dany3

ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6419 # api_version=3.0.2 # EOSSerial=a3f81ddcd5c43f4e92467c95c07a9e7d # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2011-02-14 01:56:40 # local_time=2011-02-14 02:56:40 (+0100, Romance (standaardtijd)) # country="Belgium" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 539327 539327 0 0 # compatibility_mode=8192 67108863 100 0 3794 3794 0 0 # scanned=96184 # found=10 # cleaned=10 # scan_time=4242 C:\a_Danny\Muziek\De New Wave Top 100 radio Nostalgie dec.09\anne clark our darkness(Disk 1).mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan (cleaned - quarantined) 00000000000000000000000000000000 C C:\a_Danny\Muziek\De New Wave Top 100 radio Nostalgie dec.09\jah wobble jaki liebezeit how- original track.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan (cleaned - quarantined) 00000000000000000000000000000000 C C:\a_Danny\Muziek\De New Wave Top 100 radio Nostalgie dec.09\simple minds alive and kicking.wma probably a variant of Win32/Agent.GLICIDR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\a_Danny\Muziek\Mijn muziek\De New Wave Top 100 radio Nostalgie dec.09\anne clark our darkness(Disk 1).mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan (cleaned - quarantined) 00000000000000000000000000000000 C C:\a_Danny\Muziek\Mijn muziek\De New Wave Top 100 radio Nostalgie dec.09\jah wobble jaki liebezeit how- original track.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan (cleaned - quarantined) 00000000000000000000000000000000 C C:\a_Danny\Muziek\Mijn muziek\De New Wave Top 100 radio Nostalgie dec.09\simple minds alive and kicking.wma probably a variant of Win32/Agent.GLICIDR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\a_Danny\Muziek\Mijn muziek\Incomplete\Preview-T-4153328-jah wobble jaki liebezeit how- original track.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan (cleaned - quarantined) 00000000000000000000000000000000 C C:\a_Danny\Muziek\REEKS gizon\01benny by king me stand-192kb.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan (cleaned - quarantined) 00000000000000000000000000000000 C C:\a_Danny\Muziek\REEKS gizon\01brian ferry let s stick together-192kb.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan (cleaned - quarantined) 00000000000000000000000000000000 C C:\a_Danny\Muziek\REEKS gizon\01lady lynn i don't wanna dance-192kb.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan (cleaned - quarantined) 00000000000000000000000000000000 C ---------- Post toegevoegd om 17:17 ---------- Vorige post was om 17:14 ---------- als ik dit goed lees dan heft deze wel wat kwaads gevonden ...? niet, ik heb nogtans een werkende macefee 8.5.0.i met licentie.

mmm, probleempje bijgekomen, nu lijkt het of mijn scherm niet breed genoeg is, dwz dat de tekst verder door loopt rechts naast het scherm en ik naar rechts moet sccrollen om de ganse zinnen te kunnen lezen. verder ivm initieel probleem: het probleem is vooral lastig bij de pagina's als ik aan internetbankieren doe, er is wel al een verbetering merkbaar in de zin dat vooreerst als ik naar een ander blad klikte , ik er niets kon in doen, dit blad na een aantal klikken minimaliseerde en ik dat dan daarna terug kon maximaliseren en gewoon verder kon werken.Nu lijkt dit minimaliseren niet meer te gebeuren,. Wel is het probleem nu dat ik verschillende seconden niets kan uitvoeren in dit nieuwe tabblad, ook al is dit snel volledig binnen geladen, na een tijdje wachten kan ik gewoon op de volgende functie klikken. Ik merk dat er nog zeker iets mis is, want het intikken van deze tekst in dit bericht gaat moeizaam, ik tik mijn tekst in en het duurd een tijdje voor dit op het scherm komt, lastig. .... Ik weet het het zijn lastige probleemkes, hopelijk kunnen jullie verder helpen. D

ComboFix 11-02-11.02 - Danny 12/02/2011 18:18:01.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.3063.2387 [GMT 1:00] Gestart vanuit: c:\documents and settings\Danny\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Danny\Bureaublad\CFScript.txt AV: McAfee VirusScan Enterprise *Enabled/Updated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\regedit.exe . . . is geïnfecteerd!! . --------------- FCopy --------------- c:\windows\ServicePackFiles\i386\regedit.exe --> c:\windows\regedit.exe . (((((((((((((((((((( Bestanden Gemaakt van 2011-01-12 to 2011-02-12 )))))))))))))))))))))))))))))) . 2011-02-10 08:52 . 2011-02-10 08:52 -------- d-----w- c:\documents and settings\Danny\Application Data\Panasonic 2011-02-10 08:51 . 2007-06-21 23:10 501912 ----a-w- c:\windows\system32\PICSDK2.dll 2011-02-10 08:51 . 2006-10-30 23:10 71840 ----a-w- c:\windows\system32\EPPicMgr.dll 2011-02-10 08:51 . 2006-10-30 23:10 120992 ----a-w- c:\windows\system32\EpPicPrt.dll 2011-02-10 08:51 . 2006-10-19 23:10 80024 ----a-w- c:\windows\system32\PICSDK.dll 2011-02-10 08:51 . 2006-10-19 23:10 108704 ----a-w- c:\windows\system32\PICEntry.dll 2011-02-10 08:51 . 2008-09-25 20:07 45056 ----a-w- c:\windows\system32\PhDi2.sys 2011-02-10 08:51 . 2011-02-10 08:51 -------- d-----w- c:\program files\Panasonic 2011-02-10 08:50 . 2011-02-10 08:50 -------- d-----w- c:\documents and settings\Danny\Application Data\InstallShield 2011-02-09 07:46 . 2011-02-09 07:46 -------- d-----w- c:\documents and settings\Danny\Application Data\Malwarebytes 2011-02-09 07:46 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-02-09 07:46 . 2011-02-09 07:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-02-09 07:46 . 2011-02-09 07:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-02-09 07:46 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-02-08 07:57 . 2011-02-08 07:57 388096 ----a-r- c:\documents and settings\Danny\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-02-08 07:57 . 2011-02-08 07:57 -------- d-----w- c:\program files\Trend Micro 2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll 2011-01-21 14:44 . 2011-01-21 14:44 441344 -c----w- c:\windows\system32\dllcache\shimgvw.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-02-08 07:54 . 2010-09-08 09:01 15880 ----a-w- c:\windows\system32\lsdelete.exe 2011-01-21 14:44 . 2004-08-04 12:00 441344 ----a-w- c:\windows\system32\shimgvw.dll 2011-01-07 14:09 . 2004-08-04 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-12-31 14:04 . 2004-08-04 12:00 1855104 ----a-w- c:\windows\system32\win32k.sys 2010-12-22 12:34 . 2004-08-04 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll 2010-12-20 23:52 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-12-20 23:52 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-12-20 23:52 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2010-12-20 17:25 . 2004-08-04 12:00 735232 ----a-w- c:\windows\system32\lsasrv.dll 2010-12-20 12:55 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec 2010-12-09 15:15 . 2004-08-04 12:00 739328 ----a-w- c:\windows\system32\ntdll.dll 2010-12-09 15:14 . 2004-08-04 00:58 2031616 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-12-09 15:14 . 2004-08-04 12:00 2153472 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-12-09 14:30 . 2004-08-04 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2010-11-18 18:15 . 2008-10-17 08:34 86016 ----a-w- c:\windows\system32\isign32.dll . ------- Sigcheck ------- [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys [-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys [-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\atapi.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys [-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys [-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys [-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys [-] 2004-08-04 . 59549E9180CE29D832289E1A1D9E3C60 . 25216 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\kbdclass.sys [-] 2004-08-03 . 59549E9180CE29D832289E1A1D9E3C60 . 25216 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys [-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys [-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys [-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys [-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys [-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll [-] 2004-08-04 . 195B1255D9383AEFFBDFA8A11AE4D282 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe [-] 2004-08-04 . 34A82DEBEFB057FCCCBE15F619FC98A7 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll [-] 2004-08-04 . B2665A1B502EC037388B7919CBD58C28 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll [-] 2008-04-14 20:32 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll [-] 2008-04-14 20:32 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll [-] 2004-08-04 12:00 . F0BAE7D75B268BA326D9323DD7C73D8F . 822784 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll [-] 2004-08-04 . 772027CC5FFAEA3E7D10AF2691EE7095 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll [-] 2009-02-09 . D8D28F6CABEC7D42B8E487E290563B9A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll [-] 2004-08-04 . DDE0457B7706C3AD4E5AFDD502698A06 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rpcss.dll [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe [-] 2009-02-09 . D98A222A707FFE40043E533FE7A6BA24 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe [-] 2004-08-04 . 39991CD3C17B7529D039151A88E84499 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2004-08-04 . 732ED791711DF9C9DD15E5515BC681B8 . 504832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll [-] 2004-08-04 . 5F321535D399516B6D780FF9EF8D8B7A . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll [-] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-04-14 20:32 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll [-] 2008-04-14 20:32 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll [-] 2004-08-04 12:00 . 3F59BCDFAC47550F43001C4CE8CB0B91 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\es.dll [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll [-] 2004-08-04 . 7ADE4584ED6657CAE3D523CF101992BD . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll [-] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll [-] 2004-08-04 . 54379BD67780FDBBE1590EEC142A659C . 1024512 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kernel32.dll [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll [-] 2004-08-04 . 5B42639BE48C8E84FD52C66958A44427 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll [-] 2004-08-04 . 8DF7AC820F9B3FD5E713E9A74827931C . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll [-] 2008-04-14 . 61E70054981A2F9E64CEA7CA9479C0AA . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll [-] 2004-08-04 . 687ABDBF4790F907FB0D3A50B8D9FE3A . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll [-] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll [-] 2004-08-04 . 40AC9CE966A05B05C9A4DB5B306A26C3 . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll [-] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [-] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll [-] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll [-] 2004-08-04 . 0C53DB0671AB5A93D169DAFFC8DA11CF . 247296 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\mswsock.dll [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll [-] 2004-08-04 . B3FDAC7A518B6B684BEFE792DC1DC560 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll [-] 2004-08-04 . D5A792DB732622A393A0469FE6EAA728 . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll [-] 2004-08-04 . 5AE934F6837B5A583DED535C4BE5A804 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll [-] 2004-08-04 . 0B10A3122527910CE60D23A7F29C28B1 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe [-] 2004-08-04 . AB8C6D89A897BACBA4657FDF00E344A6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll [-] 2004-08-04 . F38C48EE55AD051BF5474F5BDD69C846 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2004-08-04 . 8E5D344FD717D35EE7ED1C8E0AD0CBE6 . 578560 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe [-] 2004-08-04 . DE7A0EE4A6A28E6DFE3118EB22468DA6 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll [-] 2004-08-04 . 06EBCBE58321E924980148B7E3DBD753 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll [-] 2004-08-04 . 3B728289DFA923A2C12BE827382C2DB1 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe [-] 2004-08-04 . A1D7304A87FC3093150F5E3CC7B0F338 . 1035776 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe [-] 2004-08-04 . D6381A7C1704BE7A8FD5EFDFD9F1463B . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll [-] 2004-08-04 . F4C8D4B0A294AAF37FE50C407B6E03F9 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll [-] 2004-08-04 . F1720914CAB06FDE4BE250E3767713CF . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [-] 2004-08-04 . 486594A19F7AEDEBEA600855FFD5E914 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2004-08-04 . 7DE46C9C40ABB58C8FDFE0212A3BF2B4 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll [-] 2004-08-04 . 394FD6CE1AC84BB318B806A6F8D90F66 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll [-] 2004-08-04 . D01BB100558945178E4BCB33B0FE9364 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll [-] 2004-08-04 . D245B3E32F8AB3B2FB576AFCFDEC105E . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll [-] 2004-08-04 . B02FDCE64F64CDE3AA809D28D25D2A12 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll [-] 2004-08-04 . E2CE999886A4636026F157DEB886AA94 . 297472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll [-] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll [-] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll [-] 2004-08-04 . 490BF3896AE3EBD21B448FFB1579AA09 . 347648 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll [-] 2008-04-14 . 434A70FA278EB3C42140E3755C2FA4F8 . 175616 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll [-] 2008-04-14 . 434A70FA278EB3C42140E3755C2FA4F8 . 175616 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll [-] 2004-08-04 . CC888653E0DEC81B525B956C77960F88 . 175616 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll [-] 2004-08-04 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys [-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys [-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys [-] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys [-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll [-] 2004-08-04 . 1405B1431F51CAB25FE9B2ECF13CB198 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll [-] 2008-04-14 20:32 . 2628076412EC86C92827AE5202501E5D . 52736 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll [-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll [-] 2004-08-04 12:00 . 2706E00334C86DD2E5279A47600C916A . 52736 . . [9.0.1.56] . . c:\windows\$NtServicePackUninstall$\mspmsnsv.dll [-] 2008-04-14 20:32 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll [-] 2008-04-14 20:32 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll [-] 2004-08-04 12:00 . AC75E028773CBBD7D8B1313F382E7C05 . 437248 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll [-] 2004-08-04 . 348B60067B10EFA7D7763EE44674108C . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll [-] 2004-08-04 . 4AAB7EC0EA6C53C6B381546F15C286CA . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll [-] 2004-08-04 . 66B9B43A5E0777F465CA492039176455 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll [-] 2004-08-04 . B54EF2F95DD3A188A2E4798C2CFB7EE7 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll [-] 2008-04-14 20:32 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll [-] 2008-04-14 20:32 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll [-] 2004-08-04 12:00 . DFB4A7A3E7948686DBC4B0DEA4A0AE94 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll [-] 2004-08-04 . D521890151A11C410F6A94EE3C37CD14 . 41472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll [-] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll [-] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll [-] 2004-08-04 . D67A94C11062EEE45BED5106DFDB9C0A . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll [-] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll [-] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll [-] 2004-08-04 . EF361E7A6319C445C21C81A131CF1F99 . 175616 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll [-] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll [-] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll [-] 2004-08-04 . A52AA02DDB663FEF22C18C693B0EE891 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll . ((((((((((((((((((((((((((((( SnapShot@2011-02-10_23.20.21 ))))))))))))))))))))))))))))))))))))))))) . + 2011-02-11 15:29 . 2011-02-11 15:29 16384 c:\windows\Temp\Perflib_Perfdata_8d0.dat + 2011-02-11 15:28 . 2011-02-11 15:28 16384 c:\windows\Temp\Perflib_Perfdata_5e8.dat - 2004-08-04 12:00 . 2011-02-09 22:31 72278 c:\windows\system32\perfc009.dat + 2004-08-04 12:00 . 2011-02-11 15:27 72278 c:\windows\system32\perfc009.dat - 2004-08-04 12:00 . 2010-11-06 00:23 66560 c:\windows\system32\mshtmled.dll + 2004-08-04 12:00 . 2010-12-20 23:52 66560 c:\windows\system32\mshtmled.dll - 2007-08-13 16:54 . 2010-11-06 00:23 55296 c:\windows\system32\msfeedsbs.dll + 2007-08-13 16:54 . 2010-12-20 23:52 55296 c:\windows\system32\msfeedsbs.dll - 2004-08-04 12:00 . 2010-11-06 00:23 25600 c:\windows\system32\jsproxy.dll + 2004-08-04 12:00 . 2010-12-20 23:52 25600 c:\windows\system32\jsproxy.dll + 2009-12-23 15:27 . 2010-12-20 23:52 12800 c:\windows\system32\dllcache\xpshims.dll - 2009-12-23 15:27 . 2010-11-06 00:23 12800 c:\windows\system32\dllcache\xpshims.dll - 2007-08-13 16:54 . 2010-11-06 00:23 66560 c:\windows\system32\dllcache\mshtmled.dll + 2007-08-13 16:54 . 2010-12-20 23:52 66560 c:\windows\system32\dllcache\mshtmled.dll + 2008-08-26 08:27 . 2010-12-20 23:52 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2008-08-26 08:27 . 2010-11-06 00:23 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2007-08-13 16:44 . 2010-12-20 23:52 43520 c:\windows\system32\dllcache\licmgr10.dll - 2007-08-13 16:44 . 2010-11-06 00:23 43520 c:\windows\system32\dllcache\licmgr10.dll + 2007-08-13 16:54 . 2010-12-20 23:52 25600 c:\windows\system32\dllcache\jsproxy.dll - 2007-08-13 16:54 . 2010-11-06 00:23 25600 c:\windows\system32\dllcache\jsproxy.dll + 2009-12-14 07:10 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll - 2009-12-14 07:10 . 2009-12-14 07:10 33280 c:\windows\system32\dllcache\csrsrv.dll + 2008-10-17 12:17 . 2011-02-10 23:35 35088 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe - 2008-10-17 12:17 . 2011-01-12 16:16 35088 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe + 2008-10-17 12:17 . 2011-02-10 23:35 18704 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe - 2008-10-17 12:17 . 2011-01-12 16:16 18704 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe + 2008-10-17 12:17 . 2011-02-10 23:35 20240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe - 2008-10-17 12:17 . 2011-01-12 16:16 20240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2011-02-10 23:35 . 2010-11-06 00:23 12800 c:\windows\ie8updates\KB2482017-IE8\xpshims.dll + 2011-02-10 23:35 . 2010-11-06 00:23 66560 c:\windows\ie8updates\KB2482017-IE8\mshtmled.dll + 2011-02-10 23:35 . 2010-11-06 00:23 55296 c:\windows\ie8updates\KB2482017-IE8\msfeedsbs.dll + 2011-02-10 23:35 . 2010-11-06 00:23 43520 c:\windows\ie8updates\KB2482017-IE8\licmgr10.dll + 2011-02-10 23:35 . 2010-11-06 00:23 25600 c:\windows\ie8updates\KB2482017-IE8\jsproxy.dll + 2004-08-04 12:00 . 2011-02-11 15:27 537476 c:\windows\system32\perfh013.dat - 2004-08-04 12:00 . 2011-02-09 22:31 537476 c:\windows\system32\perfh013.dat + 2004-08-04 12:00 . 2011-02-11 15:27 444402 c:\windows\system32\perfh009.dat - 2004-08-04 12:00 . 2011-02-09 22:31 444402 c:\windows\system32\perfh009.dat + 2004-08-04 12:00 . 2011-02-11 15:27 101578 c:\windows\system32\perfc013.dat - 2004-08-04 12:00 . 2011-02-09 22:31 101578 c:\windows\system32\perfc013.dat - 2004-08-04 12:00 . 2010-11-06 00:23 206848 c:\windows\system32\occache.dll + 2004-08-04 12:00 . 2010-12-20 23:52 206848 c:\windows\system32\occache.dll - 2004-08-04 12:00 . 2010-11-06 00:23 611840 c:\windows\system32\mstime.dll + 2004-08-04 12:00 . 2010-12-20 23:52 611840 c:\windows\system32\mstime.dll + 2007-08-13 16:54 . 2010-12-20 23:52 602112 c:\windows\system32\msfeeds.dll - 2007-08-13 16:54 . 2010-11-06 00:23 602112 c:\windows\system32\msfeeds.dll + 2004-08-04 12:00 . 2010-12-20 23:52 184320 c:\windows\system32\iepeers.dll - 2004-08-04 12:00 . 2010-11-06 00:23 184320 c:\windows\system32\iepeers.dll - 2004-08-04 12:00 . 2010-11-06 00:23 387584 c:\windows\system32\iedkcs32.dll + 2004-08-04 12:00 . 2010-12-20 23:52 387584 c:\windows\system32\iedkcs32.dll - 2004-08-04 12:00 . 2010-11-03 12:26 173568 c:\windows\system32\ie4uinit.exe + 2004-08-04 12:00 . 2010-12-20 12:55 173568 c:\windows\system32\ie4uinit.exe + 2008-10-17 09:34 . 2011-02-11 07:21 270192 c:\windows\system32\FNTCACHE.DAT + 2007-08-13 16:54 . 2010-12-20 23:52 916480 c:\windows\system32\dllcache\wininet.dll - 2007-08-13 16:54 . 2010-11-06 00:23 916480 c:\windows\system32\dllcache\wininet.dll + 2007-08-13 16:44 . 2010-12-20 23:52 206848 c:\windows\system32\dllcache\occache.dll - 2007-08-13 16:44 . 2010-11-06 00:23 206848 c:\windows\system32\dllcache\occache.dll + 2009-05-26 10:35 . 2010-12-09 15:15 739328 c:\windows\system32\dllcache\ntdll.dll + 2007-08-13 16:54 . 2010-12-20 23:52 611840 c:\windows\system32\dllcache\mstime.dll - 2007-08-13 16:54 . 2010-11-06 00:23 611840 c:\windows\system32\dllcache\mstime.dll + 2008-08-26 08:27 . 2010-12-20 23:52 602112 c:\windows\system32\dllcache\msfeeds.dll - 2008-08-26 08:27 . 2010-11-06 00:23 602112 c:\windows\system32\dllcache\msfeeds.dll + 2009-05-26 10:35 . 2010-12-20 17:25 735232 c:\windows\system32\dllcache\lsasrv.dll - 2009-05-26 10:35 . 2009-06-25 08:27 735232 c:\windows\system32\dllcache\lsasrv.dll - 2009-06-25 08:27 . 2009-06-25 08:27 301568 c:\windows\system32\dllcache\kerberos.dll + 2009-06-25 08:27 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll - 2009-12-23 15:27 . 2010-11-06 00:23 247808 c:\windows\system32\dllcache\ieproxy.dll + 2009-12-23 15:27 . 2010-12-20 23:52 247808 c:\windows\system32\dllcache\ieproxy.dll - 2007-08-13 16:54 . 2010-11-06 00:23 184320 c:\windows\system32\dllcache\iepeers.dll + 2007-08-13 16:54 . 2010-12-20 23:52 184320 c:\windows\system32\dllcache\iepeers.dll + 2010-06-08 21:26 . 2010-12-20 23:52 743424 c:\windows\system32\dllcache\iedvtool.dll - 2010-06-08 21:26 . 2010-11-06 00:23 743424 c:\windows\system32\dllcache\iedvtool.dll - 2007-08-13 16:39 . 2010-11-06 00:23 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2007-08-13 16:39 . 2010-12-20 23:52 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2007-08-13 16:39 . 2010-12-20 12:55 173568 c:\windows\system32\dllcache\ie4uinit.exe - 2007-08-13 16:39 . 2010-11-03 12:26 173568 c:\windows\system32\dllcache\ie4uinit.exe - 2010-04-20 05:35 . 2010-10-28 13:09 290048 c:\windows\system32\dllcache\atmfd.dll + 2010-04-20 05:35 . 2011-01-07 14:09 290048 c:\windows\system32\dllcache\atmfd.dll - 2008-10-17 12:17 . 2011-01-12 16:16 888080 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe + 2008-10-17 12:17 . 2011-02-10 23:35 888080 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe + 2008-10-17 12:17 . 2011-02-10 23:35 272648 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe - 2008-10-17 12:17 . 2011-01-12 16:16 272648 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe - 2008-10-17 12:17 . 2011-01-12 16:16 922384 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe + 2008-10-17 12:17 . 2011-02-10 23:35 922384 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe + 2008-10-17 12:17 . 2011-02-10 23:35 845584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe - 2008-10-17 12:17 . 2011-01-12 16:16 845584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe + 2008-10-17 12:17 . 2011-02-10 23:35 217864 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe - 2008-10-17 12:17 . 2011-01-12 16:16 217864 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe - 2008-10-17 12:17 . 2011-01-12 16:16 159504 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe + 2008-10-17 12:17 . 2011-02-10 23:35 159504 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe + 2011-02-10 23:35 . 2010-11-06 00:23 916480 c:\windows\ie8updates\KB2482017-IE8\wininet.dll + 2011-02-10 23:35 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2482017-IE8\spuninst\updspapi.dll + 2011-02-10 23:35 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2482017-IE8\spuninst\spuninst.exe + 2011-02-10 23:35 . 2010-11-06 00:23 206848 c:\windows\ie8updates\KB2482017-IE8\occache.dll + 2011-02-10 23:35 . 2010-11-06 00:23 611840 c:\windows\ie8updates\KB2482017-IE8\mstime.dll + 2011-02-10 23:35 . 2010-11-06 00:23 602112 c:\windows\ie8updates\KB2482017-IE8\msfeeds.dll + 2011-02-10 23:35 . 2010-11-06 00:23 247808 c:\windows\ie8updates\KB2482017-IE8\ieproxy.dll + 2011-02-10 23:35 . 2010-11-06 00:23 184320 c:\windows\ie8updates\KB2482017-IE8\iepeers.dll + 2011-02-10 23:35 . 2010-11-06 00:23 743424 c:\windows\ie8updates\KB2482017-IE8\iedvtool.dll + 2011-02-10 23:35 . 2010-11-06 00:23 387584 c:\windows\ie8updates\KB2482017-IE8\iedkcs32.dll + 2011-02-10 23:35 . 2010-11-03 12:26 173568 c:\windows\ie8updates\KB2482017-IE8\ie4uinit.exe + 2004-08-04 12:00 . 2010-12-20 23:52 1210880 c:\windows\system32\urlmon.dll - 2004-08-04 12:00 . 2010-11-06 00:23 1210880 c:\windows\system32\urlmon.dll - 2004-08-04 12:00 . 2010-07-27 06:30 8509440 c:\windows\system32\shell32.dll + 2004-08-04 12:00 . 2011-01-21 14:44 8509440 c:\windows\system32\shell32.dll + 2004-08-04 12:00 . 2010-12-20 23:52 5961216 c:\windows\system32\mshtml.dll + 2007-08-13 16:34 . 2010-12-20 23:52 1991680 c:\windows\system32\iertutil.dll - 2007-08-13 16:34 . 2010-11-06 00:23 1991680 c:\windows\system32\iertutil.dll + 2008-10-17 11:54 . 2010-12-31 14:04 1855104 c:\windows\system32\dllcache\win32k.sys + 2007-08-13 16:54 . 2010-12-20 23:52 1210880 c:\windows\system32\dllcache\urlmon.dll - 2007-08-13 16:54 . 2010-11-06 00:23 1210880 c:\windows\system32\dllcache\urlmon.dll + 2008-06-17 19:03 . 2011-01-21 14:44 8509440 c:\windows\system32\dllcache\shell32.dll - 2008-06-17 19:03 . 2010-07-27 06:30 8509440 c:\windows\system32\dllcache\shell32.dll + 2008-10-17 11:54 . 2010-12-09 15:14 2197120 c:\windows\system32\dllcache\ntoskrnl.exe + 2008-10-17 11:54 . 2010-12-09 15:14 2031616 c:\windows\system32\dllcache\ntkrpamp.exe + 2008-10-17 11:54 . 2010-12-09 15:14 2073728 c:\windows\system32\dllcache\ntkrnlpa.exe + 2008-10-17 11:54 . 2010-12-09 15:14 2153472 c:\windows\system32\dllcache\ntkrnlmp.exe + 2007-08-13 16:54 . 2010-12-20 23:52 5961216 c:\windows\system32\dllcache\mshtml.dll - 2008-08-26 08:27 . 2010-11-06 00:23 1991680 c:\windows\system32\dllcache\iertutil.dll + 2008-08-26 08:27 . 2010-12-20 23:52 1991680 c:\windows\system32\dllcache\iertutil.dll + 2011-01-11 16:52 . 2011-01-11 16:52 3360768 c:\windows\Installer\35e28c7.msp + 2008-10-17 12:17 . 2011-02-10 23:35 1172240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe - 2008-10-17 12:17 . 2011-01-12 16:16 1172240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe + 2008-10-17 12:17 . 2011-02-10 23:35 1165584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe - 2008-10-17 12:17 . 2011-01-12 16:16 1165584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2011-02-10 23:35 . 2010-11-06 00:23 1210880 c:\windows\ie8updates\KB2482017-IE8\urlmon.dll + 2011-02-10 23:35 . 2010-11-06 00:23 5959168 c:\windows\ie8updates\KB2482017-IE8\mshtml.dll + 2011-02-10 23:35 . 2010-11-06 00:23 1991680 c:\windows\ie8updates\KB2482017-IE8\iertutil.dll + 2008-10-17 11:54 . 2010-12-09 15:14 2197120 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2008-10-17 11:54 . 2010-12-09 15:14 2031616 c:\windows\Driver Cache\i386\ntkrpamp.exe + 2008-10-17 11:54 . 2010-12-09 15:14 2073728 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2008-10-17 11:54 . 2010-12-09 15:14 2153472 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2008-10-17 12:07 . 2011-02-10 23:36 37443528 c:\windows\system32\MRT.exe - 2007-08-13 16:54 . 2010-11-06 00:23 11080704 c:\windows\system32\ieframe.dll + 2007-08-13 16:54 . 2010-12-20 10:52 11080704 c:\windows\system32\ieframe.dll + 2008-10-03 17:38 . 2010-12-20 10:52 11080704 c:\windows\system32\dllcache\ieframe.dll - 2008-10-03 17:38 . 2010-11-06 00:23 11080704 c:\windows\system32\dllcache\ieframe.dll + 2011-02-10 23:35 . 2010-11-06 00:23 11080704 c:\windows\ie8updates\KB2482017-IE8\ieframe.dll . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-09-02 13351304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1040384] "AccelerometerSysTrayApplet"="c:\windows\system32\AccelerometerSt.exe" [2006-01-16 53248] "RoxioEngineUtility"="c:\program files\Common Files\Roxio Shared\System\EngUtil.exe" [2003-05-01 65536] "RoxioDragToDisc"="c:\program files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2003-06-26 868352] "ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2007-10-16 111952] "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2006-12-19 136768] "PivotSoftware"="c:\program files\Portrait Displays\Pivot Software\wpctrl.exe" [2006-11-07 694008] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-17 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-17 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-17 141848] "Norton Ghost 14.0"="c:\program files\Norton Ghost\Agent\VProTray.exe" [2008-08-13 2245984] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2010-08-12 2060288] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-1-24 110592] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472] PHOTOfunSTUDIO.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe [2011-2-10 44176] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Windows Search.lnk backup=c:\windows\pss\Windows Search.lnkCommon Startup [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R2 SWIHPWMI;SWIHPWMI;c:\program files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe [4/12/2006 15:13 292384] R2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [4/08/2004 13:00 5120] R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [17/10/2008 10:09 193840] R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [4/04/2007 18:16 41216] R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [12/08/2010 13:15 1405384] R3 SymSnapService;SymSnapService;c:\program files\Norton Ghost\Shared\Drivers\SymSnapService.exe [20/12/2007 17:13 1558000] S2 gupdate1ca0ca35319ae78;Google Updateservice (gupdate1ca0ca35319ae78);c:\program files\Google\Update\GoogleUpdate.exe [24/07/2009 22:11 133104] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [1/07/2009 8:00 33536] S3 HP24X;HP PC Card Smart Card Reader;c:\windows\system32\drivers\HP24X.sys [17/07/2007 0:24 35072] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [12/08/2010 13:15 15232] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map 2011-02-12 c:\windows\Tasks\Ad-Aware Scan (regelmatige scan).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 12:55] 2011-02-12 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 12:55] 2011-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-24 21:11] 2011-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-24 21:11] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.deredactie.be/cm/vrtnieuws mWindow Title = Telenet Internet uInternet Connection Wizard,ShellNext = iexplore IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 Trusted Zone: fgov.be\*.minfin . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-02-12 18:21 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(1000) c:\windows\system32\igfxdev.dll - - - - - - - > 'explorer.exe'(3284) c:\program files\Portrait Displays\Pivot Software\winphook.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2011-02-12 18:23:40 ComboFix-quarantined-files.txt 2011-02-12 17:23 Pre-Run: 191.964.110.848 bytes beschikbaar Post-Run: 192.138.899.456 bytes beschikbaar - - End Of File - - 65DD7C55E4212D4E0EB45707DBB6E4EE

Het wel een lange log hoor..! ComboFix 11-02-09.05 - Danny 11/02/2011 0:16.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.3063.2341 [GMT 1:00] Gestart vanuit: c:\documents and settings\Danny\WINDOWS\Mijn documenten\Downloads\ComboFix.exe AV: McAfee VirusScan Enterprise *Disabled/Updated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\winhelp.ini c:\windows\regedit.exe . . . is geïnfecteerd!! . (((((((((((((((((((( Bestanden Gemaakt van 2011-01-10 to 2011-02-10 )))))))))))))))))))))))))))))) . 2011-02-10 08:52 . 2011-02-10 08:52 -------- d-----w- c:\documents and settings\Danny\Application Data\Panasonic 2011-02-10 08:51 . 2007-06-21 23:10 501912 ----a-w- c:\windows\system32\PICSDK2.dll 2011-02-10 08:51 . 2006-10-30 23:10 71840 ----a-w- c:\windows\system32\EPPicMgr.dll 2011-02-10 08:51 . 2006-10-30 23:10 120992 ----a-w- c:\windows\system32\EpPicPrt.dll 2011-02-10 08:51 . 2006-10-19 23:10 80024 ----a-w- c:\windows\system32\PICSDK.dll 2011-02-10 08:51 . 2006-10-19 23:10 108704 ----a-w- c:\windows\system32\PICEntry.dll 2011-02-10 08:51 . 2008-09-25 20:07 45056 ----a-w- c:\windows\system32\PhDi2.sys 2011-02-10 08:51 . 2011-02-10 08:51 -------- d-----w- c:\program files\Panasonic 2011-02-10 08:50 . 2011-02-10 08:50 -------- d-----w- c:\documents and settings\Danny\Application Data\InstallShield 2011-02-10 07:56 . 2011-02-10 07:56 -------- d-----w- c:\windows\LastGood 2011-02-09 07:46 . 2011-02-09 07:46 -------- d-----w- c:\documents and settings\Danny\Application Data\Malwarebytes 2011-02-09 07:46 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-02-09 07:46 . 2011-02-09 07:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-02-09 07:46 . 2011-02-09 07:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-02-09 07:46 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-02-08 07:57 . 2011-02-08 07:57 388096 ----a-r- c:\documents and settings\Danny\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-02-08 07:57 . 2011-02-08 07:57 -------- d-----w- c:\program files\Trend Micro 2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-02-08 07:54 . 2010-09-08 09:01 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-11-18 18:15 . 2008-10-17 08:34 86016 ----a-w- c:\windows\system32\isign32.dll . ------- Sigcheck ------- [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys [-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys [-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\atapi.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys [-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys [-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys [-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys [-] 2004-08-04 . 59549E9180CE29D832289E1A1D9E3C60 . 25216 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\kbdclass.sys [-] 2004-08-03 . 59549E9180CE29D832289E1A1D9E3C60 . 25216 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys [-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys [-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys [-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys [-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys [-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys [-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll [-] 2004-08-04 . 195B1255D9383AEFFBDFA8A11AE4D282 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe [-] 2004-08-04 . 34A82DEBEFB057FCCCBE15F619FC98A7 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll [-] 2008-04-14 . 5431FB616ECAE0D587C5B97D0B86CBD8 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll [-] 2004-08-04 . B2665A1B502EC037388B7919CBD58C28 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll [-] 2008-04-14 20:32 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll [-] 2008-04-14 20:32 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll [-] 2004-08-04 12:00 . F0BAE7D75B268BA326D9323DD7C73D8F . 822784 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll [-] 2004-08-04 . 772027CC5FFAEA3E7D10AF2691EE7095 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll [-] 2009-02-09 . D8D28F6CABEC7D42B8E487E290563B9A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll [-] 2004-08-04 . DDE0457B7706C3AD4E5AFDD502698A06 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rpcss.dll [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe [-] 2009-02-09 . D98A222A707FFE40043E533FE7A6BA24 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe [-] 2004-08-04 . 39991CD3C17B7529D039151A88E84499 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2004-08-04 . 732ED791711DF9C9DD15E5515BC681B8 . 504832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll [-] 2004-08-04 . 5F321535D399516B6D780FF9EF8D8B7A . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll [-] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-04-14 20:32 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll [-] 2008-04-14 20:32 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll [-] 2004-08-04 12:00 . 3F59BCDFAC47550F43001C4CE8CB0B91 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\es.dll [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll [-] 2004-08-04 . 7ADE4584ED6657CAE3D523CF101992BD . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll [-] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll [-] 2004-08-04 . 54379BD67780FDBBE1590EEC142A659C . 1024512 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kernel32.dll [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll [-] 2008-04-14 . 9234F9A97016954CC67C01DA9C4F39C2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll [-] 2004-08-04 . 5B42639BE48C8E84FD52C66958A44427 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll [-] 2004-08-04 . 8DF7AC820F9B3FD5E713E9A74827931C . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll [-] 2008-04-14 . 61E70054981A2F9E64CEA7CA9479C0AA . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll [-] 2004-08-04 . 687ABDBF4790F907FB0D3A50B8D9FE3A . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll [-] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll [-] 2004-08-04 . 40AC9CE966A05B05C9A4DB5B306A26C3 . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll [-] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [-] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll [-] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll [-] 2004-08-04 . 0C53DB0671AB5A93D169DAFFC8DA11CF . 247296 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\mswsock.dll [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll [-] 2004-08-04 . B3FDAC7A518B6B684BEFE792DC1DC560 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll [-] 2004-08-04 . D5A792DB732622A393A0469FE6EAA728 . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll [-] 2004-08-04 . 5AE934F6837B5A583DED535C4BE5A804 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll [-] 2004-08-04 . 0B10A3122527910CE60D23A7F29C28B1 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe [-] 2004-08-04 . AB8C6D89A897BACBA4657FDF00E344A6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll [-] 2008-04-14 . 2BC9FB448F0C2394FF53C83A7BB04731 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll [-] 2004-08-04 . F38C48EE55AD051BF5474F5BDD69C846 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll [-] 2008-04-14 . 4CF588D2F2363B73EB4AF57967D46DFF . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2004-08-04 . 8E5D344FD717D35EE7ED1C8E0AD0CBE6 . 578560 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe [-] 2004-08-04 . DE7A0EE4A6A28E6DFE3118EB22468DA6 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll [-] 2004-08-04 . 06EBCBE58321E924980148B7E3DBD753 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll [-] 2004-08-04 . 3B728289DFA923A2C12BE827382C2DB1 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2008-04-14 . AA04F042A820BF1868E643575887E1A6 . 1037312 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe [-] 2004-08-04 . A1D7304A87FC3093150F5E3CC7B0F338 . 1035776 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe [-] 2004-08-04 . D6381A7C1704BE7A8FD5EFDFD9F1463B . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll [-] 2004-08-04 . F4C8D4B0A294AAF37FE50C407B6E03F9 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll [-] 2004-08-04 . F1720914CAB06FDE4BE250E3767713CF . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [-] 2004-08-04 . 486594A19F7AEDEBEA600855FFD5E914 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2004-08-04 . 7DE46C9C40ABB58C8FDFE0212A3BF2B4 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll [-] 2008-04-14 . CFB406497D9CF95DFFE17594899FD367 . 135680 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll [-] 2004-08-04 . 394FD6CE1AC84BB318B806A6F8D90F66 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll [-] 2004-08-04 . D01BB100558945178E4BCB33B0FE9364 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll [-] 2004-08-04 . D245B3E32F8AB3B2FB576AFCFDEC105E . 192000 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll [-] 2004-08-04 . B02FDCE64F64CDE3AA809D28D25D2A12 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll [-] 2008-04-14 . E0AEF86A594C9990D6321C5CA239C5B7 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll [-] 2004-08-04 . E2CE999886A4636026F157DEB886AA94 . 297472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll [-] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll [-] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll [-] 2004-08-04 . 490BF3896AE3EBD21B448FFB1579AA09 . 347648 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll [-] 2008-04-14 . 434A70FA278EB3C42140E3755C2FA4F8 . 175616 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll [-] 2008-04-14 . 434A70FA278EB3C42140E3755C2FA4F8 . 175616 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll [-] 2004-08-04 . CC888653E0DEC81B525B956C77960F88 . 175616 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll [-] 2004-08-04 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys [-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys [-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys [-] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys [-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll [-] 2004-08-04 . 1405B1431F51CAB25FE9B2ECF13CB198 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll [-] 2008-04-14 20:32 . 2628076412EC86C92827AE5202501E5D . 52736 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll [-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll [-] 2004-08-04 12:00 . 2706E00334C86DD2E5279A47600C916A . 52736 . . [9.0.1.56] . . c:\windows\$NtServicePackUninstall$\mspmsnsv.dll [-] 2008-04-14 20:32 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll [-] 2008-04-14 20:32 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll [-] 2004-08-04 12:00 . AC75E028773CBBD7D8B1313F382E7C05 . 437248 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll [-] 2008-04-14 . 01653D6C9604F1FB31A76EC94E08954F . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll [-] 2004-08-04 . 348B60067B10EFA7D7763EE44674108C . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll [-] 2004-08-04 . 4AAB7EC0EA6C53C6B381546F15C286CA . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll [-] 2004-08-04 . 66B9B43A5E0777F465CA492039176455 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll [-] 2004-08-04 . B54EF2F95DD3A188A2E4798C2CFB7EE7 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll [-] 2008-04-14 20:32 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll [-] 2008-04-14 20:32 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll [-] 2004-08-04 12:00 . DFB4A7A3E7948686DBC4B0DEA4A0AE94 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll [-] 2004-08-04 . D521890151A11C410F6A94EE3C37CD14 . 41472 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll [-] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll [-] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll [-] 2004-08-04 . D67A94C11062EEE45BED5106DFDB9C0A . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll [-] 2004-08-04 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll [-] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll [-] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll [-] 2004-08-04 . EF361E7A6319C445C21C81A131CF1F99 . 175616 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll [-] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll [-] 2008-04-14 . 5AE996186D2DC694FEF88F14A3FC9242 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll [-] 2004-08-04 . A52AA02DDB663FEF22C18C693B0EE891 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-09-02 13351304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1040384] "AccelerometerSysTrayApplet"="c:\windows\system32\AccelerometerSt.exe" [2006-01-16 53248] "RoxioEngineUtility"="c:\program files\Common Files\Roxio Shared\System\EngUtil.exe" [2003-05-01 65536] "RoxioDragToDisc"="c:\program files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" [2003-06-26 868352] "ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2007-10-16 111952] "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2006-12-19 136768] "PivotSoftware"="c:\program files\Portrait Displays\Pivot Software\wpctrl.exe" [2006-11-07 694008] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-17 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-17 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-17 141848] "Norton Ghost 14.0"="c:\program files\Norton Ghost\Agent\VProTray.exe" [2008-08-13 2245984] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2010-08-12 2060288] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-1-24 110592] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472] PHOTOfunSTUDIO.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe [2011-2-10 44176] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Windows Search.lnk backup=c:\windows\pss\Windows Search.lnkCommon Startup [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R2 SWIHPWMI;SWIHPWMI;c:\program files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe [4/12/2006 15:13 292384] R2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [4/08/2004 13:00 5120] R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [17/10/2008 10:09 193840] R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [4/04/2007 18:16 41216] R3 SymSnapService;SymSnapService;c:\program files\Norton Ghost\Shared\Drivers\SymSnapService.exe [20/12/2007 17:13 1558000] S2 gupdate1ca0ca35319ae78;Google Updateservice (gupdate1ca0ca35319ae78);c:\program files\Google\Update\GoogleUpdate.exe [24/07/2009 22:11 133104] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [1/07/2009 8:00 33536] S3 HP24X;HP PC Card Smart Card Reader;c:\windows\system32\drivers\HP24X.sys [17/07/2007 0:24 35072] S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [12/08/2010 13:15 1402272] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [12/08/2010 13:15 15264] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map 2011-02-09 c:\windows\Tasks\Ad-Aware Scan (regelmatige scan).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 07:54] 2011-02-09 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 07:54] 2011-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-24 21:11] 2011-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-24 21:11] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.deredactie.be/cm/vrtnieuws mWindow Title = Telenet Internet uInternet Connection Wizard,ShellNext = iexplore IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 Trusted Zone: fgov.be\*.minfin . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-02-11 00:20 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(1000) c:\windows\system32\igfxdev.dll . Voltooingstijd: 2011-02-11 00:22:00 ComboFix-quarantined-files.txt 2011-02-10 23:21 Pre-Run: 192.339.386.368 bytes beschikbaar Post-Run: 192.451.166.208 bytes beschikbaar WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - 178C4862E5D6A045042EBB9E15FC9BB4

Inderdaad, malware vindt niets, dus..? alvast bedankt. Danny Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Databaseversie: 5718 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 9/02/2011 8:50:32 mbam-log-2011-02-09 (08-50-32).txt Scantype: Snelle scan Objecten gescand: 141941 Verstreken tijd: 3 minuut/minuten, 47 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd)

Hallo, graag dat jullie het onderstaand logje bekijken van mijn laptop; ik heb problemen dat hij soms wat blijft hangen als hij internetpagina's inlaad; ze zijn dan wel binnen maar het duurt een tijdje voor ik kan scrollen met de muis. Ook veel last van het probleem als ik ergens op een link klik, het lang duurt eer er iets gebeurd en dan springt windows naar een ander geopend explorer pagina zoadt ik de eerst terug moet maximaliseren en terug op de link moet klikken , dan werkt het wel. Hopelijk kunnen jullie snel wat hulp bieden, groeten danny Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:01:19, on 8/02/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\agrsmsvc.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\McAfee\Common Framework\FrameworkService.exe C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Norton Ghost\Agent\VProSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\AccelerometerSt.exe C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe C:\Program Files\McAfee\Common Framework\UdaterUI.exe C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Norton Ghost\Agent\VProTray.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Portrait Displays\Pivot Software\floater.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = deredactie.be R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Norton Ghost 14.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Google Updateservice (gupdate1ca0ca35319ae78) (gupdate1ca0ca35319ae78) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: SWIHPWMI - Sierra Wireless Inc. - C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe -- End of file - 9523 bytes

Ok, bedankt in ieder geval al iedereen ! snelheid is redelijk goed ! Dus ik denk dat dit opgelost is. Icoonen : geen verbetering, dit blijft hetzelfde ; de instelling stond al op de juiste instelling; wel nog is geprobeert om ietsie te veranderen en daarna terug te zetten op Laat windows bepalen wat het beste is maar geen verandering. Dit is gekomen sinds de nieuwere versie van JAVA erop te zetten, zie bovenaan. mvg

zie mijn bevindingen hier boven

ok,, bedankt kape, snelheid ziet er redelijk goed uit; in cc-cleaner bij het Register kan ik blijven herhalen, hij vindt steeds nog dingen om te herstellen; na 3 keer maar gestopt. nog een raar fenomeen, : op mijn bureaublad zijn alle icoontjes nu tegelijk geselecteerd. Heb pc al terug opgestart, maar dit blijft zo, de tekst onder de icoontjes staat in een blauw vlak met de tekst in het wit: net of ze allemaal geselecteerd zijn. nog enig idee?

Hopelijk is alles goed gelopen, kheb gedaan zoals beschreven, maar khad te weinig geduld gehad en 2 keer combofix doen starten, da was natuurlijk vragen op foutmeldingen; daarna terug een keer deftig laten lopen met hieronder dus de log. Heb nog niks gedaan verder met JAVA ComboFix 10-11-20.07 - Danny 21/11/2010 17:39:59.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1527.953 [GMT 1:00] Gestart vanuit: c:\documents and settings\Administrator\Mijn documenten\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Administrator\Bureaublad\CFScript.txt AV: Lavasoft Ad-Watch Live! Antivirus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} FILE :: "c:\program files\Hitman Pro\hitmanpro2.sys" "c:\windows\002954_.tmp" "c:\windows\system32\drivers\cnxcdrom.sys" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Hitman Pro\hitmanpro2.sys c:\windows\002954_.tmp . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_HITMANPRO2 -------\Legacy_LDA100B -------\Service_hitmanpro2 -------\Service_lda100B (((((((((((((((((((( Bestanden Gemaakt van 2010-10-21 to 2010-11-21 )))))))))))))))))))))))))))))) . 2010-11-21 15:28 . 2010-11-21 15:28 -------- d-----w- c:\program files\Common Files\Java 2010-11-21 15:25 . 2010-11-21 15:25 73728 ----a-w- c:\windows\system32\javacpl.cpl 2010-11-21 15:25 . 2010-11-21 15:25 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-11-21 12:42 . 2009-07-31 09:05 1372672 ------w- c:\windows\system32\dllcache\msxml6.dll 2010-11-21 12:42 . 2008-04-14 21:09 88064 ------w- c:\windows\system32\dllcache\msxml6r.dll 2010-11-21 12:42 . 2008-04-14 21:32 9728 ------w- c:\windows\system32\rwnh.dll 2010-11-21 12:42 . 2008-04-13 23:15 46592 ------w- c:\windows\system32\drivers\irbus.sys 2010-11-21 12:42 . 2008-04-13 23:13 9728 ------w- c:\windows\system32\comsdupd.exe 2010-11-21 12:36 . 2008-04-13 23:06 44928 ------w- c:\windows\system32\drivers\agpcpq.sys 2010-11-21 11:54 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-11-21 11:54 . 2010-11-21 11:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-11-21 11:54 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-11-18 18:40 . 2010-11-18 18:40 388096 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-11-12 07:48 . 2010-09-23 07:46 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-11-12 00:11 . 2010-11-12 00:11 -------- d-----w- c:\documents and settings\LocalService\Bureaublad 2010-11-12 00:01 . 2010-09-23 07:46 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-11-12 00:01 . 2010-11-12 00:01 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-11-11 23:53 . 2010-11-11 23:53 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sunbelt Software 2010-11-11 23:16 . 2010-11-11 23:16 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{E961CE1B-C3EA-4882-9F67-F859B555D097} 2010-11-11 23:15 . 2010-11-12 00:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2010-11-11 23:15 . 2010-11-11 23:15 -------- d-----w- c:\program files\Lavasoft 2010-11-11 17:30 . 2010-11-11 17:30 1409 ----a-w- c:\windows\QTFont.for . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2006-12-30 20:01 . 2006-12-30 20:01 5070824 -c--a-w- c:\program files\cuteftp3p.exe 2006-12-17 20:08 . 2006-12-17 20:08 610216 -c--a-w- c:\program files\setup_dvd2one211.exe 2006-11-25 19:47 . 2006-11-25 19:45 10709424 -c--a-w- c:\program files\InCD-4.3.23.2.exe 2006-11-25 19:16 . 2006-11-25 19:16 38456328 -c--a-w- c:\program files\NVE-3.1.0.25_no_yt.exe 2006-11-25 19:03 . 2006-11-25 19:02 34590128 -c--a-w- c:\program files\Nero-6.6.1.4_no_yt.exe 2006-11-24 08:21 . 2006-11-24 08:19 6633569 -c--a-w- c:\program files\NVE1046g.exe 2006-11-19 14:15 . 2006-11-19 14:14 17515272 -c--a-w- c:\program files\avg75free_430a848.exe 2006-11-19 14:07 . 2006-11-19 14:06 12841064 -c--a-w- c:\program files\SkypeSetup.exe 2004-08-04 02:00 94784 -csh--w- c:\windows\twain.dll 2008-04-14 21:32 50688 --sh--w- c:\windows\twain_32.dll 2008-04-14 21:32 1028096 --sha-w- c:\windows\system32\mfc42.dll 2008-04-14 21:32 57344 --sh--w- c:\windows\system32\msvcirt.dll 2008-04-14 21:32 413696 --sha-w- c:\windows\system32\msvcp60.dll 2008-04-14 21:32 551936 --sh--w- c:\windows\system32\oleaut32.dll 2008-04-14 21:33 12288 --sh--w- c:\windows\system32\regsvr32.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-05-06 155648] "ShStatEXE"="c:\program files\Network Associates\VirusScan\SHSTAT.EXE" [2003-09-29 81990] "SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-10-14 98304] "McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2003-09-10 135251] "InCD"="c:\program files\Ahead\InCD\InCD.exe" [2006-03-23 1398272] "HP Software Update"="c:\program files\HP\L7500\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-06-04 2056192] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 143360] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ HP Digital Imaging Monitor.lnk - c:\program files\HP\L7500\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.e\0lsdelete [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui] 2009-08-05 21:48 647520 -c--a-w- c:\program files\Windows Live\Family Safety\fsui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 09:50 155648 -c--a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2006-10-13 16:20 20058152 ----a-w- c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\HP\\L7500\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\L7500\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\L7500\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\L7500\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\L7500\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\Microsoft Office\\Office\\FRONTPG.EXE"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "%windir%\\system32\\sessmgr.exe"= R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [12-11-2010 1:01 64288] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [23-9-2010 8:46 1375992] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [1-7-2009 7:53 33536] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [23-9-2010 8:46 15264] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map 2010-11-12 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-09-23 12:52] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.deredactie.be/cm/vrtnieuws uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mSearch Bar = hxxp://go.compaq.com/1Q00CDT/0413/bl8.asp uInternet Connection Wizard,ShellNext = iexplore IE: Add to Windows &Live Favorites - Welcome to Windows Live IE: Openen in een nieuwe achtergrondtab - c:\program files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/229?45eca47887d2424c9f1def2d6949bd05 IE: Openen in een nieuwe voorgrondtab - c:\program files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/230?45eca47887d2424c9f1def2d6949bd05 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-11-21 17:44 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(3324) c:\windows\system32\MSCTF.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Ahead\InCD\InCDsrv.exe c:\windows\System32\SCardSvr.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Network Associates\Common Framework\FrameworkService.exe c:\program files\Network Associates\VirusScan\Mcshield.exe c:\program files\Network Associates\VirusScan\VsTskMgr.exe c:\progra~1\NETWOR~1\COMMON~1\naPrdMgr.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Analog Devices\SoundMAX\SMAgent.exe c:\windows\system32\wdfmgr.exe c:\program files\Linksys\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe c:\program files\Linksys\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Lavasoft\Ad-Aware\AAWTray.exe . ************************************************************************** . Voltooingstijd: 2010-11-21 17:49:06 - machine werd herstart ComboFix-quarantined-files.txt 2010-11-21 16:49 ComboFix2.txt 2010-11-21 16:38 ComboFix3.txt 2010-11-21 15:06 Pre-Run: 60.043.063.296 bytes beschikbaar Post-Run: 59.892.252.672 bytes beschikbaar - - End Of File - - 3024C0C27D91E2D65023D6B23F17A035

Hallo, ik heb sinds een geruime tijd een laptop Hp compaq 6710b. Nu hem ik ook nog een desktop waaraan de luidsprekers Creative I-Trigue 3400 2.1 Speakers zijn aangesloten. Op de desktop werken deze luidsprekers zeer goed en kan ik daar toch wel een redelijk goed (lees hard) geluid uit halen. Indien ik deze luidsprekers nu aansluit op mijn laptop dan komt daar niet veel geluid uit. ook alle instellingen van geluid al nagezien en alles staat gewoon op zn hardst ingesteld en toch is dit te stil. Zou dit aan iets zoals een driver kunnen liggen? En hoe weet ik dat?

Ok, ik heb nu ook de nieuwere versie van JAVA erop gezet : alles gedaan zoals Kweezie had geschreven; ik heb de indruk dat voor de nieuwe JAVA mijn pc terug zeer snel was in opstarten en internet gebruik+opstart; maar nu met die nieuwe JAVA lijkt alles terug traag. en nog een raar fenomeen, : op mijn bureaublad zijn alle icoontjes nu tegelijk geselecteerd. Heb pc al terug opgestart, maar dit blijft zo, de tekst onder de icoontjes staat in een blauw vlak met de tekst in het wit: net of ze allemaal geselecteerd zijn. hieronder nog is laatste logje Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 16:34:45, on 21/11/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17055) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Linksys\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe C:\Program Files\Linksys\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\HP\L7500\HP Software Update\HPWuSchd2.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\L7500\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\hijackthis\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = deredactie.be R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = HP Desktop web portal - HP Small and Medium Business R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [setRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\L7500\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\L7500\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HPAiODevice(hp officejet 7100 series).lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet 7100 series\Bin\hpogrp07.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/229?45eca47887d2424c9f1def2d6949bd05 O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/230?45eca47887d2424c9f1def2d6949bd05 O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://asp04.photoprintit.de/microsite/1287/defaults/activex/XUpload.ocx O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe -- End of file - 8539 bytes

eerst alles gedaan op aanraden van Kweezie lijnen verwijders in Hijack MBAM-> niks gevonden, rootkit geen vragen over gesteld; logje terug geplaatst zie hierboven, daarna XP SP3 geïnstalleerd; daarna Combofix laten draaien, logje hieronder, kga ook nog JAVA updaten zoals KWEEZIE heeft geschreven ComboFix 10-11-20.06 - Danny 21/11/2010 15:59:03.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1527.914 [GMT 1:00] Gestart vanuit: c:\documents and settings\Administrator\Mijn documenten\ComboFix.exe AV: Lavasoft Ad-Watch Live! Antivirus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\LOG6C.tmp C:\LOG6D.tmp C:\LOG6F.tmp C:\LOG9C.tmp c:\windows\winhelp.ini . (((((((((((((((((((( Bestanden Gemaakt van 2010-10-21 to 2010-11-21 )))))))))))))))))))))))))))))) . 2010-11-21 12:45 . 2010-11-21 13:07 -------- d-----w- c:\windows\LastGood.Tmp 2010-11-21 12:42 . 2009-07-31 09:05 1372672 ------w- c:\windows\system32\dllcache\msxml6.dll 2010-11-21 12:42 . 2008-04-14 21:09 88064 ------w- c:\windows\system32\dllcache\msxml6r.dll 2010-11-21 12:42 . 2008-04-14 21:32 9728 ------w- c:\windows\system32\rwnh.dll 2010-11-21 12:42 . 2008-04-13 23:15 46592 ------w- c:\windows\system32\drivers\irbus.sys 2010-11-21 12:42 . 2008-04-13 23:13 9728 ------w- c:\windows\system32\comsdupd.exe 2010-11-21 12:36 . 2008-04-13 23:06 44928 ------w- c:\windows\system32\drivers\agpcpq.sys 2010-11-21 12:33 . 2006-12-28 23:31 19569 ----a-w- c:\windows\002954_.tmp 2010-11-21 11:54 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-11-21 11:54 . 2010-11-21 11:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-11-21 11:54 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-11-18 18:40 . 2010-11-18 18:40 388096 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-11-12 07:48 . 2010-09-23 07:46 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-11-12 00:11 . 2010-11-12 00:11 -------- d-----w- c:\documents and settings\LocalService\Bureaublad 2010-11-12 00:01 . 2010-09-23 07:46 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-11-12 00:01 . 2010-11-12 00:01 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-11-11 23:53 . 2010-11-11 23:53 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sunbelt Software 2010-11-11 23:16 . 2010-11-11 23:16 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{E961CE1B-C3EA-4882-9F67-F859B555D097} 2010-11-11 23:15 . 2010-11-12 00:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2010-11-11 23:15 . 2010-11-11 23:15 -------- d-----w- c:\program files\Lavasoft 2010-11-11 17:30 . 2010-11-11 17:30 1409 ----a-w- c:\windows\QTFont.for . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2006-12-30 20:01 . 2006-12-30 20:01 5070824 -c--a-w- c:\program files\cuteftp3p.exe 2006-12-17 20:08 . 2006-12-17 20:08 610216 -c--a-w- c:\program files\setup_dvd2one211.exe 2006-11-25 19:47 . 2006-11-25 19:45 10709424 -c--a-w- c:\program files\InCD-4.3.23.2.exe 2006-11-25 19:16 . 2006-11-25 19:16 38456328 -c--a-w- c:\program files\NVE-3.1.0.25_no_yt.exe 2006-11-25 19:03 . 2006-11-25 19:02 34590128 -c--a-w- c:\program files\Nero-6.6.1.4_no_yt.exe 2006-11-24 08:21 . 2006-11-24 08:19 6633569 -c--a-w- c:\program files\NVE1046g.exe 2006-11-19 14:15 . 2006-11-19 14:14 17515272 -c--a-w- c:\program files\avg75free_430a848.exe 2006-11-19 14:07 . 2006-11-19 14:06 12841064 -c--a-w- c:\program files\SkypeSetup.exe 2004-08-04 02:00 94784 -csh--w- c:\windows\twain.dll 2008-04-14 21:32 50688 --sh--w- c:\windows\twain_32.dll 2008-04-14 21:32 1028096 --sha-w- c:\windows\system32\mfc42.dll 2008-04-14 21:32 57344 --sh--w- c:\windows\system32\msvcirt.dll 2008-04-14 21:32 413696 --sha-w- c:\windows\system32\msvcp60.dll 2008-04-14 21:32 343040 --sha-w- c:\windows\system32\msvcrt.dll 2008-04-14 21:32 551936 --sh--w- c:\windows\system32\oleaut32.dll 2008-04-14 21:32 84992 --sh--w- c:\windows\system32\olepro32.dll 2008-04-14 21:33 12288 --sh--w- c:\windows\system32\regsvr32.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-05-06 155648] "ShStatEXE"="c:\program files\Network Associates\VirusScan\SHSTAT.EXE" [2003-09-29 81990] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 144784] "SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-10-14 98304] "McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2003-09-10 135251] "InCD"="c:\program files\Ahead\InCD\InCD.exe" [2006-03-23 1398272] "HP Software Update"="c:\program files\HP\L7500\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-06-04 2056192] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 143360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ HP Digital Imaging Monitor.lnk - c:\program files\HP\L7500\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.e\0lsdelete [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui] 2009-08-05 21:48 647520 -c--a-w- c:\program files\Windows Live\Family Safety\fsui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 09:50 155648 -c--a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2006-10-13 16:20 20058152 ----a-w- c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\HP\\L7500\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\L7500\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\L7500\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\L7500\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\L7500\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\Microsoft Office\\Office\\FRONTPG.EXE"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "%windir%\\system32\\sessmgr.exe"= R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [12-11-2010 1:01 64288] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [23-9-2010 8:46 1375992] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [1-7-2009 7:53 33536] S3 hitmanpro2;Hitman Pro 2 Driver;c:\program files\Hitman Pro\hitmanpro2.sys [24-1-2007 15:04 10336] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [23-9-2010 8:46 15264] S4 lda100B;lda100B;\??\c:\windows\system32\drivers\cnxcdrom.sys --> c:\windows\system32\drivers\cnxcdrom.sys [?] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map 2010-11-12 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-09-23 12:52] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.deredactie.be/cm/vrtnieuws uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mSearch Bar = hxxp://go.compaq.com/1Q00CDT/0413/bl8.asp uInternet Connection Wizard,ShellNext = iexplore IE: Add to Windows &Live Favorites - Welcome to Windows Live IE: Openen in een nieuwe achtergrondtab - c:\program files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/229?45eca47887d2424c9f1def2d6949bd05 IE: Openen in een nieuwe voorgrondtab - c:\program files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/230?45eca47887d2424c9f1def2d6949bd05 . - - - - ORPHANS VERWIJDERD - - - - MSConfigStartUp-AVG9_TRAY - c:\progra~1\AVG\AVG9\avgtray.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-11-21 16:04 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2010-11-21 16:06:22 ComboFix-quarantined-files.txt 2010-11-21 15:06 Pre-Run: 59.153.420.288 bytes beschikbaar Post-Run: 60.184.940.544 bytes beschikbaar WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - 4B3494A265214660402E587D80DA5CBD

na het draaien van MBAM volgend resultaat: niks gevonden dus,Databaseversie: 5162 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.13 21/11/2010 13:05:45 mbam-log-2010-11-21 (13-05-45).txt Scantype: Snelle scan Objecten gescand: 168292 Verstreken tijd: 8 minuut/minuten, 6 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd)

Ok, AVG removal heeft gelopen, ik zie in de neiuwe log nog van alles staan van messenger en windowslive , fotoprintit?? , bing, mag allemaal weg en zelfs avg mag weg wegens draaien van Mc fee hierbij nieuwe log: Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 11:45:30, on 21/11/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17055) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Linksys\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe C:\Program Files\Linksys\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\HP\L7500\HP Software Update\HPWuSchd2.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\L7500\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\hijackthis\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = deredactie.be R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = HP Desktop web portal - HP Small and Medium Business R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: System - {D1C8F9CE-563E-11D8-813C-005022E14DE3} - C:\Program Files\LNM Client\AddAPI.dll (file missing) O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [setRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\L7500\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\RunServices: [WUSB54GC] %ProgramFiles%\ O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\L7500\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HPAiODevice(hp officejet 7100 series).lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet 7100 series\Bin\hpogrp07.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/229?45eca47887d2424c9f1def2d6949bd05 O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/230?45eca47887d2424c9f1def2d6949bd05 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://asp04.photoprintit.de/microsite/1287/defaults/activex/XUpload.ocx O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll (file missing) O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe (file missing) O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (file missing) O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe -- End of file - 9544 bytes

Hallo, wegens problemen van een zeeeer trage desktop pc hieronder mijn logje, hopelijk kunnen jullie helpen om hem terug goed lopende te krijgen. Ik heb eerst alles ge-uninstald wat ik bijna nooit gebruik + e-mail opgekuist, gedefragmenteerd en alle tijdelijke bestanden eraf gesmeten. AVG heeft erop gestaan maar dat heb er nu ook afgesmeten (un-install) Van virus-scan staat er ee Mc Afee 7.1.0 op. Pc is nu 4 jaar oude en het probleem zit hem in traag opstarten, voor verkenner te openen duurt zeer lang, om explorer te openen is tergent traag enz. bedankt al bij voorbaat om te helpen , groeten.. Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 19:40:42, on 18/11/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.17055) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Linksys\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe C:\Program Files\Linksys\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\HP\L7500\HP Software Update\HPWuSchd2.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\L7500\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\hijackthis\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = deredactie.be R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = HP Desktop web portal - HP Small and Medium Business R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: System - {D1C8F9CE-563E-11D8-813C-005022E14DE3} - C:\Program Files\LNM Client\AddAPI.dll (file missing) O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [setRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\L7500\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\RunServices: [WUSB54GC] %ProgramFiles%\ O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\L7500\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HPAiODevice(hp officejet 7100 series).lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet 7100 series\Bin\hpogrp07.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/229?45eca47887d2424c9f1def2d6949bd05 O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/230?45eca47887d2424c9f1def2d6949bd05 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://asp04.photoprintit.de/microsite/1287/defaults/activex/XUpload.ocx O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (file missing) O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe -- End of file - 10302 bytes