damoriamarti
-
Items
135 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door damoriamarti
-
-
Heb dat al geprobeerd. ik zal even kijken naar het pachen.
-
Ik heb een vreemd probleem (zal wel aan mijn hardware ligen denk ik) Ik heb gta 4 gekocht en na de installatie start hij gewoon op en zodra ik start met het spel zie je de intro dat ze op een schip naar liberty gaan en dan zie je niet het hele schip maar de helft je kijkt gewoon door muuren heen en niet altijd zie je mensen en autos. Heb win 7 64 bit en hij word aangeraden op xp sp3 of vista sp1 te spelen. specs: Acer Aspire 7715Z-434G50MN Notebook - 17.3 inch - Harde schijf: 500 GB, 250 GB - RAM:4096 MB, 3072 MB (Op Ciao sinds: 11/2009) en ze hebben er bij bynabyte een geheugenbankje je bij gevoegd kingston 2 gb.
-
Ik had windows 7 er tijdelijk op gezet en die was even sneller dan xp ondanks dat hij 500 ram te kort had.
-
HMMMMMM. Stukken beter maar nog niet echt snel.
-
ComboFix 10-05-03.01 - speelkamer 04-05-2010 10:04:38.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.511.146 [GMT 2:00] Gestart vanuit: c:\documents and settings\speelkamer\Mijn documenten\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\speelkamer\Mijn documenten\CFScript.txt..txt AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . (((((((((((((((((((( Bestanden Gemaakt van 2010-04-04 to 2010-05-04 )))))))))))))))))))))))))))))) . 2010-05-04 07:53 . 2010-05-03 15:49 84912 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100503.038\NAVENG.SYS 2010-05-04 07:53 . 2010-05-03 15:49 1324720 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100503.038\NAVEX15.SYS 2010-05-04 07:53 . 2009-08-29 09:00 177520 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100503.038\NAVENG32.DLL 2010-05-04 07:53 . 2009-08-29 09:00 1647984 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100503.038\NAVEX32A.DLL 2010-05-04 07:53 . 2010-05-03 15:49 2747440 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100503.038\CCERASER.DLL 2010-05-04 07:53 . 2010-05-03 15:49 259440 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100503.038\ECMSVR32.DLL 2010-05-04 07:53 . 2009-08-29 09:00 371248 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100503.038\EECTRL.SYS 2010-05-04 07:53 . 2009-08-29 09:00 102448 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100503.038\ERASER.SYS 2010-05-04 07:42 . 2010-05-04 07:48 -------- d-----w- c:\windows\LastGood 2010-05-03 22:32 . 2010-05-03 22:32 -------- d--h--w- c:\windows\$hf_mig$ 2010-05-03 20:27 . 2010-02-04 01:40 47408 ----a-r- c:\windows\system32\drivers\SymIM.sys 2010-05-03 20:25 . 2010-05-03 20:25 -------- d-----w- c:\windows\Performance 2010-05-03 20:25 . 2010-05-03 20:25 -------- d-----w- c:\documents and settings\speelkamer\Local Settings\Application Data\Microsoft Corporation 2010-05-03 20:24 . 2010-05-03 20:24 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor 2010-05-03 19:44 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100429.001\IDSvix86.sys 2010-05-03 19:44 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100429.001\Scxpx86.dll 2010-05-03 19:44 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100429.001\IDSxpx86.dll 2010-05-03 19:44 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100429.001\IDSXpx86.sys 2010-05-03 19:44 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100429.001\IDSviA64.sys 2010-05-03 18:07 . 2009-12-24 07:05 177664 ------w- c:\windows\system32\dllcache\wintrust.dll 2010-05-03 18:07 . 2010-01-13 14:06 87040 ------w- c:\windows\system32\dllcache\cabview.dll 2010-05-03 17:47 . 2010-05-03 17:47 -------- d-----w- c:\program files\Microsoft Office Outlook Connector 2010-05-03 17:47 . 2010-05-03 17:47 -------- d-----w- c:\program files\Microsoft 2010-05-03 17:47 . 2010-05-03 17:47 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-05-03 17:44 . 2010-05-03 17:44 -------- d-----w- c:\program files\Common Files\Windows Live 2010-05-03 17:41 . 2010-05-03 17:41 -------- d-----w- c:\program files\Microsoft Works 2010-05-03 17:37 . 2010-05-03 17:37 -------- d-----w- c:\documents and settings\speelkamer\Local Settings\Application Data\Microsoft Help 2010-05-03 17:37 . 2010-05-03 20:13 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help 2010-05-03 17:37 . 2010-05-03 17:37 -------- d-----r- C:\MSOCache 2010-05-03 17:05 . 2008-04-13 20:15 6272 ----a-w- c:\windows\system32\drivers\splitter.sys 2010-05-03 17:05 . 2008-04-13 20:47 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys 2010-05-03 17:05 . 2008-04-13 20:15 52864 ----a-w- c:\windows\system32\drivers\DMusic.sys 2010-05-03 17:05 . 2008-04-13 20:15 56576 ----a-w- c:\windows\system32\drivers\swmidi.sys 2010-05-03 17:05 . 2008-04-13 18:09 142592 ----a-w- c:\windows\system32\drivers\aec.sys 2010-05-03 17:05 . 2008-04-13 20:15 172416 ----a-w- c:\windows\system32\drivers\kmixer.sys 2010-05-03 17:05 . 2008-04-13 20:15 2944 ----a-w- c:\windows\system32\drivers\drmkaud.sys 2010-05-03 17:05 . 2008-04-13 20:45 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys 2010-05-03 17:05 . 2008-04-13 20:09 7552 ----a-w- c:\windows\system32\drivers\MSKSSRV.sys 2010-05-03 17:05 . 2008-04-13 20:09 4992 ----a-w- c:\windows\system32\drivers\MSPQM.sys 2010-05-03 17:05 . 2008-04-13 20:09 5376 ----a-w- c:\windows\system32\drivers\MSPCLOCK.sys 2010-05-03 17:04 . 2008-04-14 18:32 4096 ----a-w- c:\windows\system32\ksuser.dll 2010-05-03 17:04 . 2008-03-21 09:35 146048 ----a-w- c:\windows\system32\drivers\portcls.sys 2010-05-03 17:04 . 2008-04-13 20:15 60160 ----a-w- c:\windows\system32\drivers\drmk.sys 2010-05-03 17:04 . 2010-05-03 17:04 -------- d-----w- c:\program files\Realtek Sound Manager 2010-05-03 17:04 . 2010-05-03 17:04 -------- d-----w- c:\program files\AvRack 2010-05-03 17:04 . 2004-11-17 11:05 2297664 ----a-w- c:\windows\system32\drivers\ALCXWDM.SYS 2010-05-03 17:04 . 2004-11-15 10:20 77824 ----a-w- c:\windows\SOUNDMAN.EXE 2010-05-03 17:04 . 2004-10-27 07:47 40960 ------w- c:\windows\system32\ChCfg.exe 2010-05-03 17:04 . 2004-09-07 06:23 156672 ----a-w- c:\windows\system32\RTLCPAPI.dll 2010-05-03 17:04 . 2004-11-17 08:11 9319936 ----a-w- c:\windows\system32\RTLCPL.EXE 2010-05-03 17:04 . 2004-11-05 08:29 208896 ------w- c:\windows\alcupd.exe 2010-05-03 17:04 . 2004-09-01 12:04 139264 ------w- c:\windows\alcrmv.exe 2010-05-03 17:01 . 2010-05-03 17:02 -------- d-----w- c:\documents and settings\speelkamer\Application Data\Media Player Classic 2010-05-03 16:50 . 2008-04-14 23:32 26624 ----a-w- c:\documents and settings\LocalService.NT AUTHORITY\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll 2010-05-03 16:27 . 2001-08-17 19:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys 2010-05-03 16:26 . 2008-04-14 20:04 58112 ----a-w- c:\windows\system32\drivers\redbook.sys 2010-05-03 16:26 . 2001-08-17 19:46 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys 2010-05-03 16:26 . 2008-04-14 20:32 76288 ----a-w- c:\windows\system32\usbui.dll 2010-05-03 16:24 . 2008-04-14 23:33 146944 ----a-w- c:\windows\system\WINSPOOL.DRV 2010-05-03 16:21 . 2010-05-03 16:23 -------- d-----w- c:\windows\system32\drivers\UMDF 2010-05-03 16:21 . 2010-05-03 16:23 -------- d-----w- c:\windows\L2Schemas 2010-05-03 16:21 . 2010-05-03 16:22 -------- d-----w- c:\windows\system32\nl 2010-05-03 16:21 . 2010-05-03 16:22 -------- d-----w- c:\windows\ehome 2010-05-03 16:21 . 2010-05-03 14:30 -------- d-----w- c:\windows\system32\nl-nl . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-04 08:04 . 2010-05-03 14:41 -------- d-----w- c:\documents and settings\speelkamer\Application Data\uTorrent 2010-05-04 07:42 . 2010-05-03 14:34 -------- d-----w- c:\program files\Microsoft Silverlight 2010-05-03 20:24 . 2010-05-03 15:25 43680 ----a-w- c:\documents and settings\speelkamer\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-05-03 20:23 . 2001-09-07 14:00 77628 ----a-w- c:\windows\system32\perfc013.dat 2010-05-03 20:23 . 2001-09-07 14:00 458570 ----a-w- c:\windows\system32\perfh013.dat 2010-05-03 17:18 . 2010-05-03 14:29 -------- d-----w- c:\program files\Unlocker 2010-05-03 17:04 . 2010-05-03 14:50 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-05-03 17:04 . 2010-05-03 14:42 -------- d-----w- c:\program files\Common Files\InstallShield 2010-05-03 17:00 . 2010-05-03 16:59 -------- d-----w- c:\program files\K-Lite Codec Pack 2010-05-03 16:10 . 2010-05-03 14:52 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\NortonInstaller 2010-05-03 16:00 . 2010-05-03 14:53 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton 2010-05-03 15:55 . 2010-05-03 14:34 -------- d-----w- c:\program files\uTorrent 2010-05-03 14:58 . 2010-05-03 14:53 -------- d-----w- c:\program files\Common Files\Symantec Shared 2010-05-03 14:53 . 2010-05-03 14:53 -------- d-----w- c:\program files\Symantec 2010-05-03 14:53 . 2010-05-03 14:53 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF 2010-05-03 14:53 . 2010-05-03 14:53 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT 2010-05-03 14:53 . 2010-05-03 14:53 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL 2010-05-03 14:53 . 2010-05-03 14:53 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2010-05-03 14:53 . 2010-05-03 14:53 -------- d-----w- c:\program files\Norton Internet Security 2010-05-03 14:53 . 2010-05-03 14:53 -------- d-----w- c:\program files\Windows Sidebar 2010-05-03 14:52 . 2010-05-03 14:52 -------- d-----w- c:\program files\NortonInstaller 2010-05-03 14:51 . 2010-05-03 14:51 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys 2010-05-03 14:50 . 2010-05-03 14:50 -------- d-----w- c:\program files\Belkin 2010-05-03 14:50 . 2010-05-03 14:50 -------- d-----w- c:\documents and settings\speelkamer\Application Data\InstallShield 2010-05-03 14:46 . 2010-05-03 14:46 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\nView_Profiles 2010-05-03 14:41 . 2010-05-03 14:34 -------- d-----w- c:\program files\1by1 2010-05-03 14:34 . 2010-05-03 14:34 -------- d-----w- c:\program files\PicPick 2010-05-03 14:34 . 2010-05-03 14:34 -------- d-----w- c:\program files\Drive Space Indicator 2010-05-03 14:34 . 2010-05-03 14:30 -------- d-----w- c:\program files\Windows Media Connect 2 2010-05-03 14:33 . 2010-05-03 14:33 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-05-03 14:30 . 2010-05-03 14:30 21748 ----a-w- c:\windows\system32\emptyregdb.dat 2010-05-03 14:29 . 2010-05-03 14:29 -------- d-----w- c:\program files\HashTab Shell Extension 2010-05-03 14:29 . 2010-05-03 14:29 -------- d-----w- c:\program files\Microsoft PowerToys 2010-05-03 13:57 . 2010-05-03 13:57 -------- d-----w- c:\program files\microsoft frontpage 2010-03-25 23:29 . 2010-05-03 14:53 786800 ----a-r- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\coFFPlgn.dll 2010-03-24 18:40 . 2010-03-24 18:40 678960 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHDrvx64.sys 2010-03-24 18:40 . 2010-03-24 18:40 611216 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\bbRGen.dll 2010-03-24 18:40 . 2010-03-24 18:40 536112 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHDrvx86.sys 2010-03-24 18:40 . 2010-03-24 18:40 201616 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHRules.dll 2010-03-24 18:40 . 2010-03-24 18:40 1407888 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHEngine.dll . ((((((((((((((((((((((((((((( SnapShot@2010-05-03_18.15.31 ))))))))))))))))))))))))))))))))))))))))) . + 2010-05-04 07:44 . 2010-05-04 07:44 16384 c:\windows\Temp\Perflib_Perfdata_e28.dat + 2009-07-15 11:19 . 2009-08-06 17:24 44768 c:\windows\system32\wups2.dll + 2010-05-03 14:31 . 2009-08-06 17:24 35552 c:\windows\system32\wups.dll + 2010-05-03 14:34 . 2008-07-08 13:07 18808 c:\windows\system32\spmsg.dll + 2001-09-07 14:00 . 2010-05-03 20:23 59440 c:\windows\system32\perfc009.dat + 2005-09-23 05:28 . 2005-09-23 05:28 32768 c:\windows\system32\netfxperf.dll + 2005-09-23 05:28 . 2005-09-23 05:28 74240 c:\windows\system32\mscories.dll + 2010-05-03 14:31 . 2009-08-06 17:24 35552 c:\windows\system32\dllcache\wups.dll + 2005-09-23 05:28 . 2005-09-23 05:28 83456 c:\windows\system32\dfshim.dll + 2008-04-14 23:32 . 2010-01-13 14:06 87040 c:\windows\system32\cabview.dll + 2005-09-23 05:28 . 2005-09-23 05:28 28160 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll + 2005-09-23 05:28 . 2005-09-23 05:28 71680 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL + 2005-09-23 05:28 . 2005-09-23 05:28 86016 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll + 2005-09-23 05:28 . 2005-09-23 05:28 47616 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll + 2005-09-23 05:28 . 2005-09-23 05:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll + 2005-09-23 05:28 . 2005-09-23 05:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll + 2005-09-23 05:29 . 2005-09-23 05:29 85504 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll + 2005-09-23 05:29 . 2005-09-23 05:29 59072 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe + 2005-09-23 05:28 . 2005-09-23 05:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe + 2005-09-23 05:28 . 2005-09-23 05:28 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe + 2005-09-23 05:28 . 2005-09-23 05:28 78336 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll + 2005-09-23 05:28 . 2005-09-23 05:28 14848 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll + 2005-09-23 05:28 . 2005-09-23 05:28 96440 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe + 2005-09-23 05:29 . 2005-09-23 05:29 22528 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll + 2005-09-23 05:28 . 2005-09-23 05:28 10240 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll + 2005-09-23 05:28 . 2005-09-23 05:28 66240 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe + 2005-09-23 05:28 . 2005-09-23 05:28 67072 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll + 2005-09-23 05:28 . 2005-09-23 05:28 81408 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll + 2005-09-23 05:28 . 2005-09-23 05:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll + 2005-09-23 05:28 . 2005-09-23 05:28 73216 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll + 2005-09-23 05:28 . 2005-09-23 05:28 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe + 2005-09-23 05:28 . 2005-09-23 05:28 87552 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll + 2005-09-23 05:28 . 2005-09-23 05:28 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2005-09-23 05:28 . 2005-09-23 05:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll + 2005-09-23 05:28 . 2005-09-23 05:28 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll + 2005-09-23 05:28 . 2005-09-23 05:28 73728 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll + 2005-09-23 05:28 . 2005-09-23 05:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll + 2005-09-23 04:36 . 2005-09-23 04:36 85504 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3082.dll + 2005-09-23 04:29 . 2005-09-23 04:29 80896 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.3076.dll + 2005-09-23 04:47 . 2005-09-23 04:47 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2070.dll + 2005-09-23 04:30 . 2005-09-23 04:30 80896 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.2052.dll + 2005-09-23 04:47 . 2005-09-23 04:47 80896 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1055.dll + 2005-09-23 04:47 . 2005-09-23 04:47 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1053.dll + 2005-09-23 04:47 . 2005-09-23 04:47 82432 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1049.dll + 2005-09-23 04:47 . 2005-09-23 04:47 82432 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1046.dll + 2005-09-23 04:46 . 2005-09-23 04:46 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1045.dll + 2005-09-23 04:46 . 2005-09-23 04:46 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1044.dll + 2005-09-23 04:46 . 2005-09-23 04:46 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1043.dll + 2005-09-23 04:44 . 2005-09-23 04:44 80896 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1042.dll + 2005-09-23 04:42 . 2005-09-23 04:42 80896 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1041.dll + 2005-09-23 04:40 . 2005-09-23 04:40 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1040.dll + 2005-09-23 04:40 . 2005-09-23 04:40 83968 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1038.dll + 2005-09-23 04:40 . 2005-09-23 04:40 80896 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1037.dll + 2005-09-23 04:38 . 2005-09-23 04:38 86016 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1036.dll + 2005-09-23 04:38 . 2005-09-23 04:38 81408 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1035.dll + 2005-09-23 01:46 . 2005-09-23 01:46 80896 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1033.dll + 2005-09-23 04:36 . 2005-09-23 04:36 87552 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1032.dll + 2005-09-23 04:34 . 2005-09-23 04:34 85504 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1031.dll + 2005-09-23 04:34 . 2005-09-23 04:34 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1030.dll + 2005-09-23 04:34 . 2005-09-23 04:34 82944 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1029.dll + 2005-09-23 04:32 . 2005-09-23 04:32 80896 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1028.dll + 2005-09-23 04:29 . 2005-09-23 04:29 80896 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.res.1025.dll + 2005-09-23 05:28 . 2005-09-23 05:28 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe + 2005-09-23 05:28 . 2005-09-23 05:28 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll + 2005-09-23 05:28 . 2005-09-23 05:28 55296 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll + 2005-09-23 05:28 . 2005-09-23 05:28 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe + 2005-09-23 05:28 . 2005-09-23 05:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll + 2005-09-23 05:28 . 2005-09-23 05:28 52736 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll + 2005-09-23 05:28 . 2005-09-23 05:28 31936 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe + 2005-09-23 05:28 . 2005-09-23 05:28 68608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll + 2005-09-23 05:28 . 2005-09-23 05:28 17920 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll + 2005-09-23 05:28 . 2005-09-23 05:28 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll + 2005-09-23 05:28 . 2005-09-23 05:28 76984 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe + 2005-09-23 05:28 . 2005-09-23 05:28 88576 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll + 2005-09-23 05:28 . 2005-09-23 05:28 29888 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe + 2005-09-23 05:28 . 2005-09-23 05:28 29896 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe + 2005-09-23 05:28 . 2005-09-23 05:28 26824 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe + 2005-09-23 05:28 . 2005-09-23 05:28 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe + 2005-09-23 05:28 . 2005-09-23 05:28 70656 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll + 2005-09-23 05:28 . 2005-09-23 05:28 23552 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll + 2005-09-23 05:28 . 2005-09-23 05:28 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll + 2005-09-23 05:28 . 2005-09-23 05:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe + 2005-09-23 05:28 . 2005-09-23 05:28 55488 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe + 2005-09-23 05:28 . 2005-09-23 05:28 87552 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll + 2005-09-23 05:28 . 2005-09-23 05:28 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll + 2005-09-23 05:28 . 2005-09-23 05:28 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll + 2005-09-23 05:28 . 2005-09-23 05:28 86528 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll + 2005-09-23 05:28 . 2005-09-23 05:28 72704 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe + 2010-05-04 07:42 . 2009-08-30 00:17 47408 c:\windows\LastGood\system32\DRIVERS\SymIM.sys + 2010-05-03 20:37 . 2010-05-03 20:37 81920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\1348f116e9453848a29749457dd2012b\Microsoft.Build.Framework.ni.dll + 2010-05-03 20:36 . 2010-05-03 20:36 15360 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\b32f1a2607f9c242aaa62aa68d285c28\dfsvc.ni.exe + 2010-05-03 20:36 . 2010-05-03 20:36 26624 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\26758e8d5bacea42ad5621a6c205b6d9\Accessibility.ni.dll + 2010-05-03 20:19 . 2010-05-03 20:19 86016 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2010-05-03 20:19 . 2010-05-03 20:19 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2010-05-03 20:19 . 2010-05-03 20:19 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2010-05-03 20:19 . 2010-05-03 20:19 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2010-05-03 20:19 . 2010-05-03 20:19 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2010-05-03 20:19 . 2010-05-03 20:19 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2010-05-03 20:19 . 2010-05-03 20:19 73728 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2010-05-03 20:19 . 2010-05-03 20:19 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2010-05-03 20:19 . 2010-05-03 20:19 36864 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2010-05-03 20:19 . 2010-05-03 20:19 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2010-05-03 20:19 . 2010-05-03 20:19 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2010-05-03 20:19 . 2010-05-03 20:19 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2010-05-03 20:19 . 2010-05-03 20:19 68608 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2005-09-23 05:29 . 2005-09-23 05:29 6144 c:\windows\system32\mui\0409\mscorees.dll + 2005-09-23 05:28 . 2005-09-23 05:28 7680 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll + 2005-09-23 05:28 . 2005-09-23 05:28 9216 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll + 2005-09-23 05:28 . 2005-09-23 05:28 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll + 2005-09-23 05:29 . 2005-09-23 05:29 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll + 2005-09-23 05:28 . 2005-09-23 05:28 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll + 2005-09-23 05:28 . 2005-09-23 05:28 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll + 2005-09-23 05:28 . 2005-09-23 05:28 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe + 2005-09-23 05:28 . 2005-09-23 05:28 9216 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll + 2005-09-23 05:28 . 2005-09-23 05:28 4608 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe + 2005-09-23 05:28 . 2005-09-23 05:28 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll + 2005-09-23 05:28 . 2005-09-23 05:28 4608 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll + 2005-09-23 05:28 . 2005-09-23 05:28 7680 c:\windows\Microsoft.NET\Framework\SharedReg12.dll + 2005-09-23 05:28 . 2005-09-23 05:28 7680 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll + 2005-09-23 05:28 . 2005-09-23 05:28 7680 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll + 2005-09-23 05:28 . 2005-09-23 05:28 7680 c:\windows\Microsoft.NET\Framework\sbscmp10.dll + 2005-09-23 05:29 . 2005-09-23 05:29 5120 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll + 2005-09-23 05:29 . 2005-09-23 05:29 5120 c:\windows\Microsoft.NET\Framework\sbs_VsaVb7rt.dll + 2005-09-23 05:29 . 2005-09-23 05:29 5120 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll + 2005-09-23 05:29 . 2005-09-23 05:29 5120 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll + 2005-09-23 05:29 . 2005-09-23 05:29 5120 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll + 2005-09-23 05:29 . 2005-09-23 05:29 5120 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll + 2005-09-23 05:29 . 2005-09-23 05:29 5120 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll + 2005-09-23 05:29 . 2005-09-23 05:29 5120 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll + 2005-09-23 05:29 . 2005-09-23 05:29 5632 c:\windows\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll + 2005-09-23 05:29 . 2005-09-23 05:29 5120 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll + 2005-09-23 05:29 . 2005-09-23 05:29 5120 c:\windows\Microsoft.NET\Framework\sbs_iehost.dll + 2005-09-23 05:29 . 2005-09-23 05:29 5120 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll + 2010-05-03 20:19 . 2010-05-03 20:19 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2010-05-03 20:20 . 2010-05-03 20:20 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2010-05-03 20:19 . 2010-05-03 20:19 5632 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2010-05-03 20:19 . 2010-05-03 20:19 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2010-05-03 20:19 . 2010-05-03 20:19 114176 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2010-05-03 20:19 . 2010-05-03 20:19 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2008-04-14 23:32 . 2009-12-24 07:05 177664 c:\windows\system32\wintrust.dll + 2001-09-07 14:00 . 2010-05-03 20:23 395200 c:\windows\system32\perfh009.dat + 2005-09-23 05:28 . 2005-09-23 05:28 150016 c:\windows\system32\mscorier.dll + 2005-09-23 05:28 . 2005-09-23 05:28 270848 c:\windows\system32\mscoree.dll + 2010-05-03 16:24 . 2010-05-04 07:42 185816 c:\windows\system32\FNTCACHE.DAT + 2005-09-23 05:28 . 2005-09-23 05:28 298496 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll + 2005-09-23 05:28 . 2005-09-23 05:28 823296 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll + 2005-09-23 05:28 . 2005-09-23 05:28 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll + 2005-09-23 05:28 . 2005-09-23 05:28 260096 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll + 2005-09-23 05:28 . 2005-09-23 05:28 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll + 2005-09-23 05:28 . 2005-09-23 05:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll + 2005-09-23 05:28 . 2005-09-23 05:28 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll + 2005-09-23 05:28 . 2005-09-23 05:28 299008 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll + 2005-09-23 05:28 . 2005-09-23 05:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll + 2005-09-23 05:28 . 2005-09-23 05:28 368640 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll + 2005-09-23 05:28 . 2005-09-23 05:28 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll + 2005-09-23 05:28 . 2005-09-23 05:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll + 2005-09-23 05:28 . 2005-09-23 05:28 700416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll + 2005-09-23 05:28 . 2005-09-23 05:28 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll + 2005-09-23 05:28 . 2005-09-23 05:28 397312 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll + 2005-09-23 05:28 . 2005-09-23 05:28 884736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll + 2005-09-23 05:28 . 2005-09-23 05:28 716800 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll + 2005-09-23 05:28 . 2005-09-23 05:28 482304 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll + 2005-09-23 05:28 . 2005-09-23 05:28 389120 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll + 2005-09-23 05:28 . 2005-09-23 05:28 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll + 2005-09-23 05:28 . 2005-09-23 05:28 377344 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll + 2005-09-23 05:28 . 2005-09-23 05:28 107520 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll + 2005-09-23 05:28 . 2005-09-23 05:28 136192 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll + 2005-09-23 05:28 . 2005-09-23 05:28 226816 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll + 2005-09-23 05:29 . 2005-09-23 05:29 330752 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll + 2005-09-23 05:28 . 2005-09-23 05:28 102400 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll + 2005-09-23 05:28 . 2005-09-23 05:28 326144 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll + 2005-09-23 05:28 . 2005-09-23 05:28 288768 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll + 2005-09-23 05:28 . 2005-09-23 05:28 800768 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2005-09-23 05:29 . 2005-09-23 05:29 667648 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll + 2005-09-23 05:29 . 2005-09-23 05:29 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll + 2005-09-23 05:29 . 2005-09-23 05:29 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll + 2005-09-23 05:28 . 2005-09-23 05:28 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll + 2005-09-23 05:28 . 2005-09-23 05:28 647168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll + 2005-09-23 05:28 . 2005-09-23 05:28 413696 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll + 2005-09-23 05:57 . 2005-09-23 05:57 245408 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\unicows.dll + 2005-09-23 05:01 . 2005-09-23 05:01 609472 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe + 2005-09-23 05:28 . 2005-09-23 05:28 224952 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe + 2005-09-23 05:28 . 2005-09-23 05:28 788992 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll + 2005-09-23 05:29 . 2005-09-23 05:29 547840 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll + 2005-09-23 05:28 . 2005-09-23 05:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe + 2005-09-23 05:28 . 2005-09-23 05:28 503808 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll + 2005-09-23 05:28 . 2005-09-23 05:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe + 2005-09-23 05:28 . 2005-09-23 05:28 138240 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll + 2005-09-23 05:28 . 2005-09-23 05:28 208896 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll + 2005-09-23 05:29 . 2005-09-23 05:29 183808 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll + 2005-09-23 05:28 . 2005-09-23 05:28 136192 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll + 2010-05-03 20:24 . 2010-05-03 20:24 585216 c:\windows\Installer\10af811.msi + 2010-05-03 20:37 . 2010-05-03 20:37 237568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\2aa1baa72afa764c8b3f143f600796f5\System.Web.RegularExpressions.ni.dll + 2010-05-03 20:37 . 2010-05-03 20:37 684032 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\211e26de90342942b8a8f1b8ec8e0b25\System.Transactions.ni.dll + 2010-05-03 20:37 . 2010-05-03 20:37 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\3a79222919a5e34ebd747c7d3835bd09\System.Security.ni.dll + 2010-05-03 20:37 . 2010-05-03 20:37 294912 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\a371f4f93f481348948c6f91b55a25e5\System.EnterpriseServices.Wrapper.dll + 2010-05-03 20:37 . 2010-05-03 20:37 659456 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\a371f4f93f481348948c6f91b55a25e5\System.EnterpriseServices.ni.dll + 2010-05-03 20:21 . 2010-05-03 20:21 229376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\7f37438514a7ec4e90fea471308a66a8\System.Drawing.Design.ni.dll + 2010-05-03 20:37 . 2010-05-03 20:37 512000 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\283bf546eb96f742ae319738ebddf3ea\System.DirectoryServices.Protocols.ni.dll + 2010-05-03 20:37 . 2010-05-03 20:37 962560 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e5c0047f1b3fbf43a0c8f68475c60bfa\System.Configuration.ni.dll + 2010-05-03 20:37 . 2010-05-03 20:37 163840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\894848ff05ab1d49b40e06c0e70b130d\Microsoft.Build.Utilities.ni.dll + 2010-05-03 20:36 . 2010-05-03 20:36 880640 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\ef9b09288eef4140a049b5b862b20097\Microsoft.Build.Engine.ni.dll + 2010-05-03 20:36 . 2010-05-03 20:36 237568 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\143622ea7a97a040935a3c93edd0df3c\CustomMarshalers.ni.dll + 2010-05-03 20:36 . 2010-05-03 20:36 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\b2da5f8171f291428de105db6ce65c8c\AspNetMMCExt.ni.dll + 2010-05-03 20:19 . 2010-05-03 20:19 823296 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2010-05-03 20:20 . 2010-05-03 20:20 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2010-05-03 20:19 . 2010-05-03 20:19 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2010-05-03 20:19 . 2010-05-03 20:19 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2010-05-03 20:20 . 2010-05-03 20:20 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2010-05-03 20:20 . 2010-05-03 20:20 299008 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2010-05-03 20:20 . 2010-05-03 20:20 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2010-05-03 20:19 . 2010-05-03 20:19 368640 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2010-05-03 20:20 . 2010-05-03 20:20 700416 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2010-05-03 20:19 . 2010-05-03 20:19 397312 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2010-05-03 20:19 . 2010-05-03 20:19 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2010-05-03 20:19 . 2010-05-03 20:19 884736 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2010-05-03 20:19 . 2010-05-03 20:19 716800 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2010-05-03 20:20 . 2010-05-03 20:20 389120 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2010-05-03 20:20 . 2010-05-03 20:20 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2010-05-03 20:20 . 2010-05-03 20:20 667648 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2010-05-03 20:20 . 2010-05-03 20:20 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2010-05-03 20:20 . 2010-05-03 20:20 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2010-05-03 20:19 . 2010-05-03 20:19 745472 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2010-05-03 20:19 . 2010-05-03 20:19 647168 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2010-05-03 20:19 . 2010-05-03 20:19 413696 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2010-05-03 20:19 . 2010-05-03 20:19 503808 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2010-05-03 20:20 . 2010-05-03 20:20 260096 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2010-05-03 20:19 . 2010-05-03 20:19 114176 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2010-05-03 20:19 . 2010-05-03 20:19 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2010-05-03 20:19 . 2010-05-03 20:19 482304 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2005-09-23 05:28 . 2005-09-23 05:28 1306624 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll + 2005-09-23 05:29 . 2005-09-23 05:29 1140920 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe + 2005-09-23 05:28 . 2005-09-23 05:28 2035712 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll + 2005-09-23 05:28 . 2005-09-23 05:28 5316608 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2005-09-23 05:28 . 2005-09-23 05:28 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll + 2005-09-23 05:28 . 2005-09-23 05:28 3018752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll + 2005-09-23 05:28 . 2005-09-23 05:28 5050368 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll + 2005-09-23 05:28 . 2005-09-23 05:28 2878976 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll + 2005-09-23 05:28 . 2005-09-23 05:28 5615616 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2005-09-23 05:28 . 2005-09-23 05:28 4308992 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2005-09-23 05:28 . 2005-09-23 05:28 1144832 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll + 2010-05-03 20:20 . 2010-05-03 20:20 2109440 c:\windows\Installer\fee753.msi + 2010-05-03 20:21 . 2010-05-03 20:21 8093696 c:\windows\assembly\NativeImages_v2.0.50727_32\System\43360ea27a19f84ea0dd4c7c76568e79\System.ni.dll + 2010-05-03 20:22 . 2010-05-03 20:22 5640192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\525359eb0f02cd408cdc93296b9ff4f4\System.Xml.ni.dll + 2010-05-03 20:37 . 2010-05-03 20:37 1945600 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\cdc026f17715ab47a8458adcb24f9a75\System.Web.Services.ni.dll + 2010-05-03 20:37 . 2010-05-03 20:37 2310144 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\a1d93014e88ae7409e5dd86fdc0236f9\System.Web.Mobile.ni.dll + 2010-05-03 20:21 . 2010-05-03 20:21 1626112 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9c892ad6d504604ab125566d7161a8ed\System.Drawing.ni.dll + 2010-05-03 20:37 . 2010-05-03 20:37 1220608 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\30ceb49b4b835240b43c0e7d1b98cb45\System.DirectoryServices.ni.dll + 2010-05-03 20:37 . 2010-05-03 20:37 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\57c2b8ffdcb2c741ac105cfcd96981c3\System.Deployment.ni.dll + 2010-05-03 20:22 . 2010-05-03 20:22 6688768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\5a8919a25baea14b9f97892b04db05ba\System.Data.ni.dll + 2010-05-03 20:37 . 2010-05-03 20:37 1724416 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\26ae331d6465a64cbb2c4b32099fee61\Microsoft.VisualBasic.ni.dll + 2010-05-03 20:37 . 2010-05-03 20:37 1691648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\af9da9e4acb658469dc1e0274573d950\Microsoft.Build.Tasks.ni.dll + 2010-05-03 20:20 . 2010-05-03 20:20 3018752 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2010-05-03 20:19 . 2010-05-03 20:19 2035712 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2010-05-03 20:19 . 2010-05-03 20:19 5316608 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2010-05-03 20:19 . 2010-05-03 20:19 5050368 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2010-05-03 20:19 . 2010-05-03 20:19 5025792 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2010-05-03 20:19 . 2010-05-03 20:19 2878976 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2010-05-03 20:19 . 2010-05-03 20:19 4308992 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2005-09-23 05:48 . 2005-09-23 05:48 24863744 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\netfx.msi + 2010-05-03 20:22 . 2010-05-03 20:22 13107200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9add8f0e7d7c364998f393da97ab5ad3\System.Windows.Forms.ni.dll + 2010-05-03 20:37 . 2010-05-03 20:37 11808768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\ddf3acbca9fd714ebc6253f651b47db1\System.Web.ni.dll + 2010-05-03 20:23 . 2010-05-03 20:23 10723328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\0cfc8ff7b6cf15488435c45aff387fdf\System.Design.ni.dll + 2010-05-03 20:20 . 2010-05-03 20:20 11415552 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\847e5fca7a02044d84279cf2538fa215\mscorlib.ni.dll . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-01 15872] "DriveSpace"="c:\program files\Drive Space Indicator\DrvSpace.exe" [2009-04-18 417761] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-06-15 6803456] "nwiz"="nwiz.exe" [2005-06-15 1519616] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-06-15 86016] "F5D8055v2"="c:\program files\Belkin\F5D8055\v2\Belkinwcui.exe" [2009-04-08 1662976] "SoundMan"="SOUNDMAN.EXE" [2004-11-15 77824] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_3"="advpack.dll" [2009-04-29 124928] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1106000.020\symds.sys [3-5-2010 18:11 328752] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1106000.020\symefa.sys [3-5-2010 18:11 172592] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHDrvx86.sys [24-3-2010 20:40 536112] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1106000.020\cchpx86.sys [3-5-2010 18:11 501888] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1106000.020\ironx86.sys [3-5-2010 18:11 116784] R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.6.0.32\ccsvchst.exe [3-5-2010 18:10 126392] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [3-5-2010 16:53 102448] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100429.001\IDSXpx86.sys [3-5-2010 21:44 329592] --- Andere Services/Drivers In Geheugen --- *NewlyCreated* - GTNDIS5 . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.com/ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-05-04 10:09 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.6.0.32\diMaster.dll\" /prefetch:1" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(2384) c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2010-05-04 10:10:33 ComboFix-quarantined-files.txt 2010-05-04 08:10 ComboFix2.txt 2010-05-03 18:16 Pre-Run: 172.695.085.056 bytes beschikbaar Post-Run: 172.745.093.120 bytes beschikbaar - - End Of File - - FBE8405DAB32166C38462CBEE82038D4 ------------------------------------------------ Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:26:50, on 4-5-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.21045) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Drive Space Indicator\DrvSpace.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe C:\Program Files\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\uTorrent\uTorrent.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\IPSBHO.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\coIEPlg.dll O4 - HKLM\..\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe -H O4 - HKLM\..\Run: [DriveSpace] "C:\Program Files\Drive Space Indicator\DrvSpace.exe" /STARTUP O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [F5D8055v2] C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 3935 bytes
-
ComboFix 10-05-03.01 - speelkamer 03-05-2010 20:11:12.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.511.187 [GMT 2:00] Gestart vanuit: c:\documents and settings\speelkamer\Mijn documenten\ComboFix.exe AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\WindowsUpdate . (((((((((((((((((((( Bestanden Gemaakt van 2010-04-03 to 2010-05-03 )))))))))))))))))))))))))))))) . 2010-05-03 17:47 . 2010-05-03 17:47 -------- d-----w- c:\program files\Microsoft Office Outlook Connector 2010-05-03 17:47 . 2010-05-03 17:47 -------- d-----w- c:\program files\Microsoft 2010-05-03 17:47 . 2010-05-03 17:47 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-05-03 17:44 . 2010-05-03 17:44 -------- d-----w- c:\program files\Common Files\Windows Live 2010-05-03 17:41 . 2010-05-03 17:41 -------- d-----w- c:\program files\Microsoft Works 2010-05-03 17:37 . 2010-05-03 17:37 -------- d-----w- c:\documents and settings\speelkamer\Local Settings\Application Data\Microsoft Help 2010-05-03 17:37 . 2010-05-03 17:42 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help 2010-05-03 17:37 . 2010-05-03 17:37 -------- d-----r- C:\MSOCache 2010-05-03 17:05 . 2008-04-13 20:15 6272 ----a-w- c:\windows\system32\drivers\splitter.sys 2010-05-03 17:05 . 2008-04-13 20:47 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys 2010-05-03 17:05 . 2008-04-13 20:15 52864 ----a-w- c:\windows\system32\drivers\DMusic.sys 2010-05-03 17:05 . 2008-04-13 20:15 56576 ----a-w- c:\windows\system32\drivers\swmidi.sys 2010-05-03 17:05 . 2008-04-13 18:09 142592 ----a-w- c:\windows\system32\drivers\aec.sys 2010-05-03 17:05 . 2008-04-13 20:15 172416 ----a-w- c:\windows\system32\drivers\kmixer.sys 2010-05-03 17:05 . 2008-04-13 20:15 2944 ----a-w- c:\windows\system32\drivers\drmkaud.sys 2010-05-03 17:05 . 2008-04-13 20:45 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys 2010-05-03 17:05 . 2008-04-13 20:09 7552 ----a-w- c:\windows\system32\drivers\MSKSSRV.sys 2010-05-03 17:05 . 2008-04-13 20:09 4992 ----a-w- c:\windows\system32\drivers\MSPQM.sys 2010-05-03 17:05 . 2008-04-13 20:09 5376 ----a-w- c:\windows\system32\drivers\MSPCLOCK.sys 2010-05-03 17:04 . 2008-04-14 18:32 4096 ----a-w- c:\windows\system32\ksuser.dll 2010-05-03 17:04 . 2008-03-21 09:35 146048 ----a-w- c:\windows\system32\drivers\portcls.sys 2010-05-03 17:04 . 2008-04-13 20:15 60160 ----a-w- c:\windows\system32\drivers\drmk.sys 2010-05-03 17:04 . 2010-05-03 17:04 -------- d-----w- c:\program files\Realtek Sound Manager 2010-05-03 17:04 . 2010-05-03 17:04 -------- d-----w- c:\program files\AvRack 2010-05-03 17:04 . 2004-11-17 11:05 2297664 ----a-w- c:\windows\system32\drivers\ALCXWDM.SYS 2010-05-03 17:04 . 2004-11-15 10:20 77824 ----a-w- c:\windows\SOUNDMAN.EXE 2010-05-03 17:04 . 2004-10-27 07:47 40960 ------w- c:\windows\system32\ChCfg.exe 2010-05-03 17:04 . 2004-09-07 06:23 156672 ----a-w- c:\windows\system32\RTLCPAPI.dll 2010-05-03 17:04 . 2004-11-17 08:11 9319936 ----a-w- c:\windows\system32\RTLCPL.EXE 2010-05-03 17:04 . 2004-11-05 08:29 208896 ------w- c:\windows\alcupd.exe 2010-05-03 17:04 . 2004-09-01 12:04 139264 ------w- c:\windows\alcrmv.exe 2010-05-03 17:01 . 2010-05-03 17:02 -------- d-----w- c:\documents and settings\speelkamer\Application Data\Media Player Classic 2010-05-03 16:50 . 2008-04-14 23:32 26624 ----a-w- c:\documents and settings\LocalService.NT AUTHORITY\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll 2010-05-03 16:27 . 2001-08-17 19:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys 2010-05-03 16:26 . 2008-04-14 20:04 58112 ----a-w- c:\windows\system32\drivers\redbook.sys 2010-05-03 16:26 . 2001-08-17 19:46 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys 2010-05-03 16:26 . 2008-04-14 20:32 76288 ----a-w- c:\windows\system32\usbui.dll 2010-05-03 16:24 . 2008-04-14 23:33 146944 ----a-w- c:\windows\system\WINSPOOL.DRV 2010-05-03 16:21 . 2010-05-03 16:23 -------- d-----w- c:\windows\system32\drivers\UMDF 2010-05-03 16:21 . 2010-05-03 16:23 -------- d-----w- c:\windows\L2Schemas 2010-05-03 16:21 . 2010-05-03 16:22 -------- d-----w- c:\windows\system32\nl 2010-05-03 16:21 . 2010-05-03 16:22 -------- d-----w- c:\windows\ehome 2010-05-03 16:21 . 2010-05-03 14:30 -------- d-----w- c:\windows\system32\nl-nl . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-03 18:15 . 2010-05-03 14:41 -------- d-----w- c:\documents and settings\speelkamer\Application Data\uTorrent 2010-05-03 17:58 . 2001-09-07 14:00 54464 ----a-w- c:\windows\system32\perfc013.dat 2010-05-03 17:58 . 2001-09-07 14:00 367286 ----a-w- c:\windows\system32\perfh013.dat 2010-05-03 17:48 . 2010-05-03 14:34 -------- d-----w- c:\program files\Microsoft Silverlight 2010-05-03 17:43 . 2010-05-03 15:25 42032 ----a-w- c:\documents and settings\speelkamer\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-05-03 17:18 . 2010-05-03 14:29 -------- d-----w- c:\program files\Unlocker 2010-05-03 17:04 . 2010-05-03 14:50 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-05-03 17:04 . 2010-05-03 14:42 -------- d-----w- c:\program files\Common Files\InstallShield 2010-05-03 17:00 . 2010-05-03 16:59 -------- d-----w- c:\program files\K-Lite Codec Pack 2010-05-03 16:10 . 2010-05-03 14:52 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\NortonInstaller 2010-05-03 16:00 . 2010-05-03 14:53 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton 2010-05-03 15:55 . 2010-05-03 14:34 -------- d-----w- c:\program files\uTorrent 2010-05-03 15:49 . 2010-05-03 15:49 84912 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100503.002\NAVENG.SYS 2010-05-03 15:49 . 2010-05-03 15:49 1324720 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100503.002\NAVEX15.SYS 2010-05-03 15:49 . 2010-05-03 15:49 2747440 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100503.002\CCERASER.DLL 2010-05-03 15:49 . 2010-05-03 15:49 259440 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100503.002\ECMSVR32.DLL 2010-05-03 14:58 . 2010-05-03 14:53 -------- d-----w- c:\program files\Common Files\Symantec Shared 2010-05-03 14:53 . 2010-05-03 14:53 -------- d-----w- c:\program files\Symantec 2010-05-03 14:53 . 2010-05-03 14:53 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF 2010-05-03 14:53 . 2010-05-03 14:53 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT 2010-05-03 14:53 . 2010-05-03 14:53 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL 2010-05-03 14:53 . 2010-05-03 14:53 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2010-05-03 14:53 . 2010-05-03 14:53 -------- d-----w- c:\program files\Norton Internet Security 2010-05-03 14:53 . 2010-05-03 14:53 -------- d-----w- c:\program files\Windows Sidebar 2010-05-03 14:52 . 2010-05-03 14:52 -------- d-----w- c:\program files\NortonInstaller 2010-05-03 14:51 . 2010-05-03 14:51 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys 2010-05-03 14:50 . 2010-05-03 14:50 -------- d-----w- c:\program files\Belkin 2010-05-03 14:50 . 2010-05-03 14:50 -------- d-----w- c:\documents and settings\speelkamer\Application Data\InstallShield 2010-05-03 14:46 . 2010-05-03 14:46 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\nView_Profiles 2010-05-03 14:41 . 2010-05-03 14:34 -------- d-----w- c:\program files\1by1 2010-05-03 14:34 . 2010-05-03 14:34 -------- d-----w- c:\program files\PicPick 2010-05-03 14:34 . 2010-05-03 14:34 -------- d-----w- c:\program files\Drive Space Indicator 2010-05-03 14:34 . 2010-05-03 14:30 -------- d-----w- c:\program files\Windows Media Connect 2 2010-05-03 14:33 . 2010-05-03 14:33 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-05-03 14:30 . 2010-05-03 14:30 21748 ----a-w- c:\windows\system32\emptyregdb.dat 2010-05-03 14:29 . 2010-05-03 14:29 -------- d-----w- c:\program files\HashTab Shell Extension 2010-05-03 14:29 . 2010-05-03 14:29 -------- d-----w- c:\program files\Microsoft PowerToys 2010-05-03 13:57 . 2010-05-03 13:57 -------- d-----w- c:\program files\microsoft frontpage 2010-03-24 18:40 . 2010-03-24 18:40 678960 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHDrvx64.sys 2010-03-24 18:40 . 2010-03-24 18:40 611216 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\bbRGen.dll 2010-03-24 18:40 . 2010-03-24 18:40 536112 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHDrvx86.sys 2010-03-24 18:40 . 2010-03-24 18:40 201616 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHRules.dll 2010-03-24 18:40 . 2010-03-24 18:40 1407888 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHEngine.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-01 15872] "DriveSpace"="c:\program files\Drive Space Indicator\DrvSpace.exe" [2009-04-18 417761] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-06-15 6803456] "nwiz"="nwiz.exe" [2005-06-15 1519616] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-06-15 86016] "F5D8055v2"="c:\program files\Belkin\F5D8055\v2\Belkinwcui.exe" [2009-04-08 1662976] "SoundMan"="SOUNDMAN.EXE" [2004-11-15 77824] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "_nltide_3"="advpack.dll" [2009-04-29 124928] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1106000.020\symds.sys [3-5-2010 18:11 328752] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1106000.020\symefa.sys [3-5-2010 18:11 172592] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100324.001\BHDrvx86.sys [24-3-2010 20:40 536112] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1106000.020\cchpx86.sys [3-5-2010 18:11 501888] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1106000.020\ironx86.sys [3-5-2010 18:11 116784] R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.6.0.32\ccsvchst.exe [3-5-2010 18:10 126392] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [3-5-2010 16:53 102448] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100422.002\IDSXpx86.sys [3-5-2010 17:50 329592] --- Andere Services/Drivers In Geheugen --- *NewlyCreated* - UDFS *NewlyCreated* - UPNPHOST . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.com/ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-05-03 20:15 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.6.0.32\diMaster.dll\" /prefetch:1" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(2944) c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2010-05-03 20:16:48 ComboFix-quarantined-files.txt 2010-05-03 18:16 Pre-Run: 179.207.786.496 bytes beschikbaar Post-Run: 179.342.995.456 bytes beschikbaar - - End Of File - - 7582011341FD26D0359B28860A1060F0
-
Nog even langzaam
-
Malwarebytes' Anti-Malware 1.46 Malwarebytes Databaseversie: 4060 Windows 5.1.2600 Service Pack 2 Internet Explorer 8.0.6001.18702 3-5-2010 12:55:45 mbam-log-2010-05-03 (12-55-45).txt Scantype: Snelle scan Objecten gescand: 111406 Verstreken tijd: 14 minuut/minuten, 0 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 4 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 1 Bestanden geïnfecteerd: 2 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{t5tbb77l-4678-0mkc-421q-14416031dyu6} (Generic.Bot.H) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{t5tbb77l-4678-0mkc-421q-14416031dyu6} (Password.Stealer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\RelatedPageInstall (Adware.Mirar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Cerberus (Backdoor.Trace) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: C:\WINDOWS\system32\Cerberus (Infostealer.Lineage) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\WINDOWS\system32\Cerberus\logs.dat (Infostealer.Lineage) -> Quarantined and deleted successfully. C:\WINDOWS\system32\Cerberus\plugin.dat (Infostealer.Lineage) -> Quarantined and deleted successfully.
-
Malwarebytes' Anti-Malware 1.46 Malwarebytes Databaseversie: 4060 Windows 5.1.2600 Service Pack 2 Internet Explorer 8.0.6001.18702 3-5-2010 12:09:01 mbam-log-2010-05-03 (12-09-01).txt Scantype: Snelle scan Objecten gescand: 111257 Verstreken tijd: 9 minuut/minuten, 30 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 4 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 1 Bestanden geïnfecteerd: 4 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{t5tbb77l-4678-0mkc-421q-14416031dyu6} (Generic.Bot.H) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{t5tbb77l-4678-0mkc-421q-14416031dyu6} (Password.Stealer) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\RelatedPageInstall (Adware.Mirar) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Cerberus (Backdoor.Trace) -> No action taken. Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: C:\WINDOWS\system32\Cerberus (Infostealer.Lineage) -> No action taken. Bestanden geïnfecteerd: C:\WINDOWS\system32\Cerberus\logs.dat (Infostealer.Lineage) -> No action taken. C:\WINDOWS\system32\Cerberus\plugin.dat (Infostealer.Lineage) -> No action taken. C:\5.exe (Trojan.Agent) -> No action taken. C:\F.exe (Trojan.Agent) -> No action taken. ------------------------------------------------------------------------------ Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:10:14, on 3-5-2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\NOTEPAD.EXE R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Microsoft Windows Update R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\IPSBHO.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [F5D8055v2] C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1272106465406 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- End of file - 6487 bytes
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:46:14, on 2-5-2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Avira\AntiVir Desktop\avmailc.exe C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE K:\Program Files\LimeWire Plus\LimeWire.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.startpagina.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Microsoft Windows Update R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - (no file) O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [F5D8055v2] C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [startup] C:\Documents and Settings\Eigenaar\Application Data\Microsoft\svchost.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\RunOnce: [RegistryDefrag Success Message] "C:\Program Files\TuneUp Utilities 2010\TUMessages.exe" /RegDefrag_Success O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1272106465406 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6830 bytes
-
Hallo, onze ouwe xp sp 2 is gewoon erg traag niks help heb het register al op geschoond met pc tools registry mecanic en met wise registry cleaner en ccleaner de rest. Bijgevoegd een defragmentatie logje. VolumeC.txt
-
Dan kijk in wel effe naar de nieuwste. Toch bedankt.
-
Ik zie het nergens waar je de taal kan veranderen. Of kijk ik er overheen?
-
ik vind v1 makelijker in gebruik.
-
Ik heb sinds vandaag norton 360 v1 volgens mij gedownload( trial) Maar de taal is engels en niet nederlands weet iemand hoe je dat kan instellen?
-
sweex 4 hub driver probleem
damoriamarti reageerde op damoriamarti's topic in Archief Andere software
Oke heb het nu opgelost. -
Hoi ik heb mijn computer gewoon opgestart en wou verder met mijn verslag die op mijn extere harde schijf staat die is aan gesloten op een sweex hub maar die pakte mijn computer niet meer is dit een driver probleem? Widows geeft aan dat dit een onbekend hardware is.
-
Dan ga ik het ook maar niet proberen.
-
Jammer maar kan recuva niks terug vinden?
-
Kan het echt niet vinden.
-
Ik heb per ongeluk de map verzonden items leeg gemaakt en verwijderd. Kan ik dat nog terug halen of is het hopeloos?
-
Ik heb een klein probleempje. Ik weet niet hou ik automatich hoofdletters in en uitschakel. Ben het wel een keer tegen gekomen maar ik weet niet meer waar.
-
avg probleempje
damoriamarti reageerde op damoriamarti's topic in Archief Bestrijding malware & virussen
mooi zo dus kan hij als opgelost staan Bedankt iedereen. -
avg probleempje
damoriamarti reageerde op damoriamarti's topic in Archief Bestrijding malware & virussen
Ok heb superantispyware p. Was niet gemakelijk maar het is gelukt Dus nu ben ik klaar?
