Vraag & Antwoord

Beveiliging & privacy

trojan horse terug

12 antwoorden
  • ik had een tijd geleden last van een trojan horse maar heb die met jullie hulp kunnen verwijderen. mijn computer is de laatste tijd weer erg traag en ik heb de computer dus opnieuw gescanned. hij vond weer een trojan horse. eerst een vraagje vooraf: kan ik avg free edition 8 gebruiken? ik las een tijd geleden namelijk dat er nogal grote fouten in dat programma zaten. hier is mijn hijack logje: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:14:12, on 14-2-2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Packard Bell\FIJI\ABoard.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Packard Bell\FIJI\AOSD.exe C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe C:\Windows\V0230Mon.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Windows\System32\rundll32.exe C:\Program Files\AGEIA Technologies\TrayIcon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Electronic Arts\EADM\Core.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\ProgramData\U3\U3Launcher\LaunchU3.exe C:\Windows\System32\mobsync.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe O4 - HKLM\..\Run: [V0230Mon.exe] C:\Windows\V0230Mon.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe -autorun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O4 - Startup: LaunchU3.exe.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 10683 bytes
  • Start hijackthis en kies voor 'do a system scan only' Selecteer alleen de items die hieronder zijn genoemd: [b:4c1cfa1780]R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)[/b:4c1cfa1780] Sluit alle vensters behalve Hijackthis Klik op 'Fix checked' om de items te verwijderen. Download [url=http://www.besttechie.net/tools/mbam-setup.exe][b:4c1cfa1780][color=red:4c1cfa1780]MalwareBytes' Anti-Malware[/color:4c1cfa1780][/b:4c1cfa1780][/url] en sla het op je bureaublad op. Dubbelklik op [b:4c1cfa1780]mbam-setup.exe[/b:4c1cfa1780] om het programma te installeren. Zorg dat er na de installatie een vinkje is geplaatst bij:[list:4c1cfa1780] [*:4c1cfa1780]Update MalwareBytes' Anti-Malware [*:4c1cfa1780]Start MalwareBytes' Anti-Malware [/list:u:4c1cfa1780]Klik daarna op "[b:4c1cfa1780]Voltooien[/b:4c1cfa1780]". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.[list:4c1cfa1780] [*:4c1cfa1780]Zodra het programma gestart is, ga dan naar het tabblad "[b:4c1cfa1780]Instellingen[/b:4c1cfa1780]". [*:4c1cfa1780]Vink hier aan: "[b:4c1cfa1780]Sluit Internet Explorer tijdens verwijdering van malware[/b:4c1cfa1780]". [*:4c1cfa1780]Ga daarna naar het tabblad "[b:4c1cfa1780]Scanner[/b:4c1cfa1780]", kies hier voor "[b:4c1cfa1780]Snelle Scan[/b:4c1cfa1780]". [*:4c1cfa1780]Druk vervolgens op "[b:4c1cfa1780]Scannen[/b:4c1cfa1780]" om de scan te starten. [*:4c1cfa1780]Het scannen kan een tijdje duren, dus wees geduldig. [*:4c1cfa1780]Wanneer de scan voltooid is, klik op [b:4c1cfa1780]OK[/b:4c1cfa1780], daarna "[b:4c1cfa1780]Bekijk Resultaten[/b:4c1cfa1780]" om de resultaten te zien. [*:4c1cfa1780]Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "[b:4c1cfa1780]Verwijder geselecteerde[/b:4c1cfa1780]". [*:4c1cfa1780]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [/list:u:4c1cfa1780]Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "[b:4c1cfa1780]Logs[/b:4c1cfa1780]" tab te klikken in het programma. Plaats dit logje samen met een nieuw logje van HijackThis Download [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:4c1cfa1780][color=blue:4c1cfa1780]Combofix[/color:4c1cfa1780][/b:4c1cfa1780][/url] naar je Bureaublad en gebruik het volgens [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden]deze handleiding[/url]. [i:4c1cfa1780][color=Red:4c1cfa1780]OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en [b:4c1cfa1780]download Combofix opnieuw[/b:4c1cfa1780]. Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen![/color:4c1cfa1780][/i:4c1cfa1780][list:4c1cfa1780][*:4c1cfa1780]Dubbelklik op [b:4c1cfa1780]Combofix.exe[/b:4c1cfa1780] om het te starten. [*:4c1cfa1780][i:4c1cfa1780]Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.[/i:4c1cfa1780] [*:4c1cfa1780]Klik op [b:4c1cfa1780]OK[/b:4c1cfa1780] in het "NirCmd" venstertje. [*:4c1cfa1780]Klik na afloop terug op [b:4c1cfa1780]Ja[/b:4c1cfa1780] om het scannen op malware te starten. [*:4c1cfa1780]Tijdens het runnen van de fix, [b:4c1cfa1780]NIET[/b:4c1cfa1780] in het venster klikken, want dit zal je pc doen vasthangen. [*:4c1cfa1780]Wanneer de fix voltooid is en na herstart, zal de log [b:4c1cfa1780]Combofix.txt[/b:4c1cfa1780] openen.[/list:u:4c1cfa1780]Post dit logje in je volgende antwoord
  • ik heb een probleem...als ik combofix wil starten, geeft ie aan dat ik AVG eerst moet afsluiten. nu heb ik me kapot gezocht, maar er staat nergens hoe je AVG kan uitzetten...enig idee hoe ik dit doe? heb et al gevonden
  • Zou je dan de gevraagde logs willen plaatsen?
  • de 3 logjes hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:34:50, on 14-2-2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Packard Bell\FIJI\ABoard.exe C:\Program Files\Packard Bell\FIJI\AOSD.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe C:\Windows\V0230Mon.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Windows\System32\rundll32.exe C:\Program Files\AGEIA Technologies\TrayIcon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Electronic Arts\EADM\Core.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\ProgramData\U3\U3Launcher\LaunchU3.exe C:\Windows\System32\mobsync.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe O4 - HKLM\..\Run: [V0230Mon.exe] C:\Windows\V0230Mon.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O4 - Startup: LaunchU3.exe.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 9610 bytes malware: Malwarebytes' Anti-Malware 1.25 Database versie: 1062 Windows 6.0.6001 Service Pack 1 21:38:09 2-1-2009 mbam-log-01-02-2009 (21-38-09).txt Scan type: Snelle Scan Objecten gescand: 1 Verstreken tijd: 4 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) combofix: ComboFix 09-02-12.03 - beheer 2009-02-14 13:23:09.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1043.18.2046.1192 [GMT 1:00] Gestart vanuit: c:\users\beheer\Desktop\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((( Bestanden Gemaakt van 2009-01-14 to 2009-02-14 )))))))))))))))))))))))))))))) . 2009-02-14 12:47 . 2009-02-14 12:47 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-02-14 12:47 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2009-02-14 12:47 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2009-02-12 15:06 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb 2009-02-12 15:06 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll 2009-02-08 14:07 . 2009-02-08 14:07 <DIR> d-------- c:\windows\Watson 2009-01-31 14:13 . 2009-01-31 14:13 10,520 --a------ c:\windows\System32\avgrsstx.dll 2009-01-28 02:39 . 2009-01-28 02:39 <DIR> d-------- c:\users\beheer\AppData\Roaming\PeerNetworking 2009-01-15 11:25 . 2009-01-15 11:25 0 --a------ c:\windows\System32\msexcr.ini 2009-01-14 13:03 . 2008-12-16 03:42 288,768 --a------ c:\windows\System32\drivers\srv.sys . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-13 14:55 --------- d-----w c:\programdata\Microsoft Help 2009-02-13 14:54 --------- d-----w c:\program files\Windows Mail 2009-02-08 16:03 --------- d-----w c:\program files\Messenger Plus! Live 2009-02-08 13:07 --------- d-----w c:\program files\Microsoft Games 2009-02-08 11:31 --------- d-----w c:\program files\Steam 2009-02-08 11:29 --------- d-----w c:\program files\Common Files\Steam 2009-01-31 18:05 --------- d-----w c:\users\beheer\AppData\Roaming\uTorrent 2009-01-31 17:41 --------- d-----w c:\users\beheer\AppData\Roaming\Tibia 2009-01-31 13:13 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys 2009-01-31 13:10 --------- d-----w c:\programdata\avg8 2009-01-24 22:13 --------- d-----w c:\program files\Spybot - Search & Destroy 2009-01-23 23:33 --------- d-----w c:\users\beheer\AppData\Roaming\Packard Bell 2009-01-17 13:53 --------- d-----w c:\program files\DVD Decrypter 2009-01-11 12:47 --------- d-----w c:\program files\GameSpy Arcade 2009-01-11 12:46 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-11 12:46 --------- d-----w c:\program files\Infogrames 2009-01-09 13:24 --------- d-----w c:\programdata\Electronic Arts 2009-01-08 19:23 --------- d-----w c:\users\beheer\AppData\Roaming\U3 2009-01-07 10:05 --------- d-----w c:\programdata\U3 2009-01-04 17:34 421,888 ----a-w c:\windows\NEXON_EU_DownloaderUpdater.exe 2009-01-03 20:22 --------- d-----w c:\program files\NEXON 2009-01-02 20:39 --------- d-----w c:\users\beheer\AppData\Roaming\Red Kawa 2009-01-02 20:38 --------- d-----w c:\program files\Red Kawa 2009-01-02 20:38 --------- d-----w c:\program files\AviSynth 2.5 2009-01-02 16:12 --------- d-----w c:\users\beheer\AppData\Roaming\Apple Computer 2009-01-01 15:07 --------- d-----w c:\program files\DAEMON Tools Lite 2009-01-01 13:06 --------- d---a-w c:\programdata\TEMP 2008-12-26 15:18 --------- d-----w c:\program files\Common Files\INCA Shared 2008-12-26 14:48 --------- d-----w c:\program files\Triggersoft 2008-12-26 14:45 --------- d-----w c:\users\beheer\AppData\Roaming\DAEMON Tools Pro 2008-12-26 14:45 --------- d-----w c:\users\beheer\AppData\Roaming\DAEMON Tools Lite 2008-12-26 14:45 --------- d-----w c:\users\beheer\AppData\Roaming\DAEMON Tools 2008-12-24 09:02 --------- d-----w c:\programdata\DAEMON Tools Lite 2008-12-22 10:32 --------- d-----w c:\program files\Common Files\Adobe 2008-12-03 16:38 410,984 ----a-w c:\windows\System32\deploytk.dll 2008-11-03 11:35 22,328 ----a-w c:\users\beheer\AppData\Roaming\PnkBstrK.sys 2008-06-10 11:37 174 --sha-w c:\program files\desktop.ini 2007-09-19 06:57 65,536 --sha-w c:\windows\oem\mp\boot\bootstat.dat . ((((((((((((((((((((((((((((( snapshot@2008-05-13_23.20.32,61 ))))))))))))))))))))))))))))))))))))))))) . - 2008-04-19 09:50:50 2,144,256 ----a-w c:\windows\AppPatch\AcGenral.dll + 2008-11-01 03:44:34 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll - 2008-04-19 09:50:50 537,600 ----a-w c:\windows\AppPatch\AcLayers.dll + 2008-11-01 03:44:34 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll - 2006-11-02 09:46:02 237,568 ----a-w c:\windows\AppPatch\AcRedir.dll + 2008-01-19 07:33:41 237,568 ----a-w c:\windows\AppPatch\AcRedir.dll - 2008-04-19 09:50:51 2,560 ----a-w c:\windows\AppPatch\AcRes.dll + 2008-03-08 01:58:43 2,560 ----a-w c:\windows\AppPatch\AcRes.dll - 2008-04-19 09:50:50 449,536 ----a-w c:\windows\AppPatch\AcSpecfc.dll + 2008-11-01 03:44:34 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll - 2008-04-19 09:50:50 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll + 2008-11-01 03:44:34 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll - 2006-11-02 09:46:02 40,960 ----a-w c:\windows\AppPatch\apihex86.dll + 2008-01-19 07:33:43 40,960 ----a-w c:\windows\AppPatch\apihex86.dll - 2008-04-19 09:47:55 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll + 2008-11-01 03:44:36 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll + 2008-11-22 13:01:34 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll + 2008-11-22 13:01:34 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll + 2008-11-22 13:01:34 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll + 2008-11-22 13:01:27 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-11-22 13:01:28 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-11-22 13:01:29 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-11-22 13:01:29 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-11-22 13:01:30 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-11-22 13:01:30 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-11-22 13:01:31 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-11-22 13:01:32 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-11-22 13:01:32 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-11-22 13:01:35 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-11-22 13:01:35 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll + 2008-11-22 13:01:36 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll + 2008-11-22 13:01:36 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll + 2008-11-22 13:01:37 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll + 2008-11-22 13:01:34 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll - 2008-05-07 20:44:43 248,632 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll + 2008-08-16 08:31:02 250,928 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll - 2008-05-07 20:44:43 781,104 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll + 2008-07-10 12:07:03 783,744 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll - 2006-11-02 12:35:32 143,360 ----a-w c:\windows\assembly\GAC_32\BDATunePIA\6.0.6000.0__31bf3856ad364e35\BDATunePIA.dll + 2008-01-19 07:38:12 144,384 ----a-w c:\windows\assembly\GAC_32\BDATunePIA\6.0.6000.0__31bf3856ad364e35\BDATunePIA.dll - 2006-10-20 01:13:56 69,120 ----a-w c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2008-01-05 11:26:08 69,120 ----a-w c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2006-10-20 01:14:03 72,192 ----a-w c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2008-01-05 11:26:17 72,192 ----a-w c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2006-11-02 12:35:34 77,824 ----a-w c:\windows\assembly\GAC_32\mcstoredb\6.0.6000.0__31bf3856ad364e35\mcstoredb.dll + 2008-01-19 07:38:31 78,336 ----a-w c:\windows\assembly\GAC_32\mcstoredb\6.0.6000.0__31bf3856ad364e35\mcstoredb.dll - 2006-11-02 12:35:33 136,192 ----a-w c:\windows\assembly\GAC_32\mcupdate\6.0.6000.0__31bf3856ad364e35\mcupdate.exe + 2008-08-05 09:51:47 140,288 ----a-w c:\windows\assembly\GAC_32\mcupdate\6.0.6000.0__31bf3856ad364e35\mcupdate.exe - 2006-11-02 12:35:33 105,472 ----a-w c:\windows\assembly\GAC_32\Mcx2Dvcs\6.0.6000.0__31bf3856ad364e35\Mcx2Dvcs.dll + 2008-01-19 07:38:32 106,496 ----a-w c:\windows\assembly\GAC_32\Mcx2Dvcs\6.0.6000.0__31bf3856ad364e35\Mcx2Dvcs.dll - 2006-11-02 12:35:24 507,904 ----a-w c:\windows\assembly\GAC_32\Microsoft.Ink\6.0.0.0__31bf3856ad364e35\Microsoft.Ink.dll + 2008-01-19 07:38:34 507,904 ----a-w c:\windows\assembly\GAC_32\Microsoft.Ink\6.0.0.0__31bf3856ad364e35\Microsoft.Ink.dll - 2008-05-07 20:45:20 118,112 ----a-w c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll + 2008-07-10 12:07:09 120,408 ----a-w c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll - 2006-11-02 12:36:03 151,552 ----a-w c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll + 2008-01-05 11:21:39 151,552 ----a-w c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll - 2006-10-20 01:14:15 4,366,336 ----a-w c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2008-01-05 11:26:32 4,444,160 ----a-w c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll - 2006-11-02 09:47:03 39,936 ----a-w c:\windows\assembly\GAC_32\napcrypt\6.0.0.0__31bf3856ad364e35\NAPCRYPT.DLL + 2008-01-19 07:38:44 46,080 ----a-w c:\windows\assembly\GAC_32\napcrypt\6.0.0.0__31bf3856ad364e35\NAPCRYPT.DLL - 2006-11-02 09:47:03 98,816 ----a-w c:\windows\assembly\GAC_32\naphlpr\6.0.0.0__31bf3856ad364e35\NAPHLPR.DLL + 2008-01-19 07:38:45 103,936 ----a-w c:\windows\assembly\GAC_32\naphlpr\6.0.0.0__31bf3856ad364e35\NAPHLPR.DLL - 2006-11-02 12:36:01 3,915,264 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll + 2008-01-05 11:21:53 4,174,336 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - 2006-10-20 01:14:47 482,304 ----a-w c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2008-01-05 11:26:54 483,840 ----a-w c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll - 2006-10-20 01:14:47 2,894,336 ----a-w c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2008-01-05 11:26:54 3,036,160 ----a-w c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - 2006-10-20 01:14:51 258,048 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2008-01-05 11:26:55 258,048 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2006-11-02 06:34:22 114,176 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2008-01-19 03:22:55 113,664 ----a-w c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2006-11-02 12:36:01 344,064 ----a-w c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll + 2008-01-05 11:21:55 346,624 ----a-w c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll - 2006-10-20 01:14:53 260,096 ----a-w c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2008-01-05 11:26:59 261,120 ----a-w c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2008-04-19 09:55:23 5,156,864 ----a-w c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2008-01-05 11:26:59 5,431,296 ----a-w c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - 2006-10-20 01:13:37 10,752 ----a-w c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2008-01-05 11:25:52 10,752 ----a-w c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2007-09-19 06:59:14 315,392 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_nl_b03f5f7f11d50a3a\aspnetmmcext.resources.dll + 2008-01-06 06:56:43 315,392 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_nl_b03f5f7f11d50a3a\aspnetmmcext.resources.dll - 2006-10-20 01:13:41 503,808 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2008-01-05 11:25:59 507,904 ----a-w c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll - 2006-11-02 12:36:03 159,744 ----a-w c:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe + 2008-01-05 11:21:39 159,744 ----a-w c:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe - 2006-10-20 01:13:56 13,312 ----a-w c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2008-01-05 11:26:08 13,312 ----a-w c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2006-10-20 01:13:57 5,120 ----a-w c:\windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe + 2008-01-05 11:26:11 5,120 ----a-w c:\windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe - 2008-04-19 09:44:40 864,256 ----a-w c:\windows\assembly\GAC_MSIL\ehepg\6.0.6000.0__31bf3856ad364e35\ehepg.dll + 2008-01-19 07:38:16 827,392 ----a-w c:\windows\assembly\GAC_MSIL\ehepg\6.0.6000.0__31bf3856ad364e35\ehepg.dll - 2006-11-02 12:35:28 139,264 ----a-w c:\windows\assembly\GAC_MSIL\ehepgdat\6.0.6000.0__31bf3856ad364e35\ehepgdat.dll + 2008-01-19 07:38:16 139,264 ----a-w c:\windows\assembly\GAC_MSIL\ehepgdat\6.0.6000.0__31bf3856ad364e35\ehepgdat.dll - 2008-04-19 09:44:35 135,168 ----a-w c:\windows\assembly\GAC_MSIL\ehexthost\6.0.6000.0__31bf3856ad364e35\ehexthost.exe + 2008-01-19 07:38:17 131,072 ----a-w c:\windows\assembly\GAC_MSIL\ehexthost\6.0.6000.0__31bf3856ad364e35\ehexthost.exe - 2008-04-19 09:44:40 77,824 ----a-w c:\windows\assembly\GAC_MSIL\ehiExtens\6.0.6000.0__31bf3856ad364e35\ehiExtens.dll + 2006-11-02 12:35:28 77,824 ----a-w c:\windows\assembly\GAC_MSIL\ehiExtens\6.0.6000.0__31bf3856ad364e35\ehiExtens.dll - 2006-11-02 12:35:32 401,408 ----a-w c:\windows\assembly\GAC_MSIL\ehiProxy\6.0.6000.0__31bf3856ad364e35\ehiProxy.dll + 2008-01-19 07:38:18 401,408 ----a-w c:\windows\assembly\GAC_MSIL\ehiProxy\6.0.6000.0__31bf3856ad364e35\ehiProxy.dll - 2006-11-02 12:35:30 19,456 ----a-w c:\windows\assembly\GAC_MSIL\ehiReplay\6.0.6000.0__31bf3856ad364e35\ehiReplay.dll + 2008-01-19 07:38:18 19,456 ----a-w c:\windows\assembly\GAC_MSIL\ehiReplay\6.0.6000.0__31bf3856ad364e35\ehiReplay.dll - 2006-11-02 12:35:32 307,200 ----a-w c:\windows\assembly\GAC_MSIL\ehiVidCtl\6.0.6000.0__31bf3856ad364e35\ehiVidCtl.dll + 2008-01-19 07:38:19 307,200 ----a-w c:\windows\assembly\GAC_MSIL\ehiVidCtl\6.0.6000.0__31bf3856ad364e35\ehiVidCtl.dll - 2006-11-02 12:35:34 143,360 ----a-w c:\windows\assembly\GAC_MSIL\ehiwmp\6.0.6000.0__31bf3856ad364e35\ehiwmp.dll + 2008-01-19 07:38:19 143,360 ----a-w c:\windows\assembly\GAC_MSIL\ehiwmp\6.0.6000.0__31bf3856ad364e35\ehiwmp.dll - 2006-11-02 12:35:29 520,192 ----a-w c:\windows\assembly\GAC_MSIL\ehRecObj\6.0.6000.0__31bf3856ad364e35\ehRecObj.dll + 2008-01-19 07:38:19 520,192 ----a-w c:\windows\assembly\GAC_MSIL\ehRecObj\6.0.6000.0__31bf3856ad364e35\ehRecObj.dll - 2008-04-19 09:44:35 4,370,432 ----a-w c:\windows\assembly\GAC_MSIL\ehshell\6.0.6000.0__31bf3856ad364e35\ehshell.dll + 2008-08-05 09:51:30 4,046,848 ----a-w c:\windows\assembly\GAC_MSIL\ehshell\6.0.6000.0__31bf3856ad364e35\ehshell.dll - 2007-09-19 06:59:06 9,216 ----a-w c:\windows\assembly\GAC_MSIL\EventViewer.Resources\6.0.0.0_nl_31bf3856ad364e35\EventViewer.resources.dll + 2008-01-19 11:11:47 9,216 ----a-w c:\windows\assembly\GAC_MSIL\EventViewer.Resources\6.0.0.0_nl_31bf3856ad364e35\EventViewer.resources.dll - 2006-11-02 09:46:54 364,544 ----a-w c:\windows\assembly\GAC_MSIL\EventViewer\6.0.0.0__31bf3856ad364e35\EventViewer.dll + 2008-01-19 07:38:21 364,544 ----a-w c:\windows\assembly\GAC_MSIL\EventViewer\6.0.0.0__31bf3856ad364e35\EventViewer.dll - 2006-10-20 01:14:02 8,192 ----a-w c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2008-01-05 11:26:12 8,192 ----a-w c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2006-10-20 01:14:02 36,864 ----a-w c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2008-01-05 11:26:12 77,824 ----a-w c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2006-10-20 01:14:02 5,632 ----a-w c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2008-01-05 11:26:13 6,656 ----a-w c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll - 2006-11-02 12:35:29 200,704 ----a-w c:\windows\assembly\GAC_MSIL\mcstore\6.0.6000.0__31bf3856ad364e35\mcstore.dll + 2008-01-19 07:38:31 176,128 ----a-w c:\windows\assembly\GAC_MSIL\mcstore\6.0.6000.0__31bf3856ad364e35\mcstore.dll - 2007-09-19 06:59:30 53,248 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll + 2008-01-06 06:56:45 53,248 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll - 2006-10-20 01:14:03 413,696 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2008-01-05 11:26:17 348,160 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2006-10-20 01:14:03 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2008-01-05 11:26:17 36,864 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2007-09-19 06:59:30 135,168 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll + 2008-01-06 06:56:45 139,264 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll - 2006-10-20 01:14:03 647,168 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2008-01-05 11:26:17 655,360 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll - 2007-09-19 06:59:14 10,240 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.resources\2.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll + 2008-01-06 06:56:48 10,240 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.resources\2.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll - 2006-10-20 01:14:04 73,728 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2008-01-05 11:26:17 77,824 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2007-09-19 06:59:07 45,056 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.JScript.resources.dll + 2008-01-06 06:56:48 45,056 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.JScript.resources.dll - 2006-10-20 01:14:04 749,568 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2008-01-05 11:26:19 749,568 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2006-11-02 09:47:01 245,760 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.ManagementConsole\3.0.0.0__31bf3856ad364e35\Microsoft.ManagementConsole.dll + 2008-01-19 07:38:35 188,416 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.ManagementConsole\3.0.0.0__31bf3856ad364e35\Microsoft.ManagementConsole.dll - 2008-04-19 09:44:35 1,196,032 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Shell\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.Shell.dll + 2008-01-19 07:38:36 1,241,088 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Shell\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.Shell.dll - 2006-11-02 12:35:33 167,936 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Sports\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.Sports.dll + 2008-01-19 07:38:36 167,936 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Sports\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.Sports.dll - 2008-04-19 09:44:35 2,342,912 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.UI\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.UI.dll + 2008-08-05 09:51:56 1,957,888 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.UI\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.UI.dll - 2008-04-19 09:44:35 217,088 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.dll + 2008-01-19 07:38:35 204,800 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.dll - 2008-05-07 20:45:20 609,104 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll + 2008-07-10 12:07:09 611,392 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll - 2007-09-19 06:59:35 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll + 2008-01-06 06:56:58 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll - 2006-11-02 12:36:03 352,256 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll + 2008-01-05 11:21:39 397,312 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll - 2007-09-19 06:59:11 9,216 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll + 2008-01-06 06:56:43 9,216 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll - 2006-10-20 01:14:05 110,592 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2008-01-05 11:26:19 110,592 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2007-09-19 06:59:31 9,216 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll + 2008-01-06 06:56:43 9,216 ----a-w c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll - 2006-10-20 01:14:05 372,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2008-01-05 11:26:23 372,736 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2007-09-19 06:59:13 57,344 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll + 2008-01-06 06:56:52 57,344 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_nl_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll - 2006-10-20 01:14:05 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2008-01-05 11:26:23 28,672 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll - 2006-10-20 01:14:05 667,648 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2008-01-05 11:26:23 671,744 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2006-10-20 01:14:05 12,800 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2008-01-05 11:26:24 12,800 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2006-10-20 01:14:05 32,768 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2008-01-05 11:26:23 32,768 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2007-09-19 06:59:30 1,392,640 ----a-w c:\windows\assembly\GAC_MSIL\MiguiControls.Resources\1.0.0.0_nl_31bf3856ad364e35\MIGUIControls.resources.dll + 2008-01-19 11:11:54 1,503,232 ----a-w c:\windows\assembly\GAC_MSIL\MiguiControls.Resources\1.0.0.0_nl_31bf3856ad364e35\MIGUIControls.resources.dll - 2006-11-02 09:47:03 3,100,672 ----a-w c:\windows\assembly\GAC_MSIL\MiguiControls\1.0.0.0__31bf3856ad364e35\MIGUIControls.dll + 2008-01-19 07:38:41 3,371,008 ----a-w c:\windows\assembly\GAC_MSIL\MiguiControls\1.0.0.0__31bf3856ad364e35\MIGUIControls.dll - 2006-11-02 09:47:03 413,696 ----a-w c:\windows\assembly\GAC_MSIL\MMCEx\3.0.0.0__31bf3856ad364e35\MMCEx.dll + 2008-01-19 07:38:41 417,792 ----a-w c:\windows\assembly\GAC_MSIL\MMCEx\3.0.0.0__31bf3856ad364e35\MMCEx.dll - 2007-09-19 06:59:30 4,608 ----a-w c:\windows\assembly\GAC_MSIL\MMCFxCommon.Resources\3.0.0.0_nl_31bf3856ad364e35\MMCFxCommon.Resources.dll + 2008-01-19 11:11:54 4,608 ----a-w c:\windows\assembly\GAC_MSIL\MMCFxCommon.Resources\3.0.0.0_nl_31bf3856ad364e35\MMCFxCommon.Resources.dll - 2007-09-19 06:59:14 303,104 ----a-w c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll + 2008-01-06 06:56:52 303,104 ----a-w c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll - 2007-09-19 06:59:07 40,960 ----a-w c:\windows\assembly\GAC_MSIL\napinit.resources\6.0.0.0_nl_31bf3856ad364e35\napinit.Resources.dll + 2008-01-19 11:11:55 40,960 ----a-w c:\windows\assembly\GAC_MSIL\napinit.resources\6.0.0.0_nl_31bf3856ad364e35\napinit.Resources.dll - 2006-11-02 09:47:03 65,536 ----a-w c:\windows\assembly\GAC_MSIL\napinit\6.0.0.0__31bf3856ad364e35\NAPINIT.DLL + 2008-01-19 07:38:45 65,536 ----a-w c:\windows\assembly\GAC_MSIL\napinit\6.0.0.0__31bf3856ad364e35\NAPINIT.DLL - 2007-09-19 06:59:11 245,760 ----a-w c:\windows\assembly\GAC_MSIL\napsnap.resources\6.0.0.0_nl_31bf3856ad364e35\napsnap.resources.dll + 2008-01-19 11:11:55 245,760 ----a-w c:\windows\assembly\GAC_MSIL\napsnap.resources\6.0.0.0_nl_31bf3856ad364e35\napsnap.resources.dll - 2006-11-02 09:47:04 458,752 ----a-w c:\windows\assembly\GAC_MSIL\napsnap\6.0.0.0__31bf3856ad364e35\NAPSNAP.DLL + 2008-01-19 07:38:45 458,752 ----a-w c:\windows\assembly\GAC_MSIL\napsnap\6.0.0.0__31bf3856ad364e35\NAPSNAP.DLL - 2006-11-02 12:36:00 593,920 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll + 2008-01-05 11:21:52 602,112 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll - 2006-11-02 12:36:00 32,768 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll + 2008-01-05 11:21:52 32,768 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll - 2006-11-02 12:36:01 36,864 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe + 2008-01-05 11:21:53 36,864 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe - 2006-11-02 12:36:01 184,320 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll + 2008-01-05 11:21:53 184,320 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll - 2006-11-02 12:36:01 126,976 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll + 2008-01-05 11:21:53 131,072 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll - 2006-11-02 12:36:01 376,832 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll + 2008-01-05 11:21:53 376,832 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll - 2006-11-02 12:36:01 151,552 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll + 2008-01-05 11:21:54 151,552 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll - 2006-11-02 12:36:01 4,972,544 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll + 2008-01-05 11:21:53 5,210,112 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll - 2006-11-02 12:36:00 897,024 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll + 2008-01-05 11:21:55 897,024 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll - 2006-11-02 12:36:00 528,384 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll + 2008-01-05 11:21:55 528,384 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll - 2006-11-02 12:36:03 61,440 ----a-w c:\windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe + 2008-01-05 11:21:39 61,440 ----a-w c:\windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe - 2006-11-02 12:36:03 94,208 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll + 2008-01-05 11:21:39 102,400 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll - 2006-11-02 12:36:02 122,880 ----a-w c:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe + 2008-01-05 11:21:39 122,880 ----a-w c:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe - 2007-09-19 06:59:11 10,752 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_nl_b03f5f7f11d50a3a\sysglobl.resources.dll + 2008-01-06 06:56:55 10,752 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_nl_b03f5f7f11d50a3a\sysglobl.resources.dll - 2006-10-20 01:14:46 110,592 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2008-01-05 11:26:54 110,592 ----a-w c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2007-09-19 06:59:06 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Configuration.Install.resources.dll + 2008-01-06 06:56:55 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Configuration.Install.resources.dll - 2006-10-20 01:14:46 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2008-01-05 11:26:54 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - 2007-09-19 06:59:05 49,152 ----a-w c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Configuration.resources.dll + 2008-01-06 06:56:55 49,152 ----a-w c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Configuration.resources.dll - 2006-10-20 01:14:46 413,696 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2008-01-05 11:26:54 425,984 ----a-w c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2007-09-19 06:59:30 110,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_nl_b77a5c561934e089\System.Data.OracleClient.resources.dll + 2008-01-06 06:56:55 110,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_nl_b77a5c561934e089\System.Data.OracleClient.resources.dll - 2007-09-19 06:59:05 331,776 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_nl_b77a5c561934e089\System.Data.resources.dll + 2008-01-06 06:56:55 344,064 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_nl_b77a5c561934e089\System.Data.resources.dll - 2007-09-19 06:59:11 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_nl_b77a5c561934e089\system.data.sqlxml.resources.dll + 2008-01-06 06:56:55 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_nl_b77a5c561934e089\system.data.sqlxml.resources.dll - 2006-10-20 01:14:48 716,800 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2008-01-05 11:26:55 741,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll - 2007-09-19 06:59:07 380,928 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Deployment.resources.dll + 2008-01-06 06:56:55 385,024 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Deployment.resources.dll - 2006-10-20 01:14:49 888,832 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2008-01-05 11:26:55 933,888 ----a-w c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2007-09-19 06:59:00 540,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Design.resources.dll + 2008-01-06 06:56:55 540,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Design.resources.dll - 2006-10-20 01:14:49 5,050,368 ----a-w c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2008-01-05 11:26:55 5,070,848 ----a-w c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll - 2007-09-19 06:59:13 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll + 2008-01-06 06:56:55 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll - 2006-10-20 01:14:50 188,416 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2008-01-05 11:26:55 188,416 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2007-09-19 06:59:16 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.DirectoryServices.resources.dll + 2008-01-06 06:56:55 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.DirectoryServices.resources.dll - 2006-10-20 01:14:50 397,312 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2008-01-05 11:26:55 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2007-09-19 06:59:15 6,144 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Drawing.Design.resources.dll + 2008-01-06 06:56:55 6,144 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Drawing.Design.resources.dll - 2006-10-20 01:14:51 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2008-01-05 11:26:55 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2007-09-19 06:59:06 24,576 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Drawing.resources.dll + 2008-01-06 06:56:55 24,576 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Drawing.resources.dll - 2006-10-20 01:14:51 704,512 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2008-01-05 11:26:55 630,784 ----a-w c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2007-09-19 06:59:04 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.EnterpriseServices.resources.dll + 2008-01-06 06:56:55 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.EnterpriseServices.resources.dll - 2007-09-19 06:59:35 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_nl_b77a5c561934e089\System.IdentityModel.Resources.dll + 2008-01-06 06:56:58 61,440 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_nl_b77a5c561934e089\System.IdentityModel.Resources.dll - 2007-09-19 06:59:35 53,248 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_nl_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll + 2008-01-06 06:56:58 53,248 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_nl_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll - 2006-11-02 12:36:02 126,976 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll + 2008-01-05 11:21:38 126,976 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll - 2006-11-02 12:36:02 413,696 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll + 2008-01-05 11:21:37 430,080 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll - 2007-09-19 06:59:35 11,264 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_nl_b03f5f7f11d50a3a\System.IO.Log.Resources.dll + 2008-01-06 06:56:58 11,264 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_nl_b03f5f7f11d50a3a\System.IO.Log.Resources.dll - 2006-11-02 12:36:02 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll + 2008-01-05 11:21:38 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll - 2007-09-19 06:59:14 13,312 ----a-w c:\windows\assembly\GAC_MSIL\system.management.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Management.resources.dll + 2008-01-06 06:56:55 13,824 ----a-w c:\windows\assembly\GAC_MSIL\system.management.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Management.resources.dll - 2006-10-20 01:14:52 368,640 ----a-w c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2008-01-05 11:26:58 372,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll - 2007-09-19 06:59:05 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Messaging.resources.dll + 2008-01-06 06:56:55 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Messaging.resources.dll - 2006-10-20 01:14:52 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2008-01-05 11:26:58 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2007-09-19 06:59:30 204,800 ----a-w c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_nl_b77a5c561934e089\system.resources.dll + 2008-01-06 06:56:55 208,896 ----a-w c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_nl_b77a5c561934e089\system.resources.dll - 2007-09-19 06:59:11 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_nl_b77a5c561934e089\System.Runtime.Remoting.resources.dll + 2008-01-06 06:56:55 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_nl_b77a5c561934e089\System.Runtime.Remoting.resources.dll - 2006-10-20 01:14:53 299,008 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2008-01-05 11:26:58 299,008 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2007-09-19 06:59:10 11,264 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll + 2008-01-06 06:56:55 11,264 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll - 2006-10-20 01:14:53 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2008-01-05 11:26:58 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2007-09-19 06:59:35 86,016 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_nl_b77a5c561934e089\System.RunTime.Serialization.Resources.dll + 2008-01-06 06:56:58 90,112 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_nl_b77a5c561934e089\System.RunTime.Serialization.Resources.dll - 2006-11-02 12:36:03 888,832 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll + 2008-01-05 11:21:38 929,792 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll - 2007-09-19 06:59:10 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Security.resources.dll + 2008-01-06 06:56:55 28,672 ----a-w c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Security.resources.dll - 2006-10-20 01:14:53 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2008-01-05 11:26:58 258,048 ----a-w c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2007-09-19 06:59:35 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_nl_b77a5c561934e089\System.ServiceModel.Install.Resources.dll + 2008-01-06 06:56:58 36,864 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_nl_b77a5c561934e089\System.ServiceModel.Install.Resources.dll - 2006-11-02 12:36:02 159,744 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll + 2008-01-05 11:21:40 159,744 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll - 2007-09-19 06:59:35 438,272 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_nl_b77a5c561934e089\System.ServiceModel.Resources.dll + 2008-01-06 06:56:58 458,752 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_nl_b77a5c561934e089\System.ServiceModel.Resources.dll - 2006-11-02 12:36:03 16,384 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll + 2008-01-05 11:21:40 32,768 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll - 2006-11-02 12:36:03 5,672,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll + 2008-01-05 11:21:38 5,971,968 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll - 2007-09-19 06:59:11 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll + 2008-01-06 06:56:55 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll - 2006-10-20 01:14:53 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2008-01-05 11:26:58 114,688 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2006-11-02 12:36:01 688,128 ----a-w c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll + 2008-01-05 11:21:55 688,128 ----a-w c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll - 2007-09-19 06:59:05 16,384 ----a-w c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_nl_b77a5c561934e089\System.Transactions.resources.dll + 2008-01-06 06:56:55 16,384 ----a-w c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_nl_b77a5c561934e089\System.Transactions.resources.dll - 2007-09-19 06:59:14 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll + 2008-01-06 06:56:55 40,960 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll - 2006-10-20 01:14:54 835,584 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2008-01-05 11:26:59 884,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll - 2006-10-20 01:14:55 86,016 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2008-01-05 11:26:59 90,112 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll - 2008-04-19 09:55:24 622,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Web.resources.dll + 2008-01-06 06:56:55 622,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Web.resources.dll - 2007-09-19 06:59:15 77,824 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Web.Services.resources.dll + 2008-01-06 06:56:55 81,920 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_nl_b03f5f7f11d50a3a\System.Web.Services.resources.dll - 2006-10-20 01:14:55 823,296 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2008-01-05 11:27:00 839,680 ----a-w c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2007-09-19 06:59:31 446,464 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_nl_b77a5c561934e089\System.Windows.Forms.resources.dll + 2008-01-06 06:56:55 446,464 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_nl_b77a5c561934e089\System.Windows.Forms.resources.dll - 2006-10-20 01:14:56 5,414,912 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2008-01-05 11:27:02 5,013,504 ----a-w c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - 2007-09-19 06:59:35 187,208 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_nl_31bf3856ad364e35\System.Workflow.Activities.resources.dll + 2008-01-06 06:57:03 193,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_nl_31bf3856ad364e35\System.Workflow.Activities.resources.dll - 2006-11-02 12:36:00 1,108,784 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll + 2008-01-05 11:22:14 1,152,040 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll - 2007-09-19 06:59:35 314,192 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_nl_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll + 2008-01-06 06:57:03 316,480 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_nl_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll - 2006-11-02 12:36:00 1,641,272 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll + 2008-01-05 11:22:15 1,635,376 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll - 2007-09-19 06:59:35 43,840 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_nl_31bf3856ad364e35\System.Workflow.Runtime.resources.dll + 2008-01-06 06:57:03 46,136 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_nl_31bf3856ad364e35\System.Workflow.Runtime.resources.dll - 2006-11-02 12:36:00 588,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll + 2008-01-05 11:22:15 578,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll - 2007-09-19 06:59:05 163,840 ----a-w c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_nl_b77a5c561934e089\System.xml.resources.dll + 2008-01-06 06:56:55 163,840 ----a-w c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_nl_b77a5c561934e089\System.xml.resources.dll - 2006-10-20 01:14:58 2,039,808 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2008-01-05 11:27:03 2,068,480 ----a-w c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2006-10-20 01:14:51 3,035,136 ----a-w c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2008-01-05 11:26:55 3,076,096 ----a-w c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - 2006-11-02 09:47:22 163,840 ----a-w c:\windows\assembly\GAC_MSIL\TaskScheduler\6.0.0.0__31bf3856ad364e35\TaskScheduler.dll + 2008-01-19 07:39:26 163,840 ----a-w c:\windows\assembly\GAC_MSIL\TaskScheduler\6.0.0.0__31bf3856ad364e35\TaskScheduler.dll - 2006-11-02 12:36:01 163,840 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll + 2008-0
  • Zou je de log [b:15f72fccc8]volledig[/b:15f72fccc8] willen plaatsen?
  • hmmm dat is erg vreemd. ik heb de complete log van combofix toch echt gekopieerd, maar blijkbaar ging daar wat mis. ik doe de log van combofix in een volgend bericht..ik heb nu namelijk 100% zeker de complete log geplaatst, maar ik ga waarschijnlijk over een maximum aantal tekens heen. de combofix log werd namelijk alweer niet helemaal getoond de 3 logjes hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:34:50, on 14-2-2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Packard Bell\FIJI\ABoard.exe C:\Program Files\Packard Bell\FIJI\AOSD.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe C:\Windows\V0230Mon.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Windows\System32\rundll32.exe C:\Program Files\AGEIA Technologies\TrayIcon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Electronic Arts\EADM\Core.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\ProgramData\U3\U3Launcher\LaunchU3.exe C:\Windows\System32\mobsync.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe O4 - HKLM\..\Run: [V0230Mon.exe] C:\Windows\V0230Mon.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O4 - Startup: LaunchU3.exe.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 9610 bytes malware: Malwarebytes' Anti-Malware 1.25 Database versie: 1062 Windows 6.0.6001 Service Pack 1 21:38:09 2-1-2009 mbam-log-01-02-2009 (21-38-09).txt Scan type: Snelle Scan Objecten gescand: 1 Verstreken tijd: 4 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden)
  • om de 1 of andere reden kan ik niet mijn complete log plaatsen van combofix........
  • Plaats dan 2 berichten achter elkaar.
  • het is een bestand van 1,23 MB....ik moet dan dus echt 10 berichte plaatse ofzo :P...moet u anders een specifiek onderdeel zien? als ik bij andere berichten kijk, dan valt me op dat de combofix logjes van hun echt veel kleiner zijn. ook kan ik niet vinden tot hoever het logje geplaatst is in mijn vorige bericht. ik heb al de zoekfunctie geprobeerd, maar dat haalt ook niks uit.
  • Download [url=http://www.atribune.org/ccount/click.php?id=1]ATF cleaner[/url] [url=http://www.majorgeeks.com/ATF_Cleaner_d4949.html](mirror)[/url](gemaakt door Atribune) Belangrijk: Sluit al je browservensters(IE en/of Firefox en/of Opera) om de tool goed te kunnen laten werken. Dubbelklik op ATF cleaner om het programma te starten. Op het tabblad Main, plaats je een vinkje bij Select All. Klik op de knop Empty Selected. Het volgende doen als je ook FireFox als browser hebt: Klik op tabblad Firefox, plaats een vinkje bij Select All. Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op No. (dit haalt het vinkje weer weg bij Firefox saved passwords) Klik op de knop Empty Selected. Het volgende doen als je ook Opera als browser hebt: Klik op tabblad Opera, plaats een vinkje bij Select All. Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op No. Klik op de knop Empty Selected. Ga naar het tabblad Main en klik op de knop Exit om het programma af te sluiten.[/list] Kijk vervolgens of het logje kleiner wordt.
  • me logje is nu mooi klein :) combofix logje ComboFix 09-02-12.03 - beheer 2009-02-14 17:53:07.3 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1043.18.2046.1236 [GMT 1:00] Gestart vanuit: c:\users\beheer\Desktop\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) . (((((((((((((((((((( Bestanden Gemaakt van 2009-01-14 to 2009-02-14 )))))))))))))))))))))))))))))) . 2009-02-14 12:47 . 2009-02-14 12:47 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-02-14 12:47 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2009-02-14 12:47 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2009-02-12 15:06 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb 2009-02-12 15:06 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll 2009-02-08 14:07 . 2009-02-08 14:07 <DIR> d-------- c:\windows\Watson 2009-01-31 14:13 . 2009-01-31 14:13 10,520 --a------ c:\windows\System32\avgrsstx.dll 2009-01-28 02:39 . 2009-01-28 02:39 <DIR> d-------- c:\users\beheer\AppData\Roaming\PeerNetworking 2009-01-15 11:25 . 2009-01-15 11:25 0 --a------ c:\windows\System32\msexcr.ini 2009-01-14 13:03 . 2008-12-16 03:42 288,768 --a------ c:\windows\System32\drivers\srv.sys . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-13 14:55 --------- d-----w c:\programdata\Microsoft Help 2009-02-13 14:54 --------- d-----w c:\program files\Windows Mail 2009-02-08 16:03 --------- d-----w c:\program files\Messenger Plus! Live 2009-02-08 13:07 --------- d-----w c:\program files\Microsoft Games 2009-02-08 11:31 --------- d-----w c:\program files\Steam 2009-02-08 11:29 --------- d-----w c:\program files\Common Files\Steam 2009-01-31 18:05 --------- d-----w c:\users\beheer\AppData\Roaming\uTorrent 2009-01-31 17:41 --------- d-----w c:\users\beheer\AppData\Roaming\Tibia 2009-01-31 13:13 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys 2009-01-31 13:10 --------- d-----w c:\programdata\avg8 2009-01-24 22:13 --------- d-----w c:\program files\Spybot - Search & Destroy 2009-01-23 23:33 --------- d-----w c:\users\beheer\AppData\Roaming\Packard Bell 2009-01-17 13:53 --------- d-----w c:\program files\DVD Decrypter 2009-01-11 12:47 --------- d-----w c:\program files\GameSpy Arcade 2009-01-11 12:46 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-11 12:46 --------- d-----w c:\program files\Infogrames 2009-01-09 13:24 --------- d-----w c:\programdata\Electronic Arts 2009-01-08 19:23 --------- d-----w c:\users\beheer\AppData\Roaming\U3 2009-01-07 10:05 --------- d-----w c:\programdata\U3 2009-01-04 17:34 421,888 ----a-w c:\windows\NEXON_EU_DownloaderUpdater.exe 2009-01-03 20:22 --------- d-----w c:\program files\NEXON 2009-01-02 20:39 --------- d-----w c:\users\beheer\AppData\Roaming\Red Kawa 2009-01-02 20:38 --------- d-----w c:\program files\Red Kawa 2009-01-02 20:38 --------- d-----w c:\program files\AviSynth 2.5 2009-01-02 16:12 --------- d-----w c:\users\beheer\AppData\Roaming\Apple Computer 2009-01-01 15:07 --------- d-----w c:\program files\DAEMON Tools Lite 2009-01-01 13:06 --------- d---a-w c:\programdata\TEMP 2008-12-26 15:18 --------- d-----w c:\program files\Common Files\INCA Shared 2008-12-26 14:48 --------- d-----w c:\program files\Triggersoft 2008-12-26 14:45 --------- d-----w c:\users\beheer\AppData\Roaming\DAEMON Tools Pro 2008-12-26 14:45 --------- d-----w c:\users\beheer\AppData\Roaming\DAEMON Tools Lite 2008-12-26 14:45 --------- d-----w c:\users\beheer\AppData\Roaming\DAEMON Tools 2008-12-24 09:02 --------- d-----w c:\programdata\DAEMON Tools Lite 2008-12-22 10:32 --------- d-----w c:\program files\Common Files\Adobe 2008-12-03 16:38 410,984 ----a-w c:\windows\System32\deploytk.dll 2008-11-03 11:35 22,328 ----a-w c:\users\beheer\AppData\Roaming\PnkBstrK.sys 2008-06-10 11:37 174 --sha-w c:\program files\desktop.ini 2007-09-19 06:57 65,536 --sha-w c:\windows\oem\mp\boot\bootstat.dat . ((((((((((((((((((((((((((((( SnapShot_2009-02-14_13.26.50,04 ))))))))))))))))))))))))))))))))))))))))) . - 2009-02-14 11:56:31 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-02-14 12:33:17 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-02-14 11:56:31 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-02-14 12:33:17 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2009-02-14 12:26:26 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2009-02-14 12:35:34 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2009-02-14 12:35:34 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - 2009-02-14 11:57:22 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2009-02-14 12:35:29 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2009-02-14 12:35:29 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 - 2009-02-07 15:06:08 104,742 ----a-w c:\windows\System32\perfc009.dat + 2009-02-14 14:07:04 104,742 ----a-w c:\windows\System32\perfc009.dat - 2009-02-07 15:06:08 131,268 ----a-w c:\windows\System32\perfc013.dat + 2009-02-14 14:07:04 131,268 ----a-w c:\windows\System32\perfc013.dat - 2009-02-07 15:06:08 595,308 ----a-w c:\windows\System32\perfh009.dat + 2009-02-14 14:07:04 595,308 ----a-w c:\windows\System32\perfh009.dat - 2009-02-07 15:06:08 676,772 ----a-w c:\windows\System32\perfh013.dat + 2009-02-14 14:07:04 676,772 ----a-w c:\windows\System32\perfh013.dat - 2009-02-14 11:58:19 11,236 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3522226232-1942944502-194646757-1002_UserData.bin + 2009-02-14 12:35:36 11,252 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3522226232-1942944502-194646757-1002_UserData.bin - 2009-02-14 11:58:19 106,688 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2009-02-14 12:35:36 106,688 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2009-02-14 11:58:16 50,160 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-02-14 12:35:34 50,176 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2007-07-19 1120568] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-01-09 3321856] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 232184] "toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672] "ACTIVBOARD"="c:\program files\Packard Bell\FIJI\aboard.exe" [2007-01-18 79416] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-03 136600] "UVS11 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 341488] "AVFX Engine"="c:\program files\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-08-16 24576] "V0230Mon.exe"="c:\windows\V0230Mon.exe" [2006-09-06 32768] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-31 1601304] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 528384] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13584928] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 92704] "AGEIA PhysX SysTray"="c:\program files\AGEIA Technologies\TrayIcon.exe" [2006-03-20 331776] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 c:\windows\RtHDVCpl.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968] c:\users\beheer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ LaunchU3.exe.lnk - c:\users\beheer\AppData\Roaming\Microsoft\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe [2009-01-07 22486] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm "msacm.MPEGacm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm "msacm.ulmp3acm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{2D53509A-3ED5-4CC3-9F34-6A268EE77BC5}"= UDP:c:\program files\Skype\Phone\Skype.exe:Skype "{D970F797-5F19-4867-BEAB-05231C597985}"= TCP:c:\program files\Skype\Phone\Skype.exe:Skype "{47021227-DEE2-46B1-8404-F8BA768AE001}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{F10CE4DA-0307-4046-939D-8725A708CFEF}c:\\users\\beheer\\desktop\\utorrent.exe"= UDP:c:\users\beheer\desktop\utorrent.exe:utorrent.exe "UDP Query User{0109AE69-AB1F-43E2-B426-EDE9EDC5B7A3}c:\\users\\beheer\\desktop\\utorrent.exe"= TCP:c:\users\beheer\desktop\utorrent.exe:utorrent.exe "TCP Query User{7B621949-9CC8-45E8-90F5-A991AB24CBB0}c:\\team17\\worms2\\frontend.exe"= UDP:c:\team17\worms2\frontend.exe:Worms 2 Frontend "UDP Query User{937C11A0-490D-40E3-A0B1-3BBD9FE006CA}c:\\team17\\worms2\\frontend.exe"= TCP:c:\team17\worms2\frontend.exe:Worms 2 Frontend "TCP Query User{0F215929-FA5A-4CCF-A64C-8C95BF29CC4B}c:\\program files\\steam\\steamapps\\common\\quake ii demo\\quake2.exe"= UDP:c:\program files\steam\steamapps\common\quake ii demo\quake2.exe:quake2 "UDP Query User{65BB292A-0895-4205-97D6-9BDD4FF7FC6B}c:\\program files\\steam\\steamapps\\common\\quake ii demo\\quake2.exe"= TCP:c:\program files\steam\steamapps\common\quake ii demo\quake2.exe:quake2 "{083CA4CC-315A-40FB-8D8F-D4B4EDB2E280}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{90EA6059-5A76-4C84-84D3-A963C3204430}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{C78C6D22-7C31-45B6-BD16-BBD89C3355AA}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{EAC5E012-18A5-4AA9-BBBC-2D8F7E7535C4}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{F31901A9-9B74-4D45-81B2-60B0DA612B16}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "TCP Query User{EC77B39B-DA17-4696-B66A-26B7636006B6}c:\\program files\\starcraft\\starcraft.exe"= UDP:c:\program files\starcraft\starcraft.exe:Starcraft "UDP Query User{8C0C4558-B60B-4895-8D69-7734FE8B6627}c:\\program files\\starcraft\\starcraft.exe"= TCP:c:\program files\starcraft\starcraft.exe:Starcraft "TCP Query User{7B03B8D5-2255-4845-9BDC-09B8FCAC4C32}c:\\program files\\thq\\dawn of war - dark crusade\\darkcrusade.exe"= UDP:c:\program files\thq\dawn of war - dark crusade\darkcrusade.exe:DarkCrusade "UDP Query User{A43BFCB2-A8EA-4AFD-B8B2-431EBCE8C508}c:\\program files\\thq\\dawn of war - dark crusade\\darkcrusade.exe"= TCP:c:\program files\thq\dawn of war - dark crusade\darkcrusade.exe:DarkCrusade "{E1260816-32EC-47FA-B16B-C9D6534DC11B}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger "{898E47C1-2562-41B2-87A6-94D6DF73252C}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger "{B60D594B-779D-46D2-82F8-C716424D5825}"= UDP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server "{B02722A2-AA23-4C5D-B608-A63929431E7B}"= TCP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server "{91B1DCB6-65E1-4502-B88E-DCB5845D53F6}"= UDP:c:\program files\SightSpeed\SightSpeed.exe:SightSpeed "{935901A1-7767-4F52-936D-D2E32077E7D5}"= TCP:c:\program files\SightSpeed\SightSpeed.exe:SightSpeed "TCP Query User{BD6B22E4-13ED-419C-988A-A75B3DC712EE}c:\\program files\\steam\\steamapps\\benniejuckers\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\benniejuckers\counter-strike source\hl2.exe:hl2 "UDP Query User{8621F41B-D3F1-438F-9729-785047B2B4C2}c:\\program files\\steam\\steamapps\\benniejuckers\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\benniejuckers\counter-strike source\hl2.exe:hl2 "{A9C500EB-34DB-457D-BC45-528AF807FDA9}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe "TCP Query User{116E958E-D0E8-45B1-ACEA-A2B964DEF4B2}c:\\program files\\sony ericsson\\update service\\update service.exe"= UDP:c:\program files\sony ericsson\update service\update service.exe:Update Service "UDP Query User{7AB2CBB8-4162-42E6-B31A-A06CCD1FA6B2}c:\\program files\\sony ericsson\\update service\\update service.exe"= TCP:c:\program files\sony ericsson\update service\update service.exe:Update Service "{DFC2A072-2AE3-4524-8DAE-9C409835E4DE}"= UDP:c:\program files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:Sony Ericsson Media Manager 1.2 "{07B237DC-B47C-41B6-AB37-BF8F77F237C0}"= TCP:c:\program files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:Sony Ericsson Media Manager 1.2 "TCP Query User{080C9DAB-80D4-43A7-BBEC-13B65A368C27}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client "UDP Query User{EB5F40FB-4863-4BDB-A1B6-1FFF51EEF5F0}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client "TCP Query User{50319A0A-7DA1-4796-B93C-365A63D6CA90}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox "UDP Query User{9825299B-2E9B-4A98-8562-56A9E6DE4BCE}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox "{5EA1AA3F-D656-4B07-AF77-58617CA01063}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{971E0735-BE36-4440-A937-555579F3AF12}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In) "TCP Query User{13D08E48-23D0-4E5C-AC66-60AC8014C769}c:\\users\\beheer\\desktop\\utorrent(2).exe"= UDP:c:\users\beheer\desktop\utorrent(2).exe:utorrent(2).exe "UDP Query User{323C161E-BE44-4AF9-A99D-5440E96EA29B}c:\\users\\beheer\\desktop\\utorrent(2).exe"= TCP:c:\users\beheer\desktop\utorrent(2).exe:utorrent(2).exe "TCP Query User{69C45C40-FDC6-49D6-8448-FDE102715397}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager "UDP Query User{D326E9CB-1CA5-40AC-A1C4-286AC6489285}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager "TCP Query User{2AE1B003-74C2-4AFA-AC15-97EA24D8F93F}c:\\program files\\ubisoft\\demo\\ghost recon advanced warfighter demo\\graw_demo.exe"= UDP:c:\program files\ubisoft\demo\ghost recon advanced warfighter demo\graw_demo.exe:GRAW_demo "UDP Query User{99A0EBEC-8764-40FF-990D-6A65D4CBC2D8}c:\\program files\\ubisoft\\demo\\ghost recon advanced warfighter demo\\graw_demo.exe"= TCP:c:\program files\ubisoft\demo\ghost recon advanced warfighter demo\graw_demo.exe:GRAW_demo "TCP Query User{79E5A2CD-4298-4BBD-8081-860A3CE662A1}c:\\program files\\electronic arts\\dead space\\dead space.exe"= UDP:c:\program files\electronic arts\dead space\dead space.exe:Dead Space ™ "UDP Query User{E0A841C0-14C8-40C4-8481-C432A76C4B7E}c:\\program files\\electronic arts\\dead space\\dead space.exe"= TCP:c:\program files\electronic arts\dead space\dead space.exe:Dead Space ™ "{A299A4BD-0C07-48E1-9C19-0A59C180EF47}"= UDP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32 "{C03EEFD2-03BF-448C-9BE6-F44778EC099F}"= TCP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32 "{AD521E78-BE10-45DF-8A57-B9EEFEF68851}"= UDP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32 "{9B3AF09D-907B-4BD0-A31C-3ADCAB8E911E}"= TCP:c:\program files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32 "{839199EF-8EB3-4A06-9149-BD880FD84F6D}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{9DEC24EF-2EAC-4042-A7B7-08123C79C4D9}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{970CD10E-E24C-43E7-A948-2A4637F550AF}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{DEBA4046-7390-4DC3-8386-720F169AC81E}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{3321CBC2-1D91-4AB3-B7EC-4C24E406B6D2}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{3F5D81E7-3CE7-4E82-A752-3D91C595CE81}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{C76A53DC-D556-41C4-9A18-84C0F2119F6C}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{B7C31A96-CE7A-4669-9BB4-6557F64F5ABC}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{A0DB3443-7596-4362-8070-A844D30E5161}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "TCP Query User{BBA67C94-DBF0-4B28-B4A1-86999F71873C}c:\\program files\\ubisoft\\ghost recon advanced warfighter\\graw.exe"= UDP:c:\program files\ubisoft\ghost recon advanced warfighter\graw.exe:GRAW "UDP Query User{279D769E-427C-47B0-955A-A31F656B74AC}c:\\program files\\ubisoft\\ghost recon advanced warfighter\\graw.exe"= TCP:c:\program files\ubisoft\ghost recon advanced warfighter\graw.exe:GRAW "TCP Query User{73463C0F-9215-46D4-A294-F7E682CD72F3}c:\\nexon\\nexon_eu_downloader\\nexon_eu_downloader_engine.exe"= UDP:c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe:NEXON_EU_Downloader_Engine "UDP Query User{E34159B0-400C-4C42-B482-CC4FA71BA128}c:\\nexon\\nexon_eu_downloader\\nexon_eu_downloader_engine.exe"= TCP:c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe:NEXON_EU_Downloader_Engine "{6209C124-C8BA-433E-9DA7-6A3E9352B435}"= UDP:c:\program files\Microsoft Games\Age of Mythology\aomx.exe:Age of Mythology - The Titans Expansion "{780B5518-83DD-4146-B844-A35B1838D1EE}"= TCP:c:\program files\Microsoft Games\Age of Mythology\aomx.exe:Age of Mythology - The Titans Expansion "{3F0089AF-F826-4BAD-9CCB-A148AFC51091}"= UDP:c:\program files\Malwarebytes' Anti-Malware\mbam.exe:Malwarebytes' Anti-Malware "{F6B6F843-1B87-427A-ACC5-DD4DF8DB21E0}"= TCP:c:\program files\Malwarebytes' Anti-Malware\mbam.exe:Malwarebytes' Anti-Malware [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2008-07-17 325128] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-31 298264] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-05-11 809296] S2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\pythonservice.exe [2008-10-17 10240] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\System32\drivers\ggflt.sys [2008-08-07 13352] S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\System32\drivers\s816bus.sys [2008-08-06 81832] S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\System32\drivers\s816mdfl.sys [2008-08-06 13864] S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\System32\drivers\s816mdm.sys [2008-08-06 107304] S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s816mgmt.sys [2008-08-06 99112] S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:\windows\System32\drivers\s816nd5.sys [2008-08-06 21928] S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\System32\drivers\s816obex.sys [2008-08-06 97320] S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:\windows\System32\drivers\s816unic.sys [2008-08-06 97704] S3 V0230Vfx;V0230Vfx;c:\windows\System32\drivers\V0230Vfx.sys [2008-07-05 6272] S3 V0230VID;Live! Cam Video IM Pro;c:\windows\System32\drivers\V0230VID.sys [2008-07-05 500480] --- Andere Services/Drivers In Geheugen --- *Deregistered* - sptd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0536c5f9-8412-11dd-b5cf-001c2532cb35}] \shell\AutoRun\command - J:\InstallTomTomHOME.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{307d437d-dc95-11dd-bbc5-001c2532cb35}] \shell\AutoRun\command - K:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6620ce7f-0f9e-11dd-83de-001c2532cb35}] \shell\AutoRun\command - J:\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cc1802fa-f524-11dd-928d-001c2532cb35}] \shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Info.exe protect.ed 480 480 . Inhoud van de 'Gedeelde Taken' map 2009-02-14 c:\windows\Tasks\Recovery DVD Creator.job - c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2006-11-21 17:34] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab FF - ProfilePath - c:\users\beheer\AppData\Roaming\Mozilla\Firefox\Profiles\msm2wx0d.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Marktplaats.nl FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/webhp?hl=nl&tab=iw FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-14 17:55:27 Windows 6.0.6001 Service Pack 1 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2009-02-14 17:57:15 ComboFix-quarantined-files.txt 2009-02-14 16:57:13 ComboFix2.txt 2009-02-14 12:28:30 ComboFix3.txt 2008-05-13 21:20:55 Pre-Run: 250.340.020.224 bytes beschikbaar Post-Run: 250,320,887,808 bytes beschikbaar 261 --- E O F --- 2009-02-13 21:42:58

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.