Trojaans Paard PSW Generic9

Mako · 12 januari 2012

Beste potlood1,

Ikzelf kan helemaal nog niet overweg met de ComboFix logjes. Aangezien het niet toegestaan is een logje niet door een expert te laten nakijken zal je dus moeten wachten tot wanneer zij opnieuw online zijn.

Jouw topic wordt zeker verder behandeld!

Groet,

Mako

potlood1 · 12 januari 2012

dank je Mako:top:

Groet

Ron

kape · 12 januari 2012

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

C:\user.js

Folder::

c:\program files\BrowserCompanion

c:\documents and settings\nvt\Local Settings\Application Data\Babylon

c:\documents and settings\nvt\AppData

c:\documents and settings\nvt\Application Data\Babylon

c:\documents and settings\All Users\Application Data\Babylon

Registry::

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"adaware"=-

"adaware_XP"=-

Firefox::

FF - ProfilePath - c:\documents and settings\nvt\Application Data\Mozilla\Firefox\Profiles\3qzklc25.default\

FF - prefs.js: keyword.URL - FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)

FF - prefs.js: browser.startup.homepage -

FF - prefs.js: browser.search.selectedEngine -

FF - user.js: extensions.BabylonToolbar_i.id - dcae01620000000000000016930001c7

FF - user.js: extensions.BabylonToolbar_i.hardId - dcae01620000000000000016930001c7

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15345

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:45

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - base

FF - user.js: extensions.BabylonToolbar_i.newTab - false

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=101240

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.instlRef – sst

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

potlood1 · 12 januari 2012

Bij deze met het script de log van Combofix ben benieuwd:-)

ComboFix 12-01-12.04 - nvt 12-01-2012 20:34:23.4.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1919.988 [GMT 1:00]

Gestart vanuit: c:\documents and settings\nvt\Mijn documenten\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\nvt\Bureaublad\CFScript.txt

AV: AVG Anti-Virus 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

FILE ::

"C:\user.js"

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\All Users\Application Data\Babylon

c:\documents and settings\nvt\AppData

c:\documents and settings\nvt\Application Data\Babylon

c:\documents and settings\nvt\Application Data\Babylon\log_file.txt

c:\documents and settings\nvt\Local Settings\Application Data\Babylon

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\bab033.tbinst.dat

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\bab091.norecovericon.dat

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\Babylon.dat

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\common.js

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\eula.html

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.css

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.html

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.js

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2Lrg.css

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page9.html

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\pBar.gif

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\title2.png

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\HtmlScreens\toolBar.jpg

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\Setup-tbmntr903-9.0.3.19.zpb

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\Setup.exe

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\SetupStrings.dat

c:\documents and settings\nvt\Local Settings\Application Data\Babylon\Setup\sqlite3.dll

c:\program files\BrowserCompanion

c:\program files\BrowserCompanion\BCHelper.exe

c:\program files\BrowserCompanion\blabbers-ch.crx

c:\program files\BrowserCompanion\logo.ico

c:\program files\BrowserCompanion\sqlite3.dll

c:\program files\BrowserCompanion\updatebhoWin32.dll_1

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-12-12 to 2012-01-12 ))))))))))))))))))))))))))))))

.

2012-01-12 19:08 . 2012-01-12 19:08 -------- d-----w- C:\found.001

2012-01-12 18:30 . 2012-01-12 18:32 -------- dc-h--w- c:\windows\ie8

2012-01-12 11:39 . 2012-01-12 11:39 -------- d-----w- c:\documents and settings\nvt\Local Settings\Application Data\adaware

2012-01-12 09:54 . 2012-01-12 09:54 -------- d-----w- C:\found.000

2012-01-12 09:06 . 2012-01-12 16:05 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE

2012-01-11 19:40 . 2012-01-11 19:40 -------- d-----w- C:\bureaublad

2012-01-10 20:23 . 2012-01-10 20:23 -------- d-----w- c:\documents and settings\nvt\vorus

2012-01-10 20:23 . 2012-01-10 20:23 -------- d-----w- c:\documents and settings\nvt\virus

2012-01-09 16:21 . 2012-01-09 16:21 -------- d-----w- c:\program files\7-Zip

2012-01-09 13:23 . 2012-01-12 19:20 -------- d--h--r- c:\documents and settings\nvt\Onlangs geopend

2012-01-09 11:19 . 2012-01-09 13:51 -------- d-----w- C:\sh4ldr

2012-01-09 11:19 . 2012-01-09 11:19 -------- d-----w- c:\program files\Enigma Software Group

2012-01-09 11:17 . 2012-01-09 13:50 -------- d-----w- c:\windows\1C7CC8E2CFCF41E6A8637C7A45CE8A78.TMP

2012-01-06 15:37 . 2012-01-06 15:37 388096 ----a-r- c:\documents and settings\nvt\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-01-06 15:37 . 2012-01-06 15:37 -------- d-----w- c:\program files\Trend Micro

2012-01-05 12:26 . 2012-01-05 12:26 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com

2012-01-05 11:20 . 2012-01-05 11:20 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll

2012-01-02 17:32 . 2012-01-02 17:32 -------- d-----w- c:\documents and settings\nvt\Application Data\QuickScan

2012-01-02 16:36 . 2012-01-02 16:36 -------- d-----w- c:\program files\Bonjour

2012-01-02 10:22 . 2012-01-02 10:22 -------- d-----w- c:\program files\Toolbar Cleaner

2012-01-02 10:20 . 2012-01-02 10:20 -------- d-----w- c:\program files\Lavasoft

2012-01-02 10:20 . 2012-01-10 19:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft

2011-12-29 10:21 . 2012-01-06 14:46 474 ----a-w- C:\user.js

2011-12-22 09:27 . 2012-01-12 19:12 -------- d-----w- c:\documents and settings\nvt\Local Settings\Application Data\Htc

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-11-25 21:57 . 2006-03-02 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll

2011-11-23 14:40 . 2006-03-02 12:00 1859712 ----a-w- c:\windows\system32\win32k.sys

2011-11-20 06:12 . 2006-03-02 12:00 60928 ----a-w- c:\windows\system32\packager.exe

2011-11-16 14:22 . 2006-03-02 12:00 354816 ----a-w- c:\windows\system32\winhttp.dll

2011-11-16 14:22 . 2006-03-02 12:00 152064 ----a-w- c:\windows\system32\schannel.dll

2011-11-04 19:13 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

2011-11-04 19:13 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll

2011-11-04 19:13 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-11-04 11:25 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec

2011-11-03 15:29 . 2006-03-02 12:00 386560 ----a-w- c:\windows\system32\qdvd.dll

2011-11-03 15:29 . 2006-03-02 12:00 1296384 ----a-w- c:\windows\system32\quartz.dll

2011-11-01 16:07 . 2006-03-02 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll

2011-10-28 05:32 . 2006-03-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll

2011-10-26 10:50 . 2006-03-02 12:00 2153472 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-10-26 10:50 . 2004-08-04 00:58 2031616 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-10-18 11:13 . 2006-03-02 12:00 186880 ----a-w- c:\windows\system32\encdec.dll

2011-11-09 09:04 . 2011-09-28 08:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

((((((((((((((((((((((((((((( SnapShot@2012-01-10_20.31.59 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-01-12 19:11 . 2012-01-12 19:11 16384 c:\windows\Temp\Perflib_Perfdata_c4c.dat

+ 2008-05-22 13:40 . 2009-01-07 17:21 26144 c:\windows\system32\spupdsvc.exe

- 2008-05-22 13:40 . 2009-01-07 16:21 26144 c:\windows\system32\spupdsvc.exe

+ 2011-09-17 01:06 . 2009-01-07 17:21 18464 c:\windows\system32\spmsg.dll

+ 2006-03-02 12:00 . 2009-03-08 03:31 46592 c:\windows\system32\pngfilt.dll

- 2006-03-02 12:00 . 2009-03-08 02:31 46592 c:\windows\system32\pngfilt.dll

+ 2006-06-29 06:05 . 2009-01-07 17:20 23552 c:\windows\system32\normaliz.dll

- 2006-06-29 06:05 . 2009-01-07 16:20 23552 c:\windows\system32\normaliz.dll

- 2006-06-28 15:59 . 2009-01-07 16:20 24576 c:\windows\system32\nlsdl.dll

+ 2006-06-28 15:59 . 2009-01-07 17:20 24576 c:\windows\system32\nlsdl.dll

- 2006-03-02 12:00 . 2009-03-08 02:31 48128 c:\windows\system32\mshtmler.dll

+ 2006-03-02 12:00 . 2009-03-08 03:31 48128 c:\windows\system32\mshtmler.dll

+ 2006-03-02 12:00 . 2009-03-08 03:31 45568 c:\windows\system32\mshta.exe

- 2006-03-02 12:00 . 2009-03-08 02:31 45568 c:\windows\system32\mshta.exe

+ 2007-08-13 16:36 . 2009-03-08 03:31 13312 c:\windows\system32\msfeedssync.exe

- 2007-08-13 16:36 . 2009-03-08 02:31 13312 c:\windows\system32\msfeedssync.exe

- 2006-03-02 12:00 . 2008-04-14 17:02 23040 c:\windows\system32\mciseq.dll

+ 2006-03-02 12:00 . 2011-10-14 14:47 23040 c:\windows\system32\mciseq.dll

+ 2006-03-02 12:00 . 2009-03-08 03:32 94720 c:\windows\system32\inseng.dll

- 2006-03-02 12:00 . 2009-03-08 02:32 94720 c:\windows\system32\inseng.dll

+ 2006-03-02 12:00 . 2009-03-08 03:31 34816 c:\windows\system32\imgutil.dll

- 2006-03-02 12:00 . 2009-03-08 02:31 34816 c:\windows\system32\imgutil.dll

+ 2007-08-13 16:39 . 2009-03-08 03:32 36864 c:\windows\system32\ieudinit.exe

- 2007-08-13 16:39 . 2009-03-08 02:32 36864 c:\windows\system32\ieudinit.exe

- 2006-03-02 12:00 . 2009-03-08 02:32 71680 c:\windows\system32\iesetup.dll

+ 2006-03-02 12:00 . 2009-03-08 03:32 71680 c:\windows\system32\iesetup.dll

+ 2006-03-02 12:00 . 2009-03-08 03:32 55808 c:\windows\system32\iernonce.dll

- 2006-03-02 12:00 . 2009-03-08 02:32 55808 c:\windows\system32\iernonce.dll

+ 2006-06-29 06:05 . 2009-01-07 17:20 26112 c:\windows\system32\idndl.dll

- 2006-06-29 06:05 . 2009-01-07 16:20 26112 c:\windows\system32\idndl.dll

- 2007-08-13 16:36 . 2009-03-08 02:31 59904 c:\windows\system32\icardie.dll

+ 2007-08-13 16:36 . 2009-03-08 03:31 59904 c:\windows\system32\icardie.dll

+ 2006-03-02 12:00 . 2009-03-08 03:31 46592 c:\windows\system32\dllcache\pngfilt.dll

- 2006-03-02 12:00 . 2009-03-08 02:31 46592 c:\windows\system32\dllcache\pngfilt.dll

+ 2011-11-20 06:12 . 2011-11-20 06:12 60928 c:\windows\system32\dllcache\packager.exe

- 2006-03-02 12:00 . 2009-03-08 02:31 48128 c:\windows\system32\dllcache\mshtmler.dll

+ 2006-03-02 12:00 . 2009-03-08 03:31 48128 c:\windows\system32\dllcache\mshtmler.dll

+ 2006-03-02 12:00 . 2009-03-08 03:31 45568 c:\windows\system32\dllcache\mshta.exe

- 2006-03-02 12:00 . 2009-03-08 02:31 45568 c:\windows\system32\dllcache\mshta.exe

+ 2011-10-14 14:47 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll

- 2006-03-02 12:00 . 2009-03-08 02:32 94720 c:\windows\system32\dllcache\inseng.dll

+ 2006-03-02 12:00 . 2009-03-08 03:32 94720 c:\windows\system32\dllcache\inseng.dll

- 2006-03-02 12:00 . 2009-03-08 02:31 34816 c:\windows\system32\dllcache\imgutil.dll

+ 2006-03-02 12:00 . 2009-03-08 03:31 34816 c:\windows\system32\dllcache\imgutil.dll

+ 2006-03-02 12:00 . 2009-03-08 03:32 71680 c:\windows\system32\dllcache\iesetup.dll

- 2006-03-02 12:00 . 2009-03-08 02:32 71680 c:\windows\system32\dllcache\iesetup.dll

- 2006-03-02 12:00 . 2009-03-08 02:32 55808 c:\windows\system32\dllcache\iernonce.dll

+ 2006-03-02 12:00 . 2009-03-08 03:32 55808 c:\windows\system32\dllcache\iernonce.dll

- 2008-05-22 15:34 . 2009-03-08 02:31 59904 c:\windows\system32\dllcache\icardie.dll

+ 2008-05-22 15:34 . 2009-03-08 03:31 59904 c:\windows\system32\dllcache\icardie.dll

+ 2008-05-22 13:23 . 2009-03-08 03:24 68608 c:\windows\system32\dllcache\hmmapi.dll

- 2008-05-22 13:23 . 2009-03-08 02:24 68608 c:\windows\system32\dllcache\hmmapi.dll

- 2009-03-08 02:33 . 2009-03-08 02:33 18944 c:\windows\system32\dllcache\corpol.dll

+ 2009-03-08 03:33 . 2009-03-08 03:33 18944 c:\windows\system32\dllcache\corpol.dll

- 2006-03-02 12:00 . 2009-03-08 02:32 72704 c:\windows\system32\dllcache\admparse.dll

+ 2006-03-02 12:00 . 2009-03-08 03:32 72704 c:\windows\system32\dllcache\admparse.dll

+ 2006-03-02 12:00 . 2009-03-08 03:33 18944 c:\windows\system32\corpol.dll

- 2006-03-02 12:00 . 2009-03-08 02:33 18944 c:\windows\system32\corpol.dll

+ 2008-05-22 13:27 . 2012-01-12 09:26 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

- 2008-05-22 13:27 . 2012-01-09 14:14 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

+ 2008-05-22 13:27 . 2012-01-12 09:26 32768 c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat

- 2008-05-22 13:27 . 2012-01-09 14:14 32768 c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat

+ 2006-03-02 12:00 . 2009-03-08 03:32 72704 c:\windows\system32\admparse.dll

- 2006-03-02 12:00 . 2009-03-08 02:32 72704 c:\windows\system32\admparse.dll

+ 2012-01-12 09:27 . 2012-01-12 09:27 28160 c:\windows\Installer\8ad11.msi

+ 2009-02-02 20:46 . 2012-01-11 20:46 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe

- 2009-02-02 20:46 . 2011-12-14 14:16 35088 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe

- 2009-02-02 20:46 . 2011-12-14 14:16 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe

+ 2009-02-02 20:46 . 2012-01-11 20:46 18704 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe

- 2009-02-02 20:46 . 2011-12-14 14:16 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe

+ 2009-02-02 20:46 . 2012-01-11 20:46 20240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe

+ 2012-01-12 18:33 . 2009-03-08 03:33 12288 c:\windows\ie8updates\KB982381-IE8\xpshims.dll

+ 2012-01-12 18:33 . 2008-07-08 13:07 18808 c:\windows\ie8updates\KB982381-IE8\spmsg.dll

+ 2012-01-12 18:33 . 2008-07-08 13:07 26488 c:\windows\ie8updates\KB982381-IE8\spcustom.dll

+ 2012-01-12 18:33 . 2009-03-08 03:31 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll

- 2010-06-11 01:16 . 2010-02-25 06:20 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll

- 2010-06-11 01:16 . 2010-02-25 06:20 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll

+ 2012-01-12 18:33 . 2009-03-08 03:33 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll

+ 2012-01-12 18:34 . 2010-05-06 10:37 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll

- 2011-12-14 14:13 . 2011-08-22 23:41 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll

+ 2012-01-12 18:34 . 2010-07-05 13:21 18808 c:\windows\ie8updates\KB2618444-IE8\spmsg.dll

+ 2012-01-12 18:34 . 2010-07-05 13:21 26488 c:\windows\ie8updates\KB2618444-IE8\spcustom.dll

- 2011-12-14 14:13 . 2011-08-22 23:41 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll

+ 2012-01-12 18:34 . 2009-03-08 03:31 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll

- 2011-12-14 14:13 . 2011-08-22 23:41 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll

+ 2012-01-12 18:34 . 2010-05-06 10:36 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll

+ 2012-01-12 18:34 . 2009-03-08 03:34 43008 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll

- 2011-12-14 14:13 . 2011-08-22 23:41 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll

+ 2012-01-12 18:34 . 2010-05-06 10:36 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll

- 2009-06-27 10:09 . 2009-03-08 14:32 58448 c:\windows\ie8\spuninst\iecustom.dll

+ 2012-01-12 18:31 . 2009-03-08 15:32 58448 c:\windows\ie8\spuninst\iecustom.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 44544 c:\windows\ie8\pngfilt.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 44544 c:\windows\ie8\pngfilt.dll

- 2009-06-27 10:08 . 2007-08-13 16:01 48128 c:\windows\ie8\mshtmler.dll

+ 2012-01-12 18:30 . 2007-08-13 16:01 48128 c:\windows\ie8\mshtmler.dll

- 2009-06-27 10:08 . 2007-08-13 16:32 45568 c:\windows\ie8\mshta.exe

+ 2012-01-12 18:30 . 2007-08-13 16:32 45568 c:\windows\ie8\mshta.exe

- 2009-06-27 10:08 . 2007-08-13 16:36 12288 c:\windows\ie8\msfeedssync.exe

+ 2012-01-12 18:30 . 2007-08-13 16:36 12288 c:\windows\ie8\msfeedssync.exe

- 2009-06-27 10:08 . 2009-04-29 04:49 52224 c:\windows\ie8\msfeedsbs.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 52224 c:\windows\ie8\msfeedsbs.dll

- 2009-06-27 10:08 . 2007-08-13 16:44 40960 c:\windows\ie8\licmgr10.dll

+ 2012-01-12 18:30 . 2007-08-13 16:44 40960 c:\windows\ie8\licmgr10.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 27648 c:\windows\ie8\jsproxy.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 27648 c:\windows\ie8\jsproxy.dll

+ 2012-01-12 18:30 . 2007-08-13 16:39 92672 c:\windows\ie8\inseng.dll

- 2009-06-27 10:08 . 2007-08-13 16:39 92672 c:\windows\ie8\inseng.dll

- 2009-06-27 10:08 . 2007-08-13 16:36 36352 c:\windows\ie8\imgutil.dll

+ 2012-01-12 18:30 . 2007-08-13 16:36 36352 c:\windows\ie8\imgutil.dll

- 2009-06-27 10:08 . 2007-08-13 16:39 55296 c:\windows\ie8\iesetup.dll

+ 2012-01-12 18:30 . 2007-08-13 16:39 55296 c:\windows\ie8\iesetup.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 44544 c:\windows\ie8\iernonce.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 44544 c:\windows\ie8\iernonce.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 78336 c:\windows\ie8\ieencode.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 78336 c:\windows\ie8\ieencode.dll

- 2009-06-27 10:08 . 2009-04-28 09:07 70656 c:\windows\ie8\ie4uinit.exe

+ 2012-01-12 18:30 . 2009-04-28 09:07 70656 c:\windows\ie8\ie4uinit.exe

+ 2012-01-12 18:30 . 2009-04-29 04:49 63488 c:\windows\ie8\icardie.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 63488 c:\windows\ie8\icardie.dll

+ 2012-01-12 18:30 . 2007-08-13 16:18 60416 c:\windows\ie8\hmmapi.dll

- 2009-06-27 10:08 . 2007-08-13 16:18 60416 c:\windows\ie8\hmmapi.dll

- 2009-06-27 10:08 . 2008-04-14 17:02 35328 c:\windows\ie8\corpol.dll

+ 2012-01-12 18:30 . 2008-04-14 17:02 35328 c:\windows\ie8\corpol.dll

- 2009-06-27 10:08 . 2007-08-13 16:39 71680 c:\windows\ie8\admparse.dll

+ 2012-01-12 18:30 . 2007-08-13 16:39 71680 c:\windows\ie8\admparse.dll

+ 2009-06-27 10:10 . 2011-08-16 10:45 6144 c:\windows\system32\dllcache\iecompat.dll

+ 2012-01-12 18:34 . 2009-03-08 03:35 2048 c:\windows\ie8updates\KB2598845-IE8\iecompat.dll

+ 2008-05-22 15:33 . 2009-01-07 17:21 121856 c:\windows\system32\xmllite.dll

- 2008-05-22 15:33 . 2009-01-07 16:21 121856 c:\windows\system32\xmllite.dll

- 2006-03-02 12:00 . 2008-04-14 17:02 179200 c:\windows\system32\winmm.dll

+ 2006-03-02 12:00 . 2011-10-14 14:47 179200 c:\windows\system32\winmm.dll

+ 2007-08-13 16:45 . 2009-03-08 03:34 208384 c:\windows\system32\WinFXDocObj.exe

- 2007-08-13 16:45 . 2009-03-08 02:34 208384 c:\windows\system32\WinFXDocObj.exe

- 2006-03-02 12:00 . 2009-03-08 02:34 236544 c:\windows\system32\webcheck.dll

+ 2006-03-02 12:00 . 2009-03-08 03:34 236544 c:\windows\system32\webcheck.dll

+ 2006-03-02 12:00 . 2009-03-08 03:33 420352 c:\windows\system32\vbscript.dll

+ 2006-03-02 12:00 . 2009-03-08 03:34 193536 c:\windows\system32\msrating.dll

- 2006-03-02 12:00 . 2009-03-08 02:34 193536 c:\windows\system32\msrating.dll

- 2006-03-02 12:00 . 2009-03-08 02:22 156160 c:\windows\system32\msls31.dll

+ 2006-03-02 12:00 . 2009-03-08 03:22 156160 c:\windows\system32\msls31.dll

+ 2009-01-07 16:20 . 2009-01-07 17:20 265720 c:\windows\system32\msdbg2.dll

- 2009-01-07 16:20 . 2009-01-07 16:20 265720 c:\windows\system32\msdbg2.dll

- 2006-03-02 12:00 . 2011-03-04 06:36 726528 c:\windows\system32\jscript.dll

+ 2006-03-02 12:00 . 2009-03-08 03:33 726528 c:\windows\system32\jscript.dll

- 2007-08-13 16:54 . 2009-03-08 02:22 164352 c:\windows\system32\ieui.dll

+ 2007-08-13 16:54 . 2009-03-08 03:22 164352 c:\windows\system32\ieui.dll

- 2007-07-11 10:27 . 2009-03-08 02:11 445952 c:\windows\system32\ieapfltr.dll

+ 2007-07-11 10:27 . 2009-03-08 03:11 445952 c:\windows\system32\ieapfltr.dll

+ 2006-03-02 12:00 . 2009-03-08 03:32 163840 c:\windows\system32\ieakui.dll

- 2006-03-02 12:00 . 2009-03-08 02:32 163840 c:\windows\system32\ieakui.dll

+ 2006-03-02 12:00 . 2009-03-08 03:33 229376 c:\windows\system32\ieaksie.dll

- 2006-03-02 12:00 . 2009-03-08 02:33 229376 c:\windows\system32\ieaksie.dll

- 2006-03-02 12:00 . 2009-03-08 02:33 125952 c:\windows\system32\ieakeng.dll

+ 2006-03-02 12:00 . 2009-03-08 03:33 125952 c:\windows\system32\ieakeng.dll

+ 2008-05-22 21:10 . 2012-01-12 16:03 304416 c:\windows\system32\FNTCACHE.DAT

- 2006-03-02 12:00 . 2009-03-08 02:31 216064 c:\windows\system32\dxtrans.dll

+ 2006-03-02 12:00 . 2009-03-08 03:31 216064 c:\windows\system32\dxtrans.dll

+ 2006-03-02 12:00 . 2009-03-08 03:31 348160 c:\windows\system32\dxtmsft.dll

- 2006-03-02 12:00 . 2009-03-08 02:31 348160 c:\windows\system32\dxtmsft.dll

- 2010-06-18 17:47 . 2011-06-20 17:44 293888 c:\windows\system32\dllcache\winsrv.dll

+ 2010-06-18 17:47 . 2011-11-25 21:57 293888 c:\windows\system32\dllcache\winsrv.dll

+ 2011-10-14 14:47 . 2011-10-14 14:47 179200 c:\windows\system32\dllcache\winmm.dll

+ 2008-12-16 12:33 . 2011-11-16 14:22 354816 c:\windows\system32\dllcache\winhttp.dll

- 2008-12-16 12:33 . 2009-08-25 09:20 354816 c:\windows\system32\dllcache\winhttp.dll

- 2006-03-02 12:00 . 2009-03-08 02:34 236544 c:\windows\system32\dllcache\webcheck.dll

+ 2006-03-02 12:00 . 2009-03-08 03:34 236544 c:\windows\system32\dllcache\webcheck.dll

+ 2008-05-22 13:23 . 2009-03-08 03:33 759296 c:\windows\system32\dllcache\VGX.dll

+ 2008-05-09 10:56 . 2009-03-08 03:33 420352 c:\windows\system32\dllcache\vbscript.dll

+ 2009-01-07 17:20 . 2009-01-07 17:20 134144 c:\windows\system32\dllcache\sqmapi.dll

- 2009-01-07 16:20 . 2009-01-07 16:20 134144 c:\windows\system32\dllcache\sqmapi.dll

+ 2009-01-07 17:21 . 2009-01-07 17:21 474624 c:\windows\system32\dllcache\shlwapi.dll

- 2009-01-07 16:21 . 2009-12-08 09:25 474624 c:\windows\system32\dllcache\shlwapi.dll

+ 2008-12-05 06:58 . 2011-11-16 14:22 152064 c:\windows\system32\dllcache\schannel.dll

+ 2011-11-03 15:29 . 2011-11-03 15:29 386560 c:\windows\system32\dllcache\qdvd.dll

- 2006-03-02 12:00 . 2009-03-08 02:34 193536 c:\windows\system32\dllcache\msrating.dll

+ 2006-03-02 12:00 . 2009-03-08 03:34 193536 c:\windows\system32\dllcache\msrating.dll

- 2006-03-02 12:00 . 2009-03-08 02:22 156160 c:\windows\system32\dllcache\msls31.dll

+ 2006-03-02 12:00 . 2009-03-08 03:22 156160 c:\windows\system32\dllcache\msls31.dll

+ 2008-05-09 10:56 . 2009-03-08 03:33 726528 c:\windows\system32\dllcache\jscript.dll

- 2008-05-09 10:56 . 2011-03-04 06:36 726528 c:\windows\system32\dllcache\jscript.dll

+ 2008-05-22 13:23 . 2009-03-08 13:09 638816 c:\windows\system32\dllcache\iexplore.exe

- 2008-05-22 13:23 . 2009-03-08 12:09 638816 c:\windows\system32\dllcache\iexplore.exe

+ 2008-05-22 15:34 . 2009-03-08 03:11 445952 c:\windows\system32\dllcache\ieapfltr.dll

- 2008-05-22 15:34 . 2009-03-08 02:11 445952 c:\windows\system32\dllcache\ieapfltr.dll

- 2006-03-02 12:00 . 2009-03-08 02:32 163840 c:\windows\system32\dllcache\ieakui.dll

+ 2006-03-02 12:00 . 2009-03-08 03:32 163840 c:\windows\system32\dllcache\ieakui.dll

+ 2006-03-02 12:00 . 2009-03-08 03:33 229376 c:\windows\system32\dllcache\ieaksie.dll

- 2006-03-02 12:00 . 2009-03-08 02:33 229376 c:\windows\system32\dllcache\ieaksie.dll

+ 2006-03-02 12:00 . 2009-03-08 03:33 125952 c:\windows\system32\dllcache\ieakeng.dll

- 2006-03-02 12:00 . 2009-03-08 02:33 125952 c:\windows\system32\dllcache\ieakeng.dll

+ 2006-03-02 12:00 . 2009-03-08 03:31 216064 c:\windows\system32\dllcache\dxtrans.dll

- 2006-03-02 12:00 . 2009-03-08 02:31 216064 c:\windows\system32\dllcache\dxtrans.dll

+ 2006-03-02 12:00 . 2009-03-08 03:31 348160 c:\windows\system32\dllcache\dxtmsft.dll

- 2006-03-02 12:00 . 2009-03-08 02:31 348160 c:\windows\system32\dllcache\dxtmsft.dll

+ 2006-03-02 12:00 . 2009-03-08 03:32 128512 c:\windows\system32\dllcache\advpack.dll

- 2006-03-02 12:00 . 2009-03-08 02:32 128512 c:\windows\system32\dllcache\advpack.dll

- 2006-03-02 12:00 . 2009-03-08 02:32 128512 c:\windows\system32\advpack.dll

+ 2006-03-02 12:00 . 2009-03-08 03:32 128512 c:\windows\system32\advpack.dll

- 2009-02-02 20:46 . 2011-12-14 14:16 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

+ 2009-02-02 20:46 . 2012-01-11 20:46 888080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

- 2009-02-02 20:46 . 2011-12-14 14:16 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe

+ 2009-02-02 20:46 . 2012-01-11 20:46 272648 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe

- 2009-02-02 20:46 . 2011-12-14 14:15 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe

+ 2009-02-02 20:46 . 2012-01-11 20:46 922384 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe

- 2009-02-02 20:46 . 2011-12-14 14:15 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe

+ 2009-02-02 20:46 . 2012-01-11 20:46 845584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe

+ 2009-02-02 20:46 . 2012-01-11 20:46 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe

- 2009-02-02 20:46 . 2011-12-14 14:15 217864 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe

+ 2009-02-02 20:46 . 2012-01-11 20:46 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe

- 2009-02-02 20:46 . 2011-12-14 14:15 184080 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe

- 2009-02-02 20:46 . 2011-12-14 14:15 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe

+ 2009-02-02 20:46 . 2012-01-11 20:46 159504 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe

+ 2012-01-12 18:33 . 2009-03-08 03:34 914944 c:\windows\ie8updates\KB982381-IE8\wininet.dll

+ 2012-01-12 18:33 . 2010-02-22 14:29 401272 c:\windows\ie8updates\KB982381-IE8\updspapi.dll

+ 2012-01-12 18:33 . 2009-05-26 11:41 765304 c:\windows\ie8updates\KB982381-IE8\update.exe

+ 2012-01-12 18:33 . 2010-02-22 14:29 401272 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll

- 2010-06-11 01:17 . 2010-02-22 14:29 401272 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll

+ 2012-01-12 18:33 . 2008-07-08 13:07 234872 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe

- 2010-06-11 01:17 . 2008-07-08 13:07 234872 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe

+ 2012-01-12 18:33 . 2008-07-08 13:07 234872 c:\windows\ie8updates\KB982381-IE8\spuninst.exe

+ 2012-01-12 18:33 . 2009-03-08 03:34 109568 c:\windows\ie8updates\KB982381-IE8\occache.dll

+ 2012-01-12 18:33 . 2009-03-08 03:32 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll

- 2010-06-11 01:16 . 2010-02-25 06:20 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll

+ 2012-01-12 18:33 . 2009-03-08 03:32 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll

- 2010-06-11 01:16 . 2010-02-25 06:20 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll

+ 2012-01-12 18:33 . 2009-03-08 03:33 246784 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll

+ 2012-01-12 18:33 . 2009-03-08 03:31 183808 c:\windows\ie8updates\KB982381-IE8\iepeers.dll

- 2010-06-11 01:16 . 2009-03-08 02:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll

+ 2012-01-12 18:33 . 2009-03-08 03:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll

+ 2012-01-12 18:33 . 2009-03-08 13:09 391536 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll

+ 2012-01-12 18:33 . 2009-03-08 03:32 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe

- 2010-06-11 01:16 . 2010-02-24 09:56 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe

- 2011-12-14 14:13 . 2011-08-22 23:41 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll

+ 2012-01-12 18:34 . 2010-05-06 10:37 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll

- 2011-12-14 14:13 . 2011-08-22 23:41 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll

+ 2012-01-12 18:34 . 2009-03-08 03:34 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll

+ 2012-01-12 18:34 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2618444-IE8\updspapi.dll

+ 2012-01-12 18:34 . 2010-07-05 13:21 765304 c:\windows\ie8updates\KB2618444-IE8\update.exe

- 2011-12-14 14:13 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll

+ 2012-01-12 18:34 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll

- 2011-12-14 14:13 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe

+ 2012-01-12 18:34 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe

+ 2012-01-12 18:34 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2618444-IE8\spuninst.exe

- 2011-12-14 14:13 . 2011-08-22 23:41 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll

+ 2012-01-12 18:34 . 2010-05-06 10:37 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll

+ 2012-01-12 18:34 . 2010-05-06 10:37 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll

- 2011-12-14 14:13 . 2011-08-22 23:41 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll

+ 2012-01-12 18:34 . 2010-05-06 10:36 599040 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll

- 2011-12-14 14:13 . 2011-08-22 23:41 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll

+ 2012-01-12 18:34 . 2010-05-06 10:36 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll

+ 2012-01-12 18:34 . 2010-05-06 10:36 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll

- 2011-12-14 14:13 . 2011-08-22 23:41 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll

- 2011-12-14 14:13 . 2011-08-22 23:41 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll

+ 2012-01-12 18:34 . 2010-05-06 10:36 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll

+ 2012-01-12 18:34 . 2010-05-06 10:36 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll

- 2011-12-14 14:13 . 2011-08-22 23:41 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll

+ 2012-01-12 18:34 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe

+ 2012-01-12 18:34 . 2010-02-22 14:29 401272 c:\windows\ie8updates\KB2598845-IE8\spuninst\updspapi.dll

+ 2012-01-12 18:34 . 2010-02-22 14:29 234872 c:\windows\ie8updates\KB2598845-IE8\spuninst\spuninst.exe

- 2009-06-27 10:08 . 2009-04-29 04:49 827392 c:\windows\ie8\wininet.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 827392 c:\windows\ie8\wininet.dll

+ 2012-01-12 18:30 . 2007-08-13 16:45 206336 c:\windows\ie8\winfxdocobj.exe

- 2009-06-27 10:08 . 2007-08-13 16:45 206336 c:\windows\ie8\winfxdocobj.exe

+ 2012-01-12 18:30 . 2009-04-29 04:49 233472 c:\windows\ie8\webcheck.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 233472 c:\windows\ie8\webcheck.dll

+ 2012-01-12 18:30 . 2007-07-12 23:32 765952 c:\windows\ie8\vgx.dll

- 2009-06-27 10:08 . 2007-07-12 23:32 765952 c:\windows\ie8\vgx.dll

- 2009-06-27 10:08 . 2008-05-09 10:56 430080 c:\windows\ie8\vbscript.dll

+ 2012-01-12 18:30 . 2008-05-09 10:56 430080 c:\windows\ie8\vbscript.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 105984 c:\windows\ie8\url.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 105984 c:\windows\ie8\url.dll

+ 2012-01-12 18:31 . 2009-01-07 17:21 400928 c:\windows\ie8\spuninst\updspapi.dll

- 2009-06-27 10:09 . 2009-01-07 16:21 400928 c:\windows\ie8\spuninst\updspapi.dll

+ 2012-01-12 18:31 . 2009-01-07 17:21 235040 c:\windows\ie8\spuninst\spuninst.exe

- 2009-06-27 10:09 . 2009-01-07 16:21 235040 c:\windows\ie8\spuninst\spuninst.exe

- 2009-06-27 10:08 . 2006-09-06 15:43 216800 c:\windows\ie8\spuninst.exe

+ 2012-01-12 18:30 . 2006-09-06 15:43 216800 c:\windows\ie8\spuninst.exe

- 2009-06-27 10:08 . 2009-04-29 04:49 102912 c:\windows\ie8\occache.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 102912 c:\windows\ie8\occache.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 671232 c:\windows\ie8\mstime.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 671232 c:\windows\ie8\mstime.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 193024 c:\windows\ie8\msrating.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 193024 c:\windows\ie8\msrating.dll

- 2009-06-27 10:08 . 2007-08-13 16:54 156160 c:\windows\ie8\msls31.dll

+ 2012-01-12 18:30 . 2007-08-13 16:54 156160 c:\windows\ie8\msls31.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 477696 c:\windows\ie8\mshtmled.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 477696 c:\windows\ie8\mshtmled.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 459264 c:\windows\ie8\msfeeds.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 459264 c:\windows\ie8\msfeeds.dll

+ 2012-01-12 18:30 . 2008-05-09 10:56 512000 c:\windows\ie8\jscript.dll

- 2009-06-27 10:08 . 2008-05-09 10:56 512000 c:\windows\ie8\jscript.dll

+ 2012-01-12 18:30 . 2009-04-25 05:27 636088 c:\windows\ie8\iexplore.exe

- 2009-06-27 10:08 . 2009-04-25 05:27 636088 c:\windows\ie8\iexplore.exe

- 2009-06-27 10:08 . 2007-08-13 16:54 180736 c:\windows\ie8\ieui.dll

+ 2012-01-12 18:30 . 2007-08-13 16:54 180736 c:\windows\ie8\ieui.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 268288 c:\windows\ie8\iertutil.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 268288 c:\windows\ie8\iertutil.dll

+ 2012-01-12 18:30 . 2007-08-13 16:54 287744 c:\windows\ie8\ieproxy.dll

- 2009-06-27 10:08 . 2007-08-13 16:54 287744 c:\windows\ie8\ieproxy.dll

- 2009-06-27 10:08 . 2007-08-13 16:54 191488 c:\windows\ie8\iepeers.dll

+ 2012-01-12 18:30 . 2007-08-13 16:54 191488 c:\windows\ie8\iepeers.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 385024 c:\windows\ie8\iedkcs32.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 385024 c:\windows\ie8\iedkcs32.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 383488 c:\windows\ie8\ieapfltr.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 383488 c:\windows\ie8\ieapfltr.dll

- 2009-06-27 10:08 . 2009-04-25 05:26 161792 c:\windows\ie8\ieakui.dll

+ 2012-01-12 18:30 . 2009-04-25 05:26 161792 c:\windows\ie8\ieakui.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 230400 c:\windows\ie8\ieaksie.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 230400 c:\windows\ie8\ieaksie.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 153088 c:\windows\ie8\ieakeng.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 153088 c:\windows\ie8\ieakeng.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 214528 c:\windows\ie8\dxtrans.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 214528 c:\windows\ie8\dxtrans.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 347136 c:\windows\ie8\dxtmsft.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 347136 c:\windows\ie8\dxtmsft.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 124928 c:\windows\ie8\advpack.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 124928 c:\windows\ie8\advpack.dll

+ 2007-02-12 14:10 . 2009-02-06 20:07 3698584 c:\windows\system32\ieapfltr.dat

- 2007-02-12 14:10 . 2009-02-06 19:07 3698584 c:\windows\system32\ieapfltr.dat

+ 2009-01-07 17:21 . 2009-01-07 17:21 1497088 c:\windows\system32\dllcache\shdocvw.dll

- 2009-01-07 16:21 . 2009-01-07 16:21 1497088 c:\windows\system32\dllcache\shdocvw.dll

+ 2008-05-07 05:12 . 2011-11-03 15:29 1296384 c:\windows\system32\dllcache\quartz.dll

- 2008-05-22 15:34 . 2009-02-06 19:07 3698584 c:\windows\system32\dllcache\ieapfltr.dat

+ 2008-05-22 15:34 . 2009-02-06 20:07 3698584 c:\windows\system32\dllcache\ieapfltr.dat

+ 2009-01-07 17:21 . 2009-01-07 17:21 1022976 c:\windows\system32\dllcache\browseui.dll

- 2009-01-07 16:21 . 2009-01-07 16:21 1022976 c:\windows\system32\dllcache\browseui.dll

+ 2011-12-08 18:24 . 2011-12-08 18:24 4989952 c:\windows\Installer\21fc78a.msp

+ 2009-02-02 20:46 . 2012-01-11 20:46 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

- 2009-02-02 20:46 . 2011-12-14 14:15 1172240 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

- 2009-02-02 20:46 . 2011-12-14 14:15 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe

+ 2009-02-02 20:46 . 2012-01-11 20:46 1165584 c:\windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe

+ 2012-01-12 18:33 . 2009-03-08 03:34 1206784 c:\windows\ie8updates\KB982381-IE8\urlmon.dll

+ 2012-01-12 18:33 . 2009-03-08 03:41 5937152 c:\windows\ie8updates\KB982381-IE8\mshtml.dll

+ 2012-01-12 18:33 . 2009-03-08 03:32 1985024 c:\windows\ie8updates\KB982381-IE8\iertutil.dll

+ 2012-01-12 18:34 . 2010-05-06 10:37 1209344 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll

+ 2012-01-12 18:34 . 2010-05-06 10:37 5950976 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll

+ 2012-01-12 18:34 . 2010-05-06 10:36 1985536 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 1159680 c:\windows\ie8\urlmon.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 1159680 c:\windows\ie8\urlmon.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 3596288 c:\windows\ie8\mshtml.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 3596288 c:\windows\ie8\mshtml.dll

+ 2012-01-12 18:30 . 2009-04-29 04:49 6066176 c:\windows\ie8\ieframe.dll

- 2009-06-27 10:08 . 2009-04-29 04:49 6066176 c:\windows\ie8\ieframe.dll

+ 2012-01-12 18:30 . 2008-07-09 14:25 2455488 c:\windows\ie8\ieapfltr.dat

- 2009-06-27 10:08 . 2008-07-09 14:25 2455488 c:\windows\ie8\ieapfltr.dat

+ 2008-05-22 14:42 . 2012-01-11 20:47 52128560 c:\windows\system32\MRT.exe

+ 2012-01-03 17:58 . 2012-01-03 17:58 15929344 c:\windows\Installer\14c10e7.msp

+ 2012-01-12 18:33 . 2009-03-08 03:39 11063808 c:\windows\ie8updates\KB982381-IE8\ieframe.dll

+ 2012-01-12 18:34 . 2010-05-06 10:36 11076096 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll

.

-- Snapshot teruggezet naar huidige datum --

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2011-12-07 08:17 1547104 ----a-w- c:\program files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll" [2011-12-07 1547104]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-07-18 451872]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136]

"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-28 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]

"SkyTel"="SkyTel.EXE" [2007-06-15 1826816]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-30 7634944]

"nwiz"="nwiz.exe" [2006-10-30 1622016]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-30 86016]

"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]

"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]

"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]

"eFax 4.3"="c:\program files\eFax Messenger 4.3\J2GDllCmd.exe" [2007-03-06 116224]

"UPC"="c:\program files\UPC\bin\sprtcmd.exe" [2005-08-16 192512]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 29984]

"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-09 46368]

"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]

"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-25 1159168]

"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2009-01-08 114688]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]

"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-09-10 2338656]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2008-08-04 160800]

"VX3000"="c:\windows\vVX3000.exe" [2008-08-04 721936]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2011-12-07 827232]

"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-11-01 593920]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

c:\documents and settings\nvt\Menu Start\Programma's\Opstarten\

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

eFax 4.3.lnk - c:\program files\eFax Messenger 4.3\J2GTray.exe [2008-8-12 629248]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]

Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Hypobox\\Bin\\bbx\\fl\\ip\\bin\\IllustratePlus.exe"=

"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Hypobox\\Bin\\HypoboxUpdate.exe"=

"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=

"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeEnC2.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeTray.exe"=

"c:\\Program Files\\AVG\\AVG10\\avgdiagex.exe"=

"c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"=

"c:\\Program Files\\AVG\\AVG10\\avgam.exe"=

"c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"3389:TCP"= 3389:TCP:Remote Desktop

"65533:TCP"= 65533:TCP:Services

"52344:TCP"= 52344:TCP:Services

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [13-9-2010 15:27 22992]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [7-9-2010 3:48 32592]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [8-12-2010 4:12 248656]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [12-11-2010 13:19 297168]

R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [8-2-2011 4:33 269520]

R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [12-8-2011 17:13 87040]

R2 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [7-12-2011 9:17 855904]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [3-8-2010 15:23 134480]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [3-8-2010 15:23 24144]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [3-8-2010 15:23 27216]

R3 xcpip;Stuurprogramma voor TCP/IP-protocol;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]

R3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [18-8-2011 0:33 7390560]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6-1-2010 18:28 135664]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [9-5-2011 8:42 167264]

S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\drivers\aabed2.sys [20-6-2011 13:07 21888]

S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]

S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [6-1-2010 18:28 135664]

S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [29-6-2010 15:10 24576]

S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22-6-2010 18:01 21248]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]

S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [2-3-2006 13:00 14336]

S3 USBAU;USB Audio Device Interface;c:\windows\system32\drivers\CM102.sys [20-11-2009 16:44 1400832]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2007-07-18 15:53 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-01-06 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

.

2012-01-12 c:\windows\Tasks\AVG PC Tuneup 2011 Integrator Start On nvt Logon.job

- c:\program files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe [2011-08-04 13:58]

.

2012-01-12 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-28 17:57]

.

2012-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 17:28]

.

2012-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 17:28]

.

2012-01-12 c:\windows\Tasks\User_Feed_Synchronization-{C04875A5-890B-4A57-A257-615900806454}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]

.

------- Bijkomende Scan -------

.

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 62.179.104.196 213.46.228.196

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll

DPF: {708C978C-BBF5-4038-8DC1-64FF22BCFFB6} - hxxp://www.barracuda.com/ns/products/spyware-removal-tool/tool/BarracudaSpyRemoval.cab

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab

FF - ProfilePath - c:\documents and settings\nvt\Application Data\Mozilla\Firefox\Profiles\3qzklc25.default\

FF - prefs.js: network.proxy.type - 0

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-01-12 20:44

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

Voltooingstijd: 2012-01-12 20:47:51

ComboFix-quarantined-files.txt 2012-01-12 19:47

ComboFix2.txt 2012-01-12 13:15

ComboFix3.txt 2012-01-11 20:06

ComboFix4.txt 2012-01-10 20:35

.

Pre-Run: 125.137.035.264 bytes beschikbaar

Post-Run: 125.128.142.848 bytes beschikbaar

.

- - End Of File - - 588D19243E787D21ED9F3FA99AA6441C

Groet Ron

---------- Post toegevoegd om 21:03 ---------- Vorige post was om 20:55 ----------

Het paard zit er volgens AVG nog in dezelfde extensie als het report dat hier al staat.

kape · 12 januari 2012

Deze mappen en bestanden mag je nog manueel verwijderen :

C:\found.001

C:\found.000

c:\windows\1C7CC8E2CFCF41E6A8637C7A45CE8A78.TMP

C:\user.js

Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.

Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

Windows 7 en Windows Vista gebruikers:

Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.

Klik op de knop "Start Scan" en volg de instructies.

Wanneer de scan klaar is klik je op de knop "Report".

Er opent een kladblokbestand. Post de inhoud van dit bestand.

Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

potlood1 · 12 januari 2012

C:\user.js was niet te verwijderen met een code de andere wel verwijderd. Hierna Tdds Killer gedraaid. met bijgaand log report.

21:47:07.0890 2176 TDSS rootkit removing tool 2.7.0.0 Jan 10 2012 09:14:26

21:47:08.0140 2176 ============================================================

21:47:08.0140 2176 Current date / time: 2012/01/12 21:47:08.0140

21:47:08.0140 2176 SystemInfo:

21:47:08.0140 2176

21:47:08.0140 2176 OS Version: 5.1.2600 ServicePack: 3.0

21:47:08.0140 2176 Product type: Workstation

21:47:08.0140 2176 ComputerName: NVT-62704836F9A

21:47:08.0140 2176 UserName: nvt

21:47:08.0140 2176 Windows directory: C:\WINDOWS

21:47:08.0140 2176 System windows directory: C:\WINDOWS

21:47:08.0140 2176 Processor architecture: Intel x86

21:47:08.0140 2176 Number of processors: 2

21:47:08.0140 2176 Page size: 0x1000

21:47:08.0140 2176 Boot type: Normal boot

21:47:08.0140 2176 ============================================================

21:47:09.0437 2176 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000, SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000054

21:47:09.0531 2176 Initialize success

21:47:46.0390 4184 ============================================================

21:47:46.0390 4184 Scan started

21:47:46.0390 4184 Mode: Manual; SigCheck; TDLFS;

21:47:46.0390 4184 ============================================================

21:47:46.0625 4184 Abiosdsk - ok

21:47:46.0640 4184 abp480n5 - ok

21:47:46.0687 4184 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys

21:47:46.0843 4184 ACPI - ok

21:47:46.0906 4184 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys

21:47:46.0984 4184 ACPIEC - ok

21:47:47.0000 4184 adpu160m - ok

21:47:47.0000 4184 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

21:47:47.0125 4184 aec - ok

21:47:47.0171 4184 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

21:47:47.0187 4184 AFD - ok

21:47:47.0203 4184 Aha154x - ok

21:47:47.0203 4184 aic78u2 - ok

21:47:47.0218 4184 aic78xx - ok

21:47:47.0234 4184 AliIde - ok

21:47:47.0234 4184 amsint - ok

21:47:47.0250 4184 asc - ok

21:47:47.0250 4184 asc3350p - ok

21:47:47.0265 4184 asc3550 - ok

21:47:47.0296 4184 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

21:47:47.0390 4184 AsyncMac - ok

21:47:47.0390 4184 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

21:47:56.0546 4184 atapi - ok

21:47:56.0781 4184 Atdisk - ok

21:47:56.0859 4184 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

21:47:58.0734 4184 Atmarpc - ok

21:47:58.0875 4184 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

21:48:00.0734 4184 audstub - ok

21:48:00.0953 4184 AVGIDSDriver (2d18221aab3db2d408d6c55c0f23090a) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys

21:48:01.0562 4184 AVGIDSDriver - ok

21:48:01.0687 4184 AVGIDSEH (1af676db3f3d4cc709cfab2571cf5fc3) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys

21:48:01.0859 4184 AVGIDSEH - ok

21:48:02.0031 4184 AVGIDSFilter (4c51e233c87f9ec7598551de554bc99d) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys

21:48:02.0218 4184 AVGIDSFilter - ok

21:48:02.0312 4184 AVGIDSShim (c3fc426e54f55c1cc3219e415b88e10c) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys

21:48:02.0484 4184 AVGIDSShim - ok

21:48:02.0609 4184 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\WINDOWS\system32\DRIVERS\avgldx86.sys

21:48:02.0906 4184 Avgldx86 - ok

21:48:02.0953 4184 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

21:48:03.0140 4184 Avgmfx86 - ok

21:48:03.0203 4184 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

21:48:03.0390 4184 Avgrkx86 - ok

21:48:03.0531 4184 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\WINDOWS\system32\DRIVERS\avgtdix.sys

21:48:03.0843 4184 Avgtdix - ok

21:48:04.0046 4184 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

21:48:05.0703 4184 Beep - ok

21:48:05.0906 4184 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys

21:48:06.0234 4184 BrScnUsb - ok

21:48:06.0281 4184 BrSerIf (3a9d55d28f61749a4564afd1d660c050) C:\WINDOWS\system32\DRIVERS\BrSerIf.sys

21:48:06.0296 4184 BrSerIf - ok

21:48:06.0312 4184 BrUsbSer (a24c7b39602218f8dbdb2b6704325fc7) C:\WINDOWS\system32\DRIVERS\BrUsbSer.sys

21:48:06.0328 4184 BrUsbSer - ok

21:48:06.0406 4184 catchme - ok

21:48:06.0437 4184 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

21:48:06.0531 4184 cbidf2k - ok

21:48:06.0546 4184 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

21:48:06.0656 4184 CCDECODE - ok

21:48:06.0656 4184 cd20xrnt - ok

21:48:06.0671 4184 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

21:48:06.0765 4184 Cdaudio - ok

21:48:06.0796 4184 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

21:48:06.0875 4184 Cdfs - ok

21:48:06.0890 4184 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

21:48:06.0984 4184 Cdrom - ok

21:48:07.0031 4184 Changer - ok

21:48:07.0062 4184 CmdIde - ok

21:48:07.0109 4184 Cpqarray - ok

21:48:07.0140 4184 dac2w2k - ok

21:48:07.0171 4184 dac960nt - ok

21:48:07.0281 4184 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

21:48:07.0390 4184 Disk - ok

21:48:07.0437 4184 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys

21:48:07.0546 4184 dmboot - ok

21:48:07.0578 4184 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys

21:48:07.0671 4184 dmio - ok

21:48:07.0703 4184 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

21:48:07.0812 4184 dmload - ok

21:48:07.0828 4184 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

21:48:07.0921 4184 DMusic - ok

21:48:07.0937 4184 dpti2o - ok

21:48:07.0953 4184 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

21:48:08.0000 4184 drmkaud - ok

21:48:08.0046 4184 e.dentifier2 (30e8affed744ec4c79b4961f5fe10134) C:\WINDOWS\system32\DRIVERS\aabed2.sys

21:48:08.0046 4184 e.dentifier2 - ok

21:48:08.0109 4184 esgiguard - ok

21:48:08.0125 4184 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

21:48:08.0218 4184 Fastfat - ok

21:48:08.0250 4184 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

21:48:08.0359 4184 Fdc - ok

21:48:08.0375 4184 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys

21:48:08.0453 4184 Fips - ok

21:48:08.0468 4184 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

21:48:08.0546 4184 Flpydisk - ok

21:48:08.0578 4184 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

21:48:08.0671 4184 FltMgr - ok

21:48:08.0671 4184 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

21:48:08.0765 4184 Fs_Rec - ok

21:48:08.0781 4184 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

21:48:08.0890 4184 Ftdisk - ok

21:48:08.0921 4184 GEARAspiWDM (df6e37b27a9a1a498c6d9f29995b7a03) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys

21:48:08.0937 4184 GEARAspiWDM - ok

21:48:08.0953 4184 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

21:48:09.0046 4184 Gpc - ok

21:48:09.0062 4184 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

21:48:09.0140 4184 HDAudBus - ok

21:48:09.0156 4184 hpn - ok

21:48:09.0187 4184 HTCAND32 (cbd09ed9cf6822177ee85aea4d8816a2) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys

21:48:09.0203 4184 HTCAND32 - ok

21:48:09.0234 4184 htcnprot (04e3b3554076b8192a668efe88a682a1) C:\WINDOWS\system32\DRIVERS\htcnprot.sys

21:48:09.0250 4184 htcnprot - ok

21:48:09.0281 4184 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

21:48:09.0296 4184 HTTP - ok

21:48:09.0312 4184 i2omgmt - ok

21:48:09.0328 4184 i2omp - ok

21:48:09.0328 4184 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

21:48:09.0421 4184 i8042prt - ok

21:48:09.0437 4184 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

21:48:09.0531 4184 Imapi - ok

21:48:09.0546 4184 ini910u - ok

21:48:09.0656 4184 IntcAzAudAddService (1ebde650d97a8eccdc1cc4a0804647cd) C:\WINDOWS\system32\drivers\RtkHDAud.sys

21:48:09.0781 4184 IntcAzAudAddService - ok

21:48:09.0781 4184 IntelIde - ok

21:48:09.0812 4184 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

21:48:09.0906 4184 Ip6Fw - ok

21:48:09.0937 4184 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

21:48:10.0031 4184 IpFilterDriver - ok

21:48:10.0046 4184 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

21:48:10.0140 4184 IpInIp - ok

21:48:10.0156 4184 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

21:48:10.0234 4184 IpNat - ok

21:48:10.0250 4184 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

21:48:10.0328 4184 IPSec - ok

21:48:10.0343 4184 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

21:48:10.0406 4184 IRENUM - ok

21:48:10.0421 4184 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys

21:48:10.0515 4184 isapnp - ok

21:48:10.0546 4184 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

21:48:10.0625 4184 Kbdclass - ok

21:48:10.0656 4184 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

21:48:10.0734 4184 kmixer - ok

21:48:10.0765 4184 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

21:48:10.0781 4184 KSecDD - ok

21:48:10.0843 4184 Lavasoft Kernexplorer - ok

21:48:10.0859 4184 lbrtfdc - ok

21:48:10.0890 4184 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

21:48:11.0000 4184 mnmdd - ok

21:48:11.0031 4184 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys

21:48:11.0109 4184 Modem - ok

21:48:11.0109 4184 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys

21:48:11.0203 4184 Mouclass - ok

21:48:11.0203 4184 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

21:48:11.0296 4184 MountMgr - ok

21:48:11.0312 4184 mraid35x - ok

21:48:11.0328 4184 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

21:48:11.0406 4184 MRxDAV - ok

21:48:11.0437 4184 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

21:48:11.0484 4184 MRxSmb - ok

21:48:11.0500 4184 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

21:48:11.0562 4184 Msfs - ok

21:48:11.0593 4184 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

21:48:11.0687 4184 MSKSSRV - ok

21:48:11.0718 4184 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

21:48:11.0796 4184 MSPCLOCK - ok

21:48:11.0812 4184 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

21:48:11.0906 4184 MSPQM - ok

21:48:11.0921 4184 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

21:48:12.0015 4184 mssmbios - ok

21:48:12.0046 4184 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

21:48:12.0140 4184 MSTEE - ok

21:48:12.0171 4184 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys

21:48:12.0187 4184 MTsensor - ok

21:48:12.0218 4184 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

21:48:12.0265 4184 Mup - ok

21:48:12.0296 4184 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

21:48:13.0828 4184 NABTSFEC - ok

21:48:13.0984 4184 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

21:48:15.0953 4184 NDIS - ok

21:48:16.0484 4184 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

21:48:18.0593 4184 NdisIP - ok

21:48:18.0718 4184 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

21:48:18.0968 4184 NdisTapi - ok

21:48:19.0046 4184 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

21:48:21.0031 4184 Ndisuio - ok

21:48:21.0093 4184 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

21:48:23.0109 4184 NdisWan - ok

21:48:23.0234 4184 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

21:48:23.0437 4184 NDProxy - ok

21:48:23.0500 4184 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

21:48:25.0156 4184 NetBIOS - ok

21:48:25.0250 4184 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

21:48:27.0078 4184 NetBT - ok

21:48:27.0515 4184 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

21:48:28.0703 4184 Npfs - ok

21:48:28.0734 4184 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

21:48:28.0843 4184 Ntfs - ok

21:48:28.0890 4184 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

21:48:28.0968 4184 Null - ok

21:48:29.0078 4184 nv (eb2858f920b8135b807b5ccaa3ed73dc) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

21:48:29.0187 4184 nv - ok

21:48:29.0203 4184 NVENETFD (24336267df2a52e2785d50f41b9cf9b8) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys

21:48:29.0218 4184 NVENETFD - ok

21:48:29.0234 4184 nvnetbus (fea32e16bd1dda896a647a6e19216fca) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys

21:48:29.0250 4184 nvnetbus - ok

21:48:29.0296 4184 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

21:48:29.0390 4184 NwlnkFlt - ok

21:48:29.0406 4184 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

21:48:29.0484 4184 NwlnkFwd - ok

21:48:29.0531 4184 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys

21:48:29.0609 4184 Parport - ok

21:48:29.0625 4184 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

21:48:29.0718 4184 PartMgr - ok

21:48:29.0734 4184 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys

21:48:29.0812 4184 ParVdm - ok

21:48:29.0828 4184 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys

21:48:29.0921 4184 PCI - ok

21:48:29.0937 4184 PCIDump - ok

21:48:29.0968 4184 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys

21:48:30.0046 4184 PCIIde - ok

21:48:30.0078 4184 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys

21:48:30.0171 4184 Pcmcia - ok

21:48:30.0171 4184 PDCOMP - ok

21:48:30.0187 4184 PDFRAME - ok

21:48:30.0187 4184 PDRELI - ok

21:48:30.0203 4184 PDRFRAME - ok

21:48:30.0218 4184 perc2 - ok

21:48:30.0218 4184 perc2hib - ok

21:48:30.0234 4184 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

21:48:30.0328 4184 PptpMiniport - ok

21:48:30.0343 4184 PQNTDrv (474543751522111dd7c0cf09e17f6d9f) C:\WINDOWS\system32\drivers\PQNTDrv.sys

21:48:30.0359 4184 PQNTDrv ( UnsignedFile.Multi.Generic ) - warning

21:48:30.0359 4184 PQNTDrv - detected UnsignedFile.Multi.Generic (1)

21:48:30.0375 4184 Processor (82a17eca34d801590a67c0a2244965ed) C:\WINDOWS\system32\DRIVERS\processr.sys

21:48:30.0453 4184 Processor - ok

21:48:30.0468 4184 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

21:48:30.0562 4184 PSched - ok

21:48:30.0578 4184 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

21:48:30.0640 4184 Ptilink - ok

21:48:30.0656 4184 ql1080 - ok

21:48:30.0656 4184 Ql10wnt - ok

21:48:30.0671 4184 ql12160 - ok

21:48:30.0671 4184 ql1240 - ok

21:48:30.0687 4184 ql1280 - ok

21:48:30.0703 4184 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

21:48:30.0796 4184 RasAcd - ok

21:48:30.0796 4184 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

21:48:30.0875 4184 Rasl2tp - ok

21:48:30.0890 4184 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

21:48:30.0984 4184 RasPppoe - ok

21:48:30.0984 4184 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

21:48:31.0062 4184 Raspti - ok

21:48:31.0093 4184 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

21:48:31.0156 4184 Rdbss - ok

21:48:31.0171 4184 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

21:48:31.0250 4184 RDPCDD - ok

21:48:31.0296 4184 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

21:48:31.0343 4184 RDPWD - ok

21:48:31.0359 4184 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys

21:48:31.0437 4184 redbook - ok

21:48:31.0468 4184 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys

21:48:31.0562 4184 ROOTMODEM - ok

21:48:31.0625 4184 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

21:48:31.0656 4184 Secdrv - ok

21:48:31.0671 4184 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

21:48:31.0750 4184 serenum - ok

21:48:31.0781 4184 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys

21:48:31.0875 4184 Serial - ok

21:48:31.0906 4184 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys

21:48:32.0000 4184 Sfloppy - ok

21:48:32.0000 4184 Simbad - ok

21:48:32.0031 4184 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

21:48:32.0125 4184 SLIP - ok

21:48:32.0125 4184 Sparrow - ok

21:48:32.0140 4184 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

21:48:32.0203 4184 splitter - ok

21:48:32.0250 4184 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys

21:48:32.0296 4184 sr - ok

21:48:32.0343 4184 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

21:48:32.0359 4184 Srv - ok

21:48:32.0390 4184 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

21:48:32.0484 4184 streamip - ok

21:48:32.0500 4184 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

21:48:32.0578 4184 swenum - ok

21:48:32.0593 4184 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

21:48:32.0687 4184 swmidi - ok

21:48:32.0734 4184 symc810 - ok

21:48:32.0750 4184 symc8xx - ok

21:48:32.0750 4184 sym_hi - ok

21:48:32.0765 4184 sym_u3 - ok

21:48:32.0796 4184 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

21:48:32.0875 4184 sysaudio - ok

21:48:32.0921 4184 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

21:48:32.0953 4184 Tcpip - ok

21:48:32.0984 4184 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

21:48:33.0078 4184 TDPIPE - ok

21:48:33.0093 4184 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

21:48:33.0187 4184 TDTCP - ok

21:48:33.0187 4184 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

21:48:33.0281 4184 TermDD - ok

21:48:33.0296 4184 TosIde - ok

21:48:33.0343 4184 tosporte (8d624d3bd1f2d78bd1c01a2d4e954b4e) C:\WINDOWS\system32\DRIVERS\tosporte.sys

21:48:33.0343 4184 tosporte - ok

21:48:33.0375 4184 tosrfbd (a594dbd80ca5426e2e558bf79195a110) C:\WINDOWS\system32\DRIVERS\tosrfbd.sys

21:48:33.0375 4184 tosrfbd - ok

21:48:33.0390 4184 tosrfbnp (90c8525bc578aaffe87c2d0ed4379e9e) C:\WINDOWS\system32\Drivers\tosrfbnp.sys

21:48:33.0406 4184 tosrfbnp - ok

21:48:33.0421 4184 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys

21:48:33.0437 4184 Tosrfcom - ok

21:48:33.0453 4184 Tosrfhid (28099a4e52148319afa685d93a2244d0) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys

21:48:33.0468 4184 Tosrfhid - ok

21:48:33.0468 4184 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys

21:48:33.0484 4184 tosrfnds - ok

21:48:33.0500 4184 TosRfSnd (1ff09b64d1e0c82ee81026718d8d47c2) C:\WINDOWS\system32\drivers\tosrfsnd.sys

21:48:33.0515 4184 TosRfSnd - ok

21:48:33.0562 4184 tosrfusb (20cc46c5d3326122e1a0a8c9dad00e0d) C:\WINDOWS\system32\DRIVERS\tosrfusb.sys

21:48:33.0562 4184 tosrfusb - ok

21:48:33.0593 4184 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

21:48:33.0671 4184 Udfs - ok

21:48:33.0687 4184 ultra - ok

21:48:33.0703 4184 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

21:48:33.0781 4184 Update - ok

21:48:33.0843 4184 USBAU (858de6637cbf913fe07dfb260e52c8cf) C:\WINDOWS\system32\drivers\CM102.sys

21:48:33.0875 4184 USBAU ( UnsignedFile.Multi.Generic ) - warning

21:48:33.0875 4184 USBAU - detected UnsignedFile.Multi.Generic (1)

21:48:33.0921 4184 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

21:48:34.0015 4184 usbaudio - ok

21:48:34.0015 4184 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

21:48:34.0125 4184 usbccgp - ok

21:48:34.0125 4184 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

21:48:34.0218 4184 usbehci - ok

21:48:34.0218 4184 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

21:48:34.0281 4184 usbhub - ok

21:48:34.0281 4184 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

21:48:34.0390 4184 usbohci - ok

21:48:34.0406 4184 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

21:48:36.0078 4184 usbprint - ok

21:48:36.0156 4184 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

21:48:38.0000 4184 usbscan - ok

21:48:38.0140 4184 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

21:48:40.0000 4184 USBSTOR - ok

21:48:40.0078 4184 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys

21:48:41.0718 4184 usbvideo - ok

21:48:41.0828 4184 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys

21:48:43.0500 4184 usb_rndisx - ok

21:48:43.0578 4184 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

21:48:45.0484 4184 VgaSave - ok

21:48:45.0546 4184 ViaIde - ok

21:48:45.0687 4184 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys

21:48:47.0546 4184 VolSnap - ok

21:48:47.0968 4184 VX3000 (3d96ef51524e99680e89929e953a5495) C:\WINDOWS\system32\DRIVERS\VX3000.sys

21:48:48.0828 4184 VX3000 - ok

21:48:49.0000 4184 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

21:48:50.0171 4184 Wanarp - ok

21:48:50.0312 4184 Wdf01000 (4769596d7cc0f5fa447d2babc239672a) C:\WINDOWS\system32\Drivers\wdf01000.sys

21:48:50.0343 4184 Wdf01000 - ok

21:48:50.0359 4184 WDICA - ok

21:48:50.0406 4184 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

21:48:50.0484 4184 wdmaud - ok

21:48:50.0546 4184 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

21:48:50.0640 4184 WS2IFSL - ok

21:48:50.0671 4184 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

21:48:50.0765 4184 WSTCODEC - ok

21:48:50.0796 4184 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

21:48:50.0828 4184 WudfPf - ok

21:48:50.0859 4184 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

21:48:50.0875 4184 WudfRd - ok

21:48:50.0890 4184 xcpip - ok

21:48:50.0890 4184 xpsec - ok

21:48:50.0906 4184 MBR (0x1B8) (25fdd3b61791a226676b12dc5bddef71) \Device\Harddisk0\DR0

21:48:50.0906 4184 \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - infected

21:48:50.0906 4184 \Device\Harddisk0\DR0 - detected Backdoor.Win32.Sinowal.knf (0)

21:48:50.0984 4184 Boot (0x1200) (378b5702d35146296ecd645b1fe37df4) \Device\Harddisk0\DR0\Partition0

21:48:50.0984 4184 \Device\Harddisk0\DR0\Partition0 - ok

21:48:50.0984 4184 Boot (0x1200) (bf67d91643ce2c41ece728ab3de51951) \Device\Harddisk0\DR0\Partition1

21:48:51.0000 4184 \Device\Harddisk0\DR0\Partition1 - ok

21:48:51.0000 4184 ============================================================

21:48:51.0000 4184 Scan finished

21:48:51.0000 4184 ============================================================

21:48:51.0109 5560 Detected object count: 3

21:48:51.0109 5560 Actual detected object count: 3

21:49:37.0859 5560 C:\WINDOWS\system32\drivers\PQNTDrv.sys - copied to quarantine

21:49:37.0859 5560 PQNTDrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

21:49:37.0968 5560 C:\WINDOWS\system32\drivers\CM102.sys - copied to quarantine

21:49:37.0968 5560 USBAU ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

21:49:38.0312 5560 \Device\Harddisk0\DR0\# - copied to quarantine

21:49:38.0312 5560 \Device\Harddisk0\DR0 - copied to quarantine

21:49:38.0312 5560 \Device\Harddisk0\DR0 ( Backdoor.Win32.Sinowal.knf ) - User select action: Quarantine

---------- Post toegevoegd om 22:20 ---------- Vorige post was om 22:06 ----------

Kape het is om moedeloos van te worden:rofl: het paard zit er nog steeds vlgens avg.

"""De hele computer scannen"" is gestopt voordat de scan was voltooid."

"Infecties";"2";"2";"0"

"Voor scan geselecteerde mappen:";"De hele computer scannen"

"Scan is gestart:";"maandag 9 januari 2012, 14:25:33"

"Scan voltooid:";"maandag 9 januari 2012, 14:27:07 (1 min. 34 seconde (n))"

"Totaal gescande objecten:";"668"

"Gebruiker die de scan heeft gestart:";"nvt"

"Infecties"

"";"Bestand";"Infectie";"Resultaat"

"";"C:\WINDOWS\system32\services.exe (1936):\memory_010a0000";"Trojaans paard PSW.Generic9.RDX";"Object is niet toegankelijk"

"";"C:\WINDOWS\system32\services.exe (1936)";"Trojaans paard PSW.Generic9.RDX";""

Groet Ron

---------- Post toegevoegd om 22:22 ---------- Vorige post was om 22:20 ----------

Sorry Kape het wordt later ik bedoel natuurlijk deze scan.

"""De hele computer scannen"" is gestopt voordat de scan was voltooid."

"Infecties";"2";"2";"0"

"Voor scan geselecteerde mappen:";"De hele computer scannen"

"Scan is gestart:";"donderdag 12 januari 2012, 22:08:27"

"Scan voltooid:";"donderdag 12 januari 2012, 22:09:52 (1 min. 24 seconde (n))"

"Totaal gescande objecten:";"1193"

"Gebruiker die de scan heeft gestart:";"nvt"

"Infecties"

"";"Bestand";"Infectie";"Resultaat"

"";"C:\WINDOWS\system32\services.exe (1588):\memory_01170000";"Trojaans paard PSW.Generic9.RDX";"Object is niet toegankelijk"

"";"C:\WINDOWS\system32\services.exe (1588)";"Trojaans paard PSW.Generic9.RDX";""

Groet,

Ron

kape · 12 januari 2012

Laat dit bestand C:\WINDOWS\system32\services.exe eens scannen bij Jotti

potlood1 · 13 januari 2012

Laat dit bestand C:\WINDOWS\system32\services.exe eens scannen bij Jotti

Ik heb een een support aangevraagd bij AVG, bij Jotti wordt hij door geen enkele herkend Kape. Bedankt voor je hulp en ik meld me bij je wat zij aandragen:-).

groet

Ron

kape · 13 januari 2012

Prima ... hou ons op de hoogte, want het is momenteel wel iets wat meer voorkomt bij AVG-gebruikers.

kweezie wabbit · 14 januari 2012

Je gebruikt nog AVG 10.

Misschien de gelegenheid om te upgraden naar AVG 2012.

Inloggen

Trojaans Paard PSW Generic9

Aanbevolen berichten

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Belangrijke informatie