64\v2.0.50727\1043\vbc7ui.dll + 2011-05-27 21:43 . 2011-05-27 21:43 161104 c:\windows\Microsoft.NET\Framework64\v2.0.50727\1043\cscompui.dll + 2011-05-27 21:43 . 2011-05-27 21:43 368640 c:\windows\Microsoft.NET\Framework\v3.0\WPF\nl\PresentationUI.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 864256 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\nl\infocard.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 163840 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.xml.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 446464 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Windows.Forms.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Web.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 208896 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\system.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 544768 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Design.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 413696 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Deployment.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Data.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\System.Data.OracleClient.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 402752 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\mscorrc.dll + 2011-05-27 21:43 . 2011-05-27 21:43 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\mscorlib.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 139264 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\Microsoft.Build.Tasks.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 315392 c:\windows\Microsoft.NET\Framework\v2.0.50727\nl\aspnetmmcext.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 247624 c:\windows\Microsoft.NET\Framework\v2.0.50727\1043\Vsavb7rtUI.dll + 2011-05-27 21:43 . 2011-05-27 21:43 217928 c:\windows\Microsoft.NET\Framework\v2.0.50727\1043\vbc7ui.dll + 2011-05-27 21:43 . 2011-05-27 21:43 161616 c:\windows\Microsoft.NET\Framework\v2.0.50727\1043\cscompui.dll + 2011-05-26 13:08 . 2011-05-26 13:08 219648 c:\windows\Installer\35bdb9.msi + 2011-05-27 21:43 . 2011-05-27 21:43 336440 c:\windows\inf\PERFLIB\0413\perfi.dat + 2011-05-27 21:43 . 2011-05-27 21:43 336440 c:\windows\inf\PERFLIB\0413\perfh.dat + 2011-05-27 21:43 . 2011-05-27 21:43 163840 c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_nl_b77a5c561934e089\System.xml.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 307200 c:\windows\assembly\GAC_MSIL\system.workflow.componentmodel.resources\3.0.0.0_nl_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 184320 c:\windows\assembly\GAC_MSIL\system.workflow.activities.resources\3.0.0.0_nl_31bf3856ad364e35\System.Workflow.Activities.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 446464 c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_nl_b77a5c561934e089\System.Windows.Forms.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 626688 c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Web.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 462848 c:\windows\assembly\GAC_MSIL\system.servicemodel.resources\3.0.0.0_nl_b77a5c561934e089\System.ServiceModel.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 208896 c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_nl_b77a5c561934e089\system.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 172032 c:\windows\assembly\GAC_MSIL\System.Management.Automation.Resources\1.0.0.0_nl_31bf3856ad364e35\System.Management.Automation.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 544768 c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Design.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 413696 c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Deployment.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 348160 c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_nl_b77a5c561934e089\System.Data.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 110592 c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_nl_b77a5c561934e089\System.Data.OracleClient.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 483328 c:\windows\assembly\GAC_MSIL\Storagemgmt.Resources\1.0.0.0_nl_31bf3856ad364e35\StorageMgmt.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 368640 c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_nl_31bf3856ad364e35\PresentationUI.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 241664 c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_nl_31bf3856ad364e35\PresentationFramework.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 110592 c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_nl_31bf3856ad364e35\PresentationCore.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 106496 c:\windows\assembly\GAC_MSIL\NfsConfigGuide.Resources\1.0.0.0_nl_31bf3856ad364e35\NfsConfigGuide.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 245760 c:\windows\assembly\GAC_MSIL\napsnap.resources\6.0.0.0_nl_31bf3856ad364e35\napsnap.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 303104 c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 229376 c:\windows\assembly\GAC_MSIL\Microsoft.Web.Management.IisClient.Resources\7.0.0.0_nl_31bf3856ad364e35\Microsoft.Web.Management.IisClient.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 278528 c:\windows\assembly\GAC_MSIL\Microsoft.GroupPolicy.Reporting.Resources\2.0.0.0_nl_31bf3856ad364e35\Microsoft.GroupPolicy.Reporting.Resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 139264 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 167936 c:\windows\assembly\GAC_MSIL\hcssnap.resources\6.0.0.0_nl_31bf3856ad364e35\hcssnap.resources.dll + 2011-05-27 21:47 . 2011-05-27 21:47 1327104 c:\windows\SysWOW64\nl\AuthFWSnapIn.Resources.dll + 2011-05-27 21:46 . 2011-05-27 21:46 1327104 c:\windows\system32\nl\AuthFWSnapIn.Resources.dll + 2010-10-23 17:14 . 2011-05-27 21:52 1928052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-8192.dat - 2010-10-23 17:14 . 2011-05-25 17:55 1928052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-8192.dat + 2011-05-27 21:43 . 2011-05-27 21:43 1503232 c:\windows\assembly\GAC_MSIL\MiguiControls.Resources\1.0.0.0_nl_31bf3856ad364e35\MIGUIControls.resources.dll + 2011-05-27 21:43 . 2011-05-27 21:43 1871872 c:\windows\assembly\GAC_MSIL\Microsoft.Windows.ServerManager.Resources\6.0.0.0_nl_31bf3856ad364e35\Microsoft.Windows.ServerManager.Resources.dll - 2006-11-02 12:33 . 2011-05-12 21:19 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat + 2006-11-02 12:33 . 2011-05-26 14:57 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat + 2010-10-23 14:47 . 2011-05-26 23:07 20490756 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-4096.dat . -- Instantané actualisé -- . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240] "DU Meter"="c:\program files (x86)\DU Meter\DUMeter.exe" [2011-01-14 2942856] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Ulead Memory Card Detector"="c:\program files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe" [2002-09-10 28672] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-11-11 442536] "TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" [2010-07-17 202256] "Recordpad"="c:\program files (x86)\NCH Swift Sound\Recordpad\recordpad.exe" [2010-12-25 913412] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"="start http:" [X] . c:\users\rwema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-6 1312096] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-6 1312096] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 136176] R3 ASNDIS4;ASNDIS4 Protocol Driver;c:\windows\system32\ASNDIS4.SYS [x] R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x] R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-01-13 129440] R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 136176] R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [x] R3 rt70x64;ASUS RT2500 USB Wireless LAN Driver for Vista;c:\windows\system32\DRIVERS\netr7064.sys [x] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768] R4 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe [x] R4 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648] R4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-10-15 1352832] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 DUMeterSvc;DU Meter Service;c:\program files (x86)\DU Meter\DUMeterSvc.exe [2011-01-14 1412488] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver;c:\program files (x86)\DU Meter\DUMETR64.SYS [2011-01-14 19088] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x] S3 OA008Ufd;Creative Camera OA008 Upper Filter Driver;c:\windows\system32\DRIVERS\OA008Ufd.sys [x] S3 OA008Vid;Creative Camera OA008 Function Driver;c:\windows\system32\DRIVERS\OA008Vid.sys [x] S3 stdriver;Sound tap driver Upper Class Filter Driver v2.0.0.0;c:\windows\system32\DRIVERS\stdriver64.sys [x] . . Contenu du dossier 'Tâches planifiées' . 2011-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:29] . 2011-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:29] . 2011-05-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000Core.job - c:\users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-07 14:59] . 2011-05-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000UA.job - c:\users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-07 14:59] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-05-10 12:10 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SysTrayApp"="c:\program files (x86)\IDT\WDM\sttray64.exe" [bU] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-11-26 1657128] "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-22 4119552] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256] . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll FF - ProfilePath - c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\ FF - prefs.js: keyword.URL - hxxp://www.gobrs.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=0sB0VRkq&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: NCH EN Community Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - %profile%\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e} FF - Ext: PHPNukeDU Toolbar: {46735dee-f862-49d1-876d-6382794dc625} - %profile%\extensions\{46735dee-f862-49d1-876d-6382794dc625} FF - user.js: keyword.URL - hxxp://www.gobrs.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=0sB0VRkq&q= . . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DUMeterSvc] "ImagePath"="c:\program files (x86)\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}] @Denied: (A 2) (Everyone) @="IFlashBroker" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}] @Denied: (A 2) (Everyone) @="IFlashBroker2" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . Heure de fin: 2011-05-27 15:05:39 ComboFix-quarantined-files.txt 2011-05-27 13:05 ComboFix2.txt 2011-05-27 18:30 ComboFix3.txt 2011-05-26 12:49 . Avant-CF: 192.083.546.112 bytes beschikbaar Après-CF: 190.585.741.312 bytes beschikbaar . - - End Of File - - DBC94BC866BD95B4E59A1C45FAA5BC19 -
verbinding met modem, maar geen internet
michael1991 reageerde op michael1991's topic in Archief Internet & Netwerk
Het probleem is da hij soms het wel doet en soms weer niet, maar kga eens proberen -
verbinding met modem, maar geen internet
michael1991 plaatste een topic in Archief Internet & Netwerk
Hallo , Ik heb een probleem met het draadloos internet. We zitten bij telenet. Thuis hebben we 3 computers. een vaste computer aangesloten met een internetkabel. een notebook van het merk medion aangesloten via draadloos. deze notebook heeft geen problemen En een notebook van het merk Dell aangesloten via draadloos internet. met deze notebook heb ik de grootse problemen. ik kan verbinden met de modem maar niet met het internet. hij geeft ''alleen lokaal'' aan ipv ''lokaal en internet''. hieronder verdere info van de notebook: Merk: Dell model: Studio 1555 Model nr: PP39l Speccy: http://speccy.piriform.com/results/hNrtiasmIeV7U04ZgYWtzEA -
virussen + internet zeer erg traag
michael1991 reageerde op michael1991's topic in Archief Bestrijding malware & virussen
ComboFix 11-05-25.01 - rwema 27-05-2011 20:15:02.5.2 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1033.18.4054.2421 [GMT 2:00] Lancé depuis: c:\users\rwema\Desktop\ComboFix.exe Commutateurs utilisés :: c:\users\rwema\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\chrome\mybabylon_english.jar c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\ConduitAutoCompleteSearch.xpt c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\ConduitToolbar.idl c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\ConduitToolbar.xpt c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.xpt c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.xpt c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\defaults\default_radio_skin.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\install.rdf c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\META-INF\manifest.mf c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\META-INF\zigbert.rsa c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\META-INF\zigbert.sf c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\searchplugin\conduit.gif c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\searchplugin\conduit.PNG c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\searchplugin\conduit.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\version.txt c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\chrome.manifest c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\chrome\conduitengine.jar c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.js c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.xpt c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\components\ConduitToolbar.idl c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\components\ConduitToolbar.js c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\components\ConduitToolbar.xpt c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\components\RadioWMPCore.dll c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\components\RadioWMPCore.xpt c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\alertSettingsComponent.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\appContextMenu.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\engineContextMenu.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\engineSettings.json c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\fbAlert.js c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\getAppsContextMenu.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\postAppsContextMenu.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\toolbarContextMenu.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\unsharedAppsContextMenu.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\DualPackage\install.rdf c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\install.rdf c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\lib\xpcom.js c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\META-INF\manifest.mf c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\META-INF\zigbert.rsa c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\META-INF\zigbert.sf c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\searchplugin\conduit.gif c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\searchplugin\conduit.ico c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\searchplugin\conduit.PNG c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\searchplugin\conduit.src c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\searchplugin\conduit.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\version.txt . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-04-27 au 2011-05-27 )))))))))))))))))))))))))))))))))))) . . 2011-05-27 18:26 . 2011-05-27 18:26 -------- d-----w- c:\users\rwema\AppData\Local\temp 2011-05-27 18:26 . 2011-05-27 18:26 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-05-26 13:09 . 2011-05-10 11:59 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-05-26 13:09 . 2011-05-10 12:04 287576 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-05-26 13:09 . 2011-05-10 12:02 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-05-26 13:09 . 2011-05-10 11:59 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-05-26 13:09 . 2011-05-10 12:04 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-05-26 13:09 . 2011-05-10 12:10 253888 ----a-w- c:\windows\system32\aswBoot.exe 2011-05-26 13:09 . 2011-05-10 11:59 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-05-26 13:08 . 2011-05-10 12:10 40112 ----a-w- c:\windows\avastSS.scr 2011-05-26 13:08 . 2011-05-10 12:10 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-05-26 13:08 . 2011-05-26 13:08 -------- d-----w- c:\programdata\AVAST Software 2011-05-26 13:08 . 2011-05-26 13:08 -------- d-----w- c:\program files\AVAST Software 2011-05-26 13:01 . 2011-05-18 10:37 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D759EA6F-D8C8-4144-9DBB-9CAB43442B0B}\mpengine.dll 2011-05-26 13:01 . 2011-02-02 16:11 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-05-11 18:53 . 2011-04-07 12:02 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-05-11 18:53 . 2011-04-07 12:01 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat 2011-05-10 16:31 . 2011-05-10 16:31 -------- d-----w- c:\users\rwema\AppData\Roaming\pigeonplanner 2011-05-06 13:19 . 2011-05-06 13:19 -------- d-----w- c:\programdata\Hagel Technologies 2011-05-06 13:19 . 2011-05-06 13:19 -------- d-----w- c:\program files (x86)\DU Meter 2011-05-03 17:11 . 2011-05-03 17:11 -------- d-----w- c:\program files\Speccy 2011-04-30 16:06 . 2011-04-30 16:06 -------- d-----w- c:\users\rwema\AppData\Roaming\Malwarebytes 2011-04-30 16:05 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-04-30 16:05 . 2011-04-30 16:05 -------- d-----w- c:\programdata\Malwarebytes 2011-04-30 16:05 . 2011-04-30 16:05 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-04-30 16:05 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-04-28 10:40 . 2011-03-12 22:52 1653760 ----a-w- c:\windows\system32\XpsPrint.dll 2011-04-28 10:40 . 2011-03-12 21:55 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2011-04-28 10:39 . 2011-03-03 15:59 32256 ----a-w- c:\windows\system32\Apphlpdm.dll 2011-04-28 10:39 . 2011-03-03 15:40 28672 ----a-w- c:\windows\SysWow64\Apphlpdm.dll 2011-04-28 10:39 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\SysWow64\GameUXLegacyGDFs.dll 2011-04-28 10:39 . 2011-03-03 14:00 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-03-10 17:18 . 2011-04-16 12:13 1360384 ----a-w- c:\windows\system32\mfc42u.dll 2011-03-10 17:18 . 2011-04-16 12:13 1398784 ----a-w- c:\windows\system32\mfc42.dll 2011-03-10 17:03 . 2011-04-16 12:13 1162240 ----a-w- c:\windows\SysWow64\mfc42u.dll 2011-03-10 17:03 . 2011-04-16 12:13 1136640 ----a-w- c:\windows\SysWow64\mfc42.dll 2011-03-03 16:02 . 2011-04-16 12:13 975872 ----a-w- c:\windows\system32\inetcomm.dll 2011-03-03 15:59 . 2011-04-28 10:39 100352 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2011-03-03 15:59 . 2011-04-28 10:39 331776 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2011-03-03 15:59 . 2011-04-28 10:39 284672 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2011-03-03 15:42 . 2011-04-16 12:13 739328 ----a-w- c:\windows\SysWow64\inetcomm.dll 2011-03-03 15:40 . 2011-04-28 10:39 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll 2011-03-03 15:40 . 2011-04-28 10:39 542720 ----a-w- c:\windows\apppatch\AcLayers.dll 2011-03-03 15:40 . 2011-04-28 10:39 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2011-03-03 15:40 . 2011-04-28 10:39 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll 2011-03-03 13:46 . 2011-04-16 12:13 2762240 ----a-w- c:\windows\system32\win32k.sys 2011-03-02 16:12 . 2011-04-16 12:13 117760 ----a-w- c:\windows\system32\dnsrslvr.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-05-26_12.35.18 ))))))))))))))))))))))))))))))))))))))))) . - 2008-01-21 03:20 . 2011-05-20 20:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-01-21 03:20 . 2011-05-27 17:23 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-01-21 03:20 . 2011-05-27 17:23 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-01-21 03:20 . 2011-05-20 20:50 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-01-21 03:20 . 2011-05-20 20:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-01-21 03:20 . 2011-05-27 17:23 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-01-21 02:23 . 2011-05-27 14:40 65754 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2006-11-02 15:45 . 2011-05-27 14:41 91190 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2009-07-27 21:38 . 2011-05-27 14:41 21254 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3916401253-1491523390-1999398694-1000_UserData.bin - 2011-05-26 12:10 . 2011-05-26 12:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-05-27 14:39 . 2011-05-27 14:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-05-26 12:10 . 2011-05-26 12:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-05-27 14:39 . 2011-05-27 14:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-07-30 04:31 . 2011-05-26 21:46 326346 c:\windows\system32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2010-10-23 14:47 . 2011-05-26 23:26 316848 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2010-10-23 14:47 . 2011-05-26 12:04 316848 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2011-03-25 22:32 . 2011-05-25 18:41 317616 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-12288.dat + 2011-03-25 22:32 . 2011-05-26 14:56 317616 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-12288.dat + 2011-05-26 13:08 . 2011-05-26 13:08 219648 c:\windows\Installer\35bdb9.msi + 2010-10-23 17:14 . 2011-05-26 23:26 1928052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-8192.dat - 2010-10-23 17:14 . 2011-05-25 17:55 1928052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-8192.dat + 2006-11-02 12:33 . 2011-05-26 14:57 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat - 2006-11-02 12:33 . 2011-05-12 21:19 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat + 2010-10-23 14:47 . 2011-05-26 23:26 20490756 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-4096.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240] "DU Meter"="c:\program files (x86)\DU Meter\DUMeter.exe" [2011-01-14 2942856] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Ulead Memory Card Detector"="c:\program files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe" [2002-09-10 28672] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-11-11 442536] "TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" [2010-07-17 202256] "Recordpad"="c:\program files (x86)\NCH Swift Sound\Recordpad\recordpad.exe" [2010-12-25 913412] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"="start http:" [X] . c:\users\rwema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-6 1312096] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-6 1312096] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 136176] R3 ASNDIS4;ASNDIS4 Protocol Driver;c:\windows\system32\ASNDIS4.SYS [x] R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 136176] R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [x] R3 rt70x64;ASUS RT2500 USB Wireless LAN Driver for Vista;c:\windows\system32\DRIVERS\netr7064.sys [x] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768] R4 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe [x] R4 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648] R4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-10-15 1352832] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 DUMeterSvc;DU Meter Service;c:\program files (x86)\DU Meter\DUMeterSvc.exe [2011-01-14 1412488] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver;c:\program files (x86)\DU Meter\DUMETR64.SYS [2011-01-14 19088] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x] S3 OA008Ufd;Creative Camera OA008 Upper Filter Driver;c:\windows\system32\DRIVERS\OA008Ufd.sys [x] S3 OA008Vid;Creative Camera OA008 Function Driver;c:\windows\system32\DRIVERS\OA008Vid.sys [x] S3 stdriver;Sound tap driver Upper Class Filter Driver v2.0.0.0;c:\windows\system32\DRIVERS\stdriver64.sys [x] . . Contenu du dossier 'Tâches planifiées' . 2011-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:29] . 2011-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:29] . 2011-05-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000Core.job - c:\users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-07 14:59] . 2011-05-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000UA.job - c:\users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-07 14:59] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-05-10 12:10 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SysTrayApp"="c:\program files (x86)\IDT\WDM\sttray64.exe" [bU] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-11-26 1657128] "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-22 4119552] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256] . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll FF - ProfilePath - c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2102399&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2102399&SearchSource=13 FF - prefs.js: keyword.URL - hxxp://www.gobrs.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=0sB0VRkq&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: NCH EN Community Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - %profile%\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e} FF - Ext: PHPNukeDU Toolbar: {46735dee-f862-49d1-876d-6382794dc625} - %profile%\extensions\{46735dee-f862-49d1-876d-6382794dc625} FF - user.js: keyword.URL - hxxp://www.gobrs.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=0sB0VRkq&q= . . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DUMeterSvc] "ImagePath"="c:\program files (x86)\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}] @Denied: (A 2) (Everyone) @="IFlashBroker" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}] @Denied: (A 2) (Everyone) @="IFlashBroker2" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . Heure de fin: 2011-05-27 20:30:25 ComboFix-quarantined-files.txt 2011-05-27 18:30 ComboFix2.txt 2011-05-26 12:49 . Avant-CF: 193.457.152.000 bytes free Après-CF: 193.460.592.640 bytes free . - - End Of File - - BEAC2628DD2ED5073B95A76168E9EAF5 +een nieuwe hijactis; Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:35:37, on 27-5-2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.7930.16406) Boot mode: Normal Running processes: C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Opera\opera.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (file missing) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [ulead Memory Card Detector] C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Recordpad] "C:\Program Files (x86)\NCH Swift Sound\Recordpad\recordpad.exe" -logon O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYAMABLAE0AQwAtAEUAOQBWAFUAVwAtAEUAVwAwAFYAQQAtAFUAVQAzAFgATAAtAEYARQBXADkANwA"&"inst=NwA3AC0ANAAxADYANgA5ADUAMAA5ADcALQBCAEEAUgA5AEcAKwAxAC0AVABCADkAKwAyAC0ARgBMACsAOQAtAFgATwAzADYAKwAxAA"&"prod=90"&"ver=9.0.872 O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8472 bytes ---------- Post toegevoegd om 18:38 ---------- Vorige post was om 18:36 ---------- ComboFix 11-05-25.01 - rwema 27-05-2011 20:15:02.5.2 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1033.18.4054.2421 [GMT 2:00] Lancé depuis: c:\users\rwema\Desktop\ComboFix.exe Commutateurs utilisés :: c:\users\rwema\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\chrome\mybabylon_english.jar c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\ConduitAutoCompleteSearch.xpt c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\ConduitToolbar.idl c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\ConduitToolbar.xpt c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.xpt c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.xpt c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\defaults\default_radio_skin.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\install.rdf c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\META-INF\manifest.mf c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\META-INF\zigbert.rsa c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\META-INF\zigbert.sf c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\searchplugin\conduit.gif c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\searchplugin\conduit.PNG c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\searchplugin\conduit.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\version.txt c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\chrome.manifest c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\chrome\conduitengine.jar c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.js c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.xpt c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\components\ConduitToolbar.idl c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\components\ConduitToolbar.js c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\components\ConduitToolbar.xpt c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\components\RadioWMPCore.dll c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\components\RadioWMPCore.xpt c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\alertSettingsComponent.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\appContextMenu.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\engineContextMenu.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\engineSettings.json c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\fbAlert.js c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\getAppsContextMenu.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\postAppsContextMenu.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\toolbarContextMenu.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\defaults\unsharedAppsContextMenu.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\DualPackage\install.rdf c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\install.rdf c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\lib\xpcom.js c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\META-INF\manifest.mf c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\META-INF\zigbert.rsa c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\META-INF\zigbert.sf c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\searchplugin\conduit.gif c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\searchplugin\conduit.ico c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\searchplugin\conduit.PNG c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\searchplugin\conduit.src c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\searchplugin\conduit.xml c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\extensions\engine@conduit.com\version.txt . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-04-27 au 2011-05-27 )))))))))))))))))))))))))))))))))))) . . 2011-05-27 18:26 . 2011-05-27 18:26 -------- d-----w- c:\users\rwema\AppData\Local\temp 2011-05-27 18:26 . 2011-05-27 18:26 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-05-26 13:09 . 2011-05-10 11:59 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-05-26 13:09 . 2011-05-10 12:04 287576 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-05-26 13:09 . 2011-05-10 12:02 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-05-26 13:09 . 2011-05-10 11:59 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-05-26 13:09 . 2011-05-10 12:04 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-05-26 13:09 . 2011-05-10 12:10 253888 ----a-w- c:\windows\system32\aswBoot.exe 2011-05-26 13:09 . 2011-05-10 11:59 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-05-26 13:08 . 2011-05-10 12:10 40112 ----a-w- c:\windows\avastSS.scr 2011-05-26 13:08 . 2011-05-10 12:10 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-05-26 13:08 . 2011-05-26 13:08 -------- d-----w- c:\programdata\AVAST Software 2011-05-26 13:08 . 2011-05-26 13:08 -------- d-----w- c:\program files\AVAST Software 2011-05-26 13:01 . 2011-05-18 10:37 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D759EA6F-D8C8-4144-9DBB-9CAB43442B0B}\mpengine.dll 2011-05-26 13:01 . 2011-02-02 16:11 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-05-11 18:53 . 2011-04-07 12:02 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-05-11 18:53 . 2011-04-07 12:01 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat 2011-05-10 16:31 . 2011-05-10 16:31 -------- d-----w- c:\users\rwema\AppData\Roaming\pigeonplanner 2011-05-06 13:19 . 2011-05-06 13:19 -------- d-----w- c:\programdata\Hagel Technologies 2011-05-06 13:19 . 2011-05-06 13:19 -------- d-----w- c:\program files (x86)\DU Meter 2011-05-03 17:11 . 2011-05-03 17:11 -------- d-----w- c:\program files\Speccy 2011-04-30 16:06 . 2011-04-30 16:06 -------- d-----w- c:\users\rwema\AppData\Roaming\Malwarebytes 2011-04-30 16:05 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-04-30 16:05 . 2011-04-30 16:05 -------- d-----w- c:\programdata\Malwarebytes 2011-04-30 16:05 . 2011-04-30 16:05 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-04-30 16:05 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-04-28 10:40 . 2011-03-12 22:52 1653760 ----a-w- c:\windows\system32\XpsPrint.dll 2011-04-28 10:40 . 2011-03-12 21:55 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2011-04-28 10:39 . 2011-03-03 15:59 32256 ----a-w- c:\windows\system32\Apphlpdm.dll 2011-04-28 10:39 . 2011-03-03 15:40 28672 ----a-w- c:\windows\SysWow64\Apphlpdm.dll 2011-04-28 10:39 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\SysWow64\GameUXLegacyGDFs.dll 2011-04-28 10:39 . 2011-03-03 14:00 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-03-10 17:18 . 2011-04-16 12:13 1360384 ----a-w- c:\windows\system32\mfc42u.dll 2011-03-10 17:18 . 2011-04-16 12:13 1398784 ----a-w- c:\windows\system32\mfc42.dll 2011-03-10 17:03 . 2011-04-16 12:13 1162240 ----a-w- c:\windows\SysWow64\mfc42u.dll 2011-03-10 17:03 . 2011-04-16 12:13 1136640 ----a-w- c:\windows\SysWow64\mfc42.dll 2011-03-03 16:02 . 2011-04-16 12:13 975872 ----a-w- c:\windows\system32\inetcomm.dll 2011-03-03 15:59 . 2011-04-28 10:39 100352 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2011-03-03 15:59 . 2011-04-28 10:39 331776 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2011-03-03 15:59 . 2011-04-28 10:39 284672 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2011-03-03 15:42 . 2011-04-16 12:13 739328 ----a-w- c:\windows\SysWow64\inetcomm.dll 2011-03-03 15:40 . 2011-04-28 10:39 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll 2011-03-03 15:40 . 2011-04-28 10:39 542720 ----a-w- c:\windows\apppatch\AcLayers.dll 2011-03-03 15:40 . 2011-04-28 10:39 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2011-03-03 15:40 . 2011-04-28 10:39 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll 2011-03-03 13:46 . 2011-04-16 12:13 2762240 ----a-w- c:\windows\system32\win32k.sys 2011-03-02 16:12 . 2011-04-16 12:13 117760 ----a-w- c:\windows\system32\dnsrslvr.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-05-26_12.35.18 ))))))))))))))))))))))))))))))))))))))))) . - 2008-01-21 03:20 . 2011-05-20 20:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-01-21 03:20 . 2011-05-27 17:23 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-01-21 03:20 . 2011-05-27 17:23 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-01-21 03:20 . 2011-05-20 20:50 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-01-21 03:20 . 2011-05-20 20:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-01-21 03:20 . 2011-05-27 17:23 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-01-21 02:23 . 2011-05-27 14:40 65754 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2006-11-02 15:45 . 2011-05-27 14:41 91190 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2009-07-27 21:38 . 2011-05-27 14:41 21254 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3916401253-1491523390-1999398694-1000_UserData.bin - 2011-05-26 12:10 . 2011-05-26 12:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-05-27 14:39 . 2011-05-27 14:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-05-26 12:10 . 2011-05-26 12:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-05-27 14:39 . 2011-05-27 14:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-07-30 04:31 . 2011-05-26 21:46 326346 c:\windows\system32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2010-10-23 14:47 . 2011-05-26 23:26 316848 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2010-10-23 14:47 . 2011-05-26 12:04 316848 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2011-03-25 22:32 . 2011-05-25 18:41 317616 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-12288.dat + 2011-03-25 22:32 . 2011-05-26 14:56 317616 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-12288.dat + 2011-05-26 13:08 . 2011-05-26 13:08 219648 c:\windows\Installer\35bdb9.msi + 2010-10-23 17:14 . 2011-05-26 23:26 1928052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-8192.dat - 2010-10-23 17:14 . 2011-05-25 17:55 1928052 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-8192.dat + 2006-11-02 12:33 . 2011-05-26 14:57 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat - 2006-11-02 12:33 . 2011-05-12 21:19 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat + 2010-10-23 14:47 . 2011-05-26 23:26 20490756 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3916401253-1491523390-1999398694-1000-4096.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240] "DU Meter"="c:\program files (x86)\DU Meter\DUMeter.exe" [2011-01-14 2942856] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Ulead Memory Card Detector"="c:\program files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe" [2002-09-10 28672] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-11-11 442536] "TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" [2010-07-17 202256] "Recordpad"="c:\program files (x86)\NCH Swift Sound\Recordpad\recordpad.exe" [2010-12-25 913412] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"="start http:" [X] . c:\users\rwema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-6 1312096] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-6 1312096] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 136176] R3 ASNDIS4;ASNDIS4 Protocol Driver;c:\windows\system32\ASNDIS4.SYS [x] R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 136176] R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [x] R3 rt70x64;ASUS RT2500 USB Wireless LAN Driver for Vista;c:\windows\system32\DRIVERS\netr7064.sys [x] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768] R4 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe [x] R4 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648] R4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-10-15 1352832] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 DUMeterSvc;DU Meter Service;c:\program files (x86)\DU Meter\DUMeterSvc.exe [2011-01-14 1412488] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver;c:\program files (x86)\DU Meter\DUMETR64.SYS [2011-01-14 19088] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x] S3 OA008Ufd;Creative Camera OA008 Upper Filter Driver;c:\windows\system32\DRIVERS\OA008Ufd.sys [x] S3 OA008Vid;Creative Camera OA008 Function Driver;c:\windows\system32\DRIVERS\OA008Vid.sys [x] S3 stdriver;Sound tap driver Upper Class Filter Driver v2.0.0.0;c:\windows\system32\DRIVERS\stdriver64.sys [x] . . Contenu du dossier 'Tâches planifiées' . 2011-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:29] . 2011-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:29] . 2011-05-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000Core.job - c:\users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-07 14:59] . 2011-05-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000UA.job - c:\users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-07 14:59] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-05-10 12:10 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SysTrayApp"="c:\program files (x86)\IDT\WDM\sttray64.exe" [bU] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-11-26 1657128] "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-22 4119552] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256] . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll FF - ProfilePath - c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2102399&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2102399&SearchSource=13 FF - prefs.js: keyword.URL - hxxp://www.gobrs.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=0sB0VRkq&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: NCH EN Community Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - %profile%\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e} FF - Ext: PHPNukeDU Toolbar: {46735dee-f862-49d1-876d-6382794dc625} - %profile%\extensions\{46735dee-f862-49d1-876d-6382794dc625} FF - user.js: keyword.URL - hxxp://www.gobrs.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=0sB0VRkq&q= . . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DUMeterSvc] "ImagePath"="c:\program files (x86)\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}] @Denied: (A 2) (Everyone) @="IFlashBroker" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}] @Denied: (A 2) (Everyone) @="IFlashBroker2" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . Heure de fin: 2011-05-27 20:30:25 ComboFix-quarantined-files.txt 2011-05-27 18:30 ComboFix2.txt 2011-05-26 12:49 . Avant-CF: 193.457.152.000 bytes free Après-CF: 193.460.592.640 bytes free . - - End Of File - - BEAC2628DD2ED5073B95A76168E9EAF5 +een nieuwe hijactis; Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:35:37, on 27-5-2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.7930.16406) Boot mode: Normal Running processes: C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Opera\opera.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (file missing) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [ulead Memory Card Detector] C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Recordpad] "C:\Program Files (x86)\NCH Swift Sound\Recordpad\recordpad.exe" -logon O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYAMABLAE0AQwAtAEUAOQBWAFUAVwAtAEUAVwAwAFYAQQAtAFUAVQAzAFgATAAtAEYARQBXADkANwA"&"inst=NwA3AC0ANAAxADYANgA5ADUAMAA5ADcALQBCAEEAUgA5AEcAKwAxAC0AVABCADkAKwAyAC0ARgBMACsAOQAtAFgATwAzADYAKwAxAA"&"prod=90"&"ver=9.0.872 O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8472 bytes -
virussen + internet zeer erg traag
michael1991 reageerde op michael1991's topic in Archief Bestrijding malware & virussen
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:51:53, on 26-5-2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.7930.16406) Boot mode: Normal Running processes: C:\Windows\PixArt\Pac207\Monitor.exe C:\Users\rwema\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe C:\Program Files (x86)\Opera\opera.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (file missing) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [ulead Memory Card Detector] C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Recordpad] "C:\Program Files (x86)\NCH Swift Sound\Recordpad\recordpad.exe" -logon O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYAMABLAE0AQwAtAEUAOQBWAFUAVwAtAEUAVwAwAFYAQQAtAFUAVQAzAFgATAAtAEYARQBXADkANwA"&"inst=NwA3AC0ANAAxADYANgA5ADUAMAA5ADcALQBCAEEAUgA5AEcAKwAxAC0AVABCADkAKwAyAC0ARgBMACsAOQAtAFgATwAzADYAKwAxAA"&"prod=90"&"ver=9.0.872 O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8061 bytes ----------------------------------------------------------------------------------- en combofix ComboFix 11-05-24.06 - rwema 26-05-2011 14:24:16.2.2 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1033.18.4054.2399 [GMT 2:00] Lancé depuis: c:\users\rwema\Desktop\ComboFix.exe SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\rwema\AppData\Roaming\inst.exe c:\windows\system32\AutoRun.inf . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-04-26 au 2011-05-26 )))))))))))))))))))))))))))))))))))) . . 2011-05-26 12:34 . 2011-05-26 12:34 -------- d-----w- c:\users\rwema\AppData\Local\temp 2011-05-26 12:34 . 2011-05-26 12:34 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-05-11 18:53 . 2011-04-07 12:02 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-05-11 18:53 . 2011-04-07 12:01 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat 2011-05-10 16:31 . 2011-05-10 16:31 -------- d-----w- c:\users\rwema\AppData\Roaming\pigeonplanner 2011-05-06 13:19 . 2011-05-06 13:19 -------- d-----w- c:\programdata\Hagel Technologies 2011-05-06 13:19 . 2011-05-06 13:19 -------- d-----w- c:\program files (x86)\DU Meter 2011-05-03 17:11 . 2011-05-03 17:11 -------- d-----w- c:\program files\Speccy 2011-04-30 16:06 . 2011-04-30 16:06 -------- d-----w- c:\users\rwema\AppData\Roaming\Malwarebytes 2011-04-30 16:05 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-04-30 16:05 . 2011-04-30 16:05 -------- d-----w- c:\programdata\Malwarebytes 2011-04-30 16:05 . 2011-04-30 16:05 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-04-30 16:05 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-04-28 10:40 . 2011-03-12 22:52 1653760 ----a-w- c:\windows\system32\XpsPrint.dll 2011-04-28 10:40 . 2011-03-12 21:55 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2011-04-28 10:39 . 2011-03-03 15:59 32256 ----a-w- c:\windows\system32\Apphlpdm.dll 2011-04-28 10:39 . 2011-03-03 15:40 28672 ----a-w- c:\windows\SysWow64\Apphlpdm.dll 2011-04-28 10:39 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\SysWow64\GameUXLegacyGDFs.dll 2011-04-28 10:39 . 2011-03-03 14:00 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-03-10 17:18 . 2011-04-16 12:13 1360384 ----a-w- c:\windows\system32\mfc42u.dll 2011-03-10 17:18 . 2011-04-16 12:13 1398784 ----a-w- c:\windows\system32\mfc42.dll 2011-03-10 17:03 . 2011-04-16 12:13 1162240 ----a-w- c:\windows\SysWow64\mfc42u.dll 2011-03-10 17:03 . 2011-04-16 12:13 1136640 ----a-w- c:\windows\SysWow64\mfc42.dll 2011-03-03 16:02 . 2011-04-16 12:13 975872 ----a-w- c:\windows\system32\inetcomm.dll 2011-03-03 15:59 . 2011-04-28 10:39 100352 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2011-03-03 15:59 . 2011-04-28 10:39 331776 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2011-03-03 15:59 . 2011-04-28 10:39 284672 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2011-03-03 15:42 . 2011-04-16 12:13 739328 ----a-w- c:\windows\SysWow64\inetcomm.dll 2011-03-03 15:40 . 2011-04-28 10:39 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll 2011-03-03 15:40 . 2011-04-28 10:39 542720 ----a-w- c:\windows\apppatch\AcLayers.dll 2011-03-03 15:40 . 2011-04-28 10:39 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2011-03-03 15:40 . 2011-04-28 10:39 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll 2011-03-03 13:46 . 2011-04-16 12:13 2762240 ----a-w- c:\windows\system32\win32k.sys 2011-03-02 16:12 . 2011-04-16 12:13 117760 ----a-w- c:\windows\system32\dnsrslvr.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240] "DU Meter"="c:\program files (x86)\DU Meter\DUMeter.exe" [2011-01-14 2942856] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Ulead Memory Card Detector"="c:\program files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe" [2002-09-10 28672] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-11-11 442536] "TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" [2010-07-17 202256] "Recordpad"="c:\program files (x86)\NCH Swift Sound\Recordpad\recordpad.exe" [2010-12-25 913412] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"="start http:" [X] . c:\users\rwema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-6 1312096] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-6 1312096] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 136176] R3 ASNDIS4;ASNDIS4 Protocol Driver;c:\windows\system32\ASNDIS4.SYS [x] R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 136176] R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [x] R3 rt70x64;ASUS RT2500 USB Wireless LAN Driver for Vista;c:\windows\system32\DRIVERS\netr7064.sys [x] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768] R4 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe [x] R4 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648] R4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-10-15 1352832] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S2 DUMeterSvc;DU Meter Service;c:\program files (x86)\DU Meter\DUMeterSvc.exe [2011-01-14 1412488] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver;c:\program files (x86)\DU Meter\DUMETR64.SYS [2011-01-14 19088] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x] S3 OA008Ufd;Creative Camera OA008 Upper Filter Driver;c:\windows\system32\DRIVERS\OA008Ufd.sys [x] S3 OA008Vid;Creative Camera OA008 Function Driver;c:\windows\system32\DRIVERS\OA008Vid.sys [x] S3 stdriver;Sound tap driver Upper Class Filter Driver v2.0.0.0;c:\windows\system32\DRIVERS\stdriver64.sys [x] . . Contenu du dossier 'Tâches planifiées' . 2011-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:29] . 2011-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-16 10:29] . 2011-05-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000Core.job - c:\users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-07 14:59] . 2011-05-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3916401253-1491523390-1999398694-1000UA.job - c:\users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-07 14:59] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-11-26 1657128] "QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2008-09-26 2041112] "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-22 4119552] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll FF - ProfilePath - c:\users\rwema\AppData\Roaming\Mozilla\Firefox\Profiles\4ul06m9a.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2102399&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2102399&SearchSource=13 FF - prefs.js: keyword.URL - hxxp://www.gobrs.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=0sB0VRkq&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: myBabylon English Toolbar: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - %profile%\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com FF - Ext: NCH EN Community Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - %profile%\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e} FF - Ext: PHPNukeDU Toolbar: {46735dee-f862-49d1-876d-6382794dc625} - %profile%\extensions\{46735dee-f862-49d1-876d-6382794dc625} FF - user.js: keyword.URL - hxxp://www.gobrs.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=0sB0VRkq&q= . - - - - ORPHELINS SUPPRIMES - - - - . Wow6432Node-HKCU-Run-Voipwise - c:\program files (x86)\Voipwise.com\Voipwise\Voipwise.exe Wow6432Node-HKCU-Run-CollaborationHost - c:\windows\system32\p2phost.exe HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe HKLM-Run-SysTrayApp - c:\program files (x86)\IDT\WDM\sttray64.exe AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-PHPNukeDU Toolbar - c:\progra~2\PHPNUK~1\UNWISE.EXE . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DUMeterSvc] "ImagePath"="c:\program files (x86)\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}] @Denied: (A 2) (Everyone) @="IFlashBroker" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}] @Denied: (A 2) (Everyone) @="IFlashBroker2" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . Heure de fin: 2011-05-26 14:49:21 ComboFix-quarantined-files.txt 2011-05-26 12:49 . Avant-CF: 189.671.837.696 bytes free Après-CF: 190.531.960.832 bytes free . - - End Of File - - E7D8B95D1F1CB400F53E5DE5E90071CB -
virussen + internet zeer erg traag
michael1991 plaatste een topic in Archief Bestrijding malware & virussen
Hallo, ik heb virussen op de pc van me vader en die heeft iets verkeerds geopend voor de zekerheid een hijactislogje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:46:10, on 24-5-2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.7930.16406) Boot mode: Normal Running processes: C:\PROGRA~2\DUMETE~1\DUMeter.exe C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\rwema\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe C:\Program Files (x86)\AVG\AVG9\avgtray.exe C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [ulead Memory Card Detector] C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Recordpad] "C:\Program Files (x86)\NCH Swift Sound\Recordpad\recordpad.exe" -logon O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Voipwise] "C:\Program Files (x86)\Voipwise.com\Voipwise\Voipwise.exe" -nosplash -minimized O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s O4 - HKCU\..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8605 bytes ---------------------------------------------------- internet gaat ook zeer traag ben nu bezig met een malwarebytes scan en ging ook scannen met avg maar daar loopt iets mis mee.... -
linux verwijderen
michael1991 reageerde op michael1991's topic in Archief Linux, Mac OS & andere besturingssystemen
heb de foto geupload. -
linux verwijderen
michael1991 reageerde op michael1991's topic in Archief Linux, Mac OS & andere besturingssystemen
dat weet ik niet, das juist het probleem, kan ik dat ergens terug vinden? -
download limiet 102gb bij telenet te vlug overschreden....
michael1991 plaatste een topic in Archief Internet & Netwerk
Hallo We hebben op onze netwerk 2 laptops die draadloos verbonden is met de modem en een vaste pc die rechtstreeks verbonden is via een kabel op de modem. De vaste computer draait Linux op en is heel oud.(heeft maar harde schijf van 20gb) De ene laptop is een windows vista 32-bit en de andere windows vista 64bit Mijn probleem is dat mijn maandelijkse volume( naar mijn eigen verbazing) te snel overschreden is. Oude pc met linux: -Wordt vooral gebruikt voor gewone simpele dingen. Zoals netlog/facebook/msn/email. en heel zelden een YT filmpje Laptop windows vista 32 bit Dat is de laptop waar ik nu op bezig ben. Op deze laptop wordt de meest zware dingen gedaan op het netwerk. Het is ook de enige laptop die waagt eens een film te downloaden. Msn, facebook,fora, lichte spelletjes, Films heb ik de afgelopen maand maar een 10-tal, lichte kwaliteitsfilms gedownload (600-900mb). Dit deed ik met utorrent. Laptop windows vista 64 bit Facebook,email,netlog, af en toe yt filmpje.... en offline pc games ----------------------------------------------------- Maar 100gb in een maand verdoen???? dit kan gewoon weg niet! Mijn modem is beveiligd met een wpa2 sleutel. Provider:Telenet ------------------------- Nu eigelijk me vraag waar voor ik kom... Zu er iemand deze netwerk gekraakt hebben en nu zitten te profiteren van onze internet? Zou het programma "Utorrent" de boosdoener kunnen zijn? Of is telenet niks waard? ;-) -
geen draadloos internet meer via laptop
michael1991 reageerde op michael1991's topic in Archief Internet & Netwerk
mag dicht, vader heeft geen geduld gehad en is dus naar een pc winkel gegaan excuses voor dit ongemak mgv michael -
linux verwijderen
michael1991 reageerde op michael1991's topic in Archief Linux, Mac OS & andere besturingssystemen
meer duidelij, ik begrijp het niet goed, wat moet ik precies doen ? -
linux verwijderen
michael1991 plaatste een topic in Archief Linux, Mac OS & andere besturingssystemen
Hallo, een jaartje geleden heb ik voor de "fun" linux geïnstalleerd naast mijn Windows vista. Vrag is hoe kan ik die beste weer verwijderen? -
geen draadloos internet meer via laptop
michael1991 reageerde op michael1991's topic in Archief Internet & Netwerk
http://speccy.piriform.com/results/tanlXOE6qVsAGmCunWBWdNW -
geen draadloos internet meer via laptop
michael1991 plaatste een topic in Archief Internet & Netwerk
Beste mensen van pc help forum. Mijn laptop wil geen draadloos internet meer geven. Hij heeft mijn modem gevonden maar kan zich niet verbinden met het internet. heel soms wel, maar meestal valt hij gewoon uit. Ik had nog een usb stick liggen om draadloos internet te hebben en heb die geinstalleerd. echter blijkt dit wel te werken. maar de bedoeling van een laptop is om wel te kunnen verbinden met het internet zonder zulke usb stick voor draadloos internet. overlaatst zijn we van belgacom naar telenet gegaan, bij belgacom hadden we het probleem niet. daar kon ik wel werken met me laptop op draadloos internet.(zonder usb stick voor draadloos internet) ook heb ik nog een andere laptop die op deze internet zit zonder problemen, dus moet dit een probleem zijn van de laptop zelf.... -
neen, pc loopt ietsje soepeler. bedankt, deze topic kan dicht
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:00:43, on 1-5-2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.7930.16406) Boot mode: Normal Running processes: C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe C:\Program Files (x86)\AVG\AVG9\avgtray.exe C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe C:\Users\rwema\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe C:\Program Files (x86)\Opera\opera.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [ulead Memory Card Detector] C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Recordpad] "C:\Program Files (x86)\NCH Swift Sound\Recordpad\recordpad.exe" -logon O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Voipwise] "C:\Program Files (x86)\Voipwise.com\Voipwise\Voipwise.exe" -nosplash -minimized O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8538 bytes ===================================================== Dit heb ik gedaan in veilige modus. Echter merk ik op dat er nog altijd 2 zijn die ik maar niet weg krijg.
-
Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: 6472 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.7930.16406 30-4-2011 18:12:26 mbam-log-2011-04-30 (18-12-26).txt Scantype: Snelle scan Objecten gescand: 162256 Verstreken tijd: 5 minuut/minuten, 15 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) ----------------------------------------------------------------- nieuw hijactis logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:19:59, on 30-4-2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.7930.16406) Boot mode: Normal Running processes: C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\rwema\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe C:\Program Files (x86)\AVG\AVG9\avgtray.exe C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe C:\Program Files (x86)\Opera\opera.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{4AC1A2D1-E338-41C7-9021-C3F8DF81ECE0} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll O2 - BHO: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\tbNCH_.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll O2 - BHO: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files (x86)\PHPNukeDU\tbPHPN.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\tbNCH_.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: PHPNukeDU Toolbar - {46735dee-f862-49d1-876d-6382794dc625} - C:\Program Files (x86)\PHPNukeDU\tbPHPN.dll O4 - HKLM\..\Run: [ulead Memory Card Detector] C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Recordpad] "C:\Program Files (x86)\NCH Swift Sound\Recordpad\recordpad.exe" -logon O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent O4 - HKCU\..\Run: [Voipwise] "C:\Program Files (x86)\Voipwise.com\Voipwise\Voipwise.exe" -nosplash -minimized O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\rwema\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9521 bytes ---------------------------------------------------- het is niet bepaald veel veranderd en dat snap ik niet.
