Vraag & Antwoord

Beveiliging & privacy

Last van Pop ups, en kan sommige handelingen niet uitvoeren

41 antwoorden
  • Hallo f.j.stols, ik lees in dat andere topic van jou dat je ook Advanced Systen Care gebruikt. Dat tool gebruikt bestanden van Malwarebytes en gerenommeerde Westerse antivirusmakers. Het is aan jouw dit frauduleuze tool te blijven gebruiken - inclusief de spyware toolbars die meegeïnstalleerd worden! In ieder geval zal je eigen antivirus blij zijn, indien dit tool verwijderd wordt. Bijgevolg: doordat daardoor conflicten met de gebruikte antivirus worden opgehevn, stijgt ook weer het beveiligingsniveau van de door jou ingezette antivirus naar normaal niveau! Jouw log ziet er verder overigens goed uit, geen spoor van malware. Dus waar nu die popups vandaan komen, vereist verder onderzoek. Dat installatie probleem - heb je dat ook met andere software? Doe dus het e volgende: [b:30ff695025]download [url=http://eric71.geekstogo.com/tools/LopSD.exe]LopSD[/url] of [url=http://eric.71.mespages.googlepages.com/LopSD.exe]LOPSD[/url] naar je Bureaublad.[/b:30ff695025] [list:30ff695025][*:30ff695025] [b:30ff695025]De-activeer bij dit tooltje je antispyware en virusscanner.[/b:30ff695025] [*:30ff695025][b:30ff695025]Vista- en Windows 7 gebruikers: rechtsklik op LopSD en kies voor "Als Administrator uitvoeren"! [*:30ff695025] Kies Optie N en Enter [*:30ff695025] Klik OK bij het informatie venter [*:30ff695025] Kies Optie 2 en Enter [*:30ff695025] Aan het eind verschijnt een log ( LopR.txt ) plaats de inhoud ervan in je volgende antwoord[/b:30ff695025][/list:u:30ff695025]
  • Fijn dat ik zo snel een reactie krijg: Om maar meteen met deze vraag te beginnen : "Dat installatie probleem - heb je dat ook met andere software? ", já. Bijvoorbeeld al als ik FF wil openen, dan komt er eerst een melding dat ik geen toestemming heb. Vervolgens lukt het dan wel. [img:c7a1ca199b]http://i56.tinypic.com/eio7pc.jpg[/img:c7a1ca199b] en bij het openen van LopSD zie ik: [img:c7a1ca199b]http://i53.tinypic.com/wtysn.jpg[/img:c7a1ca199b] Ook zag ik dat mijn Nod 32 wilde analyseren: [img:c7a1ca199b]http://i51.tinypic.com/2ekry38.jpg[/img:c7a1ca199b] kortom ik zit behoorlijk in de puree Advanced S.C. heb ik direct verwijderd (was niet te vinden in geïnstalleerde software, maar er was wel een uninstall-tool. Overigens had ik dat ooit een keer op aanraden ergens in het Forum opgehaald, jaar geleden of zo. Voorts merk ik op dat na dat mailwasher (een soort spam-selector) zijn werk gedaan heeft er m.o.m. automatisch overgeschakeld wordt naar mijn emailprogramma (I.E.), en dat moet ik "handmatig"doen.
  • Hoi, zo te zien is jouw Windows behoorlijk beschadigd. Begin ermee, ServicePack 3 voor Windows XP opnieuw te installeren! Deaktiveer voordat je met de installatie begint wel je antivirus! http://www.microsoft.com/downloads/nl-nl/details.aspx?FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4&DisplayLang=nl
  • Vóór ik begin: ik heb een engelstalige XP, zal ik eerst zelf zoeken naar een engelstalige XP3, of maakt het niet uit?
  • inmddels een héél stuk verder (durf nog niet te zeggen dat alles goed is?) Heb eerst de engelse SP3 binnengehaald. Vervolgens de oorspronkelijke SP3 gede-installeerd (kon niet via software, maar wel via Ccleaner!) en toen de nieuwe SP3 uitgepakt. Dat duurde dus "even", vandaar. Mijn eerste controle is dat een bijv. installatie van een exe weer gaat. Moet ik die LopSD nog uitpakken en laten draaien? Ik wacht even af. Merk ook dat mijn grafische kaart nog wat downloads of zo nodig heeft.
  • Laat LOP.sd inderdaad maar draaien, want de besmetting zal er nog wel zitten!
  • ik neem aan dat ik dat log moet posten hier?
  • en ik zie nu dat mijn emailprogramma (O.E. maar ook Live mail) niet goed werkt: geen cursor in het schrijfgedeelte... Ook de hyperlink die ik van C!T per email krijg doet het niet.
  • ik ga nog even verder met het melden van problemen - tenzij dat voorbarig is - maar ondanks ophalen update ATI-driver gaat scrollen nog schokkerig. En bij openen van Internet Explorer (N.B.) komen er meldingen: [img:ecd91594ad]http://i56.tinypic.com/4q0h2g.jpg[/img:ecd91594ad] vervolgens [img:ecd91594ad]http://i56.tinypic.com/24m7psp.jpg[/img:ecd91594ad] en dan [img:ecd91594ad]http://i55.tinypic.com/2vmu8pg.jpg[/img:ecd91594ad] want het "debug"doet verder niets. Ook "systeemherstel"van Windows levert geen oude herstelpunten (meer) op.
  • Je mag inderdaad het log posten! Wat betreft IE8 - gewoon opnieuw installeren! http://www.microsoft.com/downloads/en/details.aspx?FamilyID=341c2ad5-8c3d-4347-8c03-08cdecd8852b
  • tussentijdse mededeling: na hetopnieuw ophalen van I.E. (gelukkig deed FF het wel) doet die het weer. Ook de noodzakelijke updates voor de grafische kaart komen weer binnen (via Hippo). En: ik heb weer een cursor in Outlook Express! Hier is de log: --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : AMD Athlon(tm) II X3 440 Processor ) BIOS : Default System BIOS USER : Administrator ( Administrator ) BOOT : Normal boot Antivirus : ESET NOD32 Antivirus 4.2 4.2 (Activated) Firewall : ZoneAlarm Firewall 9.2.076.000 (Activated) C:\ (Local Disk) - NTFS - Total:232 Go (Free:207 Go) D:\ (CD or DVD) E:\ (CD or DVD) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (USB) Y:\ (Local Disk) - NTFS - Total:931 Go (Free:894 Go) Z:\ (Local Disk) - NTFS - Total:298 Go (Free:275 Go) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [1] ( vr 17-12-2010|18:11 ) --------------------\\ Listing folders in APPLIC~1 [07-12-2010|19:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\ACD Systems [07-12-2010|15:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe [28-09-2010|07:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\ArcSoft [27-08-2010|13:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI [08-10-2010|15:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Auslogics [16-12-2010|10:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Avanquest [12-11-2010|15:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\BinarySense [30-10-2010|11:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Canon [26-08-2010|17:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Carambis [21-08-2010|11:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\CD-LabelPrint [22-07-2010|17:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\CheckPoint [27-10-2010|11:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\DeviceDoctorSoftware [22-10-2010|09:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\Downloaded Installations [17-12-2010|15:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\Easeware [28-09-2010|08:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\ePaperPress [05-11-2010|16:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\EXIF Date Changer [08-12-2010|09:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\FastStone [16-10-2010|07:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Foxit [16-10-2010|07:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Foxit Software [23-10-2010|09:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\GemistDownloader [05-11-2010|16:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\GeoSetter [27-07-2010|09:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google [01-08-2010|15:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\HD Tune Pro [10-12-2010|11:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help [26-07-2010|09:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\InfraRecorder [02-12-2010|17:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\IObit [29-11-2010|10:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Kalender [27-08-2010|11:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\log [23-10-2010|11:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia [17-12-2010|15:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\MailWasherPro [28-09-2010|19:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes [11-11-2010|10:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Media Player Classic [26-11-2010|12:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [27-08-2010|13:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla [06-08-2010|11:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla(2) [23-10-2010|18:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\NetSpeedMonitor [22-10-2010|09:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Nitro PDF [04-10-2010|12:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Office Genuine Advantage [26-07-2010|18:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\OpenOffice.org [16-12-2010|09:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\Registry Mechanic [21-11-2010|12:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\Skype [21-11-2010|12:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\skypePM [26-07-2010|18:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun [13-12-2010|12:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\TeamViewer [23-07-2010|15:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\TomTom [12-11-2010|10:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\UltraVNC [30-11-2010|08:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc [27-08-2010|14:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\Windows Search [01-09-2010|19:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Youtube Downloader HD [07-12-2010|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems [07-12-2010|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [15-12-2010|12:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI [16-12-2010|10:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avanquest [22-07-2010|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ [01-08-2010|15:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Driver Whiz [22-07-2010|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET [10-12-2010|11:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData [25-07-2010|15:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet [30-07-2010|14:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hps [15-10-2010|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Innovative Solutions [21-11-2010|10:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IObit [30-07-2010|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [10-11-2010|14:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Maxtor [25-07-2010|10:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee [30-11-2010|09:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [15-10-2010|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound [22-10-2010|09:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nitro PDF [25-07-2010|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS [04-10-2010|12:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [30-08-2010|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Paragon [04-10-2010|07:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [28-10-2010|07:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Soluto [26-07-2010|18:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sun [13-10-2010|08:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com [12-11-2010|12:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tarma Installer [16-12-2010|10:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [23-07-2010|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom [20-07-2010|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [21-07-2010|08:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [24-08-2010|15:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [16-04-2010|00:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks [17-12-2010 17:25][--ah-----] C:\WINDOWS\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job [17-12-2010 15:48][--a------] C:\WINDOWS\tasks\OGALogon.job [17-12-2010 15:48][--ah-----] C:\WINDOWS\tasks\SA.DAT [28-02-2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing Folders in C:\Program Files [05-11-2010|09:46] C:\Program Files\7-Zip [12-12-2010|13:27] C:\Program Files\ACD [22-07-2010|15:23] C:\Program Files\Acro Software [16-12-2010|14:54] C:\Program Files\Adobe [11-11-2010|19:56] C:\Program Files\Adres 2000 [30-07-2010|14:17] C:\Program Files\AH [22-07-2010|14:57] C:\Program Files\Ahead [25-08-2010|08:04] C:\Program Files\Albert Heijn Fotoservice [28-09-2010|07:01] C:\Program Files\ArcSoft [21-07-2010|08:45] C:\Program Files\ATI [15-12-2010|10:42] C:\Program Files\ATI Technologies [14-12-2010|09:11] C:\Program Files\Auslogics [02-12-2010|19:36] C:\Program Files\Bibble Labs [26-11-2010|19:35] C:\Program Files\bin [11-10-2010|07:46] C:\Program Files\Canon [11-10-2010|07:46] C:\Program Files\CanonBJ [29-11-2010|12:06] C:\Program Files\CCleaner [22-07-2010|17:44] C:\Program Files\CheckPoint=ZoneAlarm [16-12-2010|16:01] C:\Program Files\Common Files [16-04-2010|00:22] C:\Program Files\ComPlus Applications [28-09-2010|06:18] C:\Program Files\Conduit [23-10-2010|14:13] C:\Program Files\CPUID [12-11-2010|13:13] C:\Program Files\Easy Rolodex 3.1 [08-12-2010|09:40] C:\Program Files\ePaperPress [07-10-2010|19:45] C:\Program Files\ESET [23-08-2010|10:07] C:\Program Files\Eusing Free Registry Cleaner [05-11-2010|16:46] C:\Program Files\EXIF Date Changer [08-12-2010|09:23] C:\Program Files\FastStone Image Viewer [13-11-2010|09:44] C:\Program Files\FastStone Photo Resizer [17-12-2010|15:53] C:\Program Files\filehippo.com [11-10-2010|09:53] C:\Program Files\Foxit Software [22-07-2010|17:40] C:\Program Files\Gadwin Systems [23-10-2010|09:40] C:\Program Files\GemistDownloader [31-10-2010|20:45] C:\Program Files\GeoSetter [01-10-2010|15:19] C:\Program Files\Google [22-07-2010|15:23] C:\Program Files\GPLGS [12-11-2010|09:08] C:\Program Files\HD Tune Pro [29-08-2010|17:16] C:\Program Files\HP [05-11-2010|13:18] C:\Program Files\InstallShield Installation Information [17-12-2010|14:23] C:\Program Files\Internet Explorer [14-11-2010|12:44] C:\Program Files\IObit [26-11-2010|19:35] C:\Program Files\Java [20-08-2010|13:35] C:\Program Files\Lang [24-07-2010|13:50] C:\Program Files\Lavalys Everest [13-10-2010|14:01] C:\Program Files\lib [26-07-2010|18:47] C:\Program Files\licenses [22-07-2010|15:26] C:\Program Files\MailWasher Pro [02-12-2010|15:58] C:\Program Files\Malwarebytes' Anti-Malware [17-12-2010|14:28] C:\Program Files\Messenger [04-10-2010|08:29] C:\Program Files\Microsoft [16-04-2010|00:25] C:\Program Files\microsoft frontpage [26-11-2010|12:57] C:\Program Files\Microsoft Office [16-12-2010|14:42] C:\Program Files\Microsoft Silverlight [26-11-2010|12:11] C:\Program Files\Microsoft Visual Studio [26-11-2010|13:00] C:\Program Files\Microsoft Works [26-11-2010|12:10] C:\Program Files\Microsoft.NET [17-12-2010|15:32] C:\Program Files\Movie Maker [11-12-2010|15:32] C:\Program Files\Mozilla Firefox [03-11-2010|14:55] C:\Program Files\Mozilla Firefox(2) [20-07-2010|16:06] C:\Program Files\MSBuild [15-10-2010|12:17] C:\Program Files\MSECache [17-12-2010|13:44] C:\Program Files\msn [16-04-2010|00:22] C:\Program Files\MSN Gaming Zone [20-07-2010|16:05] C:\Program Files\MSXML 6.0 [14-10-2010|13:57] C:\Program Files\NCH Software [17-12-2010|14:22] C:\Program Files\NetMeeting [10-11-2010|16:10] C:\Program Files\NirSoft [08-10-2010|15:04] C:\Program Files\NT Registry Optimizer [22-07-2010|17:38] C:\Program Files\Online Services [28-11-2010|13:53] C:\Program Files\OpenOffice.org 3 [17-12-2010|15:31] C:\Program Files\Outlook Express [30-08-2010|11:26] C:\Program Files\Paragon Software [28-09-2010|08:24] C:\Program Files\PTlens [26-07-2010|18:47] C:\Program Files\readmes [21-07-2010|08:49] C:\Program Files\Realtek [26-07-2010|18:47] C:\Program Files\redist [20-07-2010|16:06] C:\Program Files\Reference Assemblies [14-12-2010|09:13] C:\Program Files\Skype [13-12-2010|11:59] C:\Program Files\TeamViewer [26-09-2010|16:38] C:\Program Files\TomTom DesktopSuite [26-09-2010|16:39] C:\Program Files\TomTom HOME 2 [26-09-2010|16:39] C:\Program Files\TomTom International B.V [03-11-2010|14:46] C:\Program Files\ToniArts [30-09-2010|14:41] C:\Program Files\Trend Micro [16-04-2010|00:29] C:\Program Files\Uninstall Information [23-07-2010|15:43] C:\Program Files\VideoLAN [10-10-2010|17:00] C:\Program Files\VS Revo Group [01-11-2010|22:26] C:\Program Files\Windows Desktop Search [15-10-2010|15:58] C:\Program Files\Windows Live [04-10-2010|08:29] C:\Program Files\Windows Live SkyDrive [15-10-2010|16:12] C:\Program Files\Windows Media Connect 2 [17-12-2010|14:22] C:\Program Files\Windows Media Player [17-12-2010|14:22] C:\Program Files\Windows NT [16-04-2010|00:24] C:\Program Files\WindowsUpdate [16-04-2010|00:25] C:\Program Files\xerox [17-10-2010|12:29] C:\Program Files\YouTube Downloader [22-07-2010|17:44] C:\Program Files\Zone Labs --------------------\\ Listing Folders in C:\Program Files\Common Files [11-12-2010|19:23] C:\Program Files\Common Files\ACD Systems [16-12-2010|14:54] C:\Program Files\Common Files\Adobe [22-07-2010|14:56] C:\Program Files\Common Files\Ahead [22-07-2010|14:36] C:\Program Files\Common Files\CANON [26-11-2010|12:11] C:\Program Files\Common Files\DESIGNER [29-08-2010|17:17] C:\Program Files\Common Files\Hewlett-Packard [28-09-2010|07:01] C:\Program Files\Common Files\InstallShield [26-07-2010|18:34] C:\Program Files\Common Files\Java [22-07-2010|14:49] C:\Program Files\Common Files\Macrovision Shared [10-11-2010|16:09] C:\Program Files\Common Files\Maxtor [26-11-2010|13:09] C:\Program Files\Common Files\Microsoft Shared [16-04-2010|00:23] C:\Program Files\Common Files\MSSoap [22-07-2010|14:58] C:\Program Files\Common Files\Nero [15-04-2010|17:12] C:\Program Files\Common Files\ODBC [16-04-2010|00:23] C:\Program Files\Common Files\Services [14-12-2010|09:13] C:\Program Files\Common Files\Skype [15-04-2010|17:12] C:\Program Files\Common Files\SpeechEngines [17-12-2010|15:05] C:\Program Files\Common Files\System [04-10-2010|08:25] C:\Program Files\Common Files\Windows Live --------------------\\ Process ( 42 Processes ) ... OK ! --------------------\\ Searching with S_Lop No Lop folder found ! --------------------\\ Searching for Lop Files - Folders C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData\globData.mk4 --------------------\\ Searching within the Registry [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ..... OK ! --------------------\\ Checking the Hosts file Hosts file CLEAN --------------------\\ Searching for hidden files with Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-12-17 18:12:38 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Searching for other infections No other infections found ! [F:56][D:10]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp [F:107][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies [F:4024][D:8]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - vr 17-12-2010|18:13 - Option : [1] --------------------\\ Scan completed at 18:13:37 Ik zu nu zelf nog wat onbekende termen in dit log, en het scrollen van het beeld geeft nog wat golvende bewegingen, hoop dat het na een update van NVidia beter wordt.
  • helaas herkent Outlook Express de op een externe harde schijf ingestelde archiefmap niet meer. Adresboek is er wel nog, maar toch een beetje lastig met het afhandelen van lopende zaken, waarvan nog geen emailadres was opgeslagen.
  • Je rammelt van het ene in het andere probleem. En dat je nog steeds dat onderwijl antieke OutlookExpress gebruikt! Maar alles op zijn tijd: ik denk dat het nu tijd is voor ComboFix! Want waarom Lop de twee besmettingen niet heeft verwijderd, is mij een raadsel! Download ComboFix van één van deze locaties: [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:4a4015631c]Bleepingcomputer[/b:4a4015631c][/url] [url=http://www.forospyware.com/sUBs/ComboFix.exe][b:4a4015631c]ForoSpyware[/b:4a4015631c][/url] [color=#8000FF:4a4015631c][b:4a4015631c]* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op *[/b:4a4015631c][/color:4a4015631c] [list:4a4015631c][*:4a4015631c] Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen: [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:4a4015631c]Klik hier[/b:4a4015631c][/url] [*:4a4015631c] Indien het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.[*:4a4015631c]Dubbeklik op ComboFix.exe en volg de meldingen op het scherm.[*:4a4015631c] ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd. [color=#0000FF:4a4015631c][b:4a4015631c]**Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.[/b:4a4015631c][/color:4a4015631c] [*:4a4015631c]Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.[/list:u:4a4015631c] [img:4a4015631c]http://www.bleepstatic.com/combofix/nl/cf-rc-auto.jpg[/img:4a4015631c] Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd: [img:4a4015631c]http://www.bleepstatic.com/combofix/nl/rc-auto-done.jpg[/img:4a4015631c] [b:4a4015631c]Klik op Ja om verder te gaan met het scannen naar malware.[/b:4a4015631c] Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als [b:4a4015631c]C:\ComboFix.txt[/b:4a4015631c]) in je volgende bericht.
  • helaas, maar hier word ik ook heel verdrietig van: Combofix wil sowieso niet opstarten, met de mededeling: [img:8527221555]http://i56.tinypic.com/zup0l5.jpg[/img:8527221555] maar na enige keren Ctrl Alt Del leek het wel te lukken. helaas: ook na lang wachten alleen de eerste regel. In het verleden dit wel vaker laten lopen zonder problemen. Ook heb ik Windows Live Mail wel eens bekeken, maar dat beviel me niet; Outlook evenmin. Licht waarschijnlijk aan mijn leeftijd?
  • op één of andere manier lukte het posten niet, nu nog eens: ComboFix 10-12-18.01 - Administrator 18-12-2010 19:48:25.8.3 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1033.18.3327.2788 [GMT 1:00] Gestart vanuit: c:\documents and settings\Administrator\Desktop\ComboFix.exe AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} . (((((((((((((((((((( Bestanden Gemaakt van 2010-11-18 to 2010-12-18 )))))))))))))))))))))))))))))) . 2010-12-18 09:43 . 2010-12-18 09:43 -------- d-----w- C:\NVIDIA 2010-12-17 14:39 . 2010-12-17 14:39 -------- d-----w- c:\documents and settings\Administrator\Application Data\Easeware 2010-12-17 13:56 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll 2010-12-17 13:56 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll 2010-12-17 13:56 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll 2010-12-17 13:56 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2010-12-17 13:52 . 2009-12-09 05:53 726528 -c--a-w- c:\windows\system32\dllcache\jscript.dll 2010-12-17 13:24 . 2009-07-31 08:05 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll 2010-12-17 13:24 . 2008-04-13 21:57 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll 2010-12-17 13:21 . 2010-11-26 04:17 5555712 -c--a-w- c:\windows\system32\dllcache\ati2mtag.sys 2010-12-17 13:19 . 2006-12-28 23:31 19569 ----a-w- c:\windows\003033_.tmp 2010-12-17 08:08 . 2010-12-17 17:13 -------- d-----w- C:\Lop SD 2010-12-16 09:04 . 2010-12-16 09:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Avanquest 2010-12-16 09:04 . 2010-12-16 09:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\Avanquest 2010-12-16 08:59 . 2010-12-16 08:59 -------- d-----w- c:\documents and settings\Administrator\Application Data\Registry Mechanic 2010-12-15 11:43 . 2010-12-15 11:43 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI 2010-12-14 19:30 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2010-12-14 19:29 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2010-12-14 08:13 . 2010-12-14 08:13 -------- d-----w- c:\program files\Common Files\Skype 2010-12-14 08:11 . 2010-12-14 08:11 -------- d-----w- c:\program files\Auslogics 2010-12-13 10:59 . 2010-12-13 11:07 -------- d-----w- c:\documents and settings\Administrator\Application Data\TeamViewer 2010-12-13 10:59 . 2010-12-13 10:59 -------- d-----w- c:\program files\TeamViewer 2010-12-12 12:27 . 2010-12-12 12:27 -------- d-----w- c:\program files\ACD 2010-12-10 10:25 . 2010-12-10 10:25 -------- d-----w- c:\documents and settings\All Users\Application Data\espionServerData 2010-12-09 17:49 . 2010-12-09 17:49 -------- d-----w- c:\windows\system32\Adobe 2010-12-08 12:45 . 2001-08-17 21:36 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll 2010-12-08 12:44 . 2001-08-17 12:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys 2010-12-08 12:43 . 2001-08-17 12:51 4992 -c--a-w- c:\windows\system32\dllcache\toside.sys 2010-12-08 12:42 . 2001-08-17 21:36 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll 2010-12-08 12:41 . 2001-08-17 21:36 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll 2010-12-08 12:40 . 2001-08-17 12:51 23936 -c--a-w- c:\windows\system32\dllcache\sccmn50m.sys 2010-12-08 12:39 . 2001-08-17 12:28 899146 -c--a-w- c:\windows\system32\dllcache\r2mdkxga.sys 2010-12-08 12:38 . 2001-08-17 13:07 27296 -c--a-w- c:\windows\system32\dllcache\perc2.sys 2010-12-08 12:37 . 2001-08-17 11:50 39264 -c--a-w- c:\windows\system32\dllcache\neo20xx.sys 2010-12-08 12:36 . 2008-04-13 19:46 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys 2010-12-08 12:35 . 2001-08-17 21:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll 2010-12-08 12:34 . 2001-08-17 21:36 26624 -c--a-w- c:\windows\system32\dllcache\icam3ext.dll 2010-12-08 12:33 . 2001-08-17 21:36 93696 -c--a-w- c:\windows\system32\dllcache\hpgt42.dll 2010-12-08 12:32 . 2001-08-17 21:36 45568 -c--a-w- c:\windows\system32\dllcache\esunib.dll 2010-12-08 12:31 . 2001-08-17 21:36 6729 -c--a-w- c:\windows\system32\dllcache\disrvci.dll 2010-12-08 12:30 . 2001-08-17 11:13 164923 -c--a-w- c:\windows\system32\dllcache\diapi2.sys 2010-12-08 12:29 . 2001-08-17 13:56 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll 2010-12-08 08:40 . 2010-12-08 08:40 -------- d-----w- c:\program files\ePaperPress 2010-12-08 08:23 . 2010-12-08 08:23 -------- d-----w- c:\program files\FastStone Image Viewer 2010-12-07 18:19 . 2010-12-07 18:19 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems 2010-12-07 13:52 . 2010-12-07 13:52 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ACDSee 2010-12-02 18:38 . 2010-12-02 18:38 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Bibble Labs 2010-12-02 18:36 . 2010-12-02 18:36 -------- d-----w- c:\program files\Bibble Labs 2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr 2010-11-30 08:06 . 2009-06-25 12:20 1446264 ----a-w- c:\program files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll 2010-11-29 09:01 . 2010-11-29 09:01 -------- d-----w- c:\documents and settings\Administrator\Application Data\Kalender 2010-11-26 18:35 . 2010-11-26 18:35 73728 ----a-w- c:\windows\system32\javacpl.cpl 2010-11-26 18:35 . 2010-11-26 18:35 -------- d-----w- c:\program files\Java 2010-11-26 11:11 . 2010-11-26 12:00 -------- d-----w- c:\program files\Microsoft Works 2010-11-26 11:11 . 2010-11-26 11:11 -------- d-----w- c:\windows\SHELLNEW 2010-11-26 11:10 . 2010-11-26 11:10 -------- d-----w- c:\program files\Microsoft.NET 2010-11-26 11:08 . 2010-11-26 11:08 -------- d-----r- C:\MSOCache 2010-11-25 18:09 . 2010-11-29 12:00 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Hema Fotoalbum 2010-11-24 12:03 . 2010-11-28 12:53 -------- d-----w- c:\program files\OpenOffice.org 3 2010-11-21 09:02 . 2010-11-21 09:02 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-13 16:31 . 2010-08-25 07:08 8605 ----a-w- c:\documents and settings\Administrator\Application Data\mdb.bin 2010-11-29 16:42 . 2010-09-28 18:47 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-11-29 16:42 . 2010-09-28 18:47 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-11-26 18:35 . 2010-07-26 17:34 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-11-26 03:57 . 2010-07-21 07:45 16748544 ----a-w- c:\windows\system32\atioglxx.dll 2010-11-26 03:23 . 2010-07-21 07:45 471040 ----a-w- c:\windows\system32\atiok3x2.dll 2010-11-26 03:12 . 2010-07-21 07:45 311296 ----a-w- c:\windows\system32\atiiiexx.dll 2010-11-26 03:07 . 2010-07-21 07:45 57344 ----a-w- c:\windows\system32\aticalrt.dll 2010-11-26 03:07 . 2010-07-21 07:45 53248 ----a-w- c:\windows\system32\aticalcl.dll 2010-11-26 03:06 . 2010-07-21 07:45 4489216 ----a-w- c:\windows\system32\aticaldd.dll 2010-11-26 02:55 . 2010-07-21 07:45 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll 2010-11-26 02:39 . 2010-07-21 07:45 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2010-11-26 02:34 . 2010-07-21 07:45 212992 ----a-w- c:\windows\system32\atipdlxx.dll 2010-11-26 02:34 . 2010-07-21 07:45 155648 ----a-w- c:\windows\system32\Oemdspif.dll 2010-11-26 02:34 . 2010-07-21 07:45 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe 2010-11-26 02:34 . 2010-07-21 07:45 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2010-11-26 02:34 . 2010-07-21 07:45 159744 ----a-w- c:\windows\system32\ati2evxx.dll 2010-11-26 02:32 . 2010-07-21 07:45 614400 ----a-w- c:\windows\system32\ati2evxx.exe 2010-11-26 02:31 . 2010-07-21 07:45 53248 ----a-w- c:\windows\system32\ATIDDC.DLL 2010-11-26 02:30 . 2010-07-21 07:45 143360 ----a-w- c:\windows\system32\atiapfxx.exe 2010-11-26 02:26 . 2010-07-21 07:45 651264 ----a-w- c:\windows\system32\atikvmag.dll 2010-11-26 02:24 . 2010-07-21 07:45 196608 ----a-w- c:\windows\system32\atiadlxx.dll 2010-11-26 02:24 . 2010-07-21 07:45 17408 ----a-w- c:\windows\system32\atitvo32.dll 2010-11-26 02:16 . 2010-07-21 07:45 64512 ----a-w- c:\windows\system32\atimpc32.dll 2010-11-26 02:16 . 2010-07-21 07:45 64512 ----a-w- c:\windows\system32\amdpcom32.dll 2010-11-18 18:12 . 2010-04-15 23:22 81920 ----a-w- c:\windows\system32\isign32.dll 2010-11-10 15:08 . 2010-11-10 15:08 121080 ----a-w- c:\program files\uninst.exe 2010-11-10 15:06 . 2010-11-10 15:06 779576 ----a-w- c:\program files\df.exe 2010-11-10 15:06 . 2010-11-10 15:06 2110776 ----a-w- c:\program files\Defraggler.exe 2010-11-10 13:54 . 2010-11-10 13:54 400864 ----a-w- c:\windows\system32\drivers\timntr.sys 2010-11-10 13:54 . 2010-11-10 13:54 32768 ----a-w- c:\windows\system32\drivers\tifsfilt.sys 2010-11-10 13:54 . 2010-11-10 13:54 120992 ----a-w- c:\windows\system32\drivers\snapman.sys 2010-11-06 00:26 . 2006-02-28 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-11-06 00:26 . 2006-02-28 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2010-11-06 00:26 . 2006-02-28 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2010-11-03 12:25 . 2006-02-28 12:00 385024 ------w- c:\windows\system32\html.iec 2010-11-02 15:17 . 2010-07-21 06:59 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys 2010-10-28 13:13 . 2006-02-28 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-10-26 13:25 . 2010-07-21 06:59 1853312 ----a-w- c:\windows\system32\win32k.sys 2010-09-30 13:41 . 2010-09-30 13:41 388096 ------r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-09-30 12:01 . 2010-10-22 08:36 17712 ----a-w- c:\windows\system32\nitrolocalui.dll 2010-09-30 12:01 . 2010-10-22 08:36 26416 ----a-w- c:\windows\system32\nitrolocalmon.dll . ((((((((((((((((((((((((((((( SnapShot@2010-11-22_10.20.42 ))))))))))))))))))))))))))))))))))))))))) . - 2008-04-14 00:12 . 2008-04-14 00:12 57344 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll + 2008-04-14 04:42 . 2008-04-14 04:42 57344 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll + 2009-07-11 23:02 . 2009-07-11 23:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll - 2009-07-11 22:02 . 2009-07-11 22:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll + 2009-07-11 23:02 . 2009-07-11 23:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll - 2009-07-11 22:02 . 2009-07-11 22:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll + 2009-07-11 23:02 . 2009-07-11 23:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll - 2009-07-11 22:02 . 2009-07-11 22:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll + 2009-07-11 23:02 . 2009-07-11 23:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll - 2009-07-11 22:02 . 2009-07-11 22:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll - 2009-07-11 22:02 . 2009-07-11 22:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll + 2009-07-11 23:02 . 2009-07-11 23:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll - 2009-07-11 22:02 . 2009-07-11 22:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll + 2009-07-11 23:02 . 2009-07-11 23:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll + 2009-07-11 23:02 . 2009-07-11 23:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll - 2009-07-11 22:02 . 2009-07-11 22:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll - 2009-07-11 22:02 . 2009-07-11 22:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll + 2009-07-11 23:02 . 2009-07-11 23:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll - 2009-07-11 22:02 . 2009-07-11 22:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll + 2009-07-11 23:02 . 2009-07-11 23:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll - 2009-07-11 22:02 . 2009-07-11 22:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll + 2009-07-11 23:02 . 2009-07-11 23:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll - 2009-07-11 22:02 . 2009-07-11 22:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll + 2009-07-11 23:02 . 2009-07-11 23:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll + 2009-07-11 23:02 . 2009-07-11 23:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll - 2009-07-11 22:02 . 2009-07-11 22:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll + 2007-11-07 00:19 . 2007-11-07 00:19 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll + 2007-11-07 00:19 . 2007-11-07 00:19 47104 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll + 2007-11-07 00:19 . 2007-11-07 00:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll + 2007-11-07 00:19 . 2007-11-07 00:19 60416 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll + 2007-11-07 00:19 . 2007-11-07 00:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll + 2007-11-07 00:19 . 2007-11-07 00:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll + 2007-11-07 00:19 . 2007-11-07 00:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll + 2007-11-07 00:19 . 2007-11-07 00:19 60928 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll + 2007-11-07 00:19 . 2007-11-07 00:19 41984 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll + 2007-11-07 00:19 . 2007-11-07 00:19 41472 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll - 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll + 2009-07-11 23:05 . 2009-07-11 23:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll + 2009-07-11 23:05 . 2009-07-11 23:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll - 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll + 2007-11-06 21:51 . 2007-11-06 21:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll + 2007-11-06 21:51 . 2007-11-06 21:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll + 2008-04-14 04:42 . 2008-04-14 04:42 74802 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll - 2008-04-14 00:12 . 2008-04-14 00:12 74802 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll - 2006-02-28 12:00 . 2008-04-14 00:12 50688 c:\windows\twain_32.dll + 2006-02-28 12:00 . 2008-04-14 04:42 50688 c:\windows\twain_32.dll + 2010-12-18 18:37 . 2010-12-18 18:37 16384 c:\windows\Temp\Perflib_Perfdata_6b8.dat + 2010-04-15 23:21 . 2008-04-14 04:42 11776 c:\windows\system32\xolehlp.dll - 2010-04-15 23:21 . 2008-04-14 00:12 11776 c:\windows\system32\xolehlp.dll + 2006-02-28 12:00 . 2008-04-14 04:42 50176 c:\windows\system32\xmlprovi.dll - 2006-02-28 12:00 . 2008-04-14 00:12 50176 c:\windows\system32\xmlprovi.dll - 2006-02-28 12:00 . 2008-04-14 00:12 30720 c:\windows\system32\xcopy.exe + 2006-02-28 12:00 . 2008-04-14 04:42 30720 c:\windows\system32\xcopy.exe - 2006-02-28 12:00 . 2008-04-14 00:12 91648 c:\windows\system32\xactsrv.dll + 2006-02-28 12:00 . 2008-04-14 04:42 91648 c:\windows\system32\xactsrv.dll + 2004-08-04 00:56 . 2008-04-14 04:42 52736 c:\windows\system32\wzcsapi.dll - 2004-08-04 00:56 . 2008-04-14 00:12 52736 c:\windows\system32\wzcsapi.dll + 2006-02-28 12:00 . 2008-04-14 04:42 18432 c:\windows\system32\wtsapi32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 18432 c:\windows\system32\wtsapi32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 50688 c:\windows\system32\wstdecod.dll + 2006-02-28 12:00 . 2008-04-14 04:42 50688 c:\windows\system32\wstdecod.dll + 2006-02-28 12:00 . 2008-04-14 04:42 22528 c:\windows\system32\wsock32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 22528 c:\windows\system32\wsock32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 41984 c:\windows\system32\wsnmp32.dll + 2006-02-28 12:00 . 2008-04-14 04:42 41984 c:\windows\system32\wsnmp32.dll + 2006-02-28 12:00 . 2008-04-14 04:42 19456 c:\windows\system32\wshtcpip.dll - 2006-02-28 12:00 . 2008-04-14 00:12 19456 c:\windows\system32\wshtcpip.dll + 2006-02-28 12:00 . 2008-04-14 04:42 11264 c:\windows\system32\wshrm.dll - 2006-02-28 12:00 . 2008-04-14 00:12 11264 c:\windows\system32\wshrm.dll + 2006-02-28 12:00 . 2008-04-14 04:42 14336 c:\windows\system32\wship6.dll - 2006-02-28 12:00 . 2008-04-14 00:12 14336 c:\windows\system32\wship6.dll + 2006-02-28 12:00 . 2008-04-14 04:42 36864 c:\windows\system32\wshcon.dll - 2006-02-28 12:00 . 2008-04-14 00:12 36864 c:\windows\system32\wshcon.dll - 2006-02-28 12:00 . 2008-04-14 00:12 80896 c:\windows\system32\wscsvc.dll + 2006-02-28 12:00 . 2008-04-14 04:42 80896 c:\windows\system32\wscsvc.dll - 2006-02-28 12:00 . 2008-04-14 00:12 13824 c:\windows\system32\wscntfy.exe + 2006-02-28 12:00 . 2008-04-14 04:42 13824 c:\windows\system32\wscntfy.exe - 2006-02-28 12:00 . 2008-04-14 00:12 19968 c:\windows\system32\ws2help.dll + 2006-02-28 12:00 . 2008-04-14 04:42 19968 c:\windows\system32\ws2help.dll - 2006-02-28 12:00 . 2008-04-14 00:12 82432 c:\windows\system32\ws2_32.dll + 2006-02-28 12:00 . 2008-04-14 04:42 82432 c:\windows\system32\ws2_32.dll + 2006-02-28 12:00 . 2008-04-14 04:42 11264 c:\windows\system32\wpnpinst.exe - 2006-02-28 12:00 . 2008-04-14 00:12 11264 c:\windows\system32\wpnpinst.exe + 2006-02-28 12:00 . 2008-04-14 04:42 32256 c:\windows\system32\wpabaln.exe - 2006-02-28 12:00 . 2008-04-14 00:12 32256 c:\windows\system32\wpabaln.exe - 2006-02-28 12:00 . 2008-04-14 00:12 20480 c:\windows\system32\wmpui.dll + 2006-02-28 12:00 . 2008-04-14 04:42 20480 c:\windows\system32\wmpui.dll + 2006-02-28 12:00 . 2008-04-14 04:42 20480 c:\windows\system32\wmpcore.dll - 2006-02-28 12:00 . 2008-04-14 00:12 20480 c:\windows\system32\wmpcore.dll + 2006-02-28 12:00 . 2008-04-14 04:42 20480 c:\windows\system32\wmpcd.dll - 2006-02-28 12:00 . 2008-04-14 00:12 20480 c:\windows\system32\wmpcd.dll + 2006-02-28 12:00 . 2008-04-14 04:42 92672 c:\windows\system32\wlnotify.dll - 2006-02-28 12:00 . 2008-04-14 00:12 92672 c:\windows\system32\wlnotify.dll - 2008-04-14 00:12 . 2008-04-14 00:12 69120 c:\windows\system32\wlanapi.dll + 2010-12-17 13:23 . 2008-04-14 04:42 69120 c:\windows\system32\wlanapi.dll + 2006-02-28 12:00 . 2008-04-14 04:42 53760 c:\windows\system32\winsta.dll - 2006-02-28 12:00 . 2008-04-14 00:12 53760 c:\windows\system32\winsta.dll + 2006-02-28 12:00 . 2008-04-14 04:42 17408 c:\windows\system32\winshfhc.dll - 2006-02-28 12:00 . 2008-04-14 00:12 17408 c:\windows\system32\winshfhc.dll + 2006-02-28 12:00 . 2008-04-14 04:42 99328 c:\windows\system32\winscard.dll - 2006-02-28 12:00 . 2008-04-14 00:12 99328 c:\windows\system32\winscard.dll - 2006-02-28 12:00 . 2008-04-14 00:12 16896 c:\windows\system32\winrnr.dll + 2006-02-28 12:00 . 2008-04-14 04:42 16896 c:\windows\system32\winrnr.dll - 2006-02-28 12:00 . 2008-04-14 00:12 32256 c:\windows\system32\winipsec.dll + 2006-02-28 12:00 . 2008-04-14 04:42 32256 c:\windows\system32\winipsec.dll - 2006-02-28 12:00 . 2008-04-14 00:12 75776 c:\windows\system32\wiascr.dll + 2006-02-28 12:00 . 2008-04-14 04:42 75776 c:\windows\system32\wiascr.dll + 2006-02-28 12:00 . 2008-04-14 04:42 65024 c:\windows\system32\wextract.exe - 2006-02-28 12:00 . 2008-04-14 00:12 65024 c:\windows\system32\wextract.exe - 2006-02-28 12:00 . 2008-04-14 00:12 68096 c:\windows\system32\webclnt.dll + 2006-02-28 12:00 . 2008-04-14 04:42 68096 c:\windows\system32\webclnt.dll - 2004-08-04 00:56 . 2008-04-14 00:12 23552 c:\windows\system32\wdmaud.drv + 2004-08-04 00:56 . 2008-04-14 04:42 23552 c:\windows\system32\wdmaud.drv + 2010-04-15 23:21 . 2008-04-14 04:42 95232 c:\windows\system32\wbem\wmiutils.dll - 2010-04-15 23:21 . 2008-04-14 00:12 95232 c:\windows\system32\wbem\wmiutils.dll + 2010-04-15 23:21 . 2008-04-14 04:42 41472 c:\windows\system32\wbem\wmipsess.dll - 2010-04-15 23:21 . 2008-04-14 00:12 41472 c:\windows\system32\wbem\wmipsess.dll - 2010-04-15 23:21 . 2008-04-14 00:12 62464 c:\windows\system32\wbem\wmipjobj.dll + 2010-04-15 23:21 . 2008-04-14 04:42 62464 c:\windows\system32\wbem\wmipjobj.dll - 2010-04-15 23:21 . 2008-04-14 00:12 61952 c:\windows\system32\wbem\wmipiprt.dll + 2010-04-15 23:21 . 2008-04-14 04:42 61952 c:\windows\system32\wbem\wmipiprt.dll + 2010-04-15 23:21 . 2008-04-14 04:42 60928 c:\windows\system32\wbem\wmicookr.dll - 2010-04-15 23:21 . 2008-04-14 00:12 60928 c:\windows\system32\wbem\wmicookr.dll - 2010-04-15 23:21 . 2008-04-14 00:12 88576 c:\windows\system32\wbem\wmiaprpl.dll + 2010-04-15 23:21 . 2008-04-14 04:42 88576 c:\windows\system32\wbem\wmiaprpl.dll + 2010-04-15 23:21 . 2008-04-14 04:42 43520 c:\windows\system32\wbem\wbemsvc.dll - 2010-04-15 23:21 . 2008-04-14 00:12 43520 c:\windows\system32\wbem\wbemsvc.dll - 2010-04-15 23:21 . 2008-04-14 00:12 18944 c:\windows\system32\wbem\wbemprox.dll + 2010-04-15 23:21 . 2008-04-14 04:42 18944 c:\windows\system32\wbem\wbemprox.dll + 2006-02-28 12:00 . 2008-04-14 04:42 43008 c:\windows\system32\wbem\wbemperf.dll - 2006-02-28 12:00 . 2008-04-14 00:12 43008 c:\windows\system32\wbem\wbemperf.dll - 2010-04-15 23:21 . 2008-04-14 00:12 71680 c:\windows\system32\wbem\wbemcons.dll + 2010-04-15 23:21 . 2008-04-14 04:42 71680 c:\windows\system32\wbem\wbemcons.dll + 2010-04-15 23:21 . 2008-04-14 04:42 86528 c:\windows\system32\wbem\stdprov.dll - 2010-04-15 23:21 . 2008-04-14 00:12 86528 c:\windows\system32\wbem\stdprov.dll + 2010-04-15 23:21 . 2008-04-14 04:42 36352 c:\windows\system32\wbem\scrcons.exe - 2010-04-15 23:21 . 2008-04-14 00:12 36352 c:\windows\system32\wbem\scrcons.exe + 2010-04-15 23:21 . 2008-04-14 04:42 92672 c:\windows\system32\wbem\policman.dll - 2010-04-15 23:21 . 2008-04-14 00:12 92672 c:\windows\system32\wbem\policman.dll - 2010-04-15 23:21 . 2008-04-14 00:12 47104 c:\windows\system32\wbem\ncprov.dll + 2010-04-15 23:21 . 2008-04-14 04:42 47104 c:\windows\system32\wbem\ncprov.dll - 2010-04-15 23:21 . 2008-04-14 00:12 16384 c:\windows\system32\wbem\mofcomp.exe + 2010-04-15 23:21 . 2008-04-14 04:42 16384 c:\windows\system32\wbem\mofcomp.exe + 2010-04-15 23:21 . 2008-04-14 04:41 24576 c:\windows\system32\wbem\krnlprov.dll - 2010-04-15 23:21 . 2008-04-14 00:11 24576 c:\windows\system32\wbem\krnlprov.dll + 2006-02-28 12:00 . 2008-04-14 04:41 21504 c:\windows\system32\wbem\evntrprv.dll - 2006-02-28 12:00 . 2008-04-14 00:11 21504 c:\windows\system32\wbem\evntrprv.dll + 2006-02-28 12:00 . 2008-04-14 04:41 45056 c:\windows\system32\wbem\cmdevtgprov.dll - 2006-02-28 12:00 . 2008-04-14 00:11 45056 c:\windows\system32\wbem\cmdevtgprov.dll + 2006-02-28 12:00 . 2008-04-13 23:15 17664 c:\windows\system32\watchdog.sys - 2006-02-28 12:00 . 2008-04-13 18:44 17664 c:\windows\system32\watchdog.sys + 2006-02-28 12:00 . 2008-04-14 04:42 15872 c:\windows\system32\w3ssl.dll - 2006-02-28 12:00 . 2008-04-14 00:12 15872 c:\windows\system32\w3ssl.dll - 2006-02-28 12:00 . 2008-04-14 00:12 18944 c:\windows\system32\version.dll + 2006-02-28 12:00 . 2008-04-14 04:42 18944 c:\windows\system32\version.dll - 2006-02-28 12:00 . 2008-04-14 00:12 26624 c:\windows\system32\verifier.dll + 2006-02-28 12:00 . 2008-04-14 04:42 26624 c:\windows\system32\verifier.dll - 2008-04-14 00:12 . 2008-04-14 00:12 28672 c:\windows\system32\verclsid.exe + 2010-12-17 13:23 . 2008-04-14 04:42 28672 c:\windows\system32\verclsid.exe - 2006-02-28 12:00 . 2008-04-14 00:12 51712 c:\windows\system32\vdmredir.dll + 2006-02-28 12:00 . 2008-04-14 04:42 51712 c:\windows\system32\vdmredir.dll + 2006-02-28 12:00 . 2008-04-14 04:42 26112 c:\windows\system32\vdmdbg.dll - 2006-02-28 12:00 . 2008-04-14 00:12 26112 c:\windows\system32\vdmdbg.dll - 1999-11-24 16:40 . 1999-11-24 16:40 40960 c:\windows\system32\VBAME.DLL + 1999-11-24 17:40 . 1999-11-24 17:40 40960 c:\windows\system32\VBAME.DLL - 2006-02-28 12:00 . 2008-04-14 00:12 30749 c:\windows\system32\vbajet32.dll + 2006-02-28 12:00 . 2008-04-14 04:42 30749 c:\windows\system32\vbajet32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 50176 c:\windows\system32\utilman.exe + 2006-02-28 12:00 . 2008-04-14 04:42 50176 c:\windows\system32\utilman.exe + 2006-02-28 12:00 . 2008-04-14 04:41 19968 c:\windows\system32\usmt\log.dll - 2006-02-28 12:00 . 2008-04-14 00:11 19968 c:\windows\system32\usmt\log.dll + 2010-12-17 13:23 . 2008-04-13 21:14 17920 c:\windows\system32\usmt\cobramsg.dll - 2008-04-13 16:44 . 2008-04-13 16:44 17920 c:\windows\system32\usmt\cobramsg.dll - 2006-02-28 12:00 . 2008-04-14 00:12 26112 c:\windows\system32\userinit.exe + 2010-07-21 06:59 . 2008-04-14 04:42 26112 c:\windows\system32\userinit.exe + 2010-04-15 16:13 . 2008-04-14 04:42 74240 c:\windows\system32\usbui.dll - 2010-04-15 16:13 . 2008-04-14 00:12 74240 c:\windows\system32\usbui.dll - 2006-02-28 12:00 . 2008-04-14 00:12 16896 c:\windows\system32\usbmon.dll + 2006-02-28 12:00 . 2008-04-14 04:42 16896 c:\windows\system32\usbmon.dll + 2006-02-28 12:00 . 2008-04-14 04:42 18432 c:\windows\system32\ups.exe - 2006-02-28 12:00 . 2008-04-14 00:12 18432 c:\windows\system32\ups.exe - 2006-02-28 12:00 . 2008-04-14 00:12 16896 c:\windows\system32\upnpcont.exe + 2006-02-28 12:00 . 2008-04-14 04:42 16896 c:\windows\system32\upnpcont.exe - 2006-02-28 12:00 . 2008-04-14 00:12 13824 c:\windows\system32\uniplat.dll + 2006-02-28 12:00 . 2008-04-14 04:42 13824 c:\windows\system32\uniplat.dll + 2006-02-28 12:00 . 2008-04-14 04:42 74240 c:\windows\system32\unimdmat.dll - 2006-02-28 12:00 . 2008-04-14 00:12 74240 c:\windows\system32\unimdmat.dll + 2006-02-28 12:00 . 2008-04-14 04:42 35840 c:\windows\system32\umandlg.dll - 2006-02-28 12:00 . 2008-04-14 00:12 35840 c:\windows\system32\umandlg.dll - 2006-02-28 12:00 . 2008-04-14 00:12 26624 c:\windows\system32\udhisapi.dll + 2006-02-28 12:00 . 2008-04-14 04:42 26624 c:\windows\system32\udhisapi.dll + 2010-07-20 14:54 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe - 2010-07-20 14:54 . 2010-06-21 14:46 46080 c:\windows\system32\tzchange.exe + 2006-02-28 12:00 . 2008-04-14 04:42 57856 c:\windows\system32\twext.dll - 2006-02-28 12:00 . 2008-04-14 00:12 57856 c:\windows\system32\twext.dll + 2010-12-17 13:23 . 2008-04-14 04:42 50688 c:\windows\system32\tspkg.dll - 2008-04-14 00:12 . 2008-04-14 00:12 50688 c:\windows\system32\tspkg.dll + 2010-12-17 13:23 . 2008-04-14 04:42 53248 c:\windows\system32\tsgqec.dll - 2008-04-14 00:12 . 2008-04-14 00:12 53248 c:\windows\system32\tsgqec.dll + 2006-02-28 12:00 . 2008-04-14 04:43 12168 c:\windows\system32\tsddd.dll - 2006-02-28 12:00 . 2008-04-14 00:13 12168 c:\windows\system32\tsddd.dll - 2010-04-15 23:21 . 2008-04-14 00:12 93696 c:\windows\system32\tscfgwmi.dll + 2010-04-15 23:21 . 2008-04-14 04:42 93696 c:\windows\system32\tscfgwmi.dll - 2006-02-28 12:00 . 2008-04-14 00:12 90112 c:\windows\system32\trkwks.dll + 2006-02-28 12:00 . 2008-04-14 04:42 90112 c:\windows\system32\trkwks.dll - 2006-02-28 12:00 . 2008-04-14 00:12 12800 c:\windows\system32\tree.com + 2006-02-28 12:00 . 2008-04-14 04:42 12800 c:\windows\system32\tree.com + 2002-03-20 20:00 . 2002-03-20 20:00 49152 c:\windows\system32\TransportUSB.dll + 2002-03-20 20:00 . 2002-03-20 20:00 49152 c:\windows\system32\TransportSerial.dll + 2002-03-20 20:00 . 2002-03-20 20:00 49152 c:\windows\system32\TransportIrDA.dll + 2002-03-20 20:00 . 2002-03-20 20:00 49152 c:\windows\system32\TransportIrCOMM.dll - 2006-02-28 12:00 . 2008-04-14 00:12 12288 c:\windows\system32\tracert.exe + 2006-02-28 12:00 . 2008-04-14 04:42 12288 c:\windows\system32\tracert.exe - 2006-02-28 12:00 . 2008-04-14 00:12 73216 c:\windows\system32\tlntsvr.exe + 2006-02-28 12:00 . 2008-04-14 04:42 73216 c:\windows\system32\tlntsvr.exe + 2006-02-28 12:00 . 2008-04-14 04:42 61440 c:\windows\system32\tlntadmn.exe - 2006-02-28 12:00 . 2008-04-14 00:12 61440 c:\windows\system32\tlntadmn.exe + 2010-07-21 06:59 . 2008-04-14 04:42 45568 c:\windows\system32\tcpmonui.dll - 2006-02-28 12:00 . 2008-04-14 00:12 45568 c:\windows\system32\tcpmonui.dll + 2006-02-28 12:00 . 2008-04-14 04:42 45568 c:\windows\system32\tcpmon.dll - 2006-02-28 12:00 . 2008-04-14 00:12 45568 c:\windows\system32\tcpmon.dll + 2006-02-28 12:00 . 2008-04-14 04:42 14848 c:\windows\system32\tcpmib.dll - 2006-02-28 12:00 . 2008-04-14 00:12 14848 c:\windows\system32\tcpmib.dll + 2006-02-28 12:00 . 2008-04-14 04:42 77824 c:\windows\system32\tasklist.exe - 2006-02-28 12:00 . 2008-04-14 00:12 77824 c:\windows\system32\tasklist.exe - 2006-02-28 12:00 . 2008-04-14 00:12 76288 c:\windows\system32\taskkill.exe + 2006-02-28 12:00 . 2008-04-14 04:42 76288 c:\windows\system32\taskkill.exe - 2006-02-28 12:00 . 2008-04-14 00:12 71680 c:\windows\system32\systeminfo.exe + 2006-02-28 12:00 . 2008-04-14 04:42 71680 c:\windows\system32\systeminfo.exe - 2006-02-28 12:00 . 2008-04-14 00:12 57856 c:\windows\system32\synceng.dll + 2006-02-28 12:00 . 2008-04-14 04:42 57856 c:\windows\system32\synceng.dll - 2006-02-28 12:00 . 2008-04-14 00:12 14336 c:\windows\system32\svchost.exe + 2006-02-28 12:00 . 2008-04-14 04:42 14336 c:\windows\system32\svchost.exe + 2010-04-15 16:12 . 2008-04-14 04:42 74752 c:\windows\system32\storprop.dll - 2010-04-15 16:12 . 2008-04-14 00:12 74752 c:\windows\system32\storprop.dll - 2006-02-28 12:00 . 2008-04-14 00:12 14848 c:\windows\system32\stimon.exe + 2006-02-28 12:00 . 2008-04-14 04:42 14848 c:\windows\system32\stimon.exe - 2006-02-28 12:00 . 2008-04-14 00:12 68096 c:\windows\system32\sti.dll + 2006-02-28 12:00 . 2008-04-14 04:42 68096 c:\windows\system32\sti.dll - 2010-04-15 23:21 . 2008-04-14 00:12 59392 c:\windows\system32\stclient.dll + 2010-04-15 23:21 . 2008-04-14 04:42 59392 c:\windows\system32\stclient.dll - 2006-02-28 12:00 . 2008-04-14 00:12 14336 c:\windows\system32\ssstars.scr + 2006-02-28 12:00 . 2008-04-14 04:42 14336 c:\windows\system32\ssstars.scr - 2006-02-28 12:00 . 2008-04-14 00:12 18944 c:\windows\system32\ssmyst.scr + 2006-02-28 12:00 . 2008-04-14 04:42 18944 c:\windows\system32\ssmyst.scr + 2006-02-28 12:00 . 2008-04-14 04:42 47104 c:\windows\system32\ssmypics.scr - 2006-02-28 12:00 . 2008-04-14 00:12 47104 c:\windows\system32\ssmypics.scr + 2006-02-28 12:00 . 2008-04-14 04:42 20992 c:\windows\system32\ssmarque.scr - 2006-02-28 12:00 . 2008-04-14 00:12 20992 c:\windows\system32\ssmarque.scr - 2006-02-28 12:00 . 2008-04-14 00:12 71680 c:\windows\system32\ssdpsrv.dll + 2006-02-28 12:00 . 2008-04-14 04:42 71680 c:\windows\system32\ssdpsrv.dll - 2006-02-28 12:00 . 2008-04-14 00:12 34816 c:\windows\system32\ssdpapi.dll + 2006-02-28 12:00 . 2008-04-14 04:42 34816 c:\windows\system32\ssdpapi.dll - 2006-02-28 12:00 . 2008-04-14 00:12 19968 c:\windows\system32\ssbezier.scr + 2006-02-28 12:00 . 2008-04-14 04:42 19968 c:\windows\system32\ssbezier.scr + 2010-07-21 06:59 . 2010-08-27 05:57 99840 c:\windows\system32\srvsvc.dll - 2006-02-28 12:00 . 2010-08-27 05:57 99840 c:\windows\system32\srvsvc.dll + 2010-04-15 23:22 . 2008-04-14 04:42 67584 c:\windows\system32\srclient.dll - 2010-04-15 23:22 . 2008-04-14 00:12 67584 c:\windows\system32\srclient.dll - 2008-04-14 00:12 . 2008-04-14 00:12 20992 c:\windows\system32\spupdwxp.exe + 2008-04-14 04:42 . 2008-04-14 04:42 20992 c:\windows\system32\spupdwxp.exe + 2010-07-20 14:47 . 2009-01-07 17:21 26144 c:\windows\system32\spupdsvc.exe - 2010-07-20 14:47 . 2009-01-07 16:21 26144 c:\windows\system32\spupdsvc.exe + 2006-02-28 12:00 . 2008-04-14 04:42 75264 c:\windows\system32\spoolss.dll - 2006-02-28 12:00 . 2008-04-14 00:12 75264 c:\windows\system32\spoolss.dll + 2010-07-22 13:32 . 2007-04-09 12:23 28552 c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll - 2010-07-22 13:32 . 2007-04-09 11:23 28552 c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll - 2010-07-22 13:32 . 2007-04-09 11:23 46472 c:\windows\system32\spool\drivers\w32x86\mdiui.dll + 2010-11-26 11:12 . 2007-04-09 12:23 46472 c:\windows\system32\spool\drivers\w32x86\mdiui.dll + 2010-11-26 11:12 . 2007-04-09 12:23 46472 c:\windows\system32\spool\drivers\w32x86\3\mdiui.dll - 2010-07-22 13:32 . 2007-04-09 11:23 46472 c:\windows\system32\spool\drivers\w32x86\3\mdiui.dll + 2006-02-28 12:00 . 2008-04-14 04:42 11264 c:\windows\system32\spnpinst.exe - 2006-02-28 12:00 . 2008-04-14 03:42 11264 c:\windows\system32\spnpinst.exe + 2010-10-15 15:12 . 2009-01-07 17:20 16928 c:\windows\system32\spmsg.dll - 2010-10-15 15:12 . 2009-01-07 16:20 16928 c:\windows\system32\spmsg.dll - 2006-02-28 12:00 . 2008-04-13 18:43 12800 c:\windows\system32\spiisupd.exe + 2006-02-28 12:00 . 2008-04-13 23:13 12800 c:\windows\system32\spiisupd.exe + 2006-02-28 12:00 . 2008-04-14 04:42 24576 c:\windows\system32\sort.exe - 2006-02-28 12:00 . 2008-04-14 00:12 24576 c:\windows\system32\sort.exe + 2006-02-28 12:00 . 2008-04-14 04:42 18944 c:\windows\system32\snmpapi.dll - 2006-02-28 12:00 . 2008-04-14 00:12 18944 c:\windows\system32\snmpapi.dll + 2010-07-21 06:59 . 2008-04-14 04:42 50688 c:\windows\system32\smss.exe - 2006-02-28 12:00 . 2008-04-14 00:12 50688 c:\windows\system32\smss.exe + 2006-02-28 12:00 . 2008-04-14 04:42 89600 c:\windows\system32\smlogsvc.exe - 2006-02-28 12:00 . 2008-04-14 00:12 89600 c:\windows\system32\smlogsvc.exe - 2008-04-14 00:12 . 2008-04-14 00:12 73796 c:\windows\system32\slserv.exe + 2010-12-17 13:23 . 2008-04-14 04:42 73796 c:\windows\system32\slserv.exe - 2008-04-14 00:12 . 2008-04-14 00:12 32866 c:\windows\system32\slrundll.exe + 2010-12-17 13:23 . 2008-04-14 04:42 32866 c:\windows\system32\slrundll.exe + 2010-12-17 13:23 . 2008-04-14 04:42 73832 c:\windows\system32\slcoinst.dll - 2008-04-14 00:12 . 2008-04-14 00:12 73832 c:\windows\system32\slcoinst.dll + 2006-02-28 12:00 . 2008-04-14 04:42 98304 c:\windows\system32\slbiop.dll - 2006-02-28 12:00 . 2008-04-14 00:12 98304 c:\windows\system32\slbiop.dll + 2006-02-28 12:00 . 2008-04-14 04:42 25088 c:\windows\system32\slayerxp.dll - 2006-02-28 12:00 . 2008-04-14 00:12 25088 c:\windows\system32\slayerxp.dll + 2006-02-28 12:00 . 2008-04-14 04:42 26112 c:\windows\system32\skeys.exe - 2006-02-28 12:00 . 2008-04-14 00:12 26112 c:\windows\system32\skeys.exe - 2006-02-28 12:00 . 2008-04-14 00:12 70144 c:\windows\system32\sigverif.exe + 2006-02-28 12:00 . 2008-04-14 04:42 70144 c:\windows\system32\sigverif.exe - 2006-02-28 12:00 . 2008-04-14 00:12 13312 c:\windows\system32\sigtab.dll + 2006-02-28 12:00 . 2008-04-14 04:42 13312 c:\windows\system32\sigtab.dll + 2006-02-28 12:00 . 2008-04-14 04:42 19456 c:\windows\system32\shutdown.exe - 2006-02-28 12:00 . 2008-04-14 00:12 19456 c:\windows\system32\shutdown.exe + 2006-02-28 12:00 . 2008-04-14 04:42 27648 c:\windows\system32\shscrap.dll - 2006-02-28 12:00 . 2008-04-14 00:12 27648 c:\windows\system32\shscrap.dll + 2006-02-28 12:00 . 2008-04-14 04:42 77824 c:\windows\system32\shrpubw.exe - 2006-02-28 12:00 . 2008-04-14 00:12 77824 c:\windows\system32\shrpubw.exe + 2006-02-28 12:00 . 2008-04-14 04:42 45056 c:\windows\system32\shmgrate.exe - 2006-02-28 12:00 . 2008-04-14 00:12 45056 c:\windows\system32\shmgrate.exe - 2006-02-28 12:00 . 2008-04-14 00:12 65024 c:\windows\system32\shimeng.dll + 2006-02-28 12:00 . 2008-04-14 04:42 65024 c:\windows\system32\shimeng.dll - 2006-02-28 12:00 . 2008-04-14 00:12 68096 c:\windows\system32\shgina.dll + 2006-02-28 12:00 . 2008-04-14 04:42 68096 c:\windows\system32\shgina.dll - 2006-02-28 12:00 . 2008-04-14 00:12 25088 c:\windows\system32\shfolder.dll + 2006-02-28 12:00 . 2008-04-14 04:42 25088 c:\windows\system32\shfolder.dll - 2008-04-14 00:12 . 2008-04-14 00:12 32768 c:\windows\system32\setupn.exe + 2010-12-17 13:23 . 2008-04-14 04:42 32768 c:\windows\system32\setupn.exe - 2006-02-28 12:00 . 2008-04-14 00:12 33792 c:\windows\system32\Setup\tabletoc.dll + 2006-02-28 12:00 . 2008-04-14 04:42 33792 c:\windows\system32\Setup\tabletoc.dll - 2006-02-28 12:00 . 2008-04-14 00:12 17408 c:\windows\system32\Setup\ocmsn.dll + 2006-02-28 12:00 . 2008-04-14 04:42 17408 c:\windows\system32\Setup\ocmsn.dll + 2006-02-28 12:00 . 2008-04-14 04:42 15360 c:\windows\system32\Setup\ocgen.dll - 2006-02-28 12:00 . 2008-04-14 00:12 15360 c:\windows\system32\Setup\ocgen.dll + 2006-02-28 12:00 . 2008-04-14 04:42 62976 c:\windows\system32\Setup\ntoc.dll - 2006-02-28 12:00 . 2008-04-14 00:12 62976 c:\windows\system32\Setup\ntoc.dll + 2006-02-28 12:00 . 2008-04-14 04:42 77312 c:\windows\system32\Setup\netoc.dll - 2006-02-28 12:00 . 2008-04-14 00:12 77312 c:\windows\system32\Setup\netoc.dll + 2006-02-28 12:00 . 2008-04-14 04:42 15360 c:\windows\system32\Setup\msgrocm.dll - 2006-02-28 12:00 . 2008-04-14 00:11 15360 c:\windows\system32\Setup\msgrocm.dll + 2006-02-28 12:00 . 2008-04-14 04:42 90112 c:\windows\system32\Setup\msdtcstp.dll - 2006-02-28 12:00 . 2008-04-14 00:11 90112 c:\windows\system32\Setup\msdtcstp.dll + 2006-02-28 12:00 . 2008-04-14 04:41 16896 c:\windows\system32\Setup\medctroc.dll - 2006-02-28 12:00 . 2008-04-14 00:11 16896 c:\windows\system32\Setup\medctroc.dll + 2006-02-28 12:00 . 2008-04-14 04:41 32828 c:\windows\system32\Setup\fp40ext.dll - 2006-02-28 12:00 . 2008-04-14 00:11 32828 c:\windows\system32\Setup\fp40ext.dll - 2006-02-28 12:00 . 2008-04-14 00:12 23040 c:\windows\system32\setup.exe + 2006-02-28 12:00 . 2008-04-14 04:42 23040 c:\windows\system32\setup.exe - 2006-02-28 12:00 . 2008-04-14 00:12 31232 c:\windows\system32\sethc.exe + 2006-02-28 12:00 . 2008-04-14 04:42 31232 c:\windows\system32\sethc.exe - 2010-04-15 23:21 . 2008-04-14 00:12 56320 c:\windows\system32\servdeps.dll + 2010-04-15 23:21 . 2008-04-14 04:42 56320 c:\windows\system32\servdeps.dll - 2006-02-28 12:00 . 2008-04-14 00:12 39424 c:\windows\system32\sens.dll + 2006-02-28 12:00 . 2008-04-14 04:42 39424 c:\windows\system32\sens.dll + 2006-02-28 12:00 . 2008-04-14 04:42 54784 c:\windows\system32\sendmail.dll - 2006-02-28 12:00 . 2008-04-14 00:12 54784 c:\windows\system32\sendmail.dll + 2006-02-28 12:00 . 2008-04-14 04:42 29184 c:\windows\system32\sendcmsg.dll - 2006-02-28 12:00 . 2008-04-14 00:12 29184 c:\windows\system32\sendcmsg.dll - 2006-02-28 12:00 . 2008-04-14 00:12 18944 c:\windows\system32\seclogon.dll + 2006-02-28 12:00 . 2008-04-14 04:42 18944 c:\windows\system32\seclogon.dll - 2006-02-28 12:00 . 2008-04-14 00:12 18944 c:\windows\system32\secedit.exe + 2006-02-28 12:00 . 2008-04-14 04:42 18944 c:\windows\system32\secedit.exe + 2006-02-28 12:00 . 2008-04-14 04:42 29184 c:\windows\system32\sdhcinst.dll - 2006-02-28 12:00 . 2008-04-14 00:12 29184 c:\windows\system32\sdhcinst.dll - 2006-02-28 12:00 . 2008-04-14 00:12 77312 c:\windows\system32\sdbinst.exe + 2006-02-28 12:00 . 2008-04-14 04:42 77312 c:\windows\system32\sdbinst.exe + 1998-03-24 20:54 . 1998-03-24 20:54 15872 c:\windows\system32\SCP32.DLL - 1998-03-24 19:54 . 1998-03-24 19:54 15872 c:\windows\system32\SCP32.DLL + 2006-02-28 12:00 . 2008-04-14 04:42 20480 c:\windows\system32\sclgntfy.dll - 2006-02-28 12:00 . 2008-04-14 00:12 20480 c:\windows\system32\sclgntfy.dll - 2006-02-28 12:00 . 2008-04-14 00:12 95744 c:\windows\system32\scardsvr.exe + 2010-07-21 06:59 . 2008-04-14 04:42 95744 c:\windows\system32\scardsvr.exe - 2006-02-28 12:00 . 2008-04-14 00:12 69632 c:\windows\system32\scarddlg.dll + 2006-02-28 12:00 . 2008-04-14 04:42 69632 c:\windows\system32\scarddlg.dll + 2010-07-21 06:59 . 2008-04-14 04:42 13312 c:\windows\system32\savedump.exe - 2006-02-28 12:00 . 2008-04-14 00:12 13312 c:\windows\system32\savedump.exe - 2006-02-28 12:00 . 2008-04-14 00:12 64000 c:\windows\system32\samlib.dll + 2010-07-21 06:59 . 2008-04-14 04:42 64000 c:\windows\system32\samlib.dll - 2010-04-15 23:23 . 2008-04-14 00:12 45568 c:\windows\system32\safrslv.dll + 2010-04-15 23:23 . 2008-04-14 04:42 45568 c:\windows\system32\safrslv.dll - 2010-04-15 23:23 . 2008-04-14 00:12 29696 c:\windows\system32\safrdm.dll + 2010-04-15 23:23 . 2008-04-14 04:42 29696 c:\windows\system32\safrdm.dll - 2010-04-15 23:23 . 2008-04-14 00:12 43520 c:\windows\system32\safrcdlg.dll + 2010-04-15 23:23 . 2008-04-14 04:42 43520 c:\windows\system32\safrcdlg.dll + 2006-02-28 12:00 . 2008-04-14 04:42 14336 c:\windows\system32\runonce.exe - 2006-02-28 12:00 . 2008-04-14 00:12 14336 c:\windows\system32\runonce.exe - 2006-02-28 12:00 . 2008-04-14 00:12 33280 c:\windows\system32\rundll32.exe + 2006-02-28 12:00 . 2008-04-14 04:42 33280 c:\windows\system32\rundll32.exe - 2006-02-28 12:00 . 2008-04-14 00:12 44032 c:\windows\system32\rtutils.dll + 2006-02-28 12:00 . 2008-04-14 04:42 44032 c:\windows\system32\rtutils.dll - 2006-02-28 12:00 . 2008-04-14 00:12 31744 c:\windows\system32\rtipxmib.dll + 2006-02-28 12:00 . 2008-04-14 04:42 31744 c:\windows\system32\rtipxmib.dll - 2006-02-28 12:00 . 2008-04-14 00:12 77312 c:\windows\system32\rtcshare.exe + 2006-02-28 12:00 . 2008-04-14 04:42 77312 c:\windows\system32\rtcshare.exe + 2006-02-28 12:00 . 2008-04-14 04:42 92672 c:\windows\system32\rsvpsp.dll - 2006-02-28 12:00 . 2008-04-14 00:12 92672 c:\windows\system32\rsvpsp.dll + 2006-02-28 12:00 . 2008-04-14 04:42 18944 c:\windows\system32\rsmps.dll - 2006-02-28 12:00 . 2008-04-14 00:12 18944 c:\windows\system32\rsmps.dll + 2010-07-21 06:59 . 2008-04-14 04:42 39936 c:\windows\system32\rshx32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 39936 c:\windows\system32\rshx32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 14848 c:\windows\system32\rsh.exe + 2006-02-28 12:00 . 2008-04-14 04:42 14848 c:\windows\system32\rsh.exe + 2006-02-28 12:00 . 2008-04-14 04:42 13824 c:\windows\system32\rexec.exe - 2006-02-28 12:00 . 2008-04-14 00:12 13824 c:\windows\system32\rexec.exe - 2006-02-28 12:00 . 2008-04-14 00:12 58880 c:\windows\system32\resutils.dll + 2006-02-28 12:00 . 2008-04-14 04:42 58880 c:\windows\system32\resutils.dll + 2010-04-15 23:21 . 2008-04-14 04:42 60416 c:\windows\system32\remotepg.dll - 2010-04-15 23:21 . 2008-04-14 00:12 60416 c:\windows\system32\remotepg.dll + 2010-12-17 13:19 . 2006-02-28 12:00 35328 c:\windows\system32\ReinstallBackups\0005\DriverFiles\i386\processr.sys + 2010-12-15 09:41 . 2001-11-09 15:01 24064 c:\windows\system32\ReinstallBackups\0004\DriverFiles\B107327\ativcoxx.dll + 2010-12-15 09:41 . 2010-10-27 02:20 17408 c:\windows\system32\ReinstallBackups\0004\DriverFiles\B107327\atitvo32.dll + 2010-12-15 09:41 . 2009-06-22 15:34 45056 c:\windows\system32\ReinstallBackups\0004\DriverFiles\B107327\ATIODCLI.exe + 2010-12-15 09:41 . 2010-10-27 02:20 64512 c:\windows\system32\ReinstallBackups\0004\DriverFiles\B107327\atimpc32.dll + 2010-12-15 09:41 . 2010-10-27 02:27 53248 c:\windows\system32\ReinstallBackups\0004\DriverFiles\B107327\ATIDDC.DLL + 2010-12-15 09:41 . 2010-10-27 03:10 57344 c:\windows\system32\ReinstallBackups\0004\DriverFiles\B107327\aticalrt.dll + 2010-12-15 09:41 . 2010-10-27 03:10 53248 c:\windows\system32\ReinstallBackups\0004\DriverFiles\B107327\aticalcl.dll + 2010-12-15 09:41 . 2010-10-27 02:30 26112 c:\windows\system32\ReinstallBackups\0004\DriverFiles\B107327\Ati2mdxx.exe + 2010-12-15 09:41 . 2010-10-27 02:19 53248 c:\windows\system32\ReinstallBackups\0004\DriverFiles\B107327\ati2erec.dll + 2010-12-15 09:41 . 2010-10-27 02:30 43520 c:\windows\system32\ReinstallBackups\0004\DriverFiles\B107327\ati2edxx.dll + 2006-02-28 12:00 . 2008-04-14 04:42 11776 c:\windows\system32\regsvr32.exe - 2006-02-28 12:00 . 2008-04-14 00:12 11776 c:\windows\system32\regsvr32.exe + 2006-02-28 12:00 . 2008-04-14 04:42 59904 c:\windows\system32\regsvc.dll - 2006-02-28 12:00 . 2008-04-14 00:12 59904 c:\windows\system32\regsvc.dll - 2006-02-28 12:00 . 2008-04-14 00:12 49664 c:\windows\system32\regapi.dll + 2006-02-28 12:00 . 2008-04-14 04:42 49664 c:\windows\system32\regapi.dll - 2006-02-28 12:00 . 2008-04-14 00:12 50176 c:\windows\system32\reg.exe + 2006-02-28 12:00 . 2008-04-14 04:42 50176 c:\windows\system32\reg.exe - 2010-04-15 23:21 . 2008-04-14 00:12 67072 c:\windows\system32\rdshost.exe + 2010-04-15 23:21 . 2008-04-14 04:42 67072 c:\windows\system32\rdshost.exe - 2010-04-15 23:21 . 2008-04-14 00:12 13824 c:\windows\system32\rdsaddin.exe + 2010-04-15 23:21 . 2008-04-14 04:42 13824 c:\windows\system32\rdsaddin.exe + 2010-04-15 23:21 . 2008-04-14 04:43 87176 c:\windows\system32\rdpwsx.dll - 2010-04-15 23:21 . 2008-04-14 00:13 87176 c:\windows\system32\rdpwsx.dll - 2010-04-15 23:21 . 2008-04-14 00:12 19968 c:\windows\system32\rdpsnd.dll + 2010-04-15 23:21 . 2008-04-14 04:42 19968 c:\windows\system32\rdpsnd.dll - 2006-02-28 12:00 . 2008-04-14 00:13 92424 c:\windows\system32\rdpdd.dll + 2006-02-28 12:00 . 2008-04-14 04:43 92424 c:\windows\system32\rdpdd.dll + 2010-04-15 23:21 . 2008-04-14 04:42 62976 c:\windows\system32\rdpclip.exe - 2010-04-15 23:21 . 2008-04-14 00:12 62976 c:\windows\system32\rdpclip.exe - 2006-02-28 12:00 . 2008-04-14 00:12 21504 c:\windows\system32\rcp.exe + 2006-02-28 12:00 . 2008-04-14 04:42 21504 c:\windows\system32\rcp.exe - 2006-02-28 12:00 . 2008-04-14 00:12 35840 c:\windows\system32\rcimlby.exe + 2006-02-28 12:00 . 2008-04-14 04:42 35840 c:\windows\system32\rcimlby.exe + 2010-07-21 06:59 . 2008-04-14 04:42 58368 c:\windows\system32\rastapi.dll - 2006-02-28 12:00 . 2008-04-14 00:12 58368 c:\windows\system32\rastapi.dll + 2006-02-28 12:00 . 2008-04-14 04:42 16384 c:\windows\system32\rassapi.dll - 2006-02-28 12:00 . 2008-04-14 00:12 16384 c:\windows\system32\rassapi.dll - 2008-04-14 00:12 . 2008-04-14 00:12 61952 c:\windows\system32\rasqec.dll + 2010-12-17 13:23 . 2008-04-14 04:42 61952 c:\windows\system32\rasqec.dll - 2006-02-28 12:00 . 2008-04-14 00:12 56832 c:\windows\system32\rasphone.exe + 2006-02-28 12:00 . 2008-04-14 04:42 56832 c:\windows\system32\rasphone.exe - 2006-02-28 12:00 . 2008-04-14 00:12 61440 c:\windows\system32\rasman.dll + 2010-07-21 06:59 . 2008-04-14 04:42 61440 c:\windows\system32\rasman.dll - 2006-02-28 12:00 . 2008-04-14 00:12 88576 c:\windows\system32\rasauto.dll + 2010-07-21 06:59 . 2008-04-14 04:42 88576 c:\windows\system32\rasauto.dll + 2010-04-15 23:23 . 2008-04-14 04:42 43520 c:\windows\system32\racpldlg.dll - 2010-04-15 23:23 . 2008-04-14 00:12 43520 c:\windows\system32\racpldlg.dll - 2008-04-14 00:12 . 2008-04-14 00:12 76800 c:\windows\system32\qutil.dll + 2010-12-17 13:23 . 2008-04-14 04:42 76800 c:\windows\system32\qutil.dll - 2010-04-15 23:21 . 2008-04-14 00:12 19968 c:\windows\system32\qprocess.exe + 2010-04-15 23:21 . 2008-04-14 04:42 19968 c:\windows\system32\qprocess.exe - 2010-04-15 23:23 . 2008-04-14 00:12 18944 c:\windows\system32\qmgrprxy.dll + 2010-04-15 23:23 . 2008-04-14 04:42 18944 c:\windows\system32\qmgrprxy.dll - 2008-04-14 00:12 . 2008-04-14 00:12 62464 c:\windows\system32\qcliprov.dll + 2010-12-17 13:23 . 2008-04-14 04:42 62464 c:\windows\system32\qcliprov.dll + 2009-05-11 10:42 . 2009-05-11 10:42 59888 c:\windows\system32\pxwma.dll + 2009-04-17 11:28 . 2009-04-17 11:28 68080 c:\windows\system32\pxinsa64.exe + 2009-04-17 11:28 . 2009-04-17 11:28 68080 c:\windows\system32\pxcpya64.exe - 2006-02-28 12:00 . 2008-04-14 00:12 34304 c:\windows\system32\pstorsvc.dll + 2006-02-28 12:00 . 2008-04-14 04:42 34304 c:\windows\system32\pstorsvc.dll - 2006-02-28 12:00 . 2008-04-14 00:12 43520 c:\windows\system32\pstorec.dll + 2006-02-28 12:00 . 2008-04-14 04:42 43520 c:\windows\system32\pstorec.dll + 2006-02-28 12:00 . 2008-04-14 04:42 96768 c:\windows\system32\psbase.dll - 2006-02-28 12:00 . 2008-04-14 00:12 96768 c:\windows\system32\psbase.dll - 2006-02-28 12:00 . 2008-04-14 00:12 23040 c:\windows\system32\psapi.dll + 2006-02-28 12:00 . 2008-04-14 04:42 23040 c:\windows\system32\psapi.dll - 2006-02-28 12:00 . 2008-04-14 00:12 50176 c:\windows\system32\proquota.exe + 2006-02-28 12:00 . 2008-04-14 04:42 50176 c:\windows\system32\proquota.exe - 2006-02-28 12:00 . 2008-04-14 00:12 27648 c:\windows\system32\profmap.dll + 2006-02-28 12:00 . 2008-04-14 04:42 27648 c:\windows\system32\profmap.dll - 2006-02-28 12:00 . 2008-04-14 00:12 17408 c:\windows\system32\powrprof.dll + 2006-02-28 12:00 . 2008-04-14 04:42 17408 c:\windows\system32\powrprof.dll - 2006-02-28 12:00 . 2008-04-14 00:12 49152 c:\windows\system32\powercfg.exe + 2006-02-28 12:00 . 2008-04-14 04:42 49152 c:\windows\system32\powercfg.exe - 2006-02-28 12:00 . 2008-04-14 00:12 58880 c:\windows\system32\pnrpnsp.dll + 2006-02-28 12:00 . 2008-04-14 04:42 58880 c:\windows\system32\pnrpnsp.dll + 2006-02-28 12:00 . 2009-03-08 03:31 46592 c:\windows\system32\pngfilt.dll - 2006-02-28 12:00 . 2009-03-08 02:31 46592 c:\windows\system32\pngfilt.dll + 2004-08-04 00:56 . 2008-04-14 04:42 15360 c:\windows\system32\pjlmon.dll - 2004-08-04 00:56 . 2008-04-14 00:12 15360 c:\windows\system32\pjlmon.dll + 2006-02-28 12:00 . 2008-04-14 04:42 17920 c:\windows\system32\ping.exe - 2006-02-28 12:00 . 2008-04-14 00:12 17920 c:\windows\system32\ping.exe - 2006-02-28 12:00 . 2008-04-14 00:11 24064 c:\windows\system32\pidgen.dll + 2006-02-28 12:00 . 2008-04-14 04:41 24064 c:\windows\system32\pidgen.dll - 2004-08-04 00:56 . 2008-04-14 00:12 35328 c:\windows\system32\pid.dll + 2004-08-04 00:56 . 2008-04-14 04:42 35328 c:\windows\system32\pid.dll + 2006-02-28 12:00 . 2008-04-14 04:42 34816 c:\windows\system32\perfproc.dll - 2006-02-28 12:00 . 2008-04-14 00:12 34816 c:\windows\system32\perfproc.dll + 2006-02-28 12:00 . 2008-04-14 04:42 25088 c:\windows\system32\perfos.dll - 2006-02-28 12:00 . 2008-04-14 00:12 25088 c:\windows\system32\perfos.dll - 2006-02-28 12:00 . 2008-04-14 00:12 17920 c:\windows\system32\perfnet.dll + 2006-02-28 12:00 . 2008-04-14 04:42 17920 c:\windows\system32\perfnet.dll - 2006-02-28 12:00 . 2008-04-14 00:12 15872 c:\windows\system32\perfmon.exe + 2006-02-28 12:00 . 2008-04-14 04:42 15872 c:\windows\system32\perfmon.exe + 2006-02-28 12:00 . 2008-04-14 04:42 26624 c:\windows\system32\perfdisk.dll - 2006-02-28 12:00 . 2008-04-14 00:12 26624 c:\windows\system32\perfdisk.dll - 2006-02-28 12:00 . 2008-04-14 00:12 39936 c:\windows\system32\perfctrs.dll + 2010-07-21 06:59 . 2008-04-14 04:42 39936 c:\windows\system32\perfctrs.dll + 2006-02-28 12:00 . 2010-12-18 18:41 72360 c:\windows\system32\perfc009.dat - 2006-02-28 12:00 . 2008-04-14 00:12 67584 c:\windows\system32\pautoenr.dll + 2006-02-28 12:00 . 2008-04-14 04:42 67584 c:\windows\system32\pautoenr.dll - 2006-02-28 12:00 . 2008-04-14 00:12 58368 c:\windows\system32\packager.exe + 2006-02-28 12:00 . 2008-04-14 04:42 58368 c:\windows\system32\packager.exe + 2006-02-28 12:00 . 2008-04-14 04:42 67584 c:\windows\system32\osuninst.dll - 2006-02-28 12:00 . 2008-04-14 00:12 67584 c:\windows\system32\osuninst.dll + 2006-02-28 12:00 . 2008-04-14 04:42 67584 c:\windows\system32\openfiles.exe - 2006-02-28 12:00 . 2008-04-14 00:12 67584 c:\windows\system32\openfiles.exe + 2010-04-15 23:23 . 2008-04-14 04:42 51200 c:\windows\system32\oobe\oobebaln.exe - 2010-04-15 23:23 . 2008-04-14 00:12 51200 c:\windows\system32\oobe\oobebaln.exe - 2010-04-15 23:23 . 2008-04-14 00:12 29184 c:\windows\system32\oobe\msoobe.exe + 2010-04-15 23:23 . 2008-04-14 04:42 29184 c:\windows\system32\oobe\msoobe.exe + 2010-04-15 23:23 . 2008-04-14 04:42 19456 c:\windows\system32\oobe\msobweb.dll - 2010-04-15 23:23 . 2008-04-14 00:12 19456 c:\windows\system32\oobe\msobweb.dll - 2010-04-15 23:23 . 2008-04-14 00:12 30720 c:\windows\system32\oobe\msobshel.dll + 2010-04-15 23:23 . 2008-04-14 04:42 30720 c:\windows\system32\oobe\msobshel.dll - 2010-04-15 23:23 . 2008-04-14 00:12 16384 c:\windows\system32\oobe\msobdl.dll + 2010-04-15 23:23 . 2008-04-14 04:42 16384 c:\windows\system32\oobe\msobdl.dll - 2006-02-28 12:00 . 2008-04-14 00:12 84992 c:\windows\system32\olepro32.dll + 2006-02-28 12:00 . 2008-04-14 04:42 84992 c:\windows\system32\olepro32.dll + 2010-07-21 06:59 . 2008-04-14 04:42 37376 c:\windows\system32\olecnv32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 37376 c:\windows\system32\olecnv32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 74752 c:\windows\system32\olecli32.dll + 2006-02-28 12:00 . 2008-04-14 04:42 74752 c:\windows\system32\olecli32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 20511 c:\windows\system32\odtext32.dll + 2006-02-28 12:00 . 2008-04-14 04:42 20511 c:\windows\system32\odtext32.dll + 2006-02-28 12:00 . 2008-04-14 04:42 20510 c:\windows\system32\odpdx32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 20510 c:\windows\system32\odpdx32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 20510 c:\windows\system32\odfox32.dll + 2006-02-28 12:00 . 2008-04-14 04:42 20510 c:\windows\system32\odfox32.dll + 2006-02-28 12:00 . 2008-04-14 04:42 20510 c:\windows\system32\odexl32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 20510 c:\windows\system32\odexl32.dll + 2006-02-28 12:00 . 2008-04-14 04:42 20511 c:\windows\system32\oddbse32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 20511 c:\windows\system32\oddbse32.dll - 2006-02-28 12:00 . 2008-04-13 17:26 12288 c:\windows\system32\odbcp32r.dll + 2006-02-28 12:00 . 2008-04-13 21:56 12288 c:\windows\system32\odbcp32r.dll + 2006-02-28 12:00 . 2008-04-14 04:40 53279 c:\windows\system32\odbcji32.dll - 2006-02-28 12:00 . 2008-04-14 00:10 53279 c:\windows\system32\odbcji32.dll + 2006-02-28 12:00 . 2008-04-13 21:56 94208 c:\windows\system32\odbcint.dll - 2006-02-28 12:00 . 2008-04-13 17:26 94208 c:\windows\system32\odbcint.dll - 2006-02-28 12:00 . 2008-04-14 00:12 65536 c:\windows\system32\odbccu32.dll + 2006-02-28 12:00 . 2008-04-14 04:42 65536 c:\windows\system32\odbccu32.dll + 2006-02-28 12:00 . 2008-04-14 04:42 65536 c:\windows\system32\odbccr32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 65536 c:\windows\system32\odbccr32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 69632 c:\windows\system32\odbcconf.exe + 2006-02-28 12:00 . 2008-04-14 04:42 69632 c:\windows\system32\odbcconf.exe + 2006-02-28 12:00 . 2008-04-14 04:42 24576 c:\windows\system32\odbcbcp.dll - 2006-02-28 12:00 . 2008-04-14 00:12 24576 c:\windows\system32\odbcbcp.dll - 2006-02-28 12:00 . 2008-04-14 00:12 32768 c:\windows\system32\odbcad32.exe + 2006-02-28 12:00 . 2008-04-14 04:42 32768 c:\windows\system32\odbcad32.exe + 2006-02-28 12:00 . 2008-04-14 04:42 16384 c:\windows\system32\odbc32gt.dll - 2006-02-28 12:00 . 2008-04-14 00:12 16384 c:\windows\system32\odbc32gt.dll - 2006-02-28 12:00 . 2008-04-14 00:12 67584 c:\windows\system32\ocmanage.dll + 2006-02-28 12:00 . 2008-04-14 04:42 67584 c:\windows\system32\ocmanage.dll - 2006-02-28 12:00 . 2008-04-14 00:12 65536 c:\windows\system32\nwwks.dll + 2006-02-28 12:00 . 2008-04-14 04:42 65536 c:\windows\system32\nwwks.dll + 2006-02-28 12:00 . 2008-04-14 04:42 64000 c:\windows\system32\nwapi32.dll - 2006-02-28 12:00 . 2008-04-14 00:12 64000 c:\windows\system32\nwapi32.dll + 2006-02-28 12:00 . 2008-04-14 04:42 15360 c:\windows\system32\ntvdmd.dll - 2006-02-28 12:00 . 2008-04-14 00:12 15360 c:\windows\system32\ntvdmd.dll - 2006-02-28 12:00 . 2008-04-14 00:12 91136 c:\windows\system32\ntprint.dll + 2010-07-21 06:59 . 2008-04-14 04:42 91136 c:\windows\system32\ntprint.dll - 2006-02-28 12:00 . 2008-04-14 00:12 40960 c:\windows\system32\ntmsapi.dll + 2006-02-28 12:00 . 2008-04-14 04:42 40960 c:\windows\system32\ntmsapi.dll + 2006-02-28 12:00 . 2008-04-14 04:42 44032 c:\windows\system32\ntlanman.dll - 2006-02-28 12:00 . 2008-04-14 00:12 44032 c:\windows\system32\ntlanman.dll - 2006-02-28 12:00 . 2008-04-14 00:12 67072 c:\windows\system32\ntdsapi.dll + 2006-02-28 12:00 . 2008-04-14 04:42 67072 c:\windows\system32\ntdsapi.dll - 2006-02-28 12:00 . 2008-04-14 00:12 76800 c:\windows\system32\nslookup.exe + 2010-07-21 06:59 . 2008-04-14 04:42 76800 c:\windows\system32\nslookup.exe + 2006-02-28
  • Hoi, je log is niet compleet en wat je gepost is een waslijst geworden! Doe het volgende: open een nieuw kladblok bestand, via Start>Alle programma’s>Bureau-accessoires>Kladblok. Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster [b:aae80ba7bd][color=Blue:aae80ba7bd]KILLALL::[/color:aae80ba7bd][/b:aae80ba7bd] Sla dit kladblokbestand op je bureaublad op als [b:aae80ba7bd]CFScript.txt[/b:aae80ba7bd]. [b:aae80ba7bd][color=Red:aae80ba7bd]Nu eerst de antivirus deaktiveren![/color:aae80ba7bd][/b:aae80ba7bd] Sleep CFScript.txt in ComboFix.exe [img:aae80ba7bd]http://home.kpn.nl/~stefsmeenk/CFScript.gif[/img:aae80ba7bd] Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt. Post het Combofix log dat na het opnieuw starten wordt getoond!
  • Dit ging niet van harte (nl. in het verleden wel vaker gedaan zònder haperingen) er kwam een mededeling dat ik géén RTF moest gebruiken. Alsnog een word-bestand opgeslagen als .rtf, en toen lukte het wel: [img:26d15f9dd6]http://i51.tinypic.com/x1d06t.jpg[/img:26d15f9dd6] ComboFix 10-12-18.01 - Administrator 19-12-2010 9:35.9.3 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1033.18.3327.2719 [GMT 1:00] Gestart vanuit: c:\documents and settings\Administrator\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Administrator\Desktop\CFScript.txt.rtf AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} . (((((((((((((((((((( Bestanden Gemaakt van 2010-11-19 to 2010-12-19 )))))))))))))))))))))))))))))) . 2010-12-18 09:43 . 2010-12-18 09:43 -------- d-----w- C:\NVIDIA 2010-12-17 14:39 . 2010-12-17 14:39 -------- d-----w- c:\documents and settings\Administrator\Application Data\Easeware 2010-12-17 13:56 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll 2010-12-17 13:56 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll 2010-12-17 13:56 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll 2010-12-17 13:56 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2010-12-17 13:52 . 2009-12-09 05:53 726528 -c--a-w- c:\windows\system32\dllcache\jscript.dll 2010-12-17 13:24 . 2009-07-31 08:05 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll 2010-12-17 13:24 . 2008-04-13 21:57 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll 2010-12-17 13:21 . 2010-11-26 04:17 5555712 -c--a-w- c:\windows\system32\dllcache\ati2mtag.sys 2010-12-17 13:19 . 2006-12-28 23:31 19569 ----a-w- c:\windows\003033_.tmp 2010-12-17 08:08 . 2010-12-17 17:13 -------- d-----w- C:\Lop SD 2010-12-16 09:04 . 2010-12-16 09:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Avanquest 2010-12-16 09:04 . 2010-12-16 09:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\Avanquest 2010-12-16 08:59 . 2010-12-16 08:59 -------- d-----w- c:\documents and settings\Administrator\Application Data\Registry Mechanic 2010-12-15 11:43 . 2010-12-15 11:43 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI 2010-12-14 19:30 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2010-12-14 19:29 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2010-12-14 08:13 . 2010-12-14 08:13 -------- d-----w- c:\program files\Common Files\Skype 2010-12-14 08:11 . 2010-12-14 08:11 -------- d-----w- c:\program files\Auslogics 2010-12-13 10:59 . 2010-12-13 11:07 -------- d-----w- c:\documents and settings\Administrator\Application Data\TeamViewer 2010-12-13 10:59 . 2010-12-13 10:59 -------- d-----w- c:\program files\TeamViewer 2010-12-12 12:27 . 2010-12-12 12:27 -------- d-----w- c:\program files\ACD 2010-12-10 10:25 . 2010-12-10 10:25 -------- d-----w- c:\documents and settings\All Users\Application Data\espionServerData 2010-12-09 17:49 . 2010-12-09 17:49 -------- d-----w- c:\windows\system32\Adobe 2010-12-08 12:45 . 2001-08-17 21:36 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll 2010-12-08 12:44 . 2001-08-17 12:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys 2010-12-08 12:43 . 2001-08-17 12:51 4992 -c--a-w- c:\windows\system32\dllcache\toside.sys 2010-12-08 12:42 . 2001-08-17 21:36 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll 2010-12-08 12:41 . 2001-08-17 21:36 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll 2010-12-08 12:40 . 2001-08-17 12:51 23936 -c--a-w- c:\windows\system32\dllcache\sccmn50m.sys 2010-12-08 12:39 . 2001-08-17 12:28 899146 -c--a-w- c:\windows\system32\dllcache\r2mdkxga.sys 2010-12-08 12:38 . 2001-08-17 13:07 27296 -c--a-w- c:\windows\system32\dllcache\perc2.sys 2010-12-08 12:37 . 2001-08-17 11:50 39264 -c--a-w- c:\windows\system32\dllcache\neo20xx.sys 2010-12-08 12:36 . 2008-04-13 19:46 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys 2010-12-08 12:35 . 2001-08-17 21:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll 2010-12-08 12:34 . 2001-08-17 21:36 26624 -c--a-w- c:\windows\system32\dllcache\icam3ext.dll 2010-12-08 12:33 . 2001-08-17 21:36 93696 -c--a-w- c:\windows\system32\dllcache\hpgt42.dll 2010-12-08 12:32 . 2001-08-17 21:36 45568 -c--a-w- c:\windows\system32\dllcache\esunib.dll 2010-12-08 12:31 . 2001-08-17 21:36 6729 -c--a-w- c:\windows\system32\dllcache\disrvci.dll 2010-12-08 12:30 . 2001-08-17 11:13 164923 -c--a-w- c:\windows\system32\dllcache\diapi2.sys 2010-12-08 12:29 . 2001-08-17 13:56 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll 2010-12-08 08:40 . 2010-12-08 08:40 -------- d-----w- c:\program files\ePaperPress 2010-12-08 08:23 . 2010-12-08 08:23 -------- d-----w- c:\program files\FastStone Image Viewer 2010-12-07 18:19 . 2010-12-07 18:19 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems 2010-12-07 13:52 . 2010-12-07 13:52 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ACDSee 2010-12-02 18:38 . 2010-12-02 18:38 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Bibble Labs 2010-12-02 18:36 . 2010-12-02 18:36 -------- d-----w- c:\program files\Bibble Labs 2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr 2010-11-30 08:06 . 2009-06-25 12:20 1446264 ----a-w- c:\program files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll 2010-11-29 09:01 . 2010-11-29 09:01 -------- d-----w- c:\documents and settings\Administrator\Application Data\Kalender 2010-11-26 18:35 . 2010-11-26 18:35 73728 ----a-w- c:\windows\system32\javacpl.cpl 2010-11-26 18:35 . 2010-11-26 18:35 -------- d-----w- c:\program files\Java 2010-11-26 11:11 . 2010-11-26 12:00 -------- d-----w- c:\program files\Microsoft Works 2010-11-26 11:11 . 2010-11-26 11:11 -------- d-----w- c:\windows\SHELLNEW 2010-11-26 11:10 . 2010-11-26 11:10 -------- d-----w- c:\program files\Microsoft.NET 2010-11-26 11:08 . 2010-11-26 11:08 -------- d-----r- C:\MSOCache 2010-11-25 18:09 . 2010-11-29 12:00 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Hema Fotoalbum 2010-11-24 12:03 . 2010-11-28 12:53 -------- d-----w- c:\program files\OpenOffice.org 3 2010-11-21 09:02 . 2010-11-21 09:02 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-13 16:31 . 2010-08-25 07:08 8605 ----a-w- c:\documents and settings\Administrator\Application Data\mdb.bin 2010-11-29 16:42 . 2010-09-28 18:47 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-11-29 16:42 . 2010-09-28 18:47 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-11-26 18:35 . 2010-07-26 17:34 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-11-26 03:57 . 2010-07-21 07:45 16748544 ----a-w- c:\windows\system32\atioglxx.dll 2010-11-26 03:23 . 2010-07-21 07:45 471040 ----a-w- c:\windows\system32\atiok3x2.dll 2010-11-26 03:12 . 2010-07-21 07:45 311296 ----a-w- c:\windows\system32\atiiiexx.dll 2010-11-26 03:07 . 2010-07-21 07:45 57344 ----a-w- c:\windows\system32\aticalrt.dll 2010-11-26 03:07 . 2010-07-21 07:45 53248 ----a-w- c:\windows\system32\aticalcl.dll 2010-11-26 03:06 . 2010-07-21 07:45 4489216 ----a-w- c:\windows\system32\aticaldd.dll 2010-11-26 02:55 . 2010-07-21 07:45 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll 2010-11-26 02:39 . 2010-07-21 07:45 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2010-11-26 02:34 . 2010-07-21 07:45 212992 ----a-w- c:\windows\system32\atipdlxx.dll 2010-11-26 02:34 . 2010-07-21 07:45 155648 ----a-w- c:\windows\system32\Oemdspif.dll 2010-11-26 02:34 . 2010-07-21 07:45 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe 2010-11-26 02:34 . 2010-07-21 07:45 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2010-11-26 02:34 . 2010-07-21 07:45 159744 ----a-w- c:\windows\system32\ati2evxx.dll 2010-11-26 02:32 . 2010-07-21 07:45 614400 ----a-w- c:\windows\system32\ati2evxx.exe 2010-11-26 02:31 . 2010-07-21 07:45 53248 ----a-w- c:\windows\system32\ATIDDC.DLL 2010-11-26 02:30 . 2010-07-21 07:45 143360 ----a-w- c:\windows\system32\atiapfxx.exe 2010-11-26 02:26 . 2010-07-21 07:45 651264 ----a-w- c:\windows\system32\atikvmag.dll 2010-11-26 02:24 . 2010-07-21 07:45 196608 ----a-w- c:\windows\system32\atiadlxx.dll 2010-11-26 02:24 . 2010-07-21 07:45 17408 ----a-w- c:\windows\system32\atitvo32.dll 2010-11-26 02:16 . 2010-07-21 07:45 64512 ----a-w- c:\windows\system32\atimpc32.dll 2010-11-26 02:16 . 2010-07-21 07:45 64512 ----a-w- c:\windows\system32\amdpcom32.dll 2010-11-18 18:12 . 2010-04-15 23:22 81920 ----a-w- c:\windows\system32\isign32.dll 2010-11-10 15:08 . 2010-11-10 15:08 121080 ----a-w- c:\program files\uninst.exe 2010-11-10 15:06 . 2010-11-10 15:06 779576 ----a-w- c:\program files\df.exe 2010-11-10 15:06 . 2010-11-10 15:06 2110776 ----a-w- c:\program files\Defraggler.exe 2010-11-10 13:54 . 2010-11-10 13:54 400864 ----a-w- c:\windows\system32\drivers\timntr.sys 2010-11-10 13:54 . 2010-11-10 13:54 32768 ----a-w- c:\windows\system32\drivers\tifsfilt.sys 2010-11-10 13:54 . 2010-11-10 13:54 120992 ----a-w- c:\windows\system32\drivers\snapman.sys 2010-11-06 00:26 . 2006-02-28 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-11-06 00:26 . 2006-02-28 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2010-11-06 00:26 . 2006-02-28 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2010-11-03 12:25 . 2006-02-28 12:00 385024 ------w- c:\windows\system32\html.iec 2010-11-02 15:17 . 2010-07-21 06:59 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys 2010-10-28 13:13 . 2006-02-28 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-10-26 13:25 . 2010-07-21 06:59 1853312 ----a-w- c:\windows\system32\win32k.sys 2010-09-30 13:41 . 2010-09-30 13:41 388096 ------r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-09-30 12:01 . 2010-10-22 08:36 17712 ----a-w- c:\windows\system32\nitrolocalui.dll 2010-09-30 12:01 . 2010-10-22 08:36 26416 ----a-w- c:\windows\system32\nitrolocalmon.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2007-08-20 495616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-04-07 2145000] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-09-02 1043968] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 98304] "RTHDCPL"="RTHDCPL.EXE" [2010-03-17 19520544] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoPopUpsOnBoot"= 1 (0x1) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^HDDlife.lnk] path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\HDDlife.lnk backup=c:\windows\pss\HDDlife.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OpenOffice.org 3.2 .lnk] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service] 2007-08-30 08:44 148760 ----a-w- c:\program files\Common Files\Maxtor\Schedule2\schedhlp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare] 2010-03-04 12:31 311296 ----a-w- c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\filehippo.com] 2010-08-09 12:47 248832 ----a-w- c:\program files\filehippo.com\UpdateChecker.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadwin PrintScreen] 2007-08-20 08:42 495616 ----a-w- c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MP10_EnsureFileVer] 2007-06-26 20:10 317440 ----a-w- c:\windows\inf\unregmp2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2010-10-11 15:49 14940040 ----a-r- c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] 2010-11-25 20:32 98304 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2010-08-24 09:38 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "uvnc_service"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [30-8-2010 11:26 40560] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [7-4-2010 20:07 114984] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [7-4-2010 20:08 95872] R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [16-9-2008 11:03 169312] R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [7-4-2010 20:07 810120] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [24-8-2010 10:38 92008] R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\drivers\FLxHCIc.sys [21-7-2010 8:47 77824] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [21-7-2010 8:49 1691480] S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [10-3-2010 7:18 24216] S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [30-8-2010 12:42 16472] S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [30-8-2010 12:42 11104] S4 uvnc_service;uvnc_service;c:\documents and settings\Administrator\Local Settings\Application Data\CrossLoop\winvnc.exe [27-7-2010 9:32 1590216] . Inhoud van de 'Gedeelde Taken' map 2010-12-19 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 19:15] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 Trusted Zone: google.nl\www FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\pkqhpqx7.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Flashblock: {3d7eb24f-2740-49df-8937-200b1cc08f8a} - %profile%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-12-19 09:42 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... HKCU\Software\Microsoft\Windows\CurrentVersion\Run MailWasher = c:\progra~1\MAILWA~1\MAILWA~1.EXE? scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-1547161642-1767777339-839522115-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,11,8d,89,d2,53,08,a2,4b,b6,e3,c4,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,11,8d,89,d2,53,08,a2,4b,b6,e3,c4,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10j_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10j_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\¤–¤|ÿÿÿÿÀ•¤|ù•A~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(788) c:\windows\system32\Ati2evxx.dll c:\windows\system32\atiadlxx.dll - - - - - - - > 'explorer.exe'(1264) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\program files\Malwarebytes' Anti-Malware\mbamext.dll c:\windows\system32\Layout.dll c:\program files\ESET\ESET NOD32 Antivirus\shellExt.dll c:\program files\7-Zip\7-zip.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Common Files\Maxtor\Schedule2\schedul2.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\HPZipm12.exe c:\windows\RTHDCPL.EXE c:\progra~1\MAILWA~1\MAILWA~1.EXE c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe . ************************************************************************** . Voltooingstijd: 2010-12-19 09:46:21 - machine werd herstart ComboFix-quarantined-files.txt 2010-12-19 08:46 ComboFix2.txt 2010-12-18 18:54 Pre-Run: 221.588.467.712 bytes free Post-Run: 221.567.475.712 bytes free Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - 0637C29F523B50F3E312514FA7969FDD hoop dat het iets oplevert?
  • startte om te kijken of combofix het nu spontaan deed, en dat was zo - CF opnieuw op en zag een melding van de niet uitgeschakelde Nod32 een Eicar voorbijkomen. Ik weet dat dat een schijnvirus is, maar voor de aardigheid opende ik eens een logbestand van nod32: [img:66c708d694]http://i53.tinypic.com/2d91d92.jpg[/img:66c708d694] dat vind ik tamelijk véél!
  • Welke alarmbellen gingen rinkelen bij jouw Eset i.v.m. met die Eicartest?
  • Zojuist heb ik bij "windows" dit gepost: http://forum.computertotaal.nl/phpBB2/viewtopic.php?p=1440354#1440354 klacht is dat ik niet alleen spontane popups krijg, maar ook allerlei zaken niet kan regelen, een gedownloade exe niet kan installeren , maar ook niet vanaf een cd.bijvoorbeeld. Hierbij alvast een HJT: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:49:05, on 16-12-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Ngefaa.exe C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\PROGRA~1\MAILWA~1\MAILWA~1.EXE C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [MailWasher] C:\PROGRA~1\MAILWA~1\MAILWA~1.EXE O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.google.nl O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1286181227125 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 6690 bytes ik hoop dat er een aanwijzing te vinden is. Inmiddels wel al Ccleaner, MBAM, Advanced Systemcare gedaan. Helaas had ik geen oude systeemherstelpunten meer.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.