Ga naar inhoud

unicode utf reageert niet (?)


daannijsse

Aanbevolen berichten

  • Reacties 89
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatste afbeeldingen

??? Dat had ik toch al gedaan? Heb ik iets fout gedaan? Verwijderde items staan er nu weer (of nog?) in.

Goed ik ga het nog een keer doen. In de veilige modus.

inmiddels gedaan. Zie bijde logjes. 1 na de scan en 2 nadat ik (weer) items verwijderd heb (zoals in bericht 12 beschreven staat)

hijackthis logje 24-2-2012 11.50 na fix check.txt

hijackthis logje 24-2-2012 11.50.txt

aangepast door daannijsse
Link naar reactie
Delen op andere sites

Dit had je inderdaad al gedaan, maar het resultaat was niet hoe het hoorde te zijn. Ook nu is je eerste logje niet OK, maar - het goede nieuws - je tweede logje benadert bijna de perfectie. Enkel dit mag je nog doen :

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.funmoods.com/results.php?f=4&a=grupo&q={searchTerms}

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

En dan moet je weer eens aan de slag om Malwarebytes te laten scannen. Hang het logje in je volgende bericht (indien gelukt).

Link naar reactie
Delen op andere sites

Dit had je inderdaad al gedaan, maar het resultaat was niet hoe het hoorde te zijn. Ook nu is je eerste logje niet OK, maar - het goede nieuws - je tweede logje benadert bijna de perfectie. Enkel dit mag je nog doen :

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Funmoods Search

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

En dan moet je weer eens aan de slag om Malwarebytes te laten scannen. Hang het logje in je volgende bericht (indien gelukt).

Hallo Kape,

Ik heb de hijack-scan nog een keer opgeroepen en het item gefixed. Daarna heb ik weer een hijackscan laten uitvoeren. Resultaat erbij gevoegd. Staat het item er nu toch nog in?

Vervolgens heb ik weer eens op "malware" geklikt. Ik kom dan op een "majoorGeek-site" Zie bijlage. Is dat de bedoeling? Ik heb voor de rst nog niks hiermee gedaan; ik wacht even op jouw reactie of dit wel goed is.

Daan

Helaas, toen kon ik weer geen bijlages bijvoegen. Het rechterdeel van het beeld ontbreekt. Ook als ik half beeld inschakel. Bijlage invoegen gaat dus niet. Ontzettend irritant allemaal.

aangepast door daannijsse
Link naar reactie
Delen op andere sites

Hallo Kape,

inmiddels is het gelukt om malware te downloaden en te laten scannen.

Ik heb hierna weer een hijackscan gedaan. Die kopieer ik hieronder:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:07:26, on 25-2-2012

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18639)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\MAGIX\PC_Check_Tuning_2010\MxTray.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe

C:\Program Files\Citrix\ICA Client\concentr.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Citrix\ICA Client\wfcrun32.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Internet Explorer\IEUser.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ALDI - Hartelijk welkom bij ALDI

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ALDI - Hartelijk welkom bij ALDI

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Funmoods - web search results - {searchTerms}

O1 - Hosts: ::1 localhost #[iPv6]

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\17.0.963.56\npchrome_frame.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [Google EULA Launcher] C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe GE

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"

O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup

O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_15_Plus\TrayServer.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM')

O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\17.0.963.56\npchrome_frame.dll

O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\WI9130~1\Datamngr\datamngr.dll C:\PROGRA~1\WI9130~1\Datamngr\IEBHO.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe

O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

--

End of file - 9844 bytes

Kopieer het log van HijackThis dan en plak het IN je volgende bericht. Dan omzeil je het probleem met de bijlagen.

En voor Malwarebytes zal ik hier even de volledige URL zetten, misschien lukt het dan : Malwarebytes Anti-Malware - Download.com

---------- Post toegevoegd om 11:15 ---------- Vorige post was om 11:12 ----------

Hierbij mij malware log:

alwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Databaseversie: v2012.02.25.02

Windows Vista Service Pack 1 x86 NTFS

Internet Explorer 7.0.6001.18000

Daan Nijsse :: PC_VAN_DAANNIJS [administrator]

25-2-2012 10:17:59

mbam-log-2012-02-25 (10-17-59).txt

Scantype: Snelle scan

Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scanopties: P2P

Objecten gescand: 185695

Verstreken tijd: 7 minuut/minuten, 48 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 2

C:\Users\Daan Nijsse\AppData\Local\Temp\ICReinstall_sg[1].exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Daan Nijsse\AppData\Local\Temp\51099562.Uninstall\Uninstall.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

Link naar reactie
Delen op andere sites

Malwarebytes heeft zijn werk gedaan. In het logje van HijackThis is het aangeduide item nog niet verwijderd. Heb je dit als Vista-gebruiker uitgevoerd als "administrator" ? Zo niet, wil je dit nog eens herhalen en dan volgend item fixen :

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Funmoods - web search results - {searchTerms}

Download daarna ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

Ik heb opnieuw een scanlog opgeroepen met hijack en zag "R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Funmoods - web search " er niet (meer) in staan.

zie meest recente log (25-2-2012 14.50:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:55:03, on 25-2-2012

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18639)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe

C:\Program Files\Citrix\ICA Client\concentr.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Citrix\ICA Client\wfcrun32.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe

C:\Program Files\Windows Live\Mail\wlmail.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Internet Explorer\IEUser.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ALDI - Hartelijk welkom bij ALDI

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ALDI - Hartelijk welkom bij ALDI

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

O1 - Hosts: ::1 localhost #[iPv6]

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\17.0.963.56\npchrome_frame.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [Google EULA Launcher] C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe GE

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"

O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup

O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_15_Plus\TrayServer.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM')

O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\17.0.963.56\npchrome_frame.dll

O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\WI9130~1\Datamngr\datamngr.dll C:\PROGRA~1\WI9130~1\Datamngr\IEBHO.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe

O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

--

End of file - 9542 bytes

ga ik zo combofix eens proberen.

Daan

Link naar reactie
Delen op andere sites

Bij deze combofix resultaat:

ComboFix 12-02-24.02 - Daan Nijsse 25-02-2012 15:03:42.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.3325.1951 [GMT 1:00]

Gestart vanuit: c:\users\Daan Nijsse\Desktop\ComboFix.exe

AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}

SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\Windows Searchqu Toolbar

c:\program files\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll

c:\program files\Windows Searchqu Toolbar\Datamngr\datamngr.dll

c:\program files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe

c:\program files\Windows Searchqu Toolbar\Datamngr\DnsBHO.dll

c:\program files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\as_guid.dat

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\bandoocode.js

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\engines.xml

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\search.xsl

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\about.xml

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\bandoocode.js

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanel.xul

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpaneltransparent.xul

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanelwin.xul

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxprefwin.xul

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxtransparentwin.xul

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxwin.xul

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\emailnotifierproviders.xml

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\external.js

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\imeshcode.js

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\neterror.xhtml

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\vmncode.js

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\wmpstreamer.html

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\datastore.jsm

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\neterror.xhtml

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\partner.coupons.xml

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\preferences.xml

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\radiobeta.js

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\template.xml

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.htm

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.xul

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmncode.js

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmnrsswin.xml

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\tb_icon.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.xml

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget_version

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\babylon_logo.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bandoo.css

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluelite.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluesky.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn_settings.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ca.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dictionary.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\divider.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\downloadcom.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dtxlogo.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ebay.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email_on.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\facebook.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\games.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0_5.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1_5.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2_5.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3_5.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4_5.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred5.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphredna.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\grey.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ico-shield.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_radio_png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_seperator_png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_twitter.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_youtube.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\images.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\imesh.css

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\add.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\aol.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-dn.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right-disabled.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-up.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-divider.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-end.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-start.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-end.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-start.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\blank.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn_slider.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-vista.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-down-vista.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-vista.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-down-vista.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-vista.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-down-vista.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-vista.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\checkmark.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\chevron.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\collapse.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\comcast.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\dtx.css

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back-hot.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\expand.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\found.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\gmail.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_blue.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_cyan.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_lime.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_magenta.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_yellow.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\hotmail.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\ico-check.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\imap.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\loadingMid.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lock.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\logo-separator.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\mailcom.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_bg-basic.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_bar.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_white.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitem-splitter.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-down-vista.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-vista.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-vista.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-down-vista.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-vista.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\modify.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\move.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\movetarget.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\panels.css

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupAbout.css

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupGames.css

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupRSS.css

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css\dialog.css

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\bg.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-left.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-right.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\main.html

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gamecategory.xsl

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameList.xsl

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\games.xsl

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gametype.xsl

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-back.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-drag.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-download.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-news24.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-play.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-tags.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Add.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-download.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Info.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-play.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-shop.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\initHTML.html

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupGames.html

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupHTML.html

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupRSS.html

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\scroll.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\pop.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\manager.css

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\slider.css

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-radio.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\music-note.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slider.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slideron.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\track.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\managerpanel.html

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\volumeslider.html

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-buffering.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-connecting.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-playing.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-stopped.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\reload.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\remove.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rename.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\resize-box.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rss.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsschannelback.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\RSSLogo.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsstabdivider.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-left.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-right.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search-go.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\text-ellipsis.xml

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\throbber.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\toolbarsplitter.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\transparent_1px.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_02.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_03.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_04.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_06.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_07.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_08.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_09.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_10.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_11.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_12.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_13.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_15.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_16.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_18.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_19.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_20.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_21.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-hot.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-normal.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\loadingMid.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\proxy.html

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.html

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.xml

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\templateFF.html

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\throbber.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\yahoo.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lichen.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-about.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-separator.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\mail.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\maps.bmp

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\menuseparatorback.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify-save.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modifyhot.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\music.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\news.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-main.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-search.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-widgets.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\orange.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\pixsy.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\protect-id.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-buffering.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-connecting.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-playing.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-stopped.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta.ico

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\relatedlinks.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-collapse.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-delete.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-expand.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-feed.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-remove.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-rename.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-found.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-reload.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-subscribe.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rssback.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rsstopback.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search-over.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_over_png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-left.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-right.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\settings.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\shopping.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\siteinfo.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluelite.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluesky.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-grey.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-lichen.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-orange.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-yellow.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin.xml

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\technorati.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\throbber.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\toolbarsplitter.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\translate.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\video.bmp

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.css

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\weather.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\web.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\widgets-square-16px.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\wikipedia.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yahoosearch.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yellow.gif

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\youtube.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\zoom.png

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\components\windowmediator.js

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\manifest.xml

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchquband.dll

c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstall.exe

c:\program files\Windows Searchqu Toolbar\sysid.ini

c:\program files\Windows Searchqu Toolbar\uninstall.exe

c:\windows\system32\SETFB95.tmp

c:\windows\system32\SETFD6C.tmp

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-01-25 to 2012-02-25 ))))))))))))))))))))))))))))))

.

.

2012-02-25 14:12 . 2012-02-25 14:12 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-02-25 09:16 . 2012-02-25 09:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-02-25 09:16 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-02-24 18:27 . 2012-02-08 06:03 6552120 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{0776BC3E-8FA4-4D20-95EC-AC201246F502}\mpengine.dll ERROR(0x00000005)

2012-02-23 15:03 . 2008-04-04 17:34 14208 ----a-w- c:\windows\system32\drivers\disksec.sys

2012-02-23 14:49 . 2012-02-23 14:52 -------- d-----w- c:\program files\Common Files\MAGIX Services

2012-02-23 13:49 . 2001-10-31 09:14 1581056 ----a-w- c:\windows\system32\mplvw7.dll

2012-02-23 13:49 . 2001-10-31 09:14 1122304 ----a-w- c:\windows\system32\mplvpx.dll

2012-02-23 13:49 . 2001-11-19 10:33 94208 ----a-w- c:\windows\system32\lmpgvd.ax

2012-02-23 13:49 . 2001-11-19 10:33 46592 ----a-w- c:\windows\system32\lmpgad.ax

2012-02-23 13:49 . 2001-11-19 10:33 106496 ----a-w- c:\windows\system32\lmpgspl.ax

2012-02-23 13:49 . 2001-10-31 09:14 77824 ----a-w- c:\windows\system32\mplaw7.dll

2012-02-23 13:49 . 2001-10-31 09:14 77824 ----a-w- c:\windows\system32\mplaa6.dll

2012-02-23 13:49 . 2001-10-31 09:14 65536 ----a-w- c:\windows\system32\mplapx.dll

2012-02-23 13:49 . 2001-10-31 09:14 65536 ----a-w- c:\windows\system32\mplam6.dll

2012-02-23 13:49 . 2001-10-31 09:14 1650688 ----a-w- c:\windows\system32\mplva6.dll

2012-02-23 13:49 . 2001-10-31 09:14 1552384 ----a-w- c:\windows\system32\mplvm6.dll

2012-02-23 13:49 . 2001-09-17 12:20 19968 ----a-w- c:\windows\system32\cpuinf32.dll

2012-02-23 13:48 . 2012-02-23 14:14 -------- d-----w- C:\MAGIX

2012-02-23 13:48 . 2002-09-20 23:33 1089536 ----a-w- c:\windows\system32\ROBOEX32.DLL

2012-02-23 13:48 . 1999-01-28 13:44 49152 ----a-w- c:\windows\system32\INETWH32.dll

2012-02-23 13:48 . 1998-10-15 16:28 85504 ----a-w- c:\windows\system32\HtmlWH.dll

2012-02-23 13:18 . 2012-02-23 13:18 -------- d-----w- c:\program files\Hewlett-Packard

2012-02-23 13:18 . 2012-02-23 13:18 -------- d-----w- c:\program files\Common Files\Hewlett-Packard

2012-02-23 13:17 . 2012-02-23 13:21 -------- d-----w- c:\program files\Common Files\HP

2012-02-23 13:13 . 2012-02-23 13:22 -------- d-----w- c:\program files\HP

2012-02-23 13:12 . 2006-12-16 06:19 303104 ----a-w- c:\windows\system32\hpovst01.dll

2012-02-23 13:12 . 2006-11-20 21:36 258048 ----a-w- c:\windows\system32\hpzids01.dll

2012-02-23 06:56 . 2012-02-23 06:56 -------- d-----w- c:\program files\Trend Micro

2012-02-19 17:04 . 2012-02-19 17:04 -------- d-----w- c:\program files\Free Video Converter

2012-02-19 17:04 . 2012-02-24 21:58 -------- d-----w- c:\program files\Yontoo Layers Runtime

2012-02-19 17:04 . 2012-02-19 17:04 -------- d-----w- c:\program files\Funmoods

2012-02-11 12:27 . 2012-02-25 12:27 -------- d-----w- c:\program files\DealPly

2012-02-11 12:26 . 2012-02-19 17:04 1541 ----a-w- C:\user.js

2012-02-11 12:21 . 2012-02-11 12:21 -------- d-----w- c:\program files\GPLGS

2012-02-11 12:20 . 2009-11-05 07:39 87552 ----a-w- c:\windows\system32\cpwmon2k.dll

2012-02-11 12:20 . 2012-02-11 12:20 -------- d-----w- c:\program files\Acro Software

2012-02-09 17:33 . 2012-02-23 15:02 -------- d-----w- c:\program files\MAGIX

2012-02-09 17:33 . 2007-04-27 09:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll

2012-02-09 17:32 . 2012-02-23 14:14 -------- d-----w- c:\windows\system32\MAGIX

2012-02-09 17:32 . 2008-04-15 15:14 700416 ----a-w- c:\windows\system32\mgxoschk.dll

2012-02-07 19:48 . 2012-02-07 19:48 -------- d-----w- c:\program files\Microsoft Analysis Services

2012-02-07 08:09 . 2012-02-07 08:09 -------- d-----w- c:\program files\Citrix

2012-02-04 22:21 . 2009-11-08 09:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2012-02-04 22:21 . 2009-11-08 09:55 49472 ----a-w- c:\windows\system32\netfxperf.dll

2012-02-04 22:21 . 2009-11-08 09:55 297808 ----a-w- c:\windows\system32\mscoree.dll

2012-02-04 22:21 . 2009-11-08 09:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2012-02-04 22:21 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll

2012-02-04 15:57 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-02-04 15:57 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-02-04 15:57 . 2011-11-28 17:54 111320 ----a-w- c:\windows\system32\drivers\aswFW.sys

2012-02-04 15:55 . 2011-11-28 17:53 195416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys

2012-02-04 15:55 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2012-02-04 15:55 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-02-04 15:55 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-02-04 15:55 . 2011-11-28 17:52 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-02-04 15:54 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr

2012-02-04 15:54 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe

2012-02-04 15:54 . 2011-11-28 17:26 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys

2012-02-04 15:53 . 2012-02-04 15:53 -------- d-----w- c:\program files\AVAST Software

2012-02-04 14:01 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll

2012-02-04 14:01 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll

2012-02-04 14:01 . 2009-08-24 12:16 378368 ----a-w- c:\windows\system32\winhttp.dll

2012-02-04 07:31 . 2011-03-03 14:56 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2012-02-04 07:31 . 2011-03-03 13:01 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2012-02-04 03:30 . 2010-04-14 17:46 80896 ----a-w- c:\windows\system32\MSNP.ax

2012-02-04 03:30 . 2010-04-14 17:47 293376 ----a-w- c:\windows\system32\psisdecd.dll

2012-02-04 03:30 . 2010-04-14 17:47 217088 ----a-w- c:\windows\system32\psisrndr.ax

2012-02-04 03:23 . 2010-02-12 10:48 293376 ----a-w- c:\windows\system32\browserchoice.exe

2012-02-04 03:22 . 2012-02-04 03:22 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help

2012-02-04 03:13 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll

2012-02-04 03:13 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2012-02-04 03:13 . 2008-06-20 01:14 37384 ----a-w- c:\windows\system32\infocardcpl.cpl

2012-02-04 03:13 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll

2012-02-04 03:13 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe

2012-02-04 03:13 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll

2012-02-04 03:09 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll

2012-02-04 03:09 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll

2012-02-04 03:07 . 2010-02-20 23:39 24064 ----a-w- c:\windows\system32\nshhttp.dll

2012-02-04 03:07 . 2010-02-20 21:18 411136 ----a-w- c:\windows\system32\drivers\http.sys

2012-02-04 03:07 . 2010-02-20 23:37 31232 ----a-w- c:\windows\system32\httpapi.dll

2012-02-04 03:06 . 2010-09-20 09:25 231936 ----a-w- c:\windows\system32\msshsq.dll

2012-02-04 03:04 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll

2012-02-04 02:13 . 2011-02-22 12:51 69632 ----a-w- c:\windows\system32\drivers\bowser.sys

2012-02-04 02:12 . 2011-02-16 15:35 430080 ----a-w- c:\windows\system32\vbscript.dll

2012-02-04 00:43 . 2012-01-29 04:10 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-02-03 20:30 . 2012-02-03 20:30 -------- d-----w- c:\program files\Common Files\Deterministic Networks

2012-02-03 20:30 . 2012-02-03 20:30 -------- d-----w- c:\program files\Cisco Systems

2012-02-03 17:55 . 2012-02-03 17:55 -------- d-----w- c:\program files\Microsoft Sync Framework

2012-02-03 17:54 . 2012-02-03 17:54 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

2012-02-03 17:52 . 2012-02-23 11:18 -------- d-----w- c:\program files\Microsoft

2012-02-03 17:52 . 2012-02-03 17:52 -------- d-----w- c:\program files\Windows Live SkyDrive

2012-02-03 17:52 . 2012-02-04 07:30 -------- d-----w- c:\program files\Windows Live

2012-02-03 17:46 . 2012-02-03 17:46 -------- d-----w- c:\program files\Common Files\Windows Live

2012-02-03 17:32 . 2009-12-23 12:43 171520 ----a-w- c:\windows\system32\wintrust.dll

2012-02-03 17:32 . 2010-01-15 00:04 98304 ----a-w- c:\windows\system32\cabview.dll

2012-02-03 17:30 . 2012-02-23 13:15 -------- d-----w- c:\users\Daan Nijsse

2012-02-03 17:30 . 2006-10-05 02:42 2560 ------w- c:\windows\system32\drivers\cdralw2k.sys

2012-02-03 17:30 . 2006-10-05 02:42 2432 ------w- c:\windows\system32\drivers\cdr4_xp.sys

2012-02-03 17:30 . 2012-02-12 15:25 -------- d-----w- c:\program files\Picasa2

2012-02-03 17:29 . 2012-02-08 21:12 -------- d-----w- c:\program files\Google

2012-02-03 17:27 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll

2012-02-03 17:27 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe

2012-02-03 17:27 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll

2012-02-03 17:27 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll

2012-02-03 17:26 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll

2012-02-03 17:26 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll

2012-02-03 17:26 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll

2012-02-03 17:26 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll

2012-02-03 17:26 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-02-03 17:25 . 2012-02-03 17:25 -------- d-sh--we c:\users\Default\Sjablonen

2012-02-03 17:25 . 2012-02-03 17:25 -------- d-sh--we c:\users\Default\Netwerkprinteromgeving

2012-02-03 17:25 . 2012-02-03 17:25 -------- d-sh--we c:\users\Default\Mijn documenten

2012-02-03 17:25 . 2012-02-03 17:25 -------- d-sh--we c:\users\Default\Menu Start

2012-02-03 17:25 . 2012-02-03 17:25 -------- d-sh--we c:\users\Default\AppData\Local\Geschiedenis

2012-02-03 17:20 . 2008-01-21 02:23 89600 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-02-08 06:03 . 2008-11-26 13:47 6552120 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll ERROR(0x00000005)

2012-01-12 00:19 . 2012-01-12 00:19 4448256 ----a-w- c:\windows\system32\GPhotos.scr

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-02-03 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-12-02 6695456]

"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2008-12-02 1833504]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2012-02-03 30192]

"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-10-14 20480]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]

"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-01-17 232616]

"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-03-10 300400]

"TrayServer"="c:\program files\MAGIX\Video_deluxe_15_Plus\TrayServer.exe" [2008-09-10 90112]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - cpuz132

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Inhoud van de 'Gedeelde Taken' map

.

2012-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-03 17:48]

.

2012-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-02-03 17:48]

.

2012-02-25 c:\windows\Tasks\PCCT - MAGIX AG.job

- c:\program files\MAGIX\PC_Check_Tuning_2010\MxTray.exe [2012-02-23 12:28]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.nl/

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.2.1

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-10 - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

AddRemove-Windows Searchqu Toolbar - c:\program files\Windows Searchqu Toolbar\uninstall.exe

AddRemove-_{ADDBE07D-95B8-4789-9C76-187FFF9624B4} - c:\program files\Corel\CorelDRAW Essential Edition 3\Programs\MSILauncher {ADDBE07D-95B8-4789-9C76-187FFF9624B4}

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-02-25 15:13

Windows 6.0.6001 Service Pack 1 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Windows 6.0.6001 Disk: WDC_WD64 rev.05.0 -> Harddisk0\DR0 -> \Device\00000067

.

device: opened successfully

user: MBR read successfully

kernel: MBR read successfully

user != kernel MBR !!!

error: Read Er zijn onvoldoende systeembronnen beschikbaar om aan de aanvraag te voldoen.

.

**************************************************************************

.

Voltooingstijd: 2012-02-25 15:18:46

ComboFix-quarantined-files.txt 2012-02-25 14:18

.

Pre-Run: 485.785.464.832 bytes beschikbaar

Post-Run: 490.745.266.176 bytes beschikbaar

.

- - End Of File - - 20AE7AF2ED25834433B567166CD59C89

Link naar reactie
Delen op andere sites

Combofix heeft al flink wat rotzooi van de PC gehaald. Dit mag je verder nog uitvoeren :

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

C:\user.js

c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

Folder::

c:\program files\Yontoo Layers Runtime

c:\program files\Funmoods

c:\program files\DealPly

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.