Vraag & Antwoord

Beveiliging & privacy

systeem herstel werkt niet meer

9 antwoorden
  • Mijn systeemherstel werkt niet meer!! Heb ondertussen een hijackthis file gemaakt, Wie heeft er advies voor mij?? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:12:12, on 10/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\brss01a.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wuauclt.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\adssite_sidebar.dll (file missing) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] "C:\Program Files\Ahead\InCD\InCD.exe" O4 - HKLM\..\Run: [PE2CKFNT SE] "C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe" O4 - HKLM\..\Run: [Snelkiezer] C:\WINDOWS\Snelkiezer.exe /quiet O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [LifeCU] C:\WINDOWS\system32\BastaYa.exe O4 - HKCU\..\Run: [Scrowns] C:\DOCUME~1\GEBRUI~1\APPLIC~1\DOESRE~1\defaultsoftloud.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Policies\Explorer\Run: [{E890C0C4-0710-2067-1103-051222040020}] "C:\Program Files\Common Files\{E890C0C4-0710-2067-1103-051222040020}\Update.exe" te-110-12-0000073 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\dwdsrngt.exe O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe O4 - Global Startup: Pinnacle Scheduler.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://express.foto.com/Newuploader/ImageUploader4.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: 72.dll,avgrsstx.dll O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- End of file - 8648 bytes mvg nico
  • Start hijackthis en kies voor 'do a system scan only' Selecteer alleen de items die hieronder zijn genoemd: [b:2b03bf5129]O2 - BHO: Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\adssite_sidebar.dll (file missing) O4 - HKLM\..\Run: [Snelkiezer] C:\WINDOWS\Snelkiezer.exe /quiet O4 - HKCU\..\Run: [LifeCU] C:\WINDOWS\system32\BastaYa.exe O4 - HKCU\..\Run: [Scrowns] C:\DOCUME~1\GEBRUI~1\APPLIC~1\DOESRE~1\defaultsoftloud.exe O4 - HKCU\..\Policies\Explorer\Run: [{E890C0C4-0710-2067-1103-051222040020}] "C:\Program Files\Common Files\{E890C0C4-0710-2067-1103-051222040020}\Update.exe" te-110-12-0000073 O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\dwdsrngt.exe O20 - AppInit_DLLs: 72.dll,avgrsstx.dll [/b:2b03bf5129] Sluit alle vensters behalve Hijackthis Klik op 'Fix checked' om de items te verwijderen. Open een kladblokbestand. Kopieer onderstaande (alles wat vetgedrukt is) in dit kladblokbestand. [b:2b03bf5129]@ECHO OFF IF EXIST log.txt DEL log.txt ECHO Deleting files>>log.txt FOR %%g in ( C:\WINDOWS\Snelkiezer.exe C:\WINDOWS\system32\BastaYa.exe C:\DOCUME~1\GEBRUI~1\APPLIC~1\DOESRE~1\defaultsoftloud.exe C:\WINDOWS\system32\dwdsrngt.exe ) DO ( IF EXIST %%g ( ATTRIB -r -s -h %%g DEL %%g IF EXIST %%g ( ECHO %%g not deleted>>log.txt ) ELSE ( ECHO %%g deleted>>log.txt) ) ELSE ( ECHO %%g not found>>log.txt)) START NOTEPAD.EXE log.txt[/b:2b03bf5129] Ga naar Bestand - Opslaan als. Bij "Opslaan in" kies je: Bureaublad Bij "Bestandsnaam" zet je: del.bat Bij "Opslaan als type" selecteer je: Alle bestanden (*.*). Download [url=http://www.besttechie.net/tools/mbam-setup.exe][b:2b03bf5129][color=red:2b03bf5129]MalwareBytes' Anti-Malware[/color:2b03bf5129][/b:2b03bf5129][/url] en sla het op je bureaublad op. Dubbelklik op [b:2b03bf5129]mbam-setup.exe[/b:2b03bf5129] om het programma te installeren. Zorg dat er na de installatie een vinkje is geplaatst bij:[list:2b03bf5129] [*:2b03bf5129]Update MalwareBytes' Anti-Malware [*:2b03bf5129]Start MalwareBytes' Anti-Malware [/list:u:2b03bf5129]Klik daarna op "[b:2b03bf5129]Voltooien[/b:2b03bf5129]". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.[list:2b03bf5129] [*:2b03bf5129]Zodra het programma gestart is, ga dan naar het tabblad "[b:2b03bf5129]Instellingen[/b:2b03bf5129]". [*:2b03bf5129]Vink hier aan: "[b:2b03bf5129]Sluit Internet Explorer tijdens verwijdering van malware[/b:2b03bf5129]". [*:2b03bf5129]Ga daarna naar het tabblad "[b:2b03bf5129]Scanner[/b:2b03bf5129]", kies hier voor "[b:2b03bf5129]Snelle Scan[/b:2b03bf5129]". [*:2b03bf5129]Druk vervolgens op "[b:2b03bf5129]Scannen[/b:2b03bf5129]" om de scan te starten. [*:2b03bf5129]Het scannen kan een tijdje duren, dus wees geduldig. [*:2b03bf5129]Wanneer de scan voltooid is, klik op [b:2b03bf5129]OK[/b:2b03bf5129], daarna "[b:2b03bf5129]Bekijk Resultaten[/b:2b03bf5129]" om de resultaten te zien. [*:2b03bf5129]Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "[b:2b03bf5129]Verwijder geselecteerde[/b:2b03bf5129]". [*:2b03bf5129]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [/list:u:2b03bf5129]Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "[b:2b03bf5129]Logs[/b:2b03bf5129]" tab te klikken in het programma. Plaats dit logje samen met een nieuw logje van HijackThis Klik op de knop Opslaan. Dubbelklik op del.bat en post de inhoud van de logfile die opent.
  • ik krijg nu volgend log file, Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:13:02, on 30/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\brss01a.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] "C:\Program Files\Ahead\InCD\InCD.exe" O4 - HKLM\..\Run: [PE2CKFNT SE] "C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe O4 - Global Startup: Pinnacle Scheduler.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://express.foto.com/Newuploader/ImageUploader4.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
  • Zou je de andere 2 logfiles ook willen plaatsen?
  • het malware logje! Malwarebytes' Anti-Malware 1.33 Database versie: 1707 Windows 5.1.2600 Service Pack 3 30/01/2009 11:09:27 mbam-log-2009-01-30 (11-09-27).txt Scan type: Snelle Scan Objecten gescand: 53218 Verstreken tijd: 4 minute(s), 12 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) en het del bat logje Deleting files C:\WINDOWS\Snelkiezer.exe not found C:\WINDOWS\system32\BastaYa.exe not found C:\DOCUME~1\GEBRUI~1\APPLIC~1\DOESRE~1\defaultsoftloud.exe not found C:\WINDOWS\system32\dwdsrngt.exe not found mvg,
  • Open kladblok en plak volgende vetgedrukte tekst in een leeg venster: [b:3a6e0a7d5e]REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"="avgrsstx.dll"[/b:3a6e0a7d5e] Sla dit op, op je Bureaublad als regfix.reg, met als type "alle bestanden" Dubbelklik op regfix.reg en sta het toevoegen aan het register toe. Download combofix.exe van deze site: http://download.bleepingcomputer.com/sUBs/ComboFix.exe [b:3a6e0a7d5e][color=Red:3a6e0a7d5e]OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw. Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen![/color:3a6e0a7d5e][/b:3a6e0a7d5e] Open ComboFix.exe ComboFix zal wanneer de Recovery Console niet geïnstalleerd is, voorstellen om deze te downloaden en te installeren. Sta dit toe. Wanneer de Recovery Console geïnstalleerd is, laat je ComboFix de computer scannen. Wanneer ComboFix klaar is, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt). Post de inhoud van dit bestandje.
  • ComboFix 09-01-21.04 - Gebruiker 2009-01-30 18:15:42.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.602 [GMT 1:00] Gestart vanuit: c:\documents and settings\Gebruiker\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) * Nieuw herstelpunt werd aangemaakt * Resident AV is active . - VERMINDERDE FUNCTIONALITEIT MODUS - . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\INSTALL.LOG c:\program files\popcorn Terms.html c:\program files\windows c:\program files\windows\$hf_mig$\KB834707\SP2QFE\browseui.dll c:\program files\windows\$hf_mig$\KB834707\SP2QFE\mshtml.dll c:\program files\windows\$hf_mig$\KB834707\SP2QFE\shdocvw.dll c:\program files\windows\$hf_mig$\KB834707\SP2QFE\urlmon.dll c:\program files\windows\$hf_mig$\KB834707\SP2QFE\wininet.dll c:\program files\windows\$hf_mig$\KB834707\spmsg.dll c:\program files\windows\$hf_mig$\KB834707\spuninst.exe c:\program files\windows\$hf_mig$\KB834707\update\branches.inf c:\program files\windows\$hf_mig$\KB834707\update\eula.txt c:\program files\windows\$hf_mig$\KB834707\update\KB834707.CAT c:\program files\windows\$hf_mig$\KB834707\update\spcustom.dll c:\program files\windows\$hf_mig$\KB834707\update\update.exe c:\program files\windows\$hf_mig$\KB834707\update\update.ver c:\program files\windows\$hf_mig$\KB834707\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB834707\update\updatebr.inf c:\program files\windows\$hf_mig$\KB867282\SP2QFE\browseui.dll c:\program files\windows\$hf_mig$\KB867282\SP2QFE\cdfview.dll c:\program files\windows\$hf_mig$\KB867282\SP2QFE\iepeers.dll c:\program files\windows\$hf_mig$\KB867282\SP2QFE\inseng.dll c:\program files\windows\$hf_mig$\KB867282\SP2QFE\mshtml.dll c:\program files\windows\$hf_mig$\KB867282\SP2QFE\shdocvw.dll c:\program files\windows\$hf_mig$\KB867282\SP2QFE\shlwapi.dll c:\program files\windows\$hf_mig$\KB867282\SP2QFE\urlmon.dll c:\program files\windows\$hf_mig$\KB867282\SP2QFE\wininet.dll c:\program files\windows\$hf_mig$\KB867282\spmsg.dll c:\program files\windows\$hf_mig$\KB867282\spuninst.exe c:\program files\windows\$hf_mig$\KB867282\update\branches.inf c:\program files\windows\$hf_mig$\KB867282\update\eula.txt c:\program files\windows\$hf_mig$\KB867282\update\KB867282.CAT c:\program files\windows\$hf_mig$\KB867282\update\spcustom.dll c:\program files\windows\$hf_mig$\KB867282\update\update.exe c:\program files\windows\$hf_mig$\KB867282\update\update.ver c:\program files\windows\$hf_mig$\KB867282\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB867282\update\updatebr.inf c:\program files\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll c:\program files\windows\$hf_mig$\KB873333\SP2QFE\olecli32.dll c:\program files\windows\$hf_mig$\KB873333\SP2QFE\olecnv32.dll c:\program files\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll c:\program files\windows\$hf_mig$\KB873333\spmsg.dll c:\program files\windows\$hf_mig$\KB873333\spuninst.exe c:\program files\windows\$hf_mig$\KB873333\update\branches.inf c:\program files\windows\$hf_mig$\KB873333\update\eula.txt c:\program files\windows\$hf_mig$\KB873333\update\KB873333.CAT c:\program files\windows\$hf_mig$\KB873333\update\spcustom.dll c:\program files\windows\$hf_mig$\KB873333\update\update.exe c:\program files\windows\$hf_mig$\KB873333\update\update.ver c:\program files\windows\$hf_mig$\KB873333\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB873333\update\updatebr.inf c:\program files\windows\$hf_mig$\KB873339\SP2QFE\hypertrm.dll c:\program files\windows\$hf_mig$\KB873339\spmsg.dll c:\program files\windows\$hf_mig$\KB873339\spuninst.exe c:\program files\windows\$hf_mig$\KB873339\update\branches.inf c:\program files\windows\$hf_mig$\KB873339\update\eula.txt c:\program files\windows\$hf_mig$\KB873339\update\KB873339.CAT c:\program files\windows\$hf_mig$\KB873339\update\spcustom.dll c:\program files\windows\$hf_mig$\KB873339\update\update.exe c:\program files\windows\$hf_mig$\KB873339\update\update.ver c:\program files\windows\$hf_mig$\KB873339\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB873339\update\updatebr.inf c:\program files\windows\$hf_mig$\KB883939\SP2QFE\browseui.dll c:\program files\windows\$hf_mig$\KB883939\SP2QFE\cdfview.dll c:\program files\windows\$hf_mig$\KB883939\SP2QFE\iedw.exe c:\program files\windows\$hf_mig$\KB883939\SP2QFE\iepeers.dll c:\program files\windows\$hf_mig$\KB883939\SP2QFE\inseng.dll c:\program files\windows\$hf_mig$\KB883939\SP2QFE\mshtml.dll c:\program files\windows\$hf_mig$\KB883939\SP2QFE\mshtmled.dll c:\program files\windows\$hf_mig$\KB883939\SP2QFE\msrating.dll c:\program files\windows\$hf_mig$\KB883939\SP2QFE\pngfilt.dll c:\program files\windows\$hf_mig$\KB883939\SP2QFE\shdocvw.dll c:\program files\windows\$hf_mig$\KB883939\SP2QFE\shlwapi.dll c:\program files\windows\$hf_mig$\KB883939\SP2QFE\urlmon.dll c:\program files\windows\$hf_mig$\KB883939\SP2QFE\wininet.dll c:\program files\windows\$hf_mig$\KB883939\spmsg.dll c:\program files\windows\$hf_mig$\KB883939\spuninst.exe c:\program files\windows\$hf_mig$\KB883939\update\branches.inf c:\program files\windows\$hf_mig$\KB883939\update\eula.txt c:\program files\windows\$hf_mig$\KB883939\update\KB883939.CAT c:\program files\windows\$hf_mig$\KB883939\update\spcustom.dll c:\program files\windows\$hf_mig$\KB883939\update\update.exe c:\program files\windows\$hf_mig$\KB883939\update\update.ver c:\program files\windows\$hf_mig$\KB883939\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB883939\update\updatebr.inf c:\program files\windows\$hf_mig$\KB883939\update\updspapi.dll c:\program files\windows\$hf_mig$\KB885250\SP2QFE\mrxsmb.sys c:\program files\windows\$hf_mig$\KB885250\spmsg.dll c:\program files\windows\$hf_mig$\KB885250\spuninst.exe c:\program files\windows\$hf_mig$\KB885250\update\branches.inf c:\program files\windows\$hf_mig$\KB885250\update\eula.txt c:\program files\windows\$hf_mig$\KB885250\update\KB885250.CAT c:\program files\windows\$hf_mig$\KB885250\update\spcustom.dll c:\program files\windows\$hf_mig$\KB885250\update\update.exe c:\program files\windows\$hf_mig$\KB885250\update\update.ver c:\program files\windows\$hf_mig$\KB885250\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB885250\update\updatebr.inf c:\program files\windows\$hf_mig$\KB885835\SP2QFE\lsasrv.dll c:\program files\windows\$hf_mig$\KB885835\SP2QFE\mrxsmb.sys c:\program files\windows\$hf_mig$\KB885835\SP2QFE\rdbss.sys c:\program files\windows\$hf_mig$\KB885835\spmsg.dll c:\program files\windows\$hf_mig$\KB885835\spuninst.exe c:\program files\windows\$hf_mig$\KB885835\update\branches.inf c:\program files\windows\$hf_mig$\KB885835\update\eula.txt c:\program files\windows\$hf_mig$\KB885835\update\KB885835.CAT c:\program files\windows\$hf_mig$\KB885835\update\spcustom.dll c:\program files\windows\$hf_mig$\KB885835\update\update.exe c:\program files\windows\$hf_mig$\KB885835\update\update.ver c:\program files\windows\$hf_mig$\KB885835\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB885835\update\updatebr.inf c:\program files\windows\$hf_mig$\KB885836\SP2QFE\mswrd6.wpc c:\program files\windows\$hf_mig$\KB885836\spmsg.dll c:\program files\windows\$hf_mig$\KB885836\spuninst.exe c:\program files\windows\$hf_mig$\KB885836\update\branches.inf c:\program files\windows\$hf_mig$\KB885836\update\eula.txt c:\program files\windows\$hf_mig$\KB885836\update\KB885836.CAT c:\program files\windows\$hf_mig$\KB885836\update\spcustom.dll c:\program files\windows\$hf_mig$\KB885836\update\update.exe c:\program files\windows\$hf_mig$\KB885836\update\update.ver c:\program files\windows\$hf_mig$\KB885836\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB885836\update\updatebr.inf c:\program files\windows\$hf_mig$\KB886185\SP2QFE\ipnat.sys c:\program files\windows\$hf_mig$\KB886185\spmsg.dll c:\program files\windows\$hf_mig$\KB886185\spuninst.exe c:\program files\windows\$hf_mig$\KB886185\update\branches.inf c:\program files\windows\$hf_mig$\KB886185\update\eula.txt c:\program files\windows\$hf_mig$\KB886185\update\KB886185.CAT c:\program files\windows\$hf_mig$\KB886185\update\spcustom.dll c:\program files\windows\$hf_mig$\KB886185\update\update.exe c:\program files\windows\$hf_mig$\KB886185\update\update.ver c:\program files\windows\$hf_mig$\KB886185\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB886185\update\updatebr.inf c:\program files\windows\$hf_mig$\KB887472\SP2QFE\msmsgs.exe c:\program files\windows\$hf_mig$\KB887472\spmsg.dll c:\program files\windows\$hf_mig$\KB887472\spuninst.exe c:\program files\windows\$hf_mig$\KB887472\update\branches.inf c:\program files\windows\$hf_mig$\KB887472\update\eula.txt c:\program files\windows\$hf_mig$\KB887472\update\KB887472.CAT c:\program files\windows\$hf_mig$\KB887472\update\spcustom.dll c:\program files\windows\$hf_mig$\KB887472\update\update.exe c:\program files\windows\$hf_mig$\KB887472\update\update.ver c:\program files\windows\$hf_mig$\KB887472\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB887472\update\updatebr.inf c:\program files\windows\$hf_mig$\KB887742\SP2QFE\http.sys c:\program files\windows\$hf_mig$\KB887742\spmsg.dll c:\program files\windows\$hf_mig$\KB887742\spuninst.exe c:\program files\windows\$hf_mig$\KB887742\update\branches.inf c:\program files\windows\$hf_mig$\KB887742\update\eula.txt c:\program files\windows\$hf_mig$\KB887742\update\KB887742.CAT c:\program files\windows\$hf_mig$\KB887742\update\spcustom.dll c:\program files\windows\$hf_mig$\KB887742\update\update.exe c:\program files\windows\$hf_mig$\KB887742\update\update.ver c:\program files\windows\$hf_mig$\KB887742\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB887742\update\updatebr.inf c:\program files\windows\$hf_mig$\KB888113\SP2QFE\hlink.dll c:\program files\windows\$hf_mig$\KB888113\spmsg.dll c:\program files\windows\$hf_mig$\KB888113\spuninst.exe c:\program files\windows\$hf_mig$\KB888113\update\branches.inf c:\program files\windows\$hf_mig$\KB888113\update\eula.txt c:\program files\windows\$hf_mig$\KB888113\update\KB888113.CAT c:\program files\windows\$hf_mig$\KB888113\update\spcustom.dll c:\program files\windows\$hf_mig$\KB888113\update\update.exe c:\program files\windows\$hf_mig$\KB888113\update\update.ver c:\program files\windows\$hf_mig$\KB888113\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB888113\update\updatebr.inf c:\program files\windows\$hf_mig$\KB888302\SP2QFE\srvsvc.dll c:\program files\windows\$hf_mig$\KB888302\spmsg.dll c:\program files\windows\$hf_mig$\KB888302\spuninst.exe c:\program files\windows\$hf_mig$\KB888302\update\branches.inf c:\program files\windows\$hf_mig$\KB888302\update\eula.txt c:\program files\windows\$hf_mig$\KB888302\update\KB888302.CAT c:\program files\windows\$hf_mig$\KB888302\update\spcustom.dll c:\program files\windows\$hf_mig$\KB888302\update\update.exe c:\program files\windows\$hf_mig$\KB888302\update\update.ver c:\program files\windows\$hf_mig$\KB888302\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB888302\update\updatebr.inf c:\program files\windows\$hf_mig$\KB890046\SP2QFE\agentdpv.dll c:\program files\windows\$hf_mig$\KB890046\SP2QFE\spru0413.dll c:\program files\windows\$hf_mig$\KB890046\spmsg.dll c:\program files\windows\$hf_mig$\KB890046\spuninst.exe c:\program files\windows\$hf_mig$\KB890046\update\branches.inf c:\program files\windows\$hf_mig$\KB890046\update\eula.txt c:\program files\windows\$hf_mig$\KB890046\update\KB890046.CAT c:\program files\windows\$hf_mig$\KB890046\update\spcustom.dll c:\program files\windows\$hf_mig$\KB890046\update\update.exe c:\program files\windows\$hf_mig$\KB890046\update\update.ver c:\program files\windows\$hf_mig$\KB890046\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB890046\update\updatebr.inf c:\program files\windows\$hf_mig$\KB890046\update\updspapi.dll c:\program files\windows\$hf_mig$\KB890047\SP2QFE\shell32.dll c:\program files\windows\$hf_mig$\KB890047\spmsg.dll c:\program files\windows\$hf_mig$\KB890047\spuninst.exe c:\program files\windows\$hf_mig$\KB890047\update\branches.inf c:\program files\windows\$hf_mig$\KB890047\update\eula.txt c:\program files\windows\$hf_mig$\KB890047\update\KB890047.CAT c:\program files\windows\$hf_mig$\KB890047\update\spcustom.dll c:\program files\windows\$hf_mig$\KB890047\update\update.exe c:\program files\windows\$hf_mig$\KB890047\update\update.ver c:\program files\windows\$hf_mig$\KB890047\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB890047\update\updatebr.inf c:\program files\windows\$hf_mig$\KB890175\SP2QFE\hhctrl.ocx c:\program files\windows\$hf_mig$\KB890175\spmsg.dll c:\program files\windows\$hf_mig$\KB890175\spuninst.exe c:\program files\windows\$hf_mig$\KB890175\update\branches.inf c:\program files\windows\$hf_mig$\KB890175\update\eula.txt c:\program files\windows\$hf_mig$\KB890175\update\KB890175.CAT c:\program files\windows\$hf_mig$\KB890175\update\spcustom.dll c:\program files\windows\$hf_mig$\KB890175\update\update.exe c:\program files\windows\$hf_mig$\KB890175\update\update.ver c:\program files\windows\$hf_mig$\KB890175\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB890175\update\updatebr.inf c:\program files\windows\$hf_mig$\KB890859\SP2QFE\authz.dll c:\program files\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlmp.exe c:\program files\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe c:\program files\windows\$hf_mig$\KB890859\SP2QFE\ntkrpamp.exe c:\program files\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe c:\program files\windows\$hf_mig$\KB890859\SP2QFE\user32.dll c:\program files\windows\$hf_mig$\KB890859\SP2QFE\win32k.sys c:\program files\windows\$hf_mig$\KB890859\SP2QFE\winsrv.dll c:\program files\windows\$hf_mig$\KB890859\spmsg.dll c:\program files\windows\$hf_mig$\KB890859\spuninst.exe c:\program files\windows\$hf_mig$\KB890859\update\branches.inf c:\program files\windows\$hf_mig$\KB890859\update\eula.txt c:\program files\windows\$hf_mig$\KB890859\update\KB890859.CAT c:\program files\windows\$hf_mig$\KB890859\update\spcustom.dll c:\program files\windows\$hf_mig$\KB890859\update\update.exe c:\program files\windows\$hf_mig$\KB890859\update\update.ver c:\program files\windows\$hf_mig$\KB890859\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB890859\update\updatebr.inf c:\program files\windows\$hf_mig$\KB890859\update\updspapi.dll c:\program files\windows\$hf_mig$\KB890923\SP2QFE\browseui.dll c:\program files\windows\$hf_mig$\KB890923\SP2QFE\cdfview.dll c:\program files\windows\$hf_mig$\KB890923\SP2QFE\iepeers.dll c:\program files\windows\$hf_mig$\KB890923\SP2QFE\inseng.dll c:\program files\windows\$hf_mig$\KB890923\SP2QFE\mshtml.dll c:\program files\windows\$hf_mig$\KB890923\SP2QFE\msrating.dll c:\program files\windows\$hf_mig$\KB890923\SP2QFE\shdocvw.dll c:\program files\windows\$hf_mig$\KB890923\SP2QFE\shlwapi.dll c:\program files\windows\$hf_mig$\KB890923\SP2QFE\urlmon.dll c:\program files\windows\$hf_mig$\KB890923\SP2QFE\wininet.dll c:\program files\windows\$hf_mig$\KB890923\spmsg.dll c:\program files\windows\$hf_mig$\KB890923\spuninst.exe c:\program files\windows\$hf_mig$\KB890923\update\branches.inf c:\program files\windows\$hf_mig$\KB890923\update\eula.txt c:\program files\windows\$hf_mig$\KB890923\update\KB890923.CAT c:\program files\windows\$hf_mig$\KB890923\update\spcustom.dll c:\program files\windows\$hf_mig$\KB890923\update\update.exe c:\program files\windows\$hf_mig$\KB890923\update\update.ver c:\program files\windows\$hf_mig$\KB890923\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB890923\update\updatebr.inf c:\program files\windows\$hf_mig$\KB890923\update\updspapi.dll c:\program files\windows\$hf_mig$\KB891781\SP2QFE\dhtmled.ocx c:\program files\windows\$hf_mig$\KB891781\spmsg.dll c:\program files\windows\$hf_mig$\KB891781\spuninst.exe c:\program files\windows\$hf_mig$\KB891781\update\branches.inf c:\program files\windows\$hf_mig$\KB891781\update\eula.txt c:\program files\windows\$hf_mig$\KB891781\update\KB891781.CAT c:\program files\windows\$hf_mig$\KB891781\update\spcustom.dll c:\program files\windows\$hf_mig$\KB891781\update\update.exe c:\program files\windows\$hf_mig$\KB891781\update\update.ver c:\program files\windows\$hf_mig$\KB891781\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB891781\update\updatebr.inf c:\program files\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys c:\program files\windows\$hf_mig$\KB893066\spmsg.dll c:\program files\windows\$hf_mig$\KB893066\spuninst.exe c:\program files\windows\$hf_mig$\KB893066\update\branches.inf c:\program files\windows\$hf_mig$\KB893066\update\eula.txt c:\program files\windows\$hf_mig$\KB893066\update\KB893066.CAT c:\program files\windows\$hf_mig$\KB893066\update\spcustom.dll c:\program files\windows\$hf_mig$\KB893066\update\update.exe c:\program files\windows\$hf_mig$\KB893066\update\update.ver c:\program files\windows\$hf_mig$\KB893066\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB893066\update\updatebr.inf c:\program files\windows\$hf_mig$\KB893066\update\updspapi.dll c:\program files\windows\$hf_mig$\KB893086\SP2QFE\shell32.dll c:\program files\windows\$hf_mig$\KB893086\spmsg.dll c:\program files\windows\$hf_mig$\KB893086\spuninst.exe c:\program files\windows\$hf_mig$\KB893086\update\branches.inf c:\program files\windows\$hf_mig$\KB893086\update\eula.txt c:\program files\windows\$hf_mig$\KB893086\update\KB893086.CAT c:\program files\windows\$hf_mig$\KB893086\update\spcustom.dll c:\program files\windows\$hf_mig$\KB893086\update\update.exe c:\program files\windows\$hf_mig$\KB893086\update\update.ver c:\program files\windows\$hf_mig$\KB893086\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB893086\update\updatebr.inf c:\program files\windows\$hf_mig$\KB893086\update\updspapi.dll c:\program files\windows\$hf_mig$\KB893756\SP2QFE\remotesp.tsp c:\program files\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll c:\program files\windows\$hf_mig$\KB893756\spmsg.dll c:\program files\windows\$hf_mig$\KB893756\spuninst.exe c:\program files\windows\$hf_mig$\KB893756\update\arpidfix.exe c:\program files\windows\$hf_mig$\KB893756\update\branches.inf c:\program files\windows\$hf_mig$\KB893756\update\eula.txt c:\program files\windows\$hf_mig$\KB893756\update\KB893756.CAT c:\program files\windows\$hf_mig$\KB893756\update\spcustom.dll c:\program files\windows\$hf_mig$\KB893756\update\update.exe c:\program files\windows\$hf_mig$\KB893756\update\update.ver c:\program files\windows\$hf_mig$\KB893756\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB893756\update\updatebr.inf c:\program files\windows\$hf_mig$\KB893756\update\updspapi.dll c:\program files\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll c:\program files\windows\$hf_mig$\KB894391\SP2QFE\olecli32.dll c:\program files\windows\$hf_mig$\KB894391\SP2QFE\olecnv32.dll c:\program files\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll c:\program files\windows\$hf_mig$\KB894391\spmsg.dll c:\program files\windows\$hf_mig$\KB894391\spuninst.exe c:\program files\windows\$hf_mig$\KB894391\update\branches.inf c:\program files\windows\$hf_mig$\KB894391\update\eula.txt c:\program files\windows\$hf_mig$\KB894391\update\KB894391.CAT c:\program files\windows\$hf_mig$\KB894391\update\spcustom.dll c:\program files\windows\$hf_mig$\KB894391\update\update.exe c:\program files\windows\$hf_mig$\KB894391\update\update.ver c:\program files\windows\$hf_mig$\KB894391\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB894391\update\updatebr.inf c:\program files\windows\$hf_mig$\KB894391\update\updspapi.dll c:\program files\windows\$hf_mig$\KB896358\SP2QFE\hh.exe c:\program files\windows\$hf_mig$\KB896358\SP2QFE\hhctrl.ocx c:\program files\windows\$hf_mig$\KB896358\SP2QFE\hhsetup.dll c:\program files\windows\$hf_mig$\KB896358\SP2QFE\itircl.dll c:\program files\windows\$hf_mig$\KB896358\SP2QFE\itss.dll c:\program files\windows\$hf_mig$\KB896358\spmsg.dll c:\program files\windows\$hf_mig$\KB896358\spuninst.exe c:\program files\windows\$hf_mig$\KB896358\update\branches.inf c:\program files\windows\$hf_mig$\KB896358\update\eula.txt c:\program files\windows\$hf_mig$\KB896358\update\KB896358.CAT c:\program files\windows\$hf_mig$\KB896358\update\spcustom.dll c:\program files\windows\$hf_mig$\KB896358\update\update.exe c:\program files\windows\$hf_mig$\KB896358\update\update.ver c:\program files\windows\$hf_mig$\KB896358\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB896358\update\updatebr.inf c:\program files\windows\$hf_mig$\KB896358\update\updspapi.dll c:\program files\windows\$hf_mig$\KB896422\SP2QFE\srv.sys c:\program files\windows\$hf_mig$\KB896422\spmsg.dll c:\program files\windows\$hf_mig$\KB896422\spuninst.exe c:\program files\windows\$hf_mig$\KB896422\update\branches.inf c:\program files\windows\$hf_mig$\KB896422\update\eula.txt c:\program files\windows\$hf_mig$\KB896422\update\KB896422.CAT c:\program files\windows\$hf_mig$\KB896422\update\spcustom.dll c:\program files\windows\$hf_mig$\KB896422\update\update.exe c:\program files\windows\$hf_mig$\KB896422\update\update.ver c:\program files\windows\$hf_mig$\KB896422\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB896422\update\updatebr.inf c:\program files\windows\$hf_mig$\KB896422\update\updspapi.dll c:\program files\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe c:\program files\windows\$hf_mig$\KB896423\spmsg.dll c:\program files\windows\$hf_mig$\KB896423\spuninst.exe c:\program files\windows\$hf_mig$\KB896423\update\arpidfix.exe c:\program files\windows\$hf_mig$\KB896423\update\branches.inf c:\program files\windows\$hf_mig$\KB896423\update\eula.txt c:\program files\windows\$hf_mig$\KB896423\update\KB896423.CAT c:\program files\windows\$hf_mig$\KB896423\update\spcustom.dll c:\program files\windows\$hf_mig$\KB896423\update\update.exe c:\program files\windows\$hf_mig$\KB896423\update\update.ver c:\program files\windows\$hf_mig$\KB896423\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB896423\update\updatebr.inf c:\program files\windows\$hf_mig$\KB896423\update\updspapi.dll c:\program files\windows\$hf_mig$\KB896424\SP2QFE\gdi32.dll c:\program files\windows\$hf_mig$\KB896424\SP2QFE\win32k.sys c:\program files\windows\$hf_mig$\KB896424\spmsg.dll c:\program files\windows\$hf_mig$\KB896424\spuninst.exe c:\program files\windows\$hf_mig$\KB896424\update\arpidfix.exe c:\program files\windows\$hf_mig$\KB896424\update\branches.inf c:\program files\windows\$hf_mig$\KB896424\update\eula.txt c:\program files\windows\$hf_mig$\KB896424\update\KB896424.CAT c:\program files\windows\$hf_mig$\KB896424\update\spcustom.dll c:\program files\windows\$hf_mig$\KB896424\update\update.exe c:\program files\windows\$hf_mig$\KB896424\update\update.ver c:\program files\windows\$hf_mig$\KB896424\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB896424\update\updatebr.inf c:\program files\windows\$hf_mig$\KB896424\update\updspapi.dll c:\program files\windows\$hf_mig$\KB896428\SP2QFE\telnet.exe c:\program files\windows\$hf_mig$\KB896428\spmsg.dll c:\program files\windows\$hf_mig$\KB896428\spuninst.exe c:\program files\windows\$hf_mig$\KB896428\update\branches.inf c:\program files\windows\$hf_mig$\KB896428\update\eula.txt c:\program files\windows\$hf_mig$\KB896428\update\KB896428.CAT c:\program files\windows\$hf_mig$\KB896428\update\spcustom.dll c:\program files\windows\$hf_mig$\KB896428\update\update.exe c:\program files\windows\$hf_mig$\KB896428\update\update.ver c:\program files\windows\$hf_mig$\KB896428\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB896428\update\updatebr.inf c:\program files\windows\$hf_mig$\KB896428\update\updspapi.dll c:\program files\windows\$hf_mig$\KB896688\SP2QFE\browseui.dll c:\program files\windows\$hf_mig$\KB896688\SP2QFE\cdfview.dll c:\program files\windows\$hf_mig$\KB896688\SP2QFE\danim.dll c:\program files\windows\$hf_mig$\KB896688\SP2QFE\dxtrans.dll c:\program files\windows\$hf_mig$\KB896688\SP2QFE\extmgr.dll c:\program files\windows\$hf_mig$\KB896688\SP2QFE\iedw.exe c:\program files\windows\$hf_mig$\KB896688\SP2QFE\iepeers.dll c:\program files\windows\$hf_mig$\KB896688\SP2QFE\inseng.dll c:\program files\windows\$hf_mig$\KB896688\SP2QFE\mshtml.dll c:\program files\windows\$hf_mig$\KB896688\SP2QFE\mshtmled.dll c:\program files\windows\$hf_mig$\KB896688\SP2QFE\msrating.dll c:\program files\windows\$hf_mig$\KB896688\SP2QFE\mstime.dll c:\program files\windows\$hf_mig$\KB896688\SP2QFE\pngfilt.dll c:\program files\windows\$hf_mig$\KB896688\SP2QFE\shdocvw.dll c:\program files\windows\$hf_mig$\KB896688\SP2QFE\shlwapi.dll c:\program files\windows\$hf_mig$\KB896688\SP2QFE\urlmon.dll c:\program files\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll c:\program files\windows\$hf_mig$\KB896688\spmsg.dll c:\program files\windows\$hf_mig$\KB896688\spuninst.exe c:\program files\windows\$hf_mig$\KB896688\update\arpidfix.exe c:\program files\windows\$hf_mig$\KB896688\update\branches.inf c:\program files\windows\$hf_mig$\KB896688\update\eula.txt c:\program files\windows\$hf_mig$\KB896688\update\KB896688.CAT c:\program files\windows\$hf_mig$\KB896688\update\spcustom.dll c:\program files\windows\$hf_mig$\KB896688\update\update.exe c:\program files\windows\$hf_mig$\KB896688\update\update.ver c:\program files\windows\$hf_mig$\KB896688\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB896688\update\updatebr.inf c:\program files\windows\$hf_mig$\KB896688\update\updspapi.dll c:\program files\windows\$hf_mig$\KB896727\SP2QFE\browseui.dll c:\program files\windows\$hf_mig$\KB896727\SP2QFE\cdfview.dll c:\program files\windows\$hf_mig$\KB896727\SP2QFE\iedw.exe c:\program files\windows\$hf_mig$\KB896727\SP2QFE\iepeers.dll c:\program files\windows\$hf_mig$\KB896727\SP2QFE\inseng.dll c:\program files\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll c:\program files\windows\$hf_mig$\KB896727\SP2QFE\mshtmled.dll c:\program files\windows\$hf_mig$\KB896727\SP2QFE\msrating.dll c:\program files\windows\$hf_mig$\KB896727\SP2QFE\pngfilt.dll c:\program files\windows\$hf_mig$\KB896727\SP2QFE\shdocvw.dll c:\program files\windows\$hf_mig$\KB896727\SP2QFE\shlwapi.dll c:\program files\windows\$hf_mig$\KB896727\SP2QFE\urlmon.dll c:\program files\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll c:\program files\windows\$hf_mig$\KB896727\spmsg.dll c:\program files\windows\$hf_mig$\KB896727\spuninst.exe c:\program files\windows\$hf_mig$\KB896727\update\arpidfix.exe c:\program files\windows\$hf_mig$\KB896727\update\branches.inf c:\program files\windows\$hf_mig$\KB896727\update\eula.txt c:\program files\windows\$hf_mig$\KB896727\update\KB896727.CAT c:\program files\windows\$hf_mig$\KB896727\update\spcustom.dll c:\program files\windows\$hf_mig$\KB896727\update\update.exe c:\program files\windows\$hf_mig$\KB896727\update\update.ver c:\program files\windows\$hf_mig$\KB896727\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB896727\update\updatebr.inf c:\program files\windows\$hf_mig$\KB896727\update\updspapi.dll c:\program files\windows\$hf_mig$\KB898461\spmsg.dll c:\program files\windows\$hf_mig$\KB898461\spuninst.exe c:\program files\windows\$hf_mig$\KB898461\spupdsvc.exe c:\program files\windows\$hf_mig$\KB898461\update\branches.inf c:\program files\windows\$hf_mig$\KB898461\update\eula.txt c:\program files\windows\$hf_mig$\KB898461\update\KB898461.CAT c:\program files\windows\$hf_mig$\KB898461\update\spcustom.dll c:\program files\windows\$hf_mig$\KB898461\update\update.exe c:\program files\windows\$hf_mig$\KB898461\update\update.ver c:\program files\windows\$hf_mig$\KB898461\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB898461\update\updatebr.inf c:\program files\windows\$hf_mig$\KB898461\update\updspapi.dll c:\program files\windows\$hf_mig$\KB899587\SP2QFE\kerberos.dll c:\program files\windows\$hf_mig$\KB899587\spmsg.dll c:\program files\windows\$hf_mig$\KB899587\spuninst.exe c:\program files\windows\$hf_mig$\KB899587\update\arpidfix.exe c:\program files\windows\$hf_mig$\KB899587\update\branches.inf c:\program files\windows\$hf_mig$\KB899587\update\eula.txt c:\program files\windows\$hf_mig$\KB899587\update\KB899587.CAT c:\program files\windows\$hf_mig$\KB899587\update\spcustom.dll c:\program files\windows\$hf_mig$\KB899587\update\update.exe c:\program files\windows\$hf_mig$\KB899587\update\update.ver c:\program files\windows\$hf_mig$\KB899587\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB899587\update\updatebr.inf c:\program files\windows\$hf_mig$\KB899587\update\updspapi.dll c:\program files\windows\$hf_mig$\KB899588\SP2QFE\umpnpmgr.dll c:\program files\windows\$hf_mig$\KB899588\spmsg.dll c:\program files\windows\$hf_mig$\KB899588\spuninst.exe c:\program files\windows\$hf_mig$\KB899588\update\arpidfix.exe c:\program files\windows\$hf_mig$\KB899588\update\branches.inf c:\program files\windows\$hf_mig$\KB899588\update\eula.txt c:\program files\windows\$hf_mig$\KB899588\update\KB899588.CAT c:\program files\windows\$hf_mig$\KB899588\update\spcustom.dll c:\program files\windows\$hf_mig$\KB899588\update\update.exe c:\program files\windows\$hf_mig$\KB899588\update\update.ver c:\program files\windows\$hf_mig$\KB899588\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB899588\update\updatebr.inf c:\program files\windows\$hf_mig$\KB899588\update\updspapi.dll c:\program files\windows\$hf_mig$\KB899591\SP2QFE\rdpwd.sys c:\program files\windows\$hf_mig$\KB899591\spmsg.dll c:\program files\windows\$hf_mig$\KB899591\spuninst.exe c:\program files\windows\$hf_mig$\KB899591\update\arpidfix.exe c:\program files\windows\$hf_mig$\KB899591\update\branches.inf c:\program files\windows\$hf_mig$\KB899591\update\eula.txt c:\program files\windows\$hf_mig$\KB899591\update\KB899591.CAT c:\program files\windows\$hf_mig$\KB899591\update\spcustom.dll c:\program files\windows\$hf_mig$\KB899591\update\update.exe c:\program files\windows\$hf_mig$\KB899591\update\update.ver c:\program files\windows\$hf_mig$\KB899591\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB899591\update\updatebr.inf c:\program files\windows\$hf_mig$\KB899591\update\updspapi.dll c:\program files\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll c:\program files\windows\$hf_mig$\KB900725\SP2QFE\shell32.dll c:\program files\windows\$hf_mig$\KB900725\SP2QFE\shlwapi.dll c:\program files\windows\$hf_mig$\KB900725\SP2QFE\spru0413.dll c:\program files\windows\$hf_mig$\KB900725\SP2QFE\winsrv.dll c:\program files\windows\$hf_mig$\KB900725\spmsg.dll c:\program files\windows\$hf_mig$\KB900725\spuninst.exe c:\program files\windows\$hf_mig$\KB900725\update\arpidfix.exe c:\program files\windows\$hf_mig$\KB900725\update\branches.inf c:\program files\windows\$hf_mig$\KB900725\update\eula.txt c:\program files\windows\$hf_mig$\KB900725\update\KB900725.CAT c:\program files\windows\$hf_mig$\KB900725\update\spcustom.dll c:\program files\windows\$hf_mig$\KB900725\update\update.exe c:\program files\windows\$hf_mig$\KB900725\update\update.ver c:\program files\windows\$hf_mig$\KB900725\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB900725\update\updatebr.inf c:\program files\windows\$hf_mig$\KB900725\update\updspapi.dll c:\program files\windows\$hf_mig$\KB901017\SP2QFE\cdosys.dll c:\program files\windows\$hf_mig$\KB901017\spmsg.dll c:\program files\windows\$hf_mig$\KB901017\spuninst.exe c:\program files\windows\$hf_mig$\KB901017\update\arpidfix.exe c:\program files\windows\$hf_mig$\KB901017\update\branches.inf c:\program files\windows\$hf_mig$\KB901017\update\eula.txt c:\program files\windows\$hf_mig$\KB901017\update\KB901017.CAT c:\program files\windows\$hf_mig$\KB901017\update\spcustom.dll c:\program files\windows\$hf_mig$\KB901017\update\update.exe c:\program files\windows\$hf_mig$\KB901017\update\update.ver c:\program files\windows\$hf_mig$\KB901017\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB901017\update\updatebr.inf c:\program files\windows\$hf_mig$\KB901017\update\updspapi.dll c:\program files\windows\$hf_mig$\KB901214\SP2QFE\icm32.dll c:\program files\windows\$hf_mig$\KB901214\SP2QFE\mscms.dll c:\program files\windows\$hf_mig$\KB901214\spmsg.dll c:\program files\windows\$hf_mig$\KB901214\spuninst.exe c:\program files\windows\$hf_mig$\KB901214\update\branches.inf c:\program files\windows\$hf_mig$\KB901214\update\eula.txt c:\program files\windows\$hf_mig$\KB901214\update\KB901214.CAT c:\program files\windows\$hf_mig$\KB901214\update\spcustom.dll c:\program files\windows\$hf_mig$\KB901214\update\update.exe c:\program files\windows\$hf_mig$\KB901214\update\update.ver c:\program files\windows\$hf_mig$\KB901214\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB901214\update\updatebr.inf c:\program files\windows\$hf_mig$\KB901214\update\updspapi.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\catsrv.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\catsrvut.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\clbcatex.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\clbcatq.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\colbact.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\comadmin.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\comrepl.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\comsvcs.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\comuid.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\es.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\migregdb.exe c:\program files\windows\$hf_mig$\KB902400\SP2QFE\msdtcprx.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\msdtctm.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\msdtcuiu.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\mtxclu.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\mtxoci.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\olecli32.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\olecnv32.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\txflog.dll c:\program files\windows\$hf_mig$\KB902400\SP2QFE\xolehlp.dll c:\program files\windows\$hf_mig$\KB902400\spmsg.dll c:\program files\windows\$hf_mig$\KB902400\spuninst.exe c:\program files\windows\$hf_mig$\KB902400\update\arpidfix.exe c:\program files\windows\$hf_mig$\KB902400\update\branches.inf c:\program files\windows\$hf_mig$\KB902400\update\eula.txt c:\program files\windows\$hf_mig$\KB902400\update\KB902400.CAT c:\program files\windows\$hf_mig$\KB902400\update\spcustom.dll c:\program files\windows\$hf_mig$\KB902400\update\update.exe c:\program files\windows\$hf_mig$\KB902400\update\update.ver c:\program files\windows\$hf_mig$\KB902400\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB902400\update\updatebr.inf c:\program files\windows\$hf_mig$\KB902400\update\updspapi.dll c:\program files\windows\$hf_mig$\KB904706\SP2QFE\quartz.dll c:\program files\windows\$hf_mig$\KB904706\spmsg.dll c:\program files\windows\$hf_mig$\KB904706\spuninst.exe c:\program files\windows\$hf_mig$\KB904706\update\arpidfix.exe c:\program files\windows\$hf_mig$\KB904706\update\branches.inf c:\program files\windows\$hf_mig$\KB904706\update\eula.txt c:\program files\windows\$hf_mig$\KB904706\update\KB904706.CAT c:\program files\windows\$hf_mig$\KB904706\update\spcustom.dll c:\program files\windows\$hf_mig$\KB904706\update\update.exe c:\program files\windows\$hf_mig$\KB904706\update\update.ver c:\program files\windows\$hf_mig$\KB904706\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB904706\update\updatebr.inf c:\program files\windows\$hf_mig$\KB904706\update\updspapi.dll c:\program files\windows\$hf_mig$\KB905414\SP2QFE\netman.dll c:\program files\windows\$hf_mig$\KB905414\spmsg.dll c:\program files\windows\$hf_mig$\KB905414\spuninst.exe c:\program files\windows\$hf_mig$\KB905414\update\arpidfix.exe c:\program files\windows\$hf_mig$\KB905414\update\branches.inf c:\program files\windows\$hf_mig$\KB905414\update\eula.txt c:\program files\windows\$hf_mig$\KB905414\update\KB905414.CAT c:\program files\windows\$hf_mig$\KB905414\update\spcustom.dll c:\program files\windows\$hf_mig$\KB905414\update\update.exe c:\program files\windows\$hf_mig$\KB905414\update\update.ver c:\program files\windows\$hf_mig$\KB905414\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB905414\update\updatebr.inf c:\program files\windows\$hf_mig$\KB905414\update\updspapi.dll c:\program files\windows\$hf_mig$\KB905749\SP2QFE\umpnpmgr.dll c:\program files\windows\$hf_mig$\KB905749\spmsg.dll c:\program files\windows\$hf_mig$\KB905749\spuninst.exe c:\program files\windows\$hf_mig$\KB905749\update\arpidfix.exe c:\program files\windows\$hf_mig$\KB905749\update\branches.inf c:\program files\windows\$hf_mig$\KB905749\update\eula.txt c:\program files\windows\$hf_mig$\KB905749\update\KB905749.CAT c:\program files\windows\$hf_mig$\KB905749\update\spcustom.dll c:\program files\windows\$hf_mig$\KB905749\update\update.exe c:\program files\windows\$hf_mig$\KB905749\update\update.ver c:\program files\windows\$hf_mig$\KB905749\update\update_SP2QFE.inf c:\program files\windows\$hf_mig$\KB905749\update\updatebr.inf c:\program files\windows\$hf_mig$\KB905749\update\updspapi.dll c:\program files\windows\$MSI31Uninstall_KB893803$\msi.dll c:\program files\windows\$MSI31Uninstall_KB893803$\msiexec.exe c:\program files\windows\$MSI31Uninstall_KB893803$\msihnd.dll c:\program files\windows\$MSI31Uninstall_KB893803$\msimsg.dll c:\program files\windows\$MSI31Uninstall_KB893803$\msisip.dll c:\program files\windows\$MSI31Uninstall_KB893803$\reg00012 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00013 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00014 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00015 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00016 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00017 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00018 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00019 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00020 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00021 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00022 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00023 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00024 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00025 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00026 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00027 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00028 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00029 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00030 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00031 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00032 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00033 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00034 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00035 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00036 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00037 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00038 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00039 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00040 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00041 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00042 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00043 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00044 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00045 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00046 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00047 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00050 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00051 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00052 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00053 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00054 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00055 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00056 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00057 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00058 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00059 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00060 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00061 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00062 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00063 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00064 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00065 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00066 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00067 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00068 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00069 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00070 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00071 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00072 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00073 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00074 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00075 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00076 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00077 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00078 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00079 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00080 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00081 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00082 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00083 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00084 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00085 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00086 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00087 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00088 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00089 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00090 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00091 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00092 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00093 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00094 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00095 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00096 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00097 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00098 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00099 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00100 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00101 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00102 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00103 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00104 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00105 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00106 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00107 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00108 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00109 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00110 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00111 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00112 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00113 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00114 c:\program files\windows\$MSI31Uninstall_KB893803$\reg00115 c:\program files\windows\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe c:\program files\windows\$MSI31Uninstall_KB893803$\spuninst\spuninst.inf c:\program files\windows\$MSI31Uninstall_KB893803$\spuninst\spuninst.txt c:\program files\windows\$MSI31Uninstall_KB893803$\spuninst\updspapi.dll c:\program files\windows\$MSI31Uninstall_KB893803v2$\msi.dll c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00003 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00004 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00005 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00006 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00007 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00008 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00009 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00010 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00011 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00012 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00013 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00014 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00015 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00016 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00017 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00018 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00019 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00020 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00021 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00022 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00023 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00024 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00025 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00026 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00027 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00028 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00029 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00030 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00031 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00032 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00033 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00034 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00035 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00036 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00037 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00038 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00039 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00040 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00041 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00042 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00043 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00044 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00045 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00046 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00047 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00048 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00051 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00052 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00053 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00054 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00055 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00056 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00057 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00058 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00059 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00060 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00061 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00062 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00063 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00064 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00065 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00066 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00067 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00068 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00069 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00070 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00071 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00072 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00073 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00074 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00075 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00076 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00077 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00078 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00079 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00080 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00081 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00082 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00083 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00084 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00085 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00086 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00087 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00088 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00089 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00090 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00091 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00092 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00093 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00094 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00095 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00096 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00097 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00098 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00099 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00100 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00101 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00102 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00103 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00104 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00105 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00106 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00107 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00108 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00109 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00110 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00111 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00112 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00113 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00114 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00115 c:\program files\windows\$MSI31Uninstall_KB893803v2$\reg00116 c:\program files\windows\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe c:\program files\windows\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.inf c:\program files\windows\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.txt c:\program files\windows\$MSI31Uninstall_KB893803v2$\spuninst\updspapi.dll c:\program files\windows\_default.pif c:\program files\windows\[u:13375e418e]0[/u:13375e418e].log c:\program files\windows\180ax.log c:\program files\windows\ActiveSkin.INI c:\program files\windows\affbun.txt c:\program files\windows\AppPatch\AcGenral.dll c:\program files\windows\AppPatch\AcLayers.dll c:\program files\windows\AppPatch\AcLua.dll c:\program files\windows\AppPatch\AcSpecfc.dll c:\program files\windows\AppPatch\AcXtrnal.dll c:\program files\windows\AppPatch\apph_sp.sdb c:\program files\windows\AppPatch\apphelp.sdb c:\program files\windows\AppPatch\drvmain.sdb c:\program files\windows\AppPatch\msimain.sdb c:\program files\windows\AppPatch\sysmain.sdb c:\program files\windows\assembly\Desktop.ini c:\program files\windows\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll c:\program files\windows\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\cscompmgd.dll c:\program files\windows\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\CustomMarshalers.dll c:\program files\windows\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll c:\program files\windows\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll c:\program files\windows\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\IIEHost.dll c:\program files\windows\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\ISymWrapper.dll c:\program files\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll c:\program files\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll c:\program files\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll c:\program files\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll c:\program files\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll c:\program files\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll c:\program files\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll c:\program files\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll c:\program files\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll c:\program files\windows\assembly\GAC\Microsoft.JScript.resources\7.0.5000.0_nl_b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.JScript.resources\7.0.5000.0_nl_b03f5f7f11d50a3a\Microsoft.Jscript.resources.dll c:\program files\windows\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll c:\program files\windows\assembly\GAC\Microsoft.VisualBasic.resources\7.0.5000.0_nl_b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.VisualBasic.resources\7.0.5000.0_nl_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll c:\program files\windows\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll c:\program files\windows\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll c:\program files\windows\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll c:\program files\windows\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll c:\program files\windows\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll c:\program files\windows\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll c:\program files\windows\assembly\GAC\mscorcfg.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\mscorcfg.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\mscorcfg.resources.dll c:\program files\windows\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\mscorcfg.dll c:\program files\windows\assembly\GAC\mscorlib.resources\1.0.5000.0_nl_b77a5c561934e089\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\mscorlib.resources\1.0.5000.0_nl_b77a5c561934e089\Mscorlib.resources.dll c:\program files\windows\assembly\GAC\Regcode.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Regcode.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\RegCode.resources.dll c:\program files\windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll c:\program files\windows\assembly\GAC\System.Configuration.Install.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Configuration.Install.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\System.Configuration.Install.resources.dll c:\program files\windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll c:\program files\windows\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll c:\program files\windows\assembly\GAC\System.Data.resources\1.0.5000.0_nl_b77a5c561934e089\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Data.resources\1.0.5000.0_nl_b77a5c561934e089\System.Data.resources.dll c:\program files\windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll c:\program files\windows\assembly\GAC\System.Design.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Design.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\System.Design.resources.dll c:\program files\windows\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll c:\program files\windows\assembly\GAC\System.DirectoryServices.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.DirectoryServices.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\System.DirectoryServices.resources.dll c:\program files\windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll c:\program files\windows\assembly\GAC\System.Drawing.Design.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Drawing.Design.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\System.Drawing.design.resources.dll c:\program files\windows\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.Design.dll c:\program files\windows\assembly\GAC\System.Drawing.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Drawing.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\System.Drawing.resources.dll c:\program files\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll c:\program files\windows\assembly\GAC\System.EnterpriseServices.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.EnterpriseServices.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\System.EnterpriseServices.resources.dll c:\program files\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll c:\program files\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll c:\program files\windows\assembly\GAC\system.management.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\system.management.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\System.Management.resources.dll c:\program files\windows\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll c:\program files\windows\assembly\GAC\System.Messaging.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Messaging.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\System.Messaging.resources.dll c:\program files\windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll c:\program files\windows\assembly\GAC\System.resources\1.0.5000.0_nl_b77a5c561934e089\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.resources\1.0.5000.0_nl_b77a5c561934e089\System.resources.dll c:\program files\windows\assembly\GAC\System.Runtime.Remoting.resources\1.0.5000.0_nl_b77a5c561934e089\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Runtime.Remoting.resources\1.0.5000.0_nl_b77a5c561934e089\System.runtime.remoting.resources.dll c:\program files\windows\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll c:\program files\windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_nl_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll c:\program files\windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini c:\program files\windows\assembly\GAC\System.Runt
  • Zou je de volledige inhoud van het bestand willen plaatsen? Laten we trouwens het andere topic ook hier doen, want het heeft weinig nut om jou in 2 verschillende topics instructies te geven.
  • combofix heeft wel aan dat het een oudere versie is!!! Maar ik heb hem laten verder werken met minder functionaliteiten! ComboFix 09-01-21.04 - Gebruiker 2009-01-31 12:48:19.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.532 [GMT 1:00] Gestart vanuit: G:\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) * Resident AV is active . - VERMINDERDE FUNCTIONALITEIT MODUS - . (((((((((((((((((((( Bestanden Gemaakt van 2008-12-28 to 2009-01-31 )))))))))))))))))))))))))))))) . 2009-01-10 16:37 . 2009-01-10 16:37 410,984 --a------ c:\windows\system32\deploytk.dll 2009-01-05 12:56 . 2009-01-05 12:56 <DIR> d----c--- c:\program files\TeaTimer (Spybot - Search & Destroy) 2009-01-05 12:56 . 2009-01-05 12:56 <DIR> d----c--- c:\program files\SDHelper (Spybot - Search & Destroy) 2009-01-05 12:56 . 2009-01-05 12:56 <DIR> d----c--- c:\program files\Misc. Support Library (Spybot - Search & Destroy) 2009-01-05 12:56 . 2009-01-05 12:56 <DIR> d----c--- c:\program files\File Scanner Library (Spybot - Search & Destroy) 2009-01-05 12:56 . 2009-01-05 12:56 <DIR> d----c--- c:\program files\CCleaner 2009-01-05 12:56 . 2009-01-30 11:14 <DIR> dr-h-c--- c:\documents and settings\Gebruiker\Onlangs geopend 2009-01-05 11:00 . 2009-01-30 11:00 <DIR> d----c--- c:\program files\Malwarebytes' Anti-Malware 2009-01-05 11:00 . 2009-01-05 11:00 <DIR> d----c--- c:\documents and settings\Gebruiker\Application Data\Malwarebytes 2009-01-05 11:00 . 2009-01-05 11:00 <DIR> d----c--- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-01-05 11:00 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-05 11:00 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-01-04 18:53 . 2009-01-05 12:55 <DIR> d----c--- c:\program files\SpywareBlaster 2009-01-04 18:52 . 2009-01-10 16:38 <DIR> d----c--- c:\program files\SpywareGuard 2008-12-20 12:03 . 2008-12-21 12:01 <DIR> d--h-c--- C:\$AVG8.VAULT$ 2008-12-19 19:14 . 2009-01-31 08:05 <DIR> d-------- c:\windows\system32\drivers\Avg 2008-12-19 19:14 . 2008-12-20 10:15 <DIR> d----c--- c:\documents and settings\Gebruiker\Application Data\AVGTOOLBAR 2008-12-19 19:14 . 2008-12-19 19:14 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys 2008-12-19 19:14 . 2008-12-19 19:14 76,040 --a------ c:\windows\system32\drivers\avgtdix.sys 2008-12-19 19:14 . 2008-12-19 19:14 10,520 --a------ c:\windows\system32\avgrsstx.dll 2008-12-19 19:07 . 2008-12-19 19:14 <DIR> d----c--- c:\documents and settings\All Users\Application Data\Avg8 2008-12-18 17:55 . 2008-12-18 17:55 <DIR> d----c--- c:\program files\AVG . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-30 16:32 --------- dc----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-01-30 15:03 --------- d-----w c:\program files\Spybot - Search & Destroy 2009-01-10 15:37 --------- d-----w c:\program files\Java 2009-01-05 11:56 --------- dc----w c:\program files\Iomega 2008-12-19 18:12 --------- d-----w c:\program files\Network Associates 2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys 2008-10-23 12:43 286,720 ----a-w c:\windows\system32\gdi32.dll 2008-10-16 20:33 826,368 ----a-w c:\windows\system32\wininet.dll 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-03 10:05 247,326 ----a-w c:\windows\system32\strmdll.dll 2007-06-18 16:28 87,608 -c--a-w c:\documents and settings\Gebruiker\Application Data\inst.exe 2007-06-18 16:28 47,360 -c--a-w c:\documents and settings\Gebruiker\Application Data\pcouffin.sys 2007-02-18 17:06 87,608 -c--a-w c:\documents and settings\Gebruiker\Application Data\ezpinst.exe 2007-02-10 20:42 337 -c--a-w c:\documents and settings\Gebruiker\Application Data\internaldb1942.dat 2007-02-07 18:25 20,480 -c--a-w c:\documents and settings\Gebruiker\Application Data\internaldb4827.dat 2006-12-01 16:08 49 -c--a-w c:\documents and settings\Gebruiker\Application Data\internaldb41.dat 2006-11-25 13:25 9,216 -c--a-w c:\documents and settings\Gebruiker\Application Data\internaldb8467.dat 2006-11-25 13:25 0 -c--a-w c:\documents and settings\Gebruiker\Application Data\internaldb6334.dat 2006-11-25 13:24 0 -c--a-w c:\documents and settings\Gebruiker\Application Data\internaldb5436.dat 2006-03-24 19:05 26,922 -c--a-w c:\program files\moviepass Terms.html 2005-11-17 10:26 0 -c--a-w c:\program files\AUTOEXEC.BAT 2005-02-04 13:41 867 -c--a-w c:\program files\asdf.txt 2005-01-31 18:57 5,042 -c--a-r c:\program files\CLDMA.LOG 2004-05-25 22:24 0 -c--a-w c:\program files\CONFIG.SYS 2001-05-24 11:59 162,304 -c--a-w c:\program files\UNWISE.EXE 1999-12-07 18:00 1,384,448 -c--a-w c:\program files\msvbvm60.dll 2005-11-24 17:54 56 -csha-r c:\windows\system32\69A2D02CB7.sys 2005-11-24 17:54 1,682 -csha-w c:\windows\system32\KGyGaAvL.sys 2008-09-02 15:17 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008090220080903\index.dat . ((((((((((((((((((((((((((((( snapshot@2009-01-30_18.44.26,09 ))))))))))))))))))))))))))))))))))))))))) . + 2009-01-30 18:58:10 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_120.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2006-01-25 7094272] "NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-07-14 1961984] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-12-15 5513216] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "InCD"="c:\program files\Ahead\InCD\InCD.exe" [2005-04-12 1383936] "PE2CKFNT SE"="c:\program files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe" [1998-07-03 25088] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-02-05 155648] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-10 136600] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-19 1261336] "nwiz"="nwiz.exe" [2005-10-10 c:\windows\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Gebruiker\Menu Start\Programma's\Opstarten\ SpywareGuard.lnk - c:\program files\SpywareGuard\sgmain.exe [2003-08-29 360448] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696] Photo Express Calendar Checker SE.lnk - c:\program files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe [2005-12-10 55296] Pinnacle Scheduler.lnk - c:\program files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe [2005-11-23 245760] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.PIM1"= PCLEPIM1.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ersd.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Pinnacle\\PCTV Stereo\\TeleText\\WebServer.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\StubInstaller.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-19 97928] R3 3xHybrid;Pinnacle PCTV Stereo service;c:\windows\system32\drivers\3xHybrid.sys [2005-11-23 556416] R3 pctvvbi;PCTVVBI;c:\windows\system32\drivers\pctvvbi.sys [2005-11-23 6400] R4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-12-19 875288] R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-19 231704] R4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-12-19 76040] R4 DriverX;DriverX;c:\windows\system32\drivers\DRIVERX.SYS [1997-03-12 25792] R4 MarxDev1;MarxDev1;c:\windows\system32\drivers\MARXDEV1.SYS [2007-01-14 8864] R4 MarxDev2;MarxDev2;c:\windows\system32\drivers\MARXDEV2.SYS [2007-01-14 8864] R4 MarxDev3;MarxDev3;c:\windows\system32\drivers\MARXDEV3.SYS [2007-01-14 8864] R4 Tdlpt;Tdlpt;c:\windows\system32\drivers\TDLPT.SYS [2007-01-14 8012] S0 esff;esff;c:\windows\system32\drivers\esff.sys --> c:\windows\system32\drivers\esff.sys [?] S1 ctredrv.sys;ctredrv.sys;\??\c:\windows\system32\drivers\ctredrv.sys --> c:\windows\system32\drivers\ctredrv.sys [?] S1 ersd;ersd;\??\c:\windows\system32\drivers\ersd.sys --> c:\windows\system32\drivers\ersd.sys [?] S3 P730C;P730C;c:\windows\system32\drivers\P730C.sys [2006-08-12 25300] S3 P730M;P730M;c:\windows\system32\drivers\P730M.sys [2006-08-12 25300] S3 P730U;P730U;c:\windows\system32\drivers\P730U.sys [2006-08-12 49365] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ba902ec2-5b7a-11da-96c1-806d6172696f}] \Shell\AutoRun\command - d:\bin\assetup.exe . Inhoud van de 'Gedeelde Taken' map 2009-01-31 c:\windows\Tasks\A46F885A91840682.job - c:\docume~1\gebrui~1\applic~1\doesre~1\bind soap safe.exe [] 2006-10-22 c:\windows\Tasks\XoftSpy.job - c:\program files\XoftSpy\XoftSpy.exe [] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://google.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 Trusted Zone: recordgroup.be \www.home . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-31 12:48:43 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-1935655697-1450960922-839522115-1004\Software\Zepter Software\RegLib*c087c35c\CloneDVDmobile/1] "1"=dword:45684247 "2"=dword:456887a7 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,96,90,77,5c,45, 16,a8,4f,e2,63,26,f1,3f,c8,ff,68,a2,f1,54,d9,4a,5c,ce,8e,e2,63,26,f1,3f,c8,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,71,56,b3,d6,49, f8,b9,f9,6a,9c,d6,61,af,45,84,18,3c,b5,d3,19,a7,d1,06,b2,6a,9c,d6,61,af,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2c81e34222e8052573023a60d06dd016"=hex:7a,45,05,fd,91,e8,6f,31,75,34,11,c3,66, 39,5c,51,ff,7c,85,e0,43,d4,0e,fe,95,1a,5c,40,3e,49,83,6e,ff,7c,85,e0,43,d4,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2582ae41fb52324423be06337561aa48"=hex:6b,65,49,6a,7e,99,74,f7,6e,4e,97,2a,cd, ea,a0,59,86,8c,21,01,be,91,eb,e7,c2,e7,e4,2a,3c,3c,e0,77,86,8c,21,01,be,91,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,e5,4e,76,bb,ee, 93,40,fc,f5,1d,4d,73,a8,13,5c,05,55,b0,cb,c5,3c,eb,fb,aa,f5,1d,4d,73,a8,13,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,7d,4a,8b,83,ad, 1d,f3,2a,df,20,58,62,78,6b,cf,c8,a1,0c,eb,73,e5,d0,3f,98,df,20,58,62,78,6b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,29,8f,9e,31,f0, 92,13,96,fb,a7,78,e6,12,2f,9a,ea,4b,c7,5a,b6,98,bc,40,96,fb,a7,78,e6,12,2f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,1d,20,e3,c0,b8, d1,65,53,01,3a,48,fc,e8,04,4a,f1,69,c9,fc,90,2e,1a,36,7d,01,3a,48,fc,e8,04,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,48,12,ea,d5,cc, ff,13,d3,f6,0f,4e,58,98,5b,89,c9,c2,66,ce,3a,03,89,dc,aa,f6,0f,4e,58,98,5b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,9e,2e,e6,b1,3e, 6b,c1,86,3d,ce,ea,26,2d,45,aa,78,72,2d,0c,b8,11,b2,da,23,3d,ce,ea,26,2d,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,63,d4,a8,5f,b0, af,bd,63,2a,b7,cc,b5,b9,7f,41,e7,2a,3c,52,1d,d8,66,7d,7a,2a,b7,cc,b5,b9,7f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,53,a5,42,a3,3a, 72,d1,03,6c,43,2d,1e,aa,22,2f,9c,4a,71,40,f6,51,86,fc,f0,6c,43,2d,1e,aa,22,\ . Voltooingstijd: 2009-01-31 12:51:28 ComboFix-quarantined-files.txt 2009-01-31 11:51:25 ComboFix2.txt 2009-01-30 17:46:17 Pre-Run: 21.232.504.832 bytes beschikbaar Post-Run: 21,221,875,712 bytes beschikbaar 233 --- E O F --- 2009-01-14 17:02:55 mvg,

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.