Problemen met verwijderen Ad-Aware

diana 17 juli 2011, 08:02

Beste deskundigen,
Ik krijg met geen mogelijkheid Ad-Aware uit het register of uit mijn computer.
Is het mogelijk om via een Hijack-thislog de registerwaarden of andere overblijfsels van Ad-aware te verwijderen? Zien jullie sowieso iets van Ad-Aware?
Hieronder mijn log:
Alvast hartelijk bedankt.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:00:35, on 17-7-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ezSP_Px.exe
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Brownie\BrstsWnd.exe
C:\Program Files\Andrea Electronics\AudioCommander\AudioCommander.exe
C:\Program Files\Andrea Electronics\AudioCommander\AEFltrs.exe
C:\Program Files\Andrea Electronics\VoiceCenter\AndreaVC.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
C:\Program Files\Brownie\brpjp04a.exe
C:\Program Files\Creative\Software Update 3\SoftAuto.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WebNoti\WebNoti.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe Autorun
O4 - HKLM\..\Run: [AudioCommander] "C:\Program Files\Andrea Electronics\AudioCommander\AudioCommander.exe" /tray
O4 - HKLM\..\Run: [AEFltrs] "C:\Program Files\Andrea Electronics\AudioCommander\AEFltrs.exe" /NoDlg
O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Andrea Electronics\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [JWOSetup] JWOSetup.exe -en
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTZDetec.exe] "C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe"
O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WebNoti] C:\Program Files\WebNoti\WebNoti.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.paradigit.nl
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15031/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} - http://static.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1124110007421
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15111/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\WINDOWS\system32\HPZipm12.exe (file missing)
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
--
End of file - 11118 bytes

Antwoord niet gevonden? Stel hier je vraag:

Stupendous Man 17 juli 2011, 12:50

Hai Diana,
Allereerst deze vraag:
Heb je inmiddels wel geprobeerd Ad-Aware goed te verwijderen op de manier die je eerder aangereikt werd?
"Hoe Ad-Aware verwijderen"
http://forum.computertotaal.nl/phpBB2/viewtopic.php?p=1458032#1458032
Korte weergave daarvan:
- herinstalleren Ad-Aware
- herstarten
- deïnstalleren (d.m.v. Revo Uninstaller)
- eventueel resterend Ad-Aware opstart-item verwijderen d.m.v. CCleaner
- register-check met CCleaner
Eerder in die thread gaf je aan dat je niet zo'n zin had om Ad-Aware opnieuw te installeren om 'm daarna schoon te kunnen verwijderen.
Heb je dat uiteindelijk toch nog uitgevoerd, of niet? Je hebt daar niets meer over vermeld in die thread.
Zo niet, dan lijkt me dat nog steeds aan te raden.
Wat betreft je bovenstaande logfile -
ik herken daarin geen Ad-Aware elementen, maar ik ben geen HijackThis deskundige.
Ik hoop dat een deskundige zoals Abraham die log nog even wil nakijken.

diana 17 juli 2011, 16:20

Stupendous Man:
Hai Diana,
Allereerst deze vraag:
Heb je inmiddels wel geprobeerd Ad-Aware goed te verwijderen op de manier die je eerder aangereikt werd?
"Hoe Ad-Aware verwijderen"
http://forum.computertotaal.nl/phpBB2/viewtopic.php?p=1458032#1458032
Korte weergave daarvan:
- herinstalleren Ad-Aware
- herstarten
- deïnstalleren (d.m.v. Revo Uninstaller)
- eventueel resterend Ad-Aware opstart-item verwijderen d.m.v. CCleaner
- register-check met CCleaner
Eerder in die thread gaf je aan dat je niet zo'n zin had om Ad-Aware opnieuw te installeren om 'm daarna schoon te kunnen verwijderen.
Heb je dat uiteindelijk toch nog uitgevoerd, of niet? Je hebt daar niets meer over vermeld in die thread.
Zo niet, dan lijkt me dat nog steeds aan te raden.
Wat betreft je bovenstaande logfile -
ik herken daarin geen Ad-Aware elementen, maar ik ben geen HijackThis deskundige.
Ik hoop dat een deskundige zoals Abraham die log nog even wil nakijken.

Hoi,
Ik heb Ad-Aware niet opnieuw geïnstalleerd omdat ik eerst op het forum van Ad-Aware zelf wilde vragen of zij een oplossing wisten. Daar staat ook een bericht van iemand die opnieuw geinstalleerd heeft en daarna probeerde te verwijderen, wat niet werkte. Ik ben gewoon benieuwd of in dit log iets te vinden is van Ad-aware.

Stupendous Man 17 juli 2011, 16:39

Ah, dank je, Diana.
Het in geval van een mislukte (de)installatie herinstalleren van het betreffende programma om het vervolgens op de juiste wijze te kunnen verwijderen, is een algemeen trucje.
In jouw geval, waarin het programma blijkbaar onvolledig verwijderd was, en je daarna handmatig elementen hebt verwijderd, is het herinstalleren+ deïnstalleren een aanpak die zou kunnen werken.
Waarom die aanpak bij diegene op het Ad-Aware forum niet werkte, daarover kan ik niets zinnigs zeggen zonder dat ik die situatie ken.
Heeft diegene duidelijk aangegeven wat er in zijn/haar geval fout gegaan was en wat er daarna nog allemaal is geprobeerd? Is die situatie wel vergelijkbaar met de jouwe?
Kun je eventueel een directe link geven naar dat specifieke bericht in die forum-thread?
Wat ik niet goed begrijp is waarom je zo huiverig lijkt voor het uitproberen van dat herinstalleren+ deïnstalleren.
Zou de deïnstallatie in jouw geval daarmee lukken, dan ben je praktisch klaar, op eventueel nog een aantal handelingen met CCleaner na.
Lukt het deïnstalleren op die manier onverhoopt niet, dan ben je nog precies waar je was.

Abraham54 17 juli 2011, 18:16

Hoi Diana, je hebt malware in jouw Windows!
Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:
[color=Blue:b1eebe5c80][list:b1eebe5c80][*:b1eebe5c80]Lees alle instrukties goed door.
[*:b1eebe5c80]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat serieuze problemen in Windows veroorzaken.
[*:b1eebe5c80]Onthou je van het gebruik van tools cq. updates anders dan die ik jou adviseer te gebruiken.
[*:b1eebe5c80]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken.
[*:b1eebe5c80]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht.
[*:b1eebe5c80]De fix, eenmaal gestart, moet afgewerkt worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:b1eebe5c80][/color:b1eebe5c80]
[color=#FF0000:b1eebe5c80]Stap •1•[/color:b1eebe5c80]
Sluit alle openstaande webvensters - behalve dit venster, dat je sluit voor het moment, dat je op de knop Fix checked klikt!
Start nu HijackThis en klik op de knop Do a Scan only,
O4 - HKCU\..\Run: [WebNoti] C:\Program Files\WebNoti\WebNoti.exe

[list:b1eebe5c80][*:b1eebe5c80] zet een vinkje voor die regel(s) welke met de bovenstaande regels corresponderen
[*:b1eebe5c80] Sluit nu de webbrowser en vervolgens klik je daarna op de knop Fix checked
[*:b1eebe5c80] Klik hierna HijackThis op uit.[/list:u:b1eebe5c80]
Start de computer na de fix opnieuw op
[color=#FF0000:b1eebe5c80]Stap •2•[/color:b1eebe5c80]
Welk programma: Microsoft Safety Scanner
Waarvoor/waarom: specialistische scanner van Microsoft om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
Moeilijkheidsgraad: geen.

Opmerking: Microsoft Safety Scanner verloopt 10 dagen nadat het is gedownload.
Als u opnieuw een scan wilt uitvoeren met de nieuwste definities ter voorkoming van schadelijke software,
downloadt u Microsoft Safety Scanner opnieuw en voert u het opnieuw uit.

Dowload de Microsoft Safety Scanner hier.
Windows 2000 en Windows XP: start Microsoft's Safety Scanner middels dubbelklik op de snelkoppeling.
Windows Vista en Windows 7: start Microsoft's Safety Scanner middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.
Zet vervolgens een vinkje bij "Ik accepteer de voorwaarden van de bovenstaande gebruiksovereenkomst".
Scannen:
[list:b1eebe5c80][*:b1eebe5c80] Bij het starten van 'Microsoft's Safety Scanner', klik op de knop "Volgende", vervolgens kies je voor 'Snelle Scan'.
[*:b1eebe5c80]Het scannen duurt wel even, dus wees geduldig.[/list:u:b1eebe5c80]
[color=#FF0000:b1eebe5c80]Stap •3•[/color:b1eebe5c80]
Welk programma: Malwarebytes MBAM
Waarvoor/waarom: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
Moeilijkheidsgraad: geen.
Download Malwarebytes MBAM via één van deze locaties:
[list:b1eebe5c80][*:b1eebe5c80]Download.com
[*:b1eebe5c80]Softpedia.com[*:b1eebe5c80]Majorgeeks.com[/list:u:b1eebe5c80]
Allereerst:[list:b1eebe5c80][*:b1eebe5c80] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus.
[*:b1eebe5c80] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'!
[/list:u:b1eebe5c80]
Malwarebytes MBAM opstarten:
Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling.
Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.
[list:b1eebe5c80][*:b1eebe5c80]Let op:
[list:b1eebe5c80][*:b1eebe5c80]Malwarebytes verstrekt nu de volledige versie van MBAM.
[*:b1eebe5c80]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie.
[*:b1eebe5c80]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken.
[*:b1eebe5c80]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:b1eebe5c80][/list:u:b1eebe5c80]

[list:b1eebe5c80][*:b1eebe5c80]Doe ook nog het volgende:
[list:b1eebe5c80][*:b1eebe5c80]Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
[*:b1eebe5c80]Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".[/list:u:b1eebe5c80][/list:u:b1eebe5c80]
Scannen:
[list:b1eebe5c80][*:b1eebe5c80] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
[*:b1eebe5c80]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
[*:b1eebe5c80]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:b1eebe5c80]
Infecties gevonden:
[list:b1eebe5c80][*:b1eebe5c80]Klik nu eerst op OK om de melding weg te klikken
[*:b1eebe5c80]Klik vervolgens rechtsonder op de knop Bekijk resultaten.
[*:b1eebe5c80]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
[*:b1eebe5c80]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
[*:b1eebe5c80]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
[*:b1eebe5c80]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:b1eebe5c80]
MBAM-Log:
[list:b1eebe5c80][*:b1eebe5c80] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:b1eebe5c80]
Post aansluitend in je volgende bericht de inhoud van het MBAM-log.
[color=#FF0000:b1eebe5c80]Stap •4•[/color:b1eebe5c80]
Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:
[list:b1eebe5c80][*:b1eebe5c80] een nieuw Hijackthis-log
[*:b1eebe5c80] MBAM scanlog[/list:u:b1eebe5c80]

Stupendous Man 17 juli 2011, 20:09

Dank je zeer, Abraham.
Hoe zou het toch moeten zonder jouw deskundigheid..!!
Een vraag nog:
In Diana's andere thread, "Hoe Ad-Aware verwijderen" http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=213700 geeft Diana aan dat ze al heeft gescand met MBAM maar dat die niets vond.
Is het de combinatie van opeenvolgend HijackThis, Microsoft Safety Scanner en MBAM waardoor er voor MBAM mogelijk toch wat op te ruimen valt?
Of zet je MBAM voor de zekerheid nog in, onder het motto better safe than sorry?
Overigens lijkt dit geval weer eens akelig duidelijk te laten zien hoe zelfs een combinatie van een antivirusprogramma en MBAM malware over het hoofd kan zien, en hoe je een deskundige nodig hebt die een HijackThis-log kan interpreteren om een goede diagnose te kunnen stellen en het probleem te verhelpen.

diana 17 juli 2011, 21:18

Wat is precies het probleem met webnotify.exe? Ik kan er op internet niet veel over vinden.
Tot nu toe reageert computer goed en de windowsscanner heeft niets gevonden. MBAM is nu bezig. 'Sluit explorer af tijdens verwijderen etc' is al automatisch aangevinkt bij instellingen.
De MBAM was uitermate snel dit keer:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Databaseversie: 7176
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
17-7-2011 21:44:45
mbam-log-2011-07-17 (21-44-45).txt
Scantype: Snelle scan
Objecten gescand: 182794
Verstreken tijd: 2 minuut/minuten, 44 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:47:49, on 17-7-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ezSP_Px.exe
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Brownie\BrstsWnd.exe
C:\Program Files\Andrea Electronics\AudioCommander\AudioCommander.exe
C:\Program Files\Andrea Electronics\AudioCommander\AEFltrs.exe
C:\Program Files\Andrea Electronics\VoiceCenter\AndreaVC.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Brownie\brpjp04a.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
C:\Program Files\Creative\Software Update 3\SoftAuto.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\WebNoti\WebNoti.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe Autorun
O4 - HKLM\..\Run: [AudioCommander] "C:\Program Files\Andrea Electronics\AudioCommander\AudioCommander.exe" /tray
O4 - HKLM\..\Run: [AEFltrs] "C:\Program Files\Andrea Electronics\AudioCommander\AEFltrs.exe" /NoDlg
O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Andrea Electronics\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [JWOSetup] JWOSetup.exe -en
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTZDetec.exe] "C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe"
O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.paradigit.nl
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15031/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} - http://static.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1124110007421
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15111/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\WINDOWS\system32\HPZipm12.exe (file missing)
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing)
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
--
End of file - 11000 bytes

Stupendous Man 17 juli 2011, 22:27

diana:
Wat is precies het probleem met webnotify.exe? Ik kan er op internet niet veel over vinden.
Deze informatie van Prevx is de enige informatie die ik vind die er wat noemenswaardigs over zegt.
Prevx benoemt WebNoti.exe als adware:
http://www.prevx.com/filenames/34491167388258580-X1/WEBNOTI.EXE.html
Overigens zie ik in je HijackThis-log WebNoti.exe nu niet meer in het register,
maar nog wel in C:\Program Files\WebNoti\WebNoti.exe staan.
Abraham kan ongetwijfeld aangeven wat je daar nog mee moet doen.
Enne... mogelijk was het dus geen stukje Ad-Aware dat de kop op bleef steken, maar iets dat door die WebNoti.exe adware werd gepresenteerd?

diana 17 juli 2011, 22:56

Stupendous Man:
[quote:a21d903c80="diana"]Wat is precies het probleem met webnotify.exe? Ik kan er op internet niet veel over vinden.
Deze informatie van Prevx is de enige informatie die ik vind die er wat noemenswaardigs over zegt.
Prevx benoemt WebNoti.exe als adware:
http://www.prevx.com/filenames/34491167388258580-X1/WEBNOTI.EXE.html
Overigens zie ik in je HijackThis-log WebNoti.exe nu niet meer in het register,
maar nog wel in C:\Program Files\WebNoti\WebNoti.exe staan.
Abraham kan ongetwijfeld aangeven wat je daar nog mee moet doen.
Enne... mogelijk was het dus geen stukje Ad-Aware dat de kop op bleef steken, maar iets dat door die WebNoti.exe adware werd gepresenteerd?[/quote:a21d903c80]
Ik zie het al. Webnoti is van Paiq. Dat is een datingsite.
Ik zal Paiq informeren dat hun notifier te boek staat als zijnde malware.
Aan Ad-aware is niks veranderd, staat nog steeds bij Software en is goed voor 25 Mb

Stupendous Man 17 juli 2011, 23:48

diana:
Ik zie het al. Webnoti is van Paiq. Dat is een datingsite.
Ik zal Paiq informeren dat hun notifier te boek staat als zijnde malware.
Ah, is die WebNoti.exe dan werkelijk wel als adware te beschouwen?
Doet het iets ongewensts op je computer?
Of is het een item dat je nodig hebt voor paiq?
diana:
Aan Ad-aware is niks veranderd, staat nog steeds bij Software en is goed voor 25 Mb
Dan geldt daarvoor in principe nog wat eerder al is aangegeven over de deïnstallatie daarvan.
Geef, zoals ik vanmiddag al voorstelde, eventueel gerust nog de directe link naar dat specifieke bericht over deïnstallatie-problemen in die Ad-Aware forum-thread, als je wilt dat ik/we even meedenk(en).

Abraham54 18 juli 2011, 00:37

Hoi Diana, om het volgende te doen, dient AVG eerst gedeïnstalleerd te worden!
AVG Remover (32-bits) 2011: http://download.avg.com/filedir/util/support/avg_remover_stf_x86_2011_1322.exe
Na de herstart van jouw PC het volgende:
Welk programma: ComboFix
Waarvoor/waarom: Zeer specialistische scanner om Windows diepgaand te onderzoeken
en zo mogelijk op te schonen.
Moeilijkheidsgraad: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden!
Download ComboFix via één van deze locaties:
[list:fbde7574bb][*:fbde7574bb]Bleepingcomputer
[*:fbde7574bb]ForoSpyware
[*:fbde7574bb]Geekstogo[/list:u:fbde7574bb]
Hier zie je hoe je ComboFix moet gebruiken.
Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.
Voor alle duidelijkheid nogmaals: ComboFix dient vanaf het bureaublad gestart te worden.
Opmerkingen:
[list:fbde7574bb][*:fbde7574bb] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
[*:fbde7574bb]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
[*:fbde7574bb]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:fbde7574bb]
ComboFix is opgestart:
[list:fbde7574bb][*:fbde7574bb]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
[*:fbde7574bb]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
[*:fbde7574bb]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
[*:fbde7574bb]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
[*:fbde7574bb]Post de inhoud van dit logbestand in je volgende bericht.
[*:fbde7574bb]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:fbde7574bb]
Belangrijke opmerking:
[list:fbde7574bb][*:fbde7574bb][color=Red:fbde7574bb]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:fbde7574bb]
[*:fbde7574bb]Illegal operation attempted on a registery key that has been marked for deletion.
[*:fbde7574bb][color=Red:fbde7574bb]Start dan de computer opnieuw op.[/color:fbde7574bb][/list:u:fbde7574bb]
Hierna nog niet AVG herinstalleren!

diana 18 juli 2011, 06:11

ComboFix 11-07-17.03 - gebruiker 18-07-2011 5:56.17.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1505 [GMT 2:00]
Gestart vanuit: c:\documents and settings\gebruiker\Bureaublad\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator.UW-C5C0C24F5CAE\WINDOWS
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\gebruiker\WINDOWS
c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\cc_20091121_104648.reg
c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\cc_20091121_225929.reg
c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\cc_20091125_133353.reg
c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\cc_20091125_134029.reg
c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\cc_20091125_134500.reg
c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\cc_20091129_163004.reg
c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\cc_20100118_194705.reg
c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\cc_20100128_161838.reg
c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\desktop.ini
c:\windows\IsUn0413.exe
c:\windows\system32\config\systemprofile\WINDOWS
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-06-18 to 2011-07-18 ))))))))))))))))))))))))))))))
.
.
2011-07-17 06:28 . 2011-07-17 17:20 -------- d--h--r- c:\documents and settings\gebruiker\Onlangs geopend
2011-07-08 12:08 . 2011-07-08 12:08 -------- d-----w- c:\documents and settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-07-08 12:02 . 2011-07-08 12:02 -------- d-----w- c:\program files\Uniblue
2011-07-08 12:02 . 2011-07-08 12:02 -------- d-----w- c:\documents and settings\gebruiker\Local Settings\Application Data\PackageAware
2011-07-08 09:30 . 2011-07-08 09:30 -------- d-----w- c:\program files\VS Revo Group
2011-07-07 10:15 . 2011-07-07 10:15 -------- d-----w- c:\program files\Common Files\Java
2011-06-29 18:39 . 2011-06-29 18:39 -------- d-----w- c:\documents and settings\gebruiker\Application Data\Ambient Design
2011-06-29 18:39 . 2011-06-29 18:39 -------- d-----w- c:\program files\Ambient Design
2011-06-27 14:18 . 2011-06-29 18:35 -------- d-----w- c:\documents and settings\gebruiker\Application Data\inkscape
2011-06-27 14:01 . 2008-04-14 17:02 116736 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2011-06-27 14:01 . 2001-09-06 19:27 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2011-06-27 14:01 . 2008-04-14 17:02 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2011-06-27 14:01 . 2001-09-06 19:27 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2011-06-27 14:01 . 2001-09-06 19:27 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2011-06-27 14:00 . 2001-09-06 19:27 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2011-06-27 14:00 . 2001-08-17 18:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2011-06-27 14:00 . 2004-08-03 20:29 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2011-06-27 14:00 . 2004-08-03 20:29 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2011-06-27 14:00 . 2008-04-13 18:36 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2011-06-27 14:00 . 2004-08-03 20:31 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2011-06-27 14:00 . 2001-09-06 17:08 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2011-06-27 14:00 . 2001-08-17 19:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2011-06-27 14:00 . 2001-09-06 19:27 54272 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2011-06-27 14:00 . 2001-09-06 19:27 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2011-06-27 13:58 . 2001-08-17 19:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys
2011-06-27 13:58 . 2001-08-17 19:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys
2011-06-27 13:58 . 2001-08-17 19:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys
2011-06-27 13:58 . 2001-08-17 19:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2011-06-27 13:58 . 2001-08-17 19:28 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys
2011-06-27 13:58 . 2001-08-17 19:28 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys
2011-06-27 13:58 . 2001-08-17 19:28 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys
2011-06-27 13:58 . 2001-08-17 19:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys
2011-06-27 13:58 . 2004-08-03 22:55 32384 -c--a-w- c:\windows\system32\dllcache\usb101et.sys
2011-06-27 13:58 . 2001-09-06 19:27 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll
2011-06-27 13:58 . 2001-09-06 19:27 28160 -c--a-w- c:\windows\system32\dllcache\umaxu40.dll
2011-06-27 13:58 . 2001-09-06 19:27 26624 -c--a-w- c:\windows\system32\dllcache\umaxu22.dll
2011-06-27 13:57 . 2001-09-06 19:27 69632 -c--a-w- c:\windows\system32\dllcache\umaxu12.dll
2011-06-27 13:57 . 2001-09-06 19:27 50688 -c--a-w- c:\windows\system32\dllcache\umaxscan.dll
2011-06-27 13:57 . 2001-08-17 19:58 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys
2011-06-27 13:57 . 2001-09-06 19:27 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll
2011-06-27 13:57 . 2001-09-06 19:27 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2011-06-27 13:57 . 2001-09-06 19:27 212480 -c--a-w- c:\windows\system32\dllcache\um54scan.dll
2011-06-27 13:57 . 2001-09-06 19:27 216576 -c--a-w- c:\windows\system32\dllcache\um34scan.dll
2011-06-27 13:57 . 2001-08-17 19:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys
2011-06-27 13:57 . 2001-08-17 18:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys
2011-06-27 13:57 . 2001-09-06 19:27 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll
2011-06-27 13:56 . 2001-08-17 18:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys
2011-06-27 13:56 . 2001-09-06 19:26 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll
2011-06-27 13:56 . 2001-08-17 18:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys
2011-06-27 13:56 . 2001-09-06 19:26 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2011-06-27 13:56 . 2001-08-17 18:12 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys
2011-06-27 13:56 . 2001-09-06 19:26 43008 -c--a-w- c:\windows\system32\dllcache\tp4res.dll
2011-06-27 13:56 . 2008-04-14 17:03 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe
2011-06-27 13:56 . 2001-09-06 19:27 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll
2011-06-27 13:56 . 2001-08-17 20:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2011-06-27 13:56 . 2001-08-17 20:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys
2011-06-27 13:56 . 2001-08-17 18:10 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys
2011-06-27 13:55 . 2001-08-17 18:14 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys
2011-06-27 13:55 . 2001-08-17 18:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2011-06-27 13:55 . 2001-09-06 19:26 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll
2011-06-27 13:55 . 2008-04-13 18:40 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys
2011-06-27 13:55 . 2001-08-17 18:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys
2011-06-27 13:55 . 2001-08-17 18:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys
2011-06-27 13:55 . 2001-08-17 19:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys
2011-06-27 13:55 . 2001-08-17 19:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys
2011-06-27 13:55 . 2001-08-17 18:50 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys
2011-06-27 13:55 . 2001-09-06 19:26 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll
2011-06-27 13:55 . 2001-09-06 19:27 94293 -c--a-w- c:\windows\system32\dllcache\sxports.dll
2011-06-27 13:54 . 2001-08-17 19:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2011-06-27 13:54 . 2001-08-17 20:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys
2011-06-27 13:54 . 2001-09-06 19:27 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll
2011-06-27 13:54 . 2001-09-06 19:27 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll
2011-06-27 13:54 . 2001-09-06 19:27 53760 -c--a-w- c:\windows\system32\dllcache\sw_wheel.dll
2011-06-27 13:54 . 2001-09-06 19:27 41472 -c--a-w- c:\windows\system32\dllcache\sw_effct.dll
2011-06-27 13:54 . 2001-09-06 19:27 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll
2011-06-27 13:54 . 2001-09-06 19:27 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll
2011-06-27 13:54 . 2001-09-06 16:20 286432 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2011-06-27 13:54 . 2001-09-06 16:19 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys
2011-06-27 13:54 . 2001-08-17 18:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2011-06-27 13:53 . 2001-09-06 19:27 99840 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2011-06-27 13:53 . 2001-09-06 19:27 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll
2011-06-27 13:53 . 2001-08-17 19:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2011-06-27 13:53 . 2001-09-06 19:27 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll
2011-06-27 13:53 . 2001-08-17 19:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2011-06-27 13:53 . 2001-08-17 18:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys
2011-06-27 13:53 . 2001-09-06 19:27 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2011-06-27 13:53 . 2001-08-17 18:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys
2011-06-27 13:53 . 2001-08-17 19:53 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys
2011-06-27 13:53 . 2008-04-13 18:40 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys
2011-06-27 13:53 . 2004-08-04 12:00 143422 -c--a-w- c:\windows\system32\dllcache\softkey.dll
2011-06-27 13:53 . 2001-08-17 19:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2011-06-27 13:52 . 2001-08-17 18:51 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys
2011-06-27 13:52 . 2001-09-06 19:26 147200 -c--a-w- c:\windows\system32\dllcache\smidispb.dll
2011-06-27 13:52 . 2001-08-17 18:12 25034 -c--a-w- c:\windows\system32\dllcache\smcpwr2n.sys
2011-06-27 13:52 . 2001-09-06 18:56 36425 -c--a-w- c:\windows\system32\dllcache\smcirda.sys
2011-06-27 13:52 . 2001-08-17 18:12 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys
2011-06-27 13:52 . 2001-08-17 19:57 6784 -c--a-w- c:\windows\system32\dllcache\smbhc.sys
2011-06-27 13:52 . 2008-04-13 18:36 6912 -c--a-w- c:\windows\system32\dllcache\smbclass.sys
2011-06-27 13:52 . 2008-04-13 18:36 16000 -c--a-w- c:\windows\system32\dllcache\smbbatt.sys
2011-06-27 13:52 . 2001-09-06 19:27 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll
2011-06-27 13:52 . 2001-09-06 19:27 33792 -c--a-w- c:\windows\system32\dllcache\smb0w.dll
2011-06-27 13:52 . 2001-09-06 19:27 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll
2011-06-27 13:51 . 2001-09-06 19:27 28160 -c--a-w- c:\windows\system32\dllcache\sm91w.dll
2011-06-27 13:51 . 2004-08-03 20:31 63547 -c--a-w- c:\windows\system32\dllcache\sla30nd5.sys
2011-06-27 13:51 . 2001-08-17 18:12 91294 -c--a-w- c:\windows\system32\dllcache\skfpwin.sys
2011-06-27 13:51 . 2001-09-06 18:53 95146 -c--a-w- c:\windows\system32\dllcache\sk98xwin.sys
2011-06-27 13:51 . 2001-09-06 19:26 157696 -c--a-w- c:\windows\system32\dllcache\sisv256.dll
2011-06-27 13:51 . 2001-08-17 18:50 50432 -c--a-w- c:\windows\system32\dllcache\sisv.sys
2011-06-27 13:51 . 2001-09-06 19:27 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll
2011-06-27 13:51 . 2001-08-17 18:50 104064 -c--a-w- c:\windows\system32\dllcache\sisgrp.sys
2011-06-27 13:51 . 2001-09-06 19:26 150144 -c--a-w- c:\windows\system32\dllcache\sis6306v.dll
2011-06-27 13:51 . 2001-08-17 18:50 68608 -c--a-w- c:\windows\system32\dllcache\sis6306p.sys
2011-06-27 13:51 . 2001-09-06 18:49 161760 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
2011-06-27 13:50 . 2001-07-21 20:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2011-06-27 13:50 . 2001-08-17 18:51 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys
2011-06-27 13:50 . 2001-09-06 19:26 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll
2011-06-27 13:50 . 2001-08-17 18:19 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys
2011-06-27 13:50 . 2001-09-06 18:47 6912 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2011-06-27 13:50 . 2001-09-06 18:47 18176 -c--a-w- c:\windows\system32\dllcache\sermouse.sys
2011-06-27 13:50 . 2001-08-17 19:53 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys
2011-06-27 13:50 . 2008-04-13 18:45 11520 -c--a-w- c:\windows\system32\dllcache\scsiscan.sys
2011-06-27 13:50 . 2001-08-17 19:52 11648 -c--a-w- c:\windows\system32\dllcache\scsiprnt.sys
2011-06-27 13:50 . 2001-09-06 18:44 17536 -c--a-w- c:\windows\system32\dllcache\scr111.sys
2011-06-27 13:50 . 2001-09-06 18:44 16768 -c--a-w- c:\windows\system32\dllcache\scmstcs.sys
2011-06-27 13:50 . 2001-08-17 19:51 23936 -c--a-w- c:\windows\system32\dllcache\sccmusbm.sys
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-29 04:24 . 2010-09-16 19:47 25992 ----a-w- c:\windows\system32\pgdfgsvc.exe
2011-06-24 07:10 . 2011-05-19 07:22 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-06 11:35 . 2005-03-01 20:21 1859072 ----a-w- c:\windows\system32\win32k.sys
2011-05-04 02:52 . 2010-06-06 07:14 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2009-06-19 14:51 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-05-02 15:31 . 2005-03-01 20:19 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2005-03-01 20:20 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2005-03-01 20:19 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-26 11:07 . 2005-03-01 20:21 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-04-26 11:07 . 2005-03-01 20:18 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-04-25 16:05 . 2005-03-01 20:21 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:05 . 2005-03-01 20:19 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:05 . 2005-03-01 20:19 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01 . 2005-03-01 20:18 385024 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37 . 2005-03-01 20:20 105472 ----a-w- c:\windows\system32\drivers\mup.sys
.
.
((((((((((((((((((((((((((((( SnapShot_2010-11-11_11.48.37 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-18 20:51 . 2011-04-18 20:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_4ddc769f\vcomp90.dll
+ 2011-01-11 08:59 . 2011-01-11 08:59 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_214ee422\vcomp90.dll
+ 2011-04-18 20:51 . 2011-04-18 20:51 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90rus.dll
+ 2011-04-18 20:51 . 2011-04-18 20:51 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90kor.dll
+ 2011-04-18 20:51 . 2011-04-18 20:51 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90jpn.dll
+ 2011-04-18 20:51 . 2011-04-18 20:51 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90ita.dll
+ 2011-04-18 20:51 . 2011-04-18 20:51 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90fra.dll
+ 2011-04-18 20:51 . 2011-04-18 20:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esp.dll
+ 2011-04-18 20:51 . 2011-04-18 20:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esn.dll
+ 2011-04-18 20:51 . 2011-04-18 20:51 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll
+ 2011-04-18 20:51 . 2011-04-18 20:51 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90deu.dll
+ 2011-04-18 20:51 . 2011-04-18 20:51 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90cht.dll
+ 2011-04-18 20:51 . 2011-04-18 20:51 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90chs.dll
+ 2011-01-11 08:59 . 2011-01-11 08:59 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90rus.dll
+ 2011-01-11 08:59 . 2011-01-11 08:59 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90kor.dll
+ 2011-01-11 08:59 . 2011-01-11 08:59 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90jpn.dll
+ 2011-01-11 08:59 . 2011-01-11 08:59 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90ita.dll
+ 2011-01-11 08:59 . 2011-01-11 08:59 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90fra.dll
+ 2011-01-11 08:59 . 2011-01-11 08:59 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90esp.dll
+ 2011-01-11 08:59 . 2011-01-11 08:59 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90esn.dll
+ 2011-01-11 08:59 . 2011-01-11 08:59 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90enu.dll
+ 2011-01-11 08:59 . 2011-01-11 08:59 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90deu.dll
+ 2011-01-11 08:59 . 2011-01-11 08:59 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90cht.dll
+ 2011-01-11 08:59 . 2011-01-11 08:59 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90chs.dll
+ 2011-04-18 20:51 . 2011-04-18 20:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90u.dll
+ 2011-04-18 20:51 . 2011-04-18 20:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90.dll
+ 2011-01-11 08:59 . 2011-01-11 08:59 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfcm90u.dll
+ 2011-01-11 08:59 . 2011-01-11 08:59 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfcm90.dll
+ 2011-05-13 18:17 . 2011-05-13 18:17 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920\vcomp.dll
+ 2011-05-13 17:45 . 2011-05-13 17:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80KOR.dll
+ 2011-05-13 17:45 . 2011-05-13 17:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80JPN.dll
+ 2011-05-13 17:45 . 2011-05-13 17:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ITA.dll
+ 2011-05-13 17:45 . 2011-05-13 17:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80FRA.dll
+ 2011-05-13 17:45 . 2011-05-13 17:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ESP.dll
+ 2011-05-13 17:45 . 2011-05-13 17:45 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
+ 2011-05-13 17:45 . 2011-05-13 17:45 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80DEU.dll
+ 2011-05-13 17:45 . 2011-05-13 17:45 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHT.dll
+ 2011-05-13 17:45 . 2011-05-13 17:45 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHS.dll
+ 2011-05-13 23:06 . 2011-05-13 23:06 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll
+ 2011-05-13 23:23 . 2011-05-13 23:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll
+ 2011-05-13 16:37 . 2011-05-13 16:37 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
+ 2011-01-05 21:59 . 2011-01-05 21:59 21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe
+ 2011-07-18 03:52 . 2011-07-18 03:52 16384 c:\windows\temp\Perflib_Perfdata_4d8.dat
- 2007-01-29 08:58 . 2010-06-21 14:46 46080 c:\windows\system32\tzchange.exe
+ 2007-01-29 08:58 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
+ 2005-05-11 18:20 . 2011-07-18 03:52 12341 c:\windows\system32\Tablet.dat
- 2005-05-11 18:20 . 2010-11-11 11:35 12341 c:\windows\system32\Tablet.dat
+ 2011-05-28 09:05 . 2010-12-14 17:51 41984 c:\windows\system32\ReinstallBackups\0022\DriverFiles\usbaapl.sys
+ 2004-09-15 01:50 . 2011-07-17 14:16 89124 c:\windows\system32\perfc009.dat
- 2005-03-01 20:19 . 2010-09-10 05:52 66560 c:\windows\system32\mshtmled.dll
+ 2005-03-01 20:19 . 2011-04-25 16:05 66560 c:\windows\system32\mshtmled.dll
+ 2007-08-13 17:54 . 2011-04-25 16:05 55296 c:\windows\system32\msfeedsbs.dll
- 2007-08-13 17:54 . 2010-09-10 05:52 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-07-16 10:05 . 2011-01-31 18:22 57988 c:\windows\system32\mlfcache.dat
+ 2011-06-18 12:23 . 2007-01-07 10:28 69632 c:\windows\system32\JWPath.dll
+ 2005-03-01 20:19 . 2011-04-25 16:05 25600 c:\windows\system32\jsproxy.dll
- 2005-03-01 20:19 . 2010-09-10 05:52 25600 c:\windows\system32\jsproxy.dll
- 2005-03-01 20:19 . 2008-04-14 17:02 86016 c:\windows\system32\isign32.dll
+ 2005-03-01 20:19 . 2010-11-18 18:15 86016 c:\windows\system32\isign32.dll
+ 2010-03-18 12:16 . 2010-03-18 12:16 70472 c:\windows\system32\dxva2.dll
+ 2011-05-28 09:05 . 2011-02-18 14:36 41984 c:\windows\system32\DRVSTORE\usbaapl_05A32DBD3911A2EF4222EF5BE7BB535FAB37D6C4\usbaapl.sys
+ 2011-01-31 18:32 . 2010-04-19 18:29 18432 c:\windows\system32\DRVSTORE\netaapl_8A27A03003759CB01567E831096473C330131D64\netaapl.sys
- 2010-06-19 14:46 . 2010-04-19 18:47 41984 c:\windows\system32\drivers\usbaapl.sys
+ 2010-06-19 14:46 . 2011-02-18 14:36 41984 c:\windows\system32\drivers\usbaapl.sys
+ 2005-03-01 20:20 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys
+ 2011-06-18 06:03 . 2011-07-06 17:52 41272 c:\windows\system32\drivers\mbamswissarmy.sys
+ 2011-06-18 06:03 . 2011-07-06 17:52 22712 c:\windows\system32\drivers\mbam.sys
- 2010-05-18 14:35 . 2010-05-18 14:35 91424 c:\windows\system32\dnssd.dll
+ 2011-04-06 14:20 . 2011-04-06 14:20 91424 c:\windows\system32\dnssd.dll
+ 2005-03-01 20:18 . 2009-04-20 17:22 45568 c:\windows\system32\dnsrslvr.dll
- 2005-03-01 20:18 . 2008-04-14 17:02 45568 c:\windows\system32\dnsrslvr.dll
- 2009-07-29 13:07 . 2010-09-10 05:52 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-07-29 13:07 . 2011-04-25 16:05 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 11776 c:\windows\system32\dllcache\xolehlp.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 50176 c:\windows\system32\dllcache\xmlprovi.dll
+ 2005-03-01 20:21 . 2008-04-14 17:03 30720 c:\windows\system32\dllcache\xcopy.exe
+ 2005-03-01 20:21 . 2008-04-14 17:02 91648 c:\windows\system32\dllcache\xactsrv.dll
+ 2005-04-16 00:28 . 2008-04-14 17:02 52736 c:\windows\system32\dllcache\wzcsapi.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 18432 c:\windows\system32\dllcache\wtsapi32.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 51200 c:\windows\system32\dllcache\wstdecod.dll
+ 2005-08-28 19:12 . 2008-04-13 18:46 19200 c:\windows\system32\dllcache\wstcodec.sys
+ 2005-03-01 20:21 . 2008-04-14 17:02 24576 c:\windows\system32\dllcache\wsock32.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 41984 c:\windows\system32\dllcache\wsnmp32.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 19456 c:\windows\system32\dllcache\wshtcpip.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 11264 c:\windows\system32\dllcache\wshrm.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 14336 c:\windows\system32\dllcache\wship6.dll
- 2008-05-09 10:56 . 2008-05-09 10:56 90112 c:\windows\system32\dllcache\wshext.dll
+ 2005-03-01 20:21 . 2008-05-09 10:56 90112 c:\windows\system32\dllcache\wshext.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 80896 c:\windows\system32\dllcache\wscsvc.dll
+ 2005-03-01 20:21 . 2008-04-14 17:03 13824 c:\windows\system32\dllcache\wscntfy.exe
+ 2005-03-01 20:21 . 2008-04-14 17:02 19968 c:\windows\system32\dllcache\ws2help.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 82432 c:\windows\system32\dllcache\ws2_32.dll
+ 2005-03-01 20:21 . 2008-04-14 17:03 11776 c:\windows\system32\dllcache\wpnpinst.exe
+ 2005-03-01 20:21 . 2008-04-14 17:03 32256 c:\windows\system32\dllcache\wpabaln.exe
+ 2005-04-16 00:28 . 2001-09-06 21:27 14336 c:\windows\system32\dllcache\wowfaxui.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 98304 c:\windows\system32\dllcache\wmiutils.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 41472 c:\windows\system32\dllcache\wmipsess.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 62464 c:\windows\system32\dllcache\wmipjobj.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 61952 c:\windows\system32\dllcache\wmipiprt.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 60928 c:\windows\system32\dllcache\wmicookr.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 88576 c:\windows\system32\dllcache\wmiaprpl.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 93696 c:\windows\system32\dllcache\wlnotify.dll
+ 2008-04-14 17:02 . 2008-04-14 17:02 69120 c:\windows\system32\dllcache\wlanapi.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 53760 c:\windows\system32\dllcache\winsta.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 17408 c:\windows\system32\dllcache\winshfhc.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 99840 c:\windows\system32\dllcache\winscard.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 16896 c:\windows\system32\dllcache\winrnr.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 32256 c:\windows\system32\dllcache\winipsec.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 75776 c:\windows\system32\dllcache\wiascr.dll
+ 2005-03-01 20:21 . 2008-04-14 17:03 66048 c:\windows\system32\dllcache\wextract.exe
+ 2005-03-01 20:21 . 2008-04-14 17:02 68096 c:\windows\system32\dllcache\webclnt.dll
+ 2005-04-16 09:21 . 2008-04-13 19:17 83072 c:\windows\system32\dllcache\wdmaud.sys
+ 2005-04-16 00:28 . 2008-04-14 17:03 23552 c:\windows\system32\dllcache\wdmaud.drv
+ 2005-03-01 20:21 . 2009-06-25 08:27 54272 c:\windows\system32\dllcache\wdigest.dll
- 2009-06-25 08:27 . 2009-06-25 08:27 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2011-06-27 13:59 . 2004-08-03 20:29 23615 c:\windows\system32\dllcache\wch7xxnt.sys
+ 2011-06-27 13:59 . 2008-04-14 16:34 32000 c:\windows\system32\dllcache\wceusbsh.sys
+ 2011-06-27 13:59 . 2001-08-17 18:10 35871 c:\windows\system32\dllcache\wbfirdma.sys
+ 2005-03-01 20:21 . 2008-04-14 17:02 43520 c:\windows\system32\dllcache\wbemsvc.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 18944 c:\windows\system32\dllcache\wbemprox.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 44032 c:\windows\system32\dllcache\wbemperf.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 71680 c:\windows\system32\dllcache\wbemcons.dll
+ 2008-09-23 05:02 . 2004-08-03 20:29 25471 c:\windows\system32\dllcache\watv10nt.sys
+ 2008-09-23 05:02 . 2004-08-03 20:29 22271 c:\windows\system32\dllcache\watv06nt.sys
+ 2011-06-27 13:59 . 2004-08-03 20:29 33599 c:\windows\system32\dllcache\watv04nt.sys
+ 2011-06-27 13:59 . 2004-08-03 20:29 19551 c:\windows\system32\dllcache\watv02nt.sys
+ 2011-06-27 13:59 . 2004-08-03 20:29 29311 c:\windows\system32\dllcache\watv01nt.sys
+ 2005-03-01 20:21 . 2008-04-13 18:44 17664 c:\windows\system32\dllcache\watchdog.sys
+ 2005-03-01 20:21 . 2008-04-13 18:57 34560 c:\windows\system32\dllcache\wanarp.sys
+ 2008-09-23 05:02 . 2004-08-03 20:29 11935 c:\windows\system32\dllcache\wadv11nt.sys
+ 2008-09-23 05:02 . 2004-08-03 20:29 11871 c:\windows\system32\dllcache\wadv09nt.sys
+ 2008-09-23 05:02 . 2004-08-03 20:29 11295 c:\windows\system32\dllcache\wadv08nt.sys
+ 2008-09-23 05:02 . 2004-08-03 20:29 11807 c:\windows\system32\dllcache\wadv07nt.sys
+ 2011-06-27 13:59 . 2004-08-03 20:29 11775 c:\windows\system32\dllcache\wadv05nt.sys
+ 2011-06-27 13:59 . 2004-08-03 20:29 12127 c:\windows\system32\dllcache\wadv02nt.sys
+ 2011-06-27 13:59 . 2004-08-03 20:29 12415 c:\windows\system32\dllcache\wadv01nt.sys
+ 2008-04-13 18:43 . 2008-04-13 18:43 14208 c:\windows\system32\dllcache\wacompen.sys
+ 2005-03-01 20:21 . 2008-04-14 17:03 30208 c:\windows\system32\dllcache\wabmig.exe
+ 2005-03-01 20:21 . 2008-04-14 17:02 85504 c:\windows\system32\dllcache\wabimp.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 32768 c:\windows\system32\dllcache\wabfind.dll
+ 2005-03-01 20:21 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe
+ 2011-06-27 13:59 . 2001-08-17 18:13 16925 c:\windows\system32\dllcache\w940nd.sys
+ 2011-06-27 13:59 . 2001-08-17 18:13 19016 c:\windows\system32\dllcache\w926nd.sys
+ 2011-06-27 13:59 . 2001-08-17 18:13 19528 c:\windows\system32\dllcache\w840nd.sys
+ 2005-03-01 20:21 . 2008-04-14 17:02 15872 c:\windows\system32\dllcache\w3ssl.dll
+ 2011-06-27 13:59 . 2001-08-17 19:28 64605 c:\windows\system32\dllcache\vvoice.sys
+ 2005-03-01 20:21 . 2008-04-14 16:33 53504 c:\windows\system32\dllcache\volsnap.sys
+ 2005-03-01 20:21 . 2008-04-13 18:44 81664 c:\windows\system32\dllcache\videoprt.sys
+ 2011-06-27 13:59 . 2001-08-17 19:49 24576 c:\windows\system32\dllcache\viairda.sys
+ 2005-04-16 00:26 . 2008-04-13 18:36 42240 c:\windows\system32\dllcache\viaagp.sys
+ 2005-03-01 20:21 . 2008-04-13 18:44 20992 c:\windows\system32\dllcache\vga.sys
+ 2005-08-28 19:12 . 2008-04-14 17:02 54272 c:\windows\system32\dllcache\vfwwdm32.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 18944 c:\windows\system32\dllcache\version.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 26624 c:\windows\system32\dllcache\verifier.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 51712 c:\windows\system32\dllcache\vdmredir.dll
+ 2005-04-16 00:27 . 2001-08-17 22:02 58112 c:\windows\system32\dllcache\vdmindvd.sys
+ 2005-03-01 20:21 . 2008-04-14 17:02 26112 c:\windows\system32\dllcache\vdmdbg.dll
+ 2008-04-14 17:02 . 2008-04-14 17:02 11325 c:\windows\system32\dllcache\vchnt5.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 30749 c:\windows\system32\dllcache\vbajet32.dll
+ 2005-03-01 20:21 . 2008-04-14 17:03 50176 c:\windows\system32\dllcache\utilman.exe
+ 2005-04-16 00:28 . 2001-09-06 21:27 49211 c:\windows\system32\dllcache\usrvpa.dll
+ 2005-04-16 00:28 . 2001-09-06 21:27 45116 c:\windows\system32\dllcache\usrvoica.dll
+ 2005-04-16 00:28 . 2001-09-06 21:27 49209 c:\windows\system32\dllcache\usrv80a.dll
+ 2005-04-16 00:28 . 2001-09-06 21:27 41019 c:\windows\system32\dllcache\usrsvpia.dll
+ 2005-04-16 00:28 . 2001-09-06 21:27 69700 c:\windows\system32\dllcache\usrshuta.exe
+ 2005-04-16 00:28 . 2001-09-06 21:27 49211 c:\windows\system32\dllcache\usrsdpia.dll
+ 2005-04-16 00:28 . 2001-09-06 21:27 77883 c:\windows\system32\dllcache\usrrtosa.dll
+ 2005-04-16 00:28 . 2001-09-06 21:27 61508 c:\windows\system32\dllcache\usrprbda.exe
+ 2005-04-16 00:28 . 2001-09-06 21:27 77891 c:\windows\system32\dllcache\usrmlnka.exe
+ 2005-04-16 00:28 . 2001-09-06 21:27 53305 c:\windows\system32\dllcache\usrlbva.dll
+ 2005-04-16 00:28 . 2001-09-06 21:27 86073 c:\windows\system32\dllcache\usrfaxa.dll
+ 2005-04-16 00:28 . 2001-09-06 21:27 77890 c:\windows\system32\dllcache\usrdpa.dll
+ 2005-04-16 00:28 . 2001-09-06 21:27 69699 c:\windows\system32\dllcache\usrcoina.dll
+ 2005-04-16 00:27 . 2001-09-06 21:27 61500 c:\windows\system32\dllcache\usrcntra.dll
+ 2005-03-01 20:21 . 2008-04-14 17:03 26112 c:\windows\system32\dllcache\userinit.exe
+ 2005-04-16 00:27 . 2008-04-14 17:02 76288 c:\windows\system32\dllcache\usbui.dll
+ 2005-04-16 09:17 . 2008-04-13 18:45 20608 c:\windows\system32\dllcache\usbuhci.sys
+ 2005-03-01 20:21 . 2008-04-13 18:45 26368 c:\windows\system32\dllcache\usbstor.sys
+ 2005-03-01 20:21 . 2008-04-13 18:45 17152 c:\windows\system32\dllcache\usbohci.sys
+ 2005-03-01 20:21 . 2008-04-14 17:02 16896 c:\windows\system32\dllcache\usbmon.dll
+ 2005-04-16 00:27 . 2008-04-13 18:45 15872 c:\windows\system32\dllcache\usbintel.sys
+ 2005-03-01 20:21 . 2008-04-13 18:45 59520 c:\windows\system32\dllcache\usbhub.sys
+ 2005-04-16 09:17 . 2008-04-13 18:45 30208 c:\windows\system32\dllcache\usbehci.sys
+ 2005-05-11 16:31 . 2008-04-13 18:45 32128 c:\windows\system32\dllcache\usbccgp.sys
+ 2005-04-16 00:27 . 2008-04-13 18:45 25728 c:\windows\system32\dllcache\usbcamd2.sys
+ 2005-04-16 00:27 . 2008-04-13 18:45 25600 c:\windows\system32\dllcache\usbcamd.sys
+ 2007-02-10 16:14 . 2008-04-13 18:45 60032 c:\windows\system32\dllcache\usbaudio.sys
+ 2008-04-13 18:56 . 2008-04-13 18:56 12800 c:\windows\system32\dllcache\usb8023x.sys
+ 2005-03-01 20:21 . 2008-04-13 18:56 12800 c:\windows\system32\dllcache\usb8023.sys
+ 2005-03-01 20:21 . 2008-04-14 17:03 18432 c:\windows\system32\dllcache\ups.exe
+ 2005-03-01 20:21 . 2008-04-14 17:03 16896 c:\windows\system32\dllcache\upnpcont.exe
+ 2005-03-01 20:21 . 2008-04-14 17:02 13824 c:\windows\system32\dllcache\uniplat.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 78336 c:\windows\system32\dllcache\unimdmat.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 36352 c:\windows\system32\dllcache\umandlg.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 26624 c:\windows\system32\dllcache\udhisapi.dll
+ 2005-03-01 20:21 . 2008-04-13 18:32 66048 c:\windows\system32\dllcache\udfs.sys
+ 2008-04-13 18:36 . 2008-04-13 18:36 44672 c:\windows\system32\dllcache\uagp35.sys
+ 2005-03-01 20:21 . 2008-04-14 17:02 57856 c:\windows\system32\dllcache\twext.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 50688 c:\windows\system32\dllcache\twain_32.dll
+ 2005-04-16 00:27 . 2008-04-13 18:56 12288 c:\windows\system32\dllcache\tunmp.sys
+ 2008-04-14 17:02 . 2008-04-14 17:02 50688 c:\windows\system32\dllcache\tspkg.dll
+ 2008-04-14 17:02 . 2008-04-14 17:02 53248 c:\windows\system32\dllcache\tsgqec.dll
+ 2005-03-01 20:21 . 2008-04-14 17:03 12168 c:\windows\system32\dllcache\tsddd.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 94208 c:\windows\system32\dllcache\tscfgwmi.dll
+ 2005-04-16 00:27 . 2001-08-17 22:06 21376 c:\windows\system32\dllcache\tsbvcap.sys
+ 2005-03-01 20:21 . 2008-04-14 17:02 90112 c:\windows\system32\dllcache\trkwks.dll
+ 2005-03-01 20:21 . 2008-04-14 17:03 12800 c:\windows\system32\dllcache\tracert.exe
+ 2005-04-16 00:27 . 2001-08-17 22:01 51712 c:\windows\system32\dllcache\tosdvd.sys
+ 2005-04-16 00:27 . 2008-04-14 17:03 40840 c:\windows\system32\dllcache\termdd.sys
- 2009-06-15 10:45 . 2009-06-15 10:45 79872 c:\windows\system32\dllcache\telnet.exe
+ 2005-03-01 20:21 . 2009-06-15 10:45 79872 c:\windows\system32\dllcache\telnet.exe
+ 2005-03-01 20:21 . 2008-04-14 17:03 21896 c:\windows\system32\dllcache\tdtcp.sys
+ 2005-03-01 20:21 . 2008-04-14 17:03 12040 c:\windows\system32\dllcache\tdpipe.sys
+ 2005-03-01 20:21 . 2008-04-13 19:00 19072 c:\windows\system32\dllcache\tdi.sys
+ 2008-04-14 17:03 . 2008-04-14 17:03 32827 c:\windows\system32\dllcache\tcptest.exe
+ 2005-03-01 20:21 . 2008-04-14 17:02 46080 c:\windows\system32\dllcache\tcpmonui.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 46080 c:\windows\system32\dllcache\tcpmon.dll
+ 2005-03-01 20:21 . 2008-04-14 17:02 14848 c:\windows\system32\dllcache\tcpmib.dll
+ 2005-03-01 20:21 . 2008-04-13 18:40 14976 c:\windows\system32\dllcache\tape.sys
+ 2005-04-16 09:21 . 2008-04-13 19:15 60800 c:\windows\system32\dllcache\sysaudio.sys
+ 2005-03-01 20:20 . 2008-04-14 17:02 57856 c:\windows\system32\dllcache\synceng.dll
+ 2005-04-16 09:21 . 2008-04-13 18:45 56576 c:\windows\system32\dllcache\swmidi.sys
+ 2005-03-01 20:20 . 2008-04-14 17:03 14336 c:\windows\system32\dllcache\svchost.exe
+ 2005-03-01 20:20 . 2009-10-21 05:40 75776 c:\windows\system32\dllcache\strmfilt.dll
- 2009-10-21 05:40 . 2009-10-21 05:40 75776 c:\windows\system32\dllcache\strmfilt.dll
+ 2005-08-28 19:12 . 2008-04-13 18:46 15232 c:\windows\system32\dllcache\streamip.sys
+ 2005-04-16 00:27 . 2008-04-14 17:02 76288 c:\windows\system32\dllcache\storprop.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 14848 c:\windows\system32\dllcache\stimon.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 68096 c:\windows\system32\dllcache\sti.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 86528 c:\windows\system32\dllcache\stdprov.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 59392 c:\windows\system32\dllcache\stclient.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 26624 c:\windows\system32\dllcache\startoc.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 33280 c:\windows\system32\dllcache\sstub.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 14336 c:\windows\system32\dllcache\ssstars.scr
+ 2005-03-01 20:20 . 2008-04-14 17:03 18944 c:\windows\system32\dllcache\ssmyst.scr
+ 2005-03-01 20:20 . 2008-04-14 17:03 47616 c:\windows\system32\dllcache\ssmypics.scr
+ 2005-03-01 20:20 . 2008-04-14 17:03 20992 c:\windows\system32\dllcache\ssmarque.scr
+ 2005-03-01 20:20 . 2008-04-14 17:02 71680 c:\windows\system32\dllcache\ssdpsrv.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 34816 c:\windows\system32\dllcache\ssdpapi.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 19968 c:\windows\system32\dllcache\ssbezier.scr
+ 2005-03-01 20:20 . 2010-08-27 05:55 99840 c:\windows\system32\dllcache\srvsvc.dll
- 2010-08-27 05:55 . 2010-08-27 05:55 99840 c:\windows\system32\dllcache\srvsvc.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 67584 c:\windows\system32\dllcache\srclient.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 58434 c:\windows\system32\dllcache\srchctls.dll
+ 2005-03-01 20:20 . 2008-04-14 16:43 73472 c:\windows\system32\dllcache\sr.sys
+ 2005-04-16 00:27 . 2001-09-06 21:27 72192 c:\windows\system32\dllcache\sprio800.dll
+ 2005-04-16 00:27 . 2001-09-06 21:27 70656 c:\windows\system32\dllcache\sprio600.dll
- 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2005-03-01 20:20 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 75264 c:\windows\system32\dllcache\spoolss.dll
+ 2005-03-01 20:20 . 2008-04-14 20:33 11264 c:\windows\system32\dllcache\spnpinst.exe
+ 2005-04-16 00:27 . 2001-09-06 21:27 69632 c:\windows\system32\dllcache\spnike.dll
+ 2005-03-01 20:20 . 2008-04-13 16:43 62976 c:\windows\system32\dllcache\spgrmr.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 26112 c:\windows\system32\dllcache\sort.exe
+ 2005-04-16 00:26 . 2008-04-13 18:46 25344 c:\windows\system32\dllcache\sonydcam.sys
+ 2008-04-14 17:02 . 2008-04-14 17:02 39936 c:\windows\system32\dllcache\snmpthrd.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 18944 c:\windows\system32\dllcache\snmpapi.dll
+ 2008-04-14 17:03 . 2008-04-14 17:03 33280 c:\windows\system32\dllcache\snmp.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 34816 c:\windows\system32\dllcache\sniffpol.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 50688 c:\windows\system32\dllcache\smss.exe
+ 2005-03-01 20:20 . 2008-04-14 17:03 91648 c:\windows\system32\dllcache\smlogsvc.exe
+ 2008-09-23 05:02 . 2004-08-03 20:41 13240 c:\windows\system32\dllcache\slwdmsup.sys
+ 2008-04-14 17:03 . 2008-04-14 17:03 73796 c:\windows\system32\dllcache\slserv.exe
+ 2008-04-14 17:03 . 2008-04-14 17:03 32866 c:\windows\system32\dllcache\slrundll.exe
+ 2008-09-23 05:02 . 2004-08-03 20:41 95424 c:\windows\system32\dllcache\slnthal.sys
+ 2005-08-28 19:12 . 2008-04-13 18:46 11136 c:\windows\system32\dllcache\slip.sys
+ 2008-04-14 17:02 . 2008-04-14 17:02 73832 c:\windows\system32\dllcache\slcoinst.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 98304 c:\windows\system32\dllcache\slbiop.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 25600 c:\windows\system32\dllcache\slayerxp.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 26112 c:\windows\system32\dllcache\skeys.exe
+ 2005-04-16 00:26 . 2004-08-03 22:31 32768 c:\windows\system32\dllcache\sisnic.sys
+ 2005-04-16 00:26 . 2008-04-13 18:36 40960 c:\windows\system32\dllcache\sisagp.sys
+ 2005-03-01 20:20 . 2008-04-14 17:03 71168 c:\windows\system32\dllcache\sigverif.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 13824 c:\windows\system32\dllcache\sigtab.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 20992 c:\windows\system32\dllcache\shutdown.exe
+ 2008-04-14 17:03 . 2008-04-14 17:03 16437 c:\windows\system32\dllcache\shtml.exe
+ 2008-04-14 17:02 . 2008-04-14 17:02 20536 c:\windows\system32\dllcache\shtml.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 28160 c:\windows\system32\dllcache\shscrap.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 78336 c:\windows\system32\dllcache\shrpubw.exe
+ 2005-03-01 20:20 . 2008-04-14 17:03 45056 c:\windows\system32\dllcache\shmgrate.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 65024 c:\windows\system32\dllcache\shimeng.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 68096 c:\windows\system32\dllcache\shgina.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 25088 c:\windows\system32\dllcache\shfolder.dll
+ 2005-03-01 20:20 . 2008-04-13 18:40 11392 c:\windows\system32\dllcache\sfloppy.sys
+ 2005-03-01 20:20 . 2008-04-13 18:40 11008 c:\windows\system32\dllcache\sffp_sd.sys
+ 2005-03-01 20:20 . 2008-04-13 18:40 11904 c:\windows\system32\dllcache\sffdisk.sys
+ 2008-04-14 17:03 . 2008-04-14 17:03 32768 c:\windows\system32\dllcache\setupn.exe
+ 2005-03-01 20:20 . 2008-04-14 17:03 73216 c:\windows\system32\dllcache\setup50.exe
+ 2005-03-01 20:20 . 2008-04-14 17:03 23040 c:\windows\system32\dllcache\setup.exe
+ 2005-03-01 20:20 . 2008-04-14 17:03 32768 c:\windows\system32\dllcache\sethc.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 56320 c:\windows\system32\dllcache\servdeps.dll
+ 2005-03-01 20:20 . 2008-04-14 16:36 65536 c:\windows\system32\dllcache\serial.sys
+ 2005-03-01 20:20 . 2008-04-13 18:40 15744 c:\windows\system32\dllcache\serenum.sys
+ 2005-03-01 20:20 . 2008-04-14 17:02 39424 c:\windows\system32\dllcache\sens.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 55296 c:\windows\system32\dllcache\sendmail.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 29696 c:\windows\system32\dllcache\sendcmsg.dll
- 2009-02-03 19:59 . 2009-06-25 08:27 56832 c:\windows\system32\dllcache\secur32.dll
+ 2005-03-01 20:20 . 2009-06-25 08:27 56832 c:\windows\system32\dllcache\secur32.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 18944 c:\windows\system32\dllcache\seclogon.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 29184 c:\windows\system32\dllcache\sdhcinst.dll
+ 2005-03-01 20:20 . 2008-04-13 18:36 79232 c:\windows\system32\dllcache\sdbus.sys
+ 2005-03-01 20:20 . 2008-04-14 17:03 78336 c:\windows\system32\dllcache\sdbinst.exe
+ 2005-03-01 20:20 . 2008-04-13 18:40 96384 c:\windows\system32\dllcache\scsiport.sys
+ 2005-03-01 20:20 . 2008-04-14 17:03 36352 c:\windows\system32\dllcache\scrcons.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 21504 c:\windows\system32\dllcache\sclgntfy.dll
+ 2011-06-27 13:49 . 2001-09-06 18:42 23936 c:\windows\system32\dllcache\sccmn50m.sys
+ 2005-03-01 20:20 . 2008-04-14 17:03 98304 c:\windows\system32\dllcache\scardsvr.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 70656 c:\windows\system32\dllcache\scarddlg.dll
+ 2011-06-27 13:49 . 2008-04-13 18:40 43904 c:\windows\system32\dllcache\sbp2port.sys
+ 2005-03-01 20:20 . 2008-04-14 17:03 13824 c:\windows\system32\dllcache\savedump.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 64000 c:\windows\system32\dllcache\samlib.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 45568 c:\windows\system32\dllcache\safrslv.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 29696 c:\windows\system32\dllcache\safrdm.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 43520 c:\windows\system32\dllcache\safrcdlg.dll
+ 2011-06-27 13:49 . 2001-08-17 18:50 75392 c:\windows\system32\dllcache\s3savmxm.sys
+ 2011-06-27 13:49 . 2001-08-17 18:50 77824 c:\windows\system32\dllcache\s3sav4m.sys
+ 2011-06-27 13:49 . 2001-08-17 18:50 61504 c:\windows\system32\dllcache\s3sav3dm.sys
+ 2011-06-27 13:49 . 2001-09-06 19:26 62496 c:\windows\system32\dllcache\s3mtrio.dll
+ 2011-06-27 13:49 . 2001-08-17 18:50 41216 c:\windows\system32\dllcache\s3mt3d.sys
+ 2011-06-27 13:48 . 2001-08-17 19:57 65664 c:\windows\system32\dllcache\s3legacy.sys
+ 2011-06-27 13:28 . 2001-09-06 19:26 66048 c:\windows\system32\dllcache\s3legacy.dll
+ 2011-06-27 13:48 . 2001-09-06 19:27 83456 c:\windows\system32\dllcache\rwia450.dll
+ 2011-06-27 13:48 . 2001-09-06 19:27 80896 c:\windows\system32\dllcache\rwia430.dll
+ 2011-06-27 13:48 . 2008-04-14 17:02 29696 c:\windows\system32\dllcache\rw450ext.dll
+ 2011-06-27 13:48 . 2008-04-14 17:02 28160 c:\windows\system32\dllcache\rw430ext.dll
+ 2008-04-14 17:02 . 2008-04-14 17:02 29184 c:\windows\system32\dllcache\rw330ext.dll
+ 2008-04-14 17:02 . 2008-04-14 17:02 27648 c:\windows\system32\dllcache\rw001ext.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 14336 c:\windows\system32\dllcache\runonce.exe
+ 2005-03-01 20:20 . 2008-04-14 17:03 33792 c:\windows\system32\dllcache\rundll32.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 44032 c:\windows\system32\dllcache\rtutils.dll
+ 2011-06-27 13:48 . 2004-08-03 20:31 20992 c:\windows\system32\dllcache\rtl8139.sys
+ 2011-06-27 13:48 . 2001-08-17 18:12 19017 c:\windows\system32\dllcache\rtl8029.sys
+ 2005-03-01 20:20 . 2008-04-14 17:02 31744 c:\windows\system32\dllcache\rtipxmib.dll
+ 2011-06-27 13:48 . 2001-08-17 18:19 30720 c:\windows\system32\dllcache\rthwcls.sys
+ 2005-03-01 20:20 . 2008-04-14 17:03 78336 c:\windows\system32\dllcache\rtcshare.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 92672 c:\windows\system32\dllcache\rsvpsp.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 18944 c:\windows\system32\dllcache\rsmps.dll
+ 2011-06-27 13:48 . 2001-09-06 19:27 10240 c:\windows\system32\dllcache\rsmgrstr.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 40448 c:\windows\system32\dllcache\rshx32.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 15872 c:\windows\system32\dllcache\rsh.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 61440 c:\windows\system32\dllcache\rrcm.dll
+ 2011-06-27 13:48 . 2008-04-14 16:34 79360 c:\windows\system32\dllcache\rocket.sys
+ 2008-04-13 18:56 . 2008-04-13 18:56 30592 c:\windows\system32\dllcache\rndismpx.sys
+ 2005-03-01 20:20 . 2008-04-13 18:56 30592 c:\windows\system32\dllcache\rndismp.sys
+ 2011-06-27 13:48 . 2001-08-17 18:12 37563 c:\windows\system32\dllcache\rlnet5.sys
+ 2005-04-16 00:26 . 2001-08-17 21:24 12032 c:\windows\system32\dllcache\riodrv.sys
+ 2005-04-16 00:26 . 2001-08-17 21:24 12032 c:\windows\system32\dllcache\rio8drv.sys
+ 2008-04-09 15:10 . 2008-04-13 18:46 59136 c:\windows\system32\dllcache\rfcomm.sys
+ 2005-03-01 20:20 . 2008-04-14 17:03 14848 c:\windows\system32\dllcache\rexec.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 58880 c:\windows\system32\dllcache\resutils.dll
+ 2011-06-27 13:48 . 2001-09-06 19:27 86097 c:\windows\system32\dllcache\reslog32.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 61440 c:\windows\system32\dllcache\remotepg.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 12288 c:\windows\system32\dllcache\regsvr32.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 59904 c:\windows\system32\dllcache\regsvc.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 49664 c:\windows\system32\dllcache\regapi.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 56832 c:\windows\system32\dllcache\reg.exe
+ 2005-04-16 00:26 . 2008-04-14 16:34 58112 c:\windows\system32\dllcache\redbook.sys
+ 2008-09-23 05:02 . 2004-08-03 20:41 13776 c:\windows\system32\dllcache\recagent.sys
+ 2005-03-01 20:20 . 2008-04-14 17:03 67072 c:\windows\system32\dllcache\rdshost.exe
+ 2005-03-01 20:20 . 2008-04-14 17:03 13824 c:\windows\system32\dllcache\rdsaddin.exe
+ 2005-03-01 20:20 . 2008-04-14 17:03 87176 c:\windows\system32\dllcache\rdpwsx.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 19968 c:\windows\system32\dllcache\rdpsnd.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 92424 c:\windows\system32\dllcache\rdpdd.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 62976 c:\windows\system32\dllcache\rdpclip.exe
+ 2005-03-01 20:20 . 2008-04-14 17:03 22016 c:\windows\system32\dllcache\rcp.exe
+ 2005-03-01 20:20 . 2008-04-14 17:03 35840 c:\windows\system32\dllcache\rcimlby.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 58368 c:\windows\system32\dllcache\rastapi.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 16384 c:\windows\system32\dllcache\rassapi.dll
+ 2008-04-14 17:02 . 2008-04-14 17:02 61952 c:\windows\system32\dllcache\rasqec.dll
+ 2005-03-01 20:20 . 2008-04-13 19:19 48384 c:\windows\system32\dllcache\raspptp.sys
+ 2005-03-01 20:20 . 2008-04-13 18:57 41472 c:\windows\system32\dllcache\raspppoe.sys
+ 2005-03-01 20:20 . 2008-04-14 17:03 57856 c:\windows\system32\dllcache\rasphone.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 61440 c:\windows\system32\dllcache\rasman.dll
+ 2005-03-01 20:20 . 2008-04-13 19:19 51328 c:\windows\system32\dllcache\rasl2tp.sys
+ 2011-06-27 13:48 . 2001-08-17 19:51 19584 c:\windows\system32\dllcache\rasirda.sys
+ 2005-03-01 20:20 . 2009-10-12 13:40 79872 c:\windows\system32\dllcache\raschap.dll
- 2009-10-12 13:40 . 2009-10-12 13:40 79872 c:\windows\system32\dllcache\raschap.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 88576 c:\windows\system32\dllcache\rasauto.dll
+ 2008-04-13 18:41 . 2008-04-13 18:41 20736 c:\windows\system32\dllcache\ramdisk.sys
+ 2005-03-01 20:20 . 2008-04-14 17:02 43520 c:\windows\system32\dllcache\racpldlg.dll
+ 2011-06-27 13:47 . 2001-09-06 19:27 41984 c:\windows\system32\dllcache\qvusd.dll
+ 2008-04-14 17:02 . 2008-04-14 17:02 76800 c:\windows\system32\dllcache\qutil.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 20480 c:\windows\system32\dllcache\qprocess.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 18944 c:\windows\system32\dllcache\qmgrprxy.dll
+ 2008-04-14 17:02 . 2008-04-14 17:02 62464 c:\windows\system32\dllcache\qcliprov.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 34304 c:\windows\system32\dllcache\pstorsvc.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 43520 c:\windows\system32\dllcache\pstorec.dll
+ 2011-06-27 13:47 . 2001-09-06 19:27 35328 c:\windows\system32\dllcache\psisload.dll
+ 2011-06-27 13:47 . 2001-09-06 18:24 16128 c:\windows\system32\dllcache\pscr.sys
+ 2005-03-01 20:20 . 2008-04-13 18:56 69120 c:\windows\system32\dllcache\psched.sys
+ 2005-03-01 20:20 . 2008-04-14 17:02 98304 c:\windows\system32\dllcache\psbase.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 23040 c:\windows\system32\dllcache\psapi.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 50688 c:\windows\system32\dllcache\proquota.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 27648 c:\windows\system32\dllcache\profmap.dll
+ 2005-04-16 00:26 . 2008-04-14 16:32 39936 c:\windows\system32\dllcache\processr.sys
+ 2011-06-27 13:47 . 2008-04-13 18:41 17664 c:\windows\system32\dllcache\ppa3.sys
+ 2011-06-27 13:47 . 2001-08-17 19:53 17792 c:\windows\system32\dllcache\ppa.sys
+ 2005-03-01 20:20 . 2008-04-14 17:02 17408 c:\windows\system32\dllcache\powrprof.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 49152 c:\windows\system32\dllcache\powercfg.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 58880 c:\windows\system32\dllcache\pnrpnsp.dll
+ 2005-04-16 00:27 . 2008-04-14 17:02 15360 c:\windows\system32\dllcache\pjlmon.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 18432 c:\windows\system32\dllcache\ping.exe
+ 2005-03-01 20:20 . 2008-04-13 18:35 24064 c:\windows\system32\dllcache\pidgen.dll
+ 2005-04-16 00:27 . 2008-04-14 17:02 35328 c:\windows\system32\dllcache\pid.dll
+ 2011-06-27 13:46 . 2001-08-17 20:07 19840 c:\windows\system32\dllcache\philtune.sys
+ 2011-06-27 13:46 . 2001-08-17 20:04 92416 c:\windows\system32\dllcache\phildec.sys
+ 2011-06-27 13:46 . 2001-08-17 20:04 75776 c:\windows\system32\dllcache\philcam1.sys
+ 2011-06-27 13:46 . 2001-09-06 19:27 16896 c:\windows\system32\dllcache\philcam1.dll
+ 2011-06-27 13:46 . 2008-04-13 18:44 28032 c:\windows\system32\dllcache\perm3.sys
+ 2011-06-27 13:46 . 2008-04-13 18:44 27904 c:\windows\system32\dllcache\perm2.sys
+ 2005-03-01 20:20 . 2008-04-14 17:02 35328 c:\windows\system32\dllcache\perfproc.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 26112 c:\windows\system32\dllcache\perfos.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 18432 c:\windows\system32\dllcache\perfnet.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 15872 c:\windows\system32\dllcache\perfmon.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 26624 c:\windows\system32\dllcache\perfdisk.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 41472 c:\windows\system32\dllcache\perfctrs.dll
+ 2011-06-27 13:46 . 2001-09-06 19:27 86016 c:\windows\system32\dllcache\pctspk.exe
+ 2011-06-27 13:46 . 2001-08-17 18:11 35328 c:\windows\system32\dllcache\pcntpci5.sys
+ 2011-06-27 13:46 . 2001-08-17 18:11 29769 c:\windows\system32\dllcache\pcntn5m.sys
+ 2011-06-27 13:46 . 2001-08-17 18:11 30282 c:\windows\system32\dllcache\pcntn5hl.sys
+ 2011-06-27 13:46 . 2001-08-17 18:12 26153 c:\windows\system32\dllcache\pcmlm56.sys
+ 2005-03-01 20:20 . 2008-04-13 18:40 24960 c:\windows\system32\dllcache\pciidex.sys
+ 2005-03-01 20:20 . 2008-04-14 16:43 68224 c:\windows\system32\dllcache\pci.sys
+ 2005-03-01 20:20 . 2008-04-14 17:02 38400 c:\windows\system32\dllcache\pchsvc.dll
+ 2011-06-27 13:45 . 2004-08-03 20:31 29502 c:\windows\system32\dllcache\pca200e.sys
+ 2011-06-27 13:45 . 2001-08-17 18:12 30495 c:\windows\system32\dllcache\pc100nds.sys
+ 2005-03-01 20:20 . 2008-04-14 17:02 69632 c:\windows\system32\dllcache\pautoenr.dll
+ 2005-03-01 20:20 . 2008-04-13 18:40 19712 c:\windows\system32\dllcache\partmgr.sys
+ 2005-04-16 00:26 . 2008-04-14 16:43 80256 c:\windows\system32\dllcache\parport.sys
+ 2011-06-27 13:45 . 2004-08-04 12:00 14336 c:\windows\system32\dllcache\padrs412.dll
+ 2011-06-27 13:45 . 2004-08-04 12:00 36927 c:\windows\system32\dllcache\padrs411.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 58880 c:\windows\system32\dllcache\packager.exe
+ 2005-04-16 00:26 . 2008-04-14 16:43 46848 c:\windows\system32\dllcache\p3.sys
+ 2011-06-27 13:45 . 2001-09-06 19:27 42496 c:\windows\system32\dllcache\ovui2rc.dll
+ 2011-06-27 13:45 . 2001-09-06 19:27 44544 c:\windows\system32\dllcache\ovui2.dll
+ 2011-06-27 13:45 . 2001-08-17 20:05 25216 c:\windows\system32\dllcache\ovsound2.sys
+ 2011-06-27 13:45 . 2001-09-06 19:27 39424 c:\windows\system32\dllcache\ovcoms.exe
+ 2011-06-27 13:45 . 2001-09-06 19:27 20480 c:\windows\system32\dllcache\ovcomc.dll
+ 2011-06-27 13:45 . 2001-08-17 20:05 31872 c:\windows\system32\dllcache\ovce.sys
+ 2011-06-27 13:45 . 2001-08-17 20:05 28032 c:\windows\system32\dllcache\ovcd.sys
+ 2011-06-27 13:45 . 2001-08-17 20:05 48000 c:\windows\system32\dllcache\ovcam2.sys
+ 2011-06-27 13:45 . 2001-08-17 20:05 25088 c:\windows\system32\dllcache\ovca.sys
+ 2011-06-27 13:45 . 2001-09-06 18:09 54666 c:\windows\system32\dllcache\otcsercb.sys
+ 2011-06-27 13:45 . 2001-09-06 18:09 43785 c:\windows\system32\dllcache\otceth5.sys
+ 2011-06-27 13:44 . 2001-08-17 18:12 27209 c:\windows\system32\dllcache\otc06x5.sys
+ 2005-03-01 20:20 . 2008-04-14 17:02 68096 c:\windows\system32\dllcache\osuninst.dll
+ 2011-06-27 13:44 . 2001-08-17 18:20 54528 c:\windows\system32\dllcache\opl3sax.sys
+ 2005-03-01 20:20 . 2008-04-14 17:03 51712 c:\windows\system32\dllcache\oobebaln.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 84992 c:\windows\system32\dllcache\olepro32.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 73728 c:\windows\system32\dllcache\oledb32r.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 37376 c:\windows\system32\dllcache\olecnv32.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 74752 c:\windows\system32\dllcache\olecli32.dll
+ 2005-04-16 09:17 . 2008-04-13 18:46 61696 c:\windows\system32\dllcache\ohci1394.sys
+ 2005-03-01 20:20 . 2008-04-14 17:02 35328 c:\windows\system32\dllcache\oemiglib.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 60928 c:\windows\system32\dllcache\oemig50.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 20511 c:\windows\system32\dllcache\odtext32.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 20510 c:\windows\system32\dllcache\odpdx32.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 20510 c:\windows\system32\dllcache\odfox32.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 20510 c:\windows\system32\dllcache\odexl32.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 20511 c:\windows\system32\dllcache\oddbse32.dll
+ 2005-03-01 20:20 . 2008-04-13 17:26 12288 c:\windows\system32\dllcache\odbcp32r.dll
+ 2005-03-01 20:20 . 2008-04-14 17:01 57375 c:\windows\system32\dllcache\odbcji32.dll
+ 2005-03-01 20:20 . 2007-03-28 12:54 98304 c:\windows\system32\dllcache\odbcint.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 65536 c:\windows\system32\dllcache\odbccu32.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 65536 c:\windows\system32\dllcache\odbccr32.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 69632 c:\windows\system32\dllcache\odbcconf.exe
+ 2005-03-01 20:20 . 2008-04-14 17:03 32768 c:\windows\system32\dllcache\odbcad32.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 16384 c:\windows\system32\dllcache\odbc32gt.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 17408 c:\windows\system32\dllcache\ocmsn.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 68096 c:\windows\system32\dllcache\ocmanage.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 15872 c:\windows\system32\dllcache\ocgen.dll
+ 2005-03-01 20:20 . 2008-04-13 18:56 88320 c:\windows\system32\dllcache\nwlnkipx.sys
+ 2005-03-01 20:20 . 2008-04-14 17:02 15360 c:\windows\system32\dllcache\ntvdmd.dll
- 2004-09-15 01:50 . 2004-08-04 19:00 36864 c:\windows\system32\dllcache\ntsdexts.dll
+ 2005-03-01 20:20 . 2004-08-04 12:00 36864 c:\windows\system32\dllcache\ntsdexts.dll
- 2004-09-15 01:50 . 2004-08-04 19:00 31744 c:\windows\system32\dllcache\ntsd.exe
+ 2005-03-01 20:20 . 2004-08-04 12:00 31744 c:\windows\system32\dllcache\ntsd.exe
+ 2005-03-01 20:20 . 2008-04-14 17:02 92160 c:\windows\system32\dllcache\ntprint.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 63488 c:\windows\system32\dllcache\ntoc.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 40960 c:\windows\system32\dllcache\ntmsapi.dll
+ 2005-03-01 20:20 . 2008-04-14 17:02 44032 c:\windows\system32\dllcache\ntlanman.dll
+ 2011-06-27 13:44 . 2001-08-17 18:49 51552 c:\windows\system32\dllcache\ntgrip.sys
+ 2005-03-01 20:20 . 2008-04-14 17:02 67072 c:\windows\system32\dllcache\ntdsapi.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 76800 c:\windows\system32\dllcache\nslookup.exe
+ 2011-06-27 13:44 . 2008-04-13 18:54 28672 c:\windows\system32\dllcache\nscirda.sys
+ 2005-03-01 20:20 . 2008-04-14 17:02 55296 c:\windows\system32\dllcache\npptools.dll
+ 2005-03-01 20:20 . 2008-04-14 17:03 15360 c:\windows\system32\dllcache\nppagent.exe
+ 2005-03-01 20:20 . 2008-04-13 18:32 30848 c:\windows\system32\dllcache\npfs

diana 18 juli 2011, 06:14

Het kan er allemaal niet op, een hele lange lijst met data zoals hierboven. Die gaat dus nog een eind door.
het laatste deel plaats ik hieronder, ik hoor wel of je nog meer wilt zien van het log.
-- Snapshot teruggezet naar huidige datum --
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2008-04-24 368640]
"SoftAuto.exe"="c:\program files\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JWOSetup"="JWOSetup.exe -en" [X]
"SoundMan"="SOUNDMAN.EXE" [2003-12-19 65024]
"ezShieldProtector for Px"="c:\windows\system32\ezSP_Px.exe" [2002-08-20 40960]
"CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2008-01-08 864256]
"AudioCommander"="c:\program files\Andrea Electronics\AudioCommander\AudioCommander.exe" [2008-08-29 888832]
"AEFltrs"="c:\program files\Andrea Electronics\AudioCommander\AEFltrs.exe" [2008-08-29 741376]
"VoiceCenter"="c:\program files\Andrea Electronics\VoiceCenter\AndreaVC.exe" [2008-07-31 1134592]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^TabUserW.exe.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\TabUserW.exe.lnk
backup=c:\windows\pss\TabUserW.exe.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^gebruiker^Menu Start^Programma's^Opstarten^Last.fm Helper.lnk]
path=c:\documents and settings\gebruiker\Menu Start\Programma's\Opstarten\Last.fm Helper.lnk
backup=c:\windows\pss\Last.fm Helper.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2007-08-31 10:01 1037736 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-02-16 15:15 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-16 15:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-04-26 23:22 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2007-08-31 19:13 988584 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
2004-04-28 13:10 73728 ------w- c:\program files\Logitech\MediaLife\MediaLifeService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2003-11-10 14:06 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]
2005-07-15 21:48 479232 ----a-w- c:\program files\Google\Gmail Notifier\gnotify.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Soulseek\\slsk.exe"=
"c:\\Program Files\\DropUpload\\DropUpLoad.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\GigaTribe\\gigatribe.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4210:TCP"= 4210:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 fasttrak;fasttrak;c:\windows\system32\drivers\fasttrak.sys [11-11-2004 17:52 70656]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2-9-2009 16:40 64288]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [11-11-2004 17:53 77312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 14:16 130384]
S2 Nmpdrv_N;Nmpdrv_N USB Controller Service; [x]
S3 aeaudio2;AE USB Audio Driver2 (WDM);c:\windows\system32\drivers\AEAudio2.sys [21-12-2009 17:18 113664]
S3 aeaudiol;AE USB Audio Driver-Lower (WDM);c:\windows\system32\drivers\AEAudioL.sys [21-12-2009 17:18 15104]
S3 EMCR;EMCR;c:\windows\system32\drivers\emcr7sk.sys [11-11-2004 17:52 68224]
S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [31-10-2008 17:11 23096]
S3 MusCVideo;MusCVideo;c:\windows\system32\drivers\MusCVideo.sys [31-10-2008 17:11 3768]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [21-9-2008 17:06 223128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 14:16 753504]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21-9-2008 17:00 642560]
.
Inhoud van de 'Gedeelde Taken' map
.
2011-07-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]
.
2011-07-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-16 06:39]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = localhost;*.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://download.ewido.net/ewidoOnlineScan.cab
DPF: {1D185838-009D-47C8-824B-B65B4854430E} - hxxp://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - hxxp://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab
FF - ProfilePath - c:\documents and settings\gebruiker\Application Data\Mozilla\Firefox\Profiles\0a42b5n7.Standaardgebruiker\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=nl&t=3|http://www.google.com/search?hl=nl&client=ig&q=weather+Amsterdam
FF - Ext: IE View: {6e84150a-d526-41f1-a480-a67d3fed910d} - %profile%\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\AVG\AVG10\Firefox4
.
- - - - ORPHANS VERWIJDERD - - - -
.
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
AddRemove-Grootwoordenboek Nederlands-Engels en Engels-Nederlands - c:\windows\IsUn0413.exe
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0413.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\documents and settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}\bm_installer.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-18 06:03
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•¤|ÿÿÿÿ•¤|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(676)
c:\windows\system32\Ati2evxx.dll
.
Voltooingstijd: 2011-07-18 06:05:54
ComboFix-quarantined-files.txt 2011-07-18 04:05
ComboFix2.txt 2010-11-11 11:50
ComboFix3.txt 2010-08-20 17:09
ComboFix4.txt 2010-02-11 21:53
ComboFix5.txt 2011-07-18 03:54
.
Pre-Run: 15.613.095.936 bytes beschikbaar
Post-Run: 15.654.862.848 bytes beschikbaar
.
Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - CF3061249398D9A85167615DFF555FDE

Abraham54 18 juli 2011, 10:45

Hoi Diana, ComboFix heeft dus al het een ander verwijdert, wat niet in Windows hoort te zitten!
Maar de lengte van dit log bevordert niet bepaald het overzicht - daar kan jij ook niks aan doen hoor.
We doen het opnieuw nu via een script!
Open een nieuw kladblok bestand, via "Start\Alle programma’s\Bureau-accessoires\Kladblok".
Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster
[color=Blue:6c5fa03717]KILLALL::
[/color:6c5fa03717]

Sla dit kladblokbestand op je bureaublad op als CFScript.txt.
[color=Red:6c5fa03717]Nu eerst de antivirus deaktiveren![/color:6c5fa03717]
Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.
Post het Combofix log dat na het opnieuw starten wordt getoond!

diana 18 juli 2011, 10:55

Dat wordt vanavond, want ik ben nu elders.
Ik heb Combofix nog een keer laten draaien na die lange uitdraai, en toen was de log veel korter.
Evengoed jouw procedure doen?

Abraham54 18 juli 2011, 11:22

Post dan vanavond dat tweede log, terug te vinden als C:\ComboFix2.txt

diana 18 juli 2011, 20:19

Abraham54:
Post dan vanavond dat tweede log, terug te vinden als C:\ComboFix2.txt

Daar staat het niet, maar ik denk dat het deze is:
ComboFix 11-07-17.03 - gebruiker 18-07-2011 6:45.18.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1509 [GMT 2:00]
Gestart vanuit: c:\documents and settings\gebruiker\Bureaublad\ComboFix.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-06-18 to 2011-07-18 ))))))))))))))))))))))))))))))
.
.
2011-07-17 06:28 . 2011-07-17 17:20 -------- d--h--r- c:\documents and settings\gebruiker\Onlangs geopend
2011-07-08 12:08 . 2011-07-08 12:08 -------- d-----w- c:\documents and settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-07-08 12:02 . 2011-07-08 12:02 -------- d-----w- c:\program files\Uniblue
2011-07-08 12:02 . 2011-07-08 12:02 -------- d-----w- c:\documents and settings\gebruiker\Local Settings\Application Data\PackageAware
2011-07-08 09:30 . 2011-07-08 09:30 -------- d-----w- c:\program files\VS Revo Group
2011-07-07 10:15 . 2011-07-07 10:15 -------- d-----w- c:\program files\Common Files\Java
2011-06-29 18:39 . 2011-06-29 18:39 -------- d-----w- c:\documents and settings\gebruiker\Application Data\Ambient Design
2011-06-29 18:39 . 2011-06-29 18:39 -------- d-----w- c:\program files\Ambient Design
2011-06-27 14:18 . 2011-06-29 18:35 -------- d-----w- c:\documents and settings\gebruiker\Application Data\inkscape
2011-06-27 14:01 . 2008-04-14 17:02 116736 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2011-06-27 14:01 . 2001-09-06 19:27 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2011-06-27 14:01 . 2008-04-14 17:02 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2011-06-27 14:01 . 2001-09-06 19:27 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2011-06-27 14:01 . 2001-09-06 19:27 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2011-06-27 14:00 . 2001-09-06 19:27 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2011-06-27 14:00 . 2001-08-17 18:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2011-06-27 14:00 . 2004-08-03 20:29 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2011-06-27 14:00 . 2004-08-03 20:29 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2011-06-27 14:00 . 2008-04-13 18:36 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2011-06-27 14:00 . 2004-08-03 20:31 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2011-06-27 14:00 . 2001-09-06 17:08 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2011-06-27 14:00 . 2001-08-17 19:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2011-06-27 14:00 . 2001-09-06 19:27 54272 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2011-06-27 14:00 . 2001-09-06 19:27 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2011-06-27 13:58 . 2001-08-17 19:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys
2011-06-27 13:58 . 2001-08-17 19:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys
2011-06-27 13:58 . 2001-08-17 19:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys
2011-06-27 13:58 . 2001-08-17 19:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2011-06-27 13:58 . 2001-08-17 19:28 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys
2011-06-27 13:58 . 2001-08-17 19:28 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys
2011-06-27 13:58 . 2001-08-17 19:28 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys
2011-06-27 13:58 . 2001-08-17 19:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys
2011-06-27 13:58 . 2004-08-03 22:55 32384 -c--a-w- c:\windows\system32\dllcache\usb101et.sys
2011-06-27 13:58 . 2001-09-06 19:27 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll
2011-06-27 13:58 . 2001-09-06 19:27 28160 -c--a-w- c:\windows\system32\dllcache\umaxu40.dll
2011-06-27 13:58 . 2001-09-06 19:27 26624 -c--a-w- c:\windows\system32\dllcache\umaxu22.dll
2011-06-27 13:57 . 2001-09-06 19:27 69632 -c--a-w- c:\windows\system32\dllcache\umaxu12.dll
2011-06-27 13:57 . 2001-09-06 19:27 50688 -c--a-w- c:\windows\system32\dllcache\umaxscan.dll
2011-06-27 13:57 . 2001-08-17 19:58 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys
2011-06-27 13:57 . 2001-09-06 19:27 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll
2011-06-27 13:57 . 2001-09-06 19:27 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2011-06-27 13:57 . 2001-09-06 19:27 212480 -c--a-w- c:\windows\system32\dllcache\um54scan.dll
2011-06-27 13:57 . 2001-09-06 19:27 216576 -c--a-w- c:\windows\system32\dllcache\um34scan.dll
2011-06-27 13:57 . 2001-08-17 19:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys
2011-06-27 13:57 . 2001-08-17 18:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys
2011-06-27 13:57 . 2001-09-06 19:27 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll
2011-06-27 13:56 . 2001-08-17 18:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys
2011-06-27 13:56 . 2001-09-06 19:26 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll
2011-06-27 13:56 . 2001-08-17 18:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys
2011-06-27 13:56 . 2001-09-06 19:26 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2011-06-27 13:56 . 2001-08-17 18:12 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys
2011-06-27 13:56 . 2001-09-06 19:26 43008 -c--a-w- c:\windows\system32\dllcache\tp4res.dll
2011-06-27 13:56 . 2008-04-14 17:03 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe
2011-06-27 13:56 . 2001-09-06 19:27 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll
2011-06-27 13:56 . 2001-08-17 20:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2011-06-27 13:56 . 2001-08-17 20:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys
2011-06-27 13:56 . 2001-08-17 18:10 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys
2011-06-27 13:55 . 2001-08-17 18:14 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys
2011-06-27 13:55 . 2001-08-17 18:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2011-06-27 13:55 . 2001-09-06 19:26 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll
2011-06-27 13:55 . 2008-04-13 18:40 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys
2011-06-27 13:55 . 2001-08-17 18:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys
2011-06-27 13:55 . 2001-08-17 18:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys
2011-06-27 13:55 . 2001-08-17 19:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys
2011-06-27 13:55 . 2001-08-17 19:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys
2011-06-27 13:55 . 2001-08-17 18:50 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys
2011-06-27 13:55 . 2001-09-06 19:26 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll
2011-06-27 13:55 . 2001-09-06 19:27 94293 -c--a-w- c:\windows\system32\dllcache\sxports.dll
2011-06-27 13:54 . 2001-08-17 19:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2011-06-27 13:54 . 2001-08-17 20:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys
2011-06-27 13:54 . 2001-09-06 19:27 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll
2011-06-27 13:54 . 2001-09-06 19:27 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll
2011-06-27 13:54 . 2001-09-06 19:27 53760 -c--a-w- c:\windows\system32\dllcache\sw_wheel.dll
2011-06-27 13:54 . 2001-09-06 19:27 41472 -c--a-w- c:\windows\system32\dllcache\sw_effct.dll
2011-06-27 13:54 . 2001-09-06 19:27 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll
2011-06-27 13:54 . 2001-09-06 19:27 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll
2011-06-27 13:54 . 2001-09-06 16:20 286432 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2011-06-27 13:54 . 2001-09-06 16:19 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys
2011-06-27 13:54 . 2001-08-17 18:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2011-06-27 13:53 . 2001-09-06 19:27 99840 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2011-06-27 13:53 . 2001-09-06 19:27 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll
2011-06-27 13:53 . 2001-08-17 19:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2011-06-27 13:53 . 2001-09-06 19:27 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll
2011-06-27 13:53 . 2001-08-17 19:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2011-06-27 13:53 . 2001-08-17 18:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys
2011-06-27 13:53 . 2001-09-06 19:27 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2011-06-27 13:53 . 2001-08-17 18:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys
2011-06-27 13:53 . 2001-08-17 19:53 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys
2011-06-27 13:53 . 2008-04-13 18:40 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys
2011-06-27 13:53 . 2004-08-04 12:00 143422 -c--a-w- c:\windows\system32\dllcache\softkey.dll
2011-06-27 13:53 . 2001-08-17 19:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2011-06-27 13:52 . 2001-08-17 18:51 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys
2011-06-27 13:52 . 2001-09-06 19:26 147200 -c--a-w- c:\windows\system32\dllcache\smidispb.dll
2011-06-27 13:52 . 2001-08-17 18:12 25034 -c--a-w- c:\windows\system32\dllcache\smcpwr2n.sys
2011-06-27 13:52 . 2001-09-06 18:56 36425 -c--a-w- c:\windows\system32\dllcache\smcirda.sys
2011-06-27 13:52 . 2001-08-17 18:12 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys
2011-06-27 13:52 . 2001-08-17 19:57 6784 -c--a-w- c:\windows\system32\dllcache\smbhc.sys
2011-06-27 13:52 . 2008-04-13 18:36 6912 -c--a-w- c:\windows\system32\dllcache\smbclass.sys
2011-06-27 13:52 . 2008-04-13 18:36 16000 -c--a-w- c:\windows\system32\dllcache\smbbatt.sys
2011-06-27 13:52 . 2001-09-06 19:27 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll
2011-06-27 13:52 . 2001-09-06 19:27 33792 -c--a-w- c:\windows\system32\dllcache\smb0w.dll
2011-06-27 13:52 . 2001-09-06 19:27 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll
2011-06-27 13:51 . 2001-09-06 19:27 28160 -c--a-w- c:\windows\system32\dllcache\sm91w.dll
2011-06-27 13:51 . 2004-08-03 20:31 63547 -c--a-w- c:\windows\system32\dllcache\sla30nd5.sys
2011-06-27 13:51 . 2001-08-17 18:12 91294 -c--a-w- c:\windows\system32\dllcache\skfpwin.sys
2011-06-27 13:51 . 2001-09-06 18:53 95146 -c--a-w- c:\windows\system32\dllcache\sk98xwin.sys
2011-06-27 13:51 . 2001-09-06 19:26 157696 -c--a-w- c:\windows\system32\dllcache\sisv256.dll
2011-06-27 13:51 . 2001-08-17 18:50 50432 -c--a-w- c:\windows\system32\dllcache\sisv.sys
2011-06-27 13:51 . 2001-09-06 19:27 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll
2011-06-27 13:51 . 2001-08-17 18:50 104064 -c--a-w- c:\windows\system32\dllcache\sisgrp.sys
2011-06-27 13:51 . 2001-09-06 19:26 150144 -c--a-w- c:\windows\system32\dllcache\sis6306v.dll
2011-06-27 13:51 . 2001-08-17 18:50 68608 -c--a-w- c:\windows\system32\dllcache\sis6306p.sys
2011-06-27 13:51 . 2001-09-06 18:49 161760 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
2011-06-27 13:50 . 2001-07-21 20:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2011-06-27 13:50 . 2001-08-17 18:51 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys
2011-06-27 13:50 . 2001-09-06 19:26 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll
2011-06-27 13:50 . 2001-08-17 18:19 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys
2011-06-27 13:50 . 2001-09-06 18:47 6912 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2011-06-27 13:50 . 2001-09-06 18:47 18176 -c--a-w- c:\windows\system32\dllcache\sermouse.sys
2011-06-27 13:50 . 2001-08-17 19:53 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys
2011-06-27 13:50 . 2008-04-13 18:45 11520 -c--a-w- c:\windows\system32\dllcache\scsiscan.sys
2011-06-27 13:50 . 2001-08-17 19:52 11648 -c--a-w- c:\windows\system32\dllcache\scsiprnt.sys
2011-06-27 13:50 . 2001-09-06 18:44 17536 -c--a-w- c:\windows\system32\dllcache\scr111.sys
2011-06-27 13:50 . 2001-09-06 18:44 16768 -c--a-w- c:\windows\system32\dllcache\scmstcs.sys
2011-06-27 13:50 . 2001-08-17 19:51 23936 -c--a-w- c:\windows\system32\dllcache\sccmusbm.sys
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-29 04:24 . 2010-09-16 19:47 25992 ----a-w- c:\windows\system32\pgdfgsvc.exe
2011-06-24 07:10 . 2011-05-19 07:22 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-06 11:35 . 2005-03-01 20:21 1859072 ----a-w- c:\windows\system32\win32k.sys
2011-05-04 02:52 . 2010-06-06 07:14 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2009-06-19 14:51 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-05-02 15:31 . 2005-03-01 20:19 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2005-03-01 20:20 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2005-03-01 20:19 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-26 11:07 . 2005-03-01 20:21 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-04-26 11:07 . 2005-03-01 20:18 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-04-25 16:05 . 2005-03-01 20:21 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:05 . 2005-03-01 20:19 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:05 . 2005-03-01 20:19 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01 . 2005-03-01 20:18 385024 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37 . 2005-03-01 20:20 105472 ----a-w- c:\windows\system32\drivers\mup.sys
.
.
((((((((((((((((((((((((((((( SnapShot_2011-07-18_04.03.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-18 04:42 . 2011-07-18 04:42 16384 c:\windows\temp\Perflib_Perfdata_76c.dat
+ 2005-05-11 18:20 . 2011-07-18 04:42 12341 c:\windows\system32\Tablet.dat
- 2005-05-11 18:20 . 2011-07-18 03:52 12341 c:\windows\system32\Tablet.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2008-04-24 368640]
"SoftAuto.exe"="c:\program files\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JWOSetup"="JWOSetup.exe -en" [X]
"SoundMan"="SOUNDMAN.EXE" [2003-12-19 65024]
"ezShieldProtector for Px"="c:\windows\system32\ezSP_Px.exe" [2002-08-20 40960]
"CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2008-01-08 864256]
"AudioCommander"="c:\program files\Andrea Electronics\AudioCommander\AudioCommander.exe" [2008-08-29 888832]
"AEFltrs"="c:\program files\Andrea Electronics\AudioCommander\AEFltrs.exe" [2008-08-29 741376]
"VoiceCenter"="c:\program files\Andrea Electronics\VoiceCenter\AndreaVC.exe" [2008-07-31 1134592]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^TabUserW.exe.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\TabUserW.exe.lnk
backup=c:\windows\pss\TabUserW.exe.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^gebruiker^Menu Start^Programma's^Opstarten^Last.fm Helper.lnk]
path=c:\documents and settings\gebruiker\Menu Start\Programma's\Opstarten\Last.fm Helper.lnk
backup=c:\windows\pss\Last.fm Helper.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2007-08-31 10:01 1037736 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-02-16 15:15 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-16 15:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-04-26 23:22 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2007-08-31 19:13 988584 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
2004-04-28 13:10 73728 ------w- c:\program files\Logitech\MediaLife\MediaLifeService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2003-11-10 14:06 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]
2005-07-15 21:48 479232 ----a-w- c:\program files\Google\Gmail Notifier\gnotify.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Soulseek\\slsk.exe"=
"c:\\Program Files\\DropUpload\\DropUpLoad.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\GigaTribe\\gigatribe.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4210:TCP"= 4210:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 fasttrak;fasttrak;c:\windows\system32\drivers\fasttrak.sys [11-11-2004 17:52 70656]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2-9-2009 16:40 64288]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [11-11-2004 17:53 77312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 14:16 130384]
S2 Nmpdrv_N;Nmpdrv_N USB Controller Service; [x]
S3 aeaudio2;AE USB Audio Driver2 (WDM);c:\windows\system32\drivers\AEAudio2.sys [21-12-2009 17:18 113664]
S3 aeaudiol;AE USB Audio Driver-Lower (WDM);c:\windows\system32\drivers\AEAudioL.sys [21-12-2009 17:18 15104]
S3 EMCR;EMCR;c:\windows\system32\drivers\emcr7sk.sys [11-11-2004 17:52 68224]
S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [31-10-2008 17:11 23096]
S3 MusCVideo;MusCVideo;c:\windows\system32\drivers\MusCVideo.sys [31-10-2008 17:11 3768]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [21-9-2008 17:06 223128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 14:16 753504]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21-9-2008 17:00 642560]
.
Inhoud van de 'Gedeelde Taken' map
.
2011-07-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]
.
2011-07-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-16 06:39]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = localhost;*.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://download.ewido.net/ewidoOnlineScan.cab
DPF: {1D185838-009D-47C8-824B-B65B4854430E} - hxxp://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - hxxp://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab
FF - ProfilePath - c:\documents and settings\gebruiker\Application Data\Mozilla\Firefox\Profiles\0a42b5n7.Standaardgebruiker\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=nl&t=3|http://www.google.com/search?hl=nl&client=ig&q=weather+Amsterdam
FF - Ext: IE View: {6e84150a-d526-41f1-a480-a67d3fed910d} - %profile%\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\AVG\AVG10\Firefox4
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-18 06:52
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•¤|ÿÿÿÿ•¤|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(676)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3708)
c:\windows\system32\tabhook.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Voltooingstijd: 2011-07-18 06:55:16
ComboFix-quarantined-files.txt 2011-07-18 04:55
ComboFix2.txt 2011-07-18 04:05
ComboFix3.txt 2010-11-11 11:50
ComboFix4.txt 2010-08-20 17:09
ComboFix5.txt 2011-07-18 04:45
.
Pre-Run: 15.653.863.424 bytes beschikbaar
Post-Run: 15.644.160.000 bytes beschikbaar
.
Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - D9D9B99A5CBB26968578E19B4E23BF33

Abraham54 19 juli 2011, 00:15

Hoi Diana, het volgende script verwijdert Lavasoft AdAware:
open een nieuw kladblok bestand, via "Start\Alle programma’s\Bureau-accessoires\Kladblok".
Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster
[color=Blue:6e1126809b]Folder::
c:\program files\Lavasoft
c:\programdata\Lavasoft[/color:6e1126809b]

Sla dit kladblokbestand op je bureaublad op als CFScript.txt.
[color=Red:6e1126809b]Nu eerst de antivirus deaktiveren![/color:6e1126809b]
Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.
Post het Combofix log dat na het opnieuw starten wordt getoond!

diana 19 juli 2011, 09:19

ComboFix 11-07-19.01 - gebruiker 19-07-2011 8:55.19.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1600 [GMT 2:00]
Gestart vanuit: c:\documents and settings\gebruiker\Bureaublad\ComboFix.exe
gebruikte Opdracht switches :: c:\documents and settings\gebruiker\Bureaublad\CFScript.txt
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Lavasoft
c:\program files\Lavasoft\Ad-Aware\ShellExt.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_Lavasoft_Ad-Aware_Service
-------\Service_Lavasoft Ad-Aware Service
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-06-19 to 2011-07-19 ))))))))))))))))))))))))))))))
.
.
2011-07-18 05:03 . 2011-07-08 07:48 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-07-18 05:03 . 2011-07-08 07:48 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-07-18 05:03 . 2011-07-08 07:48 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-07-18 05:03 . 2011-07-08 07:48 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-07-18 05:03 . 2011-07-08 07:48 1850328 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-07-18 05:03 . 2011-07-08 07:48 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-07-18 05:03 . 2010-01-01 08:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-07-18 05:03 . 2010-01-01 08:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-07-17 06:28 . 2011-07-19 06:51 -------- d--h--r- c:\documents and settings\gebruiker\Onlangs geopend
2011-07-08 12:08 . 2011-07-08 12:08 -------- d-----w- c:\documents and settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-07-08 12:02 . 2011-07-08 12:02 -------- d-----w- c:\program files\Uniblue
2011-07-08 12:02 . 2011-07-08 12:02 -------- d-----w- c:\documents and settings\gebruiker\Local Settings\Application Data\PackageAware
2011-07-08 09:30 . 2011-07-08 09:30 -------- d-----w- c:\program files\VS Revo Group
2011-07-07 10:15 . 2011-07-07 10:15 -------- d-----w- c:\program files\Common Files\Java
2011-06-29 18:39 . 2011-06-29 18:39 -------- d-----w- c:\documents and settings\gebruiker\Application Data\Ambient Design
2011-06-29 18:39 . 2011-06-29 18:39 -------- d-----w- c:\program files\Ambient Design
2011-06-27 14:18 . 2011-06-29 18:35 -------- d-----w- c:\documents and settings\gebruiker\Application Data\inkscape
2011-06-27 14:01 . 2008-04-14 17:02 116736 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2011-06-27 14:01 . 2001-09-06 19:27 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2011-06-27 14:01 . 2008-04-14 17:02 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2011-06-27 14:01 . 2001-09-06 19:27 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2011-06-27 14:01 . 2001-09-06 19:27 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2011-06-27 14:00 . 2001-09-06 19:27 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2011-06-27 14:00 . 2001-08-17 18:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2011-06-27 14:00 . 2004-08-03 20:29 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2011-06-27 14:00 . 2004-08-03 20:29 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2011-06-27 14:00 . 2008-04-13 18:36 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2011-06-27 14:00 . 2004-08-03 20:31 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2011-06-27 14:00 . 2001-09-06 17:08 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2011-06-27 14:00 . 2001-08-17 19:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2011-06-27 14:00 . 2001-09-06 19:27 54272 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2011-06-27 14:00 . 2001-09-06 19:27 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2011-06-27 13:58 . 2001-08-17 19:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys
2011-06-27 13:58 . 2001-08-17 19:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys
2011-06-27 13:58 . 2001-08-17 19:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys
2011-06-27 13:58 . 2001-08-17 19:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys
2011-06-27 13:58 . 2001-08-17 19:28 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys
2011-06-27 13:58 . 2001-08-17 19:28 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys
2011-06-27 13:58 . 2001-08-17 19:28 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys
2011-06-27 13:58 . 2001-08-17 19:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys
2011-06-27 13:58 . 2004-08-03 22:55 32384 -c--a-w- c:\windows\system32\dllcache\usb101et.sys
2011-06-27 13:58 . 2001-09-06 19:27 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll
2011-06-27 13:58 . 2001-09-06 19:27 28160 -c--a-w- c:\windows\system32\dllcache\umaxu40.dll
2011-06-27 13:58 . 2001-09-06 19:27 26624 -c--a-w- c:\windows\system32\dllcache\umaxu22.dll
2011-06-27 13:57 . 2001-09-06 19:27 69632 -c--a-w- c:\windows\system32\dllcache\umaxu12.dll
2011-06-27 13:57 . 2001-09-06 19:27 50688 -c--a-w- c:\windows\system32\dllcache\umaxscan.dll
2011-06-27 13:57 . 2001-08-17 19:58 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys
2011-06-27 13:57 . 2001-09-06 19:27 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll
2011-06-27 13:57 . 2001-09-06 19:27 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2011-06-27 13:57 . 2001-09-06 19:27 212480 -c--a-w- c:\windows\system32\dllcache\um54scan.dll
2011-06-27 13:57 . 2001-09-06 19:27 216576 -c--a-w- c:\windows\system32\dllcache\um34scan.dll
2011-06-27 13:57 . 2001-08-17 19:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys
2011-06-27 13:57 . 2001-08-17 18:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys
2011-06-27 13:57 . 2001-09-06 19:27 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll
2011-06-27 13:56 . 2001-08-17 18:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys
2011-06-27 13:56 . 2001-09-06 19:26 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll
2011-06-27 13:56 . 2001-08-17 18:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys
2011-06-27 13:56 . 2001-09-06 19:26 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2011-06-27 13:56 . 2001-08-17 18:12 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys
2011-06-27 13:56 . 2001-09-06 19:26 43008 -c--a-w- c:\windows\system32\dllcache\tp4res.dll
2011-06-27 13:56 . 2008-04-14 17:03 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe
2011-06-27 13:56 . 2001-09-06 19:27 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll
2011-06-27 13:56 . 2001-08-17 20:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2011-06-27 13:56 . 2001-08-17 20:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys
2011-06-27 13:56 . 2001-08-17 18:10 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys
2011-06-27 13:55 . 2001-08-17 18:14 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys
2011-06-27 13:55 . 2001-08-17 18:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2011-06-27 13:55 . 2001-09-06 19:26 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll
2011-06-27 13:55 . 2008-04-13 18:40 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys
2011-06-27 13:55 . 2001-08-17 18:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys
2011-06-27 13:55 . 2001-08-17 18:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys
2011-06-27 13:55 . 2001-08-17 19:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys
2011-06-27 13:55 . 2001-08-17 19:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys
2011-06-27 13:55 . 2001-08-17 18:50 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys
2011-06-27 13:55 . 2001-09-06 19:26 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll
2011-06-27 13:55 . 2001-09-06 19:27 94293 -c--a-w- c:\windows\system32\dllcache\sxports.dll
2011-06-27 13:54 . 2001-08-17 19:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2011-06-27 13:54 . 2001-08-17 20:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys
2011-06-27 13:54 . 2001-09-06 19:27 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll
2011-06-27 13:54 . 2001-09-06 19:27 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll
2011-06-27 13:54 . 2001-09-06 19:27 53760 -c--a-w- c:\windows\system32\dllcache\sw_wheel.dll
2011-06-27 13:54 . 2001-09-06 19:27 41472 -c--a-w- c:\windows\system32\dllcache\sw_effct.dll
2011-06-27 13:54 . 2001-09-06 19:27 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll
2011-06-27 13:54 . 2001-09-06 19:27 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll
2011-06-27 13:54 . 2001-09-06 16:20 286432 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2011-06-27 13:54 . 2001-09-06 16:19 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys
2011-06-27 13:54 . 2001-08-17 18:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2011-06-27 13:53 . 2001-09-06 19:27 99840 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2011-06-27 13:53 . 2001-09-06 19:27 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll
2011-06-27 13:53 . 2001-08-17 19:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2011-06-27 13:53 . 2001-09-06 19:27 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll
2011-06-27 13:53 . 2001-08-17 19:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2011-06-27 13:53 . 2001-08-17 18:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys
2011-06-27 13:53 . 2001-09-06 19:27 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2011-06-27 13:53 . 2001-08-17 18:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys
2011-06-27 13:53 . 2001-08-17 19:53 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys
2011-06-27 13:53 . 2008-04-13 18:40 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys
2011-06-27 13:53 . 2004-08-04 12:00 143422 -c--a-w- c:\windows\system32\dllcache\softkey.dll
2011-06-27 13:53 . 2001-08-17 19:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2011-06-27 13:52 . 2001-08-17 18:51 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys
2011-06-27 13:52 . 2001-09-06 19:26 147200 -c--a-w- c:\windows\system32\dllcache\smidispb.dll
2011-06-27 13:52 . 2001-08-17 18:12 25034 -c--a-w- c:\windows\system32\dllcache\smcpwr2n.sys
2011-06-27 13:52 . 2001-09-06 18:56 36425 -c--a-w- c:\windows\system32\dllcache\smcirda.sys
2011-06-27 13:52 . 2001-08-17 18:12 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys
2011-06-27 13:52 . 2001-08-17 19:57 6784 -c--a-w- c:\windows\system32\dllcache\smbhc.sys
2011-06-27 13:52 . 2008-04-13 18:36 6912 -c--a-w- c:\windows\system32\dllcache\smbclass.sys
2011-06-27 13:52 . 2008-04-13 18:36 16000 -c--a-w- c:\windows\system32\dllcache\smbbatt.sys
2011-06-27 13:52 . 2001-09-06 19:27 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll
2011-06-27 13:52 . 2001-09-06 19:27 33792 -c--a-w- c:\windows\system32\dllcache\smb0w.dll
2011-06-27 13:52 . 2001-09-06 19:27 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll
2011-06-27 13:51 . 2001-09-06 19:27 28160 -c--a-w- c:\windows\system32\dllcache\sm91w.dll
2011-06-27 13:51 . 2004-08-03 20:31 63547 -c--a-w- c:\windows\system32\dllcache\sla30nd5.sys
2011-06-27 13:51 . 2001-08-17 18:12 91294 -c--a-w- c:\windows\system32\dllcache\skfpwin.sys
2011-06-27 13:51 . 2001-09-06 18:53 95146 -c--a-w- c:\windows\system32\dllcache\sk98xwin.sys
2011-06-27 13:51 . 2001-09-06 19:26 157696 -c--a-w- c:\windows\system32\dllcache\sisv256.dll
2011-06-27 13:51 . 2001-08-17 18:50 50432 -c--a-w- c:\windows\system32\dllcache\sisv.sys
2011-06-27 13:51 . 2001-09-06 19:27 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll
2011-06-27 13:51 . 2001-08-17 18:50 104064 -c--a-w- c:\windows\system32\dllcache\sisgrp.sys
2011-06-27 13:51 . 2001-09-06 19:26 150144 -c--a-w- c:\windows\system32\dllcache\sis6306v.dll
2011-06-27 13:51 . 2001-08-17 18:50 68608 -c--a-w- c:\windows\system32\dllcache\sis6306p.sys
2011-06-27 13:51 . 2001-09-06 18:49 161760 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys
2011-06-27 13:50 . 2001-07-21 20:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2011-06-27 13:50 . 2001-08-17 18:51 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys
2011-06-27 13:50 . 2001-09-06 19:26 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll
2011-06-27 13:50 . 2001-08-17 18:19 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-06 17:52 . 2011-06-18 06:03 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 17:52 . 2011-06-18 06:03 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-29 04:24 . 2010-09-16 19:47 25992 ----a-w- c:\windows\system32\pgdfgsvc.exe
2011-06-24 07:10 . 2011-05-19 07:22 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-06 11:35 . 2005-03-01 20:21 1859072 ----a-w- c:\windows\system32\win32k.sys
2011-05-04 02:52 . 2010-06-06 07:14 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2009-06-19 14:51 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-05-02 15:31 . 2005-03-01 20:19 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2005-03-01 20:20 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2005-03-01 20:19 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-26 11:07 . 2005-03-01 20:21 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-04-26 11:07 . 2005-03-01 20:18 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-04-25 16:05 . 2005-03-01 20:21 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:05 . 2005-03-01 20:19 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:05 . 2005-03-01 20:19 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01 . 2005-03-01 20:18 385024 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37 . 2005-03-01 20:20 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-07-08 07:48 . 2011-07-18 05:03 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-07-18_04.03.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-19 07:03 . 2011-07-19 07:03 16384 c:\windows\temp\Perflib_Perfdata_6f8.dat
+ 2005-05-11 18:20 . 2011-07-19 07:03 12341 c:\windows\system32\Tablet.dat
- 2005-05-11 18:20 . 2011-07-18 03:52 12341 c:\windows\system32\Tablet.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2008-04-24 368640]
"SoftAuto.exe"="c:\program files\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JWOSetup"="JWOSetup.exe -en" [X]
"SoundMan"="SOUNDMAN.EXE" [2003-12-19 65024]
"ezShieldProtector for Px"="c:\windows\system32\ezSP_Px.exe" [2002-08-20 40960]
"CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2008-01-08 864256]
"AudioCommander"="c:\program files\Andrea Electronics\AudioCommander\AudioCommander.exe" [2008-08-29 888832]
"AEFltrs"="c:\program files\Andrea Electronics\AudioCommander\AEFltrs.exe" [2008-08-29 741376]
"VoiceCenter"="c:\program files\Andrea Electronics\VoiceCenter\AndreaVC.exe" [2008-07-31 1134592]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^TabUserW.exe.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\TabUserW.exe.lnk
backup=c:\windows\pss\TabUserW.exe.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^gebruiker^Menu Start^Programma's^Opstarten^Last.fm Helper.lnk]
path=c:\documents and settings\gebruiker\Menu Start\Programma's\Opstarten\Last.fm Helper.lnk
backup=c:\windows\pss\Last.fm Helper.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2007-08-31 10:01 1037736 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-02-16 15:15 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-16 15:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-04-26 23:22 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2007-08-31 19:13 988584 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
2004-04-28 13:10 73728 ------w- c:\program files\Logitech\MediaLife\MediaLifeService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2003-11-10 14:06 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]
2005-07-15 21:48 479232 ----a-w- c:\program files\Google\Gmail Notifier\gnotify.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Soulseek\\slsk.exe"=
"c:\\Program Files\\DropUpload\\DropUpLoad.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\GigaTribe\\gigatribe.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4210:TCP"= 4210:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 fasttrak;fasttrak;c:\windows\system32\drivers\fasttrak.sys [11-11-2004 17:52 70656]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2-9-2009 16:40 64288]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [11-11-2004 17:53 77312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 14:16 130384]
S2 Nmpdrv_N;Nmpdrv_N USB Controller Service; [x]
S3 aeaudio2;AE USB Audio Driver2 (WDM);c:\windows\system32\drivers\AEAudio2.sys [21-12-2009 17:18 113664]
S3 aeaudiol;AE USB Audio Driver-Lower (WDM);c:\windows\system32\drivers\AEAudioL.sys [21-12-2009 17:18 15104]
S3 EMCR;EMCR;c:\windows\system32\drivers\emcr7sk.sys [11-11-2004 17:52 68224]
S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [31-10-2008 17:11 23096]
S3 MusCVideo;MusCVideo;c:\windows\system32\drivers\MusCVideo.sys [31-10-2008 17:11 3768]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [21-9-2008 17:06 223128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 14:16 753504]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21-9-2008 17:00 642560]
.
Inhoud van de 'Gedeelde Taken' map
.
2011-07-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]
.
2011-07-19 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-16 06:39]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = localhost;*.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://download.ewido.net/ewidoOnlineScan.cab
DPF: {1D185838-009D-47C8-824B-B65B4854430E} - hxxp://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - hxxp://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab
FF - ProfilePath - c:\documents and settings\gebruiker\Application Data\Mozilla\Firefox\Profiles\0a42b5n7.Standaardgebruiker\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=nl&t=3|http://www.google.com/search?hl=nl&client=ig&q=weather+Amsterdam
.
- - - - ORPHANS VERWIJDERD - - - -
.
SafeBoot-Lavasoft Ad-Aware Service
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-19 09:12
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•¤|ÿÿÿÿ•¤|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(680)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(616)
c:\windows\system32\tabhook.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Creative\Shared Files\CTDevSrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\Tablet.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Voltooingstijd: 2011-07-19 09:16:59 - machine werd herstart
ComboFix-quarantined-files.txt 2011-07-19 07:16
ComboFix2.txt 2011-07-18 04:55
ComboFix3.txt 2011-07-18 04:05
ComboFix4.txt 2010-11-11 11:50
ComboFix5.txt 2011-07-19 06:53
.
Pre-Run: 15.608.811.520 bytes beschikbaar
Post-Run: 15.612.473.344 bytes beschikbaar
.
Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 0EA4F0DCE095271D2A12FAB90E1650D5
NB Lavasoft is weg uit Programfiles, maar Ad-Aware staat nog wel steeds in de lijst 'Software'.
Zo te zien is die vervelende 'service' van Lavasoft uitgeschakeld.

Abraham54 19 juli 2011, 09:43

Hoi Diana, die AAW-service moet nu inderdaad weg zijn.
Wat gebeurt er indien in de Sofwarelijst op Lavasoft klikt?
Krijg je dan de melding van Windows dit iten uit de lijst te laten verwijderen?

diana 19 juli 2011, 10:04

Abraham54:
Hoi Diana, die AAW-service moet nu inderdaad weg zijn.
Wat gebeurt er indien in de Sofwarelijst op Lavasoft klikt?
Krijg je dan de melding van Windows dit iten uit de lijst te laten verwijderen?

Nee, er komt geen verwijderoptie, zoals bij de andere software.
Kan ik nu AVG weer installeren?

Abraham54 19 juli 2011, 10:13

Ik zal je mijn lijstje over gratis antivirusprogramma's geven:
Lijst bekende en goede gratis antivirusprogramma's
Tip: Avast 6\2011 Free is de enigste, die een aantal onderdelen aan boord heeft, die je verder alleen aantreft bij betaalde antivirusprogramma's en staat daarom internationaal als beste gratis alternatief te boek.
Avast speelt dus duidelijk op de nieuwe bedreigingen van het internet in!
Bovendien merk je nauwelijks, dat Avast draait!
Ook heeft Avast een "zandbox" aan boord, waarin je veilig programma's kan testen!
Downloadlink Avast 6 Free
Andere gratis alternatieven:
Panda Cloud Antivirus - downloadlink
AVG Free 2011 - downloadlink
Avira Antivir - downloadlink
Microsoft Security Essentials - downloadlink

De rangschikking van de programma's is gedaan naar ratio van de beveiliging en herkenning van malware.
En je mag eerst het volgende doen:
ComboFix mag nu verwijderd worden:
[list:7e1220af62][*:7e1220af62] ga daarvoor naar Start - Uitvoeren
[*:7e1220af62] kopieer en plak hierin het volgende: Combofix /Uninstall
[*:7e1220af62] klik daarna op OK.
[*:7e1220af62] indien het goed is, krijg je vervolgens een melding, dat Combofix verwijderd werd.[/list:u:7e1220af62]
Voorbeeld:

Uitvoeren kan ook gestart worden door de toetsen "Windowstoets + R" gelijktijdig in te drukken.
Dit zal Combofix verwijderen inclusief gerelateerde mappen en bestanden,
herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies,
gaat verborgen bestanden en systeembestanden terug verbergen
en reset je Systeemherstel opnieuw.

diana 19 juli 2011, 10:16

Is er niets te doen aan Ad-Aware in de softwarelijst?

Abraham54 19 juli 2011, 10:29

Hoi Diana, best mogelijk dat na een reboot die melding op een gegeven ogenblik weg is.
Je gebruikt nog XP en ik had in XP in het verleden ook wel hetzelfde, maar maakte me daar niet druk om!
Je kan nog wel nakijken of in C:\Users\gebruiker\AppData\Local daar nog een LAvasoft staat; zo ja mag je die map handmatig verwijderen.

Antwoord niet gevonden? Stel hier je vraag: