Vraag & Antwoord

Beveiliging & privacy

Problemen met verwijderen Ad-Aware

23 antwoorden
  • Beste deskundigen, Ik krijg met geen mogelijkheid Ad-Aware uit het register of uit mijn computer. Is het mogelijk om via een Hijack-thislog de registerwaarden of andere overblijfsels van Ad-aware te verwijderen? Zien jullie sowieso iets van Ad-Aware? Hieronder mijn log: Alvast hartelijk bedankt. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:00:35, on 17-7-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG10\avgchsvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG10\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Creative\Shared Files\CTDevSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Tablet.exe C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Program Files\AVG\AVG10\avgnsx.exe C:\PROGRA~1\AVG\AVG10\avgrsx.exe C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\ezSP_Px.exe C:\WINDOWS\system32\taskswitch.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Brownie\BrstsWnd.exe C:\Program Files\Andrea Electronics\AudioCommander\AudioCommander.exe C:\Program Files\Andrea Electronics\AudioCommander\AEFltrs.exe C:\Program Files\Andrea Electronics\VoiceCenter\AndreaVC.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe C:\Program Files\Brownie\brpjp04a.exe C:\Program Files\Creative\Software Update 3\SoftAuto.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WebNoti\WebNoti.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe Autorun O4 - HKLM\..\Run: [AudioCommander] "C:\Program Files\Andrea Electronics\AudioCommander\AudioCommander.exe" /tray O4 - HKLM\..\Run: [AEFltrs] "C:\Program Files\Andrea Electronics\AudioCommander\AEFltrs.exe" /NoDlg O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Andrea Electronics\VoiceCenter\AndreaVC.exe" /tray O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [JWOSetup] JWOSetup.exe -en O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTZDetec.exe] "C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe" O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WebNoti] C:\Program Files\WebNoti\WebNoti.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.paradigit.nl O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15031/CTSUEng.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} - http://static.slide.com/uploader/SlideImageUploader.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.com/scan8/oscan8.cab O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1124110007421 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15111/CTPID.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\WINDOWS\system32\HPZipm12.exe (file missing) O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing) O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe -- End of file - 11118 bytes
  • Hai Diana, Allereerst deze vraag: Heb je inmiddels wel geprobeerd Ad-Aware goed te verwijderen op de manier die je eerder aangereikt werd? "Hoe Ad-Aware verwijderen" [url]http://forum.computertotaal.nl/phpBB2/viewtopic.php?p=1458032#1458032[/url] Korte weergave daarvan: - herinstalleren Ad-Aware - herstarten - deïnstalleren (d.m.v. Revo Uninstaller) - eventueel resterend Ad-Aware opstart-item verwijderen d.m.v. CCleaner - register-check met CCleaner Eerder in die thread gaf je aan dat je niet zo'n zin had om Ad-Aware opnieuw te installeren om 'm daarna schoon te kunnen verwijderen. Heb je dat uiteindelijk toch nog uitgevoerd, of niet? Je hebt daar niets meer over vermeld in die thread. Zo niet, dan lijkt me dat nog steeds aan te raden. Wat betreft je bovenstaande logfile - ik herken daarin geen Ad-Aware elementen, maar ik ben geen HijackThis deskundige. Ik hoop dat een deskundige zoals Abraham die log nog even wil nakijken.
  • [quote:48076821fd="Stupendous Man"]Hai Diana, Allereerst deze vraag: Heb je inmiddels wel geprobeerd Ad-Aware goed te verwijderen op de manier die je eerder aangereikt werd? "Hoe Ad-Aware verwijderen" [url]http://forum.computertotaal.nl/phpBB2/viewtopic.php?p=1458032#1458032[/url] Korte weergave daarvan: - herinstalleren Ad-Aware - herstarten - deïnstalleren (d.m.v. Revo Uninstaller) - eventueel resterend Ad-Aware opstart-item verwijderen d.m.v. CCleaner - register-check met CCleaner Eerder in die thread gaf je aan dat je niet zo'n zin had om Ad-Aware opnieuw te installeren om 'm daarna schoon te kunnen verwijderen. Heb je dat uiteindelijk toch nog uitgevoerd, of niet? Je hebt daar niets meer over vermeld in die thread. Zo niet, dan lijkt me dat nog steeds aan te raden. Wat betreft je bovenstaande logfile - ik herken daarin geen Ad-Aware elementen, maar ik ben geen HijackThis deskundige. Ik hoop dat een deskundige zoals Abraham die log nog even wil nakijken.[/quote:48076821fd] Hoi, Ik heb Ad-Aware niet opnieuw geïnstalleerd omdat ik eerst op het forum van Ad-Aware zelf wilde vragen of zij een oplossing wisten. Daar staat ook een bericht van iemand die opnieuw geinstalleerd heeft en daarna probeerde te verwijderen, wat niet werkte. Ik ben gewoon benieuwd of in dit log iets te vinden is van Ad-aware.
  • Ah, dank je, Diana. Het in geval van een mislukte (de)installatie herinstalleren van het betreffende programma om het vervolgens op de juiste wijze te kunnen verwijderen, is een algemeen trucje. In jouw geval, waarin het programma blijkbaar onvolledig verwijderd was, en je daarna handmatig elementen hebt verwijderd, is het herinstalleren+ deïnstalleren een aanpak die zou kunnen werken. Waarom die aanpak bij diegene op het Ad-Aware forum niet werkte, daarover kan ik niets zinnigs zeggen zonder dat ik die situatie ken. Heeft diegene duidelijk aangegeven wat er in zijn/haar geval fout gegaan was en wat er daarna nog allemaal is geprobeerd? Is die situatie wel vergelijkbaar met de jouwe? Kun je eventueel een directe link geven naar dat specifieke bericht in die forum-thread? Wat ik niet goed begrijp is waarom je zo huiverig lijkt voor het uitproberen van dat herinstalleren+ deïnstalleren. Zou de deïnstallatie in jouw geval daarmee lukken, dan ben je praktisch klaar, op eventueel nog een aantal handelingen met CCleaner na. Lukt het deïnstalleren op die manier onverhoopt niet, dan ben je nog precies waar je was.
  • Hoi Diana, je hebt malware in jouw Windows! [b:b1eebe5c80]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:b1eebe5c80] [color=Blue:b1eebe5c80][list:b1eebe5c80][*:b1eebe5c80]Lees alle instrukties goed door. [*:b1eebe5c80]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat serieuze problemen in Windows veroorzaken. [*:b1eebe5c80]Onthou je van het gebruik van tools cq. updates anders dan die ik jou adviseer te gebruiken. [*:b1eebe5c80]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken. [*:b1eebe5c80]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht. [*:b1eebe5c80]De fix, eenmaal gestart, moet afgewerkt worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:b1eebe5c80][/color:b1eebe5c80] [color=#FF0000:b1eebe5c80][b:b1eebe5c80]Stap •1•[/b:b1eebe5c80][/color:b1eebe5c80] Sluit alle openstaande webvensters - behalve dit venster, dat je sluit voor het moment, dat je op de knop [b:b1eebe5c80]Fix checked[/b:b1eebe5c80] klikt! Start nu HijackThis en klik op de knop [b:b1eebe5c80]Do a Scan only, O4 - HKCU\..\Run: [WebNoti] C:\Program Files\WebNoti\WebNoti.exe[/b:b1eebe5c80] [list:b1eebe5c80][*:b1eebe5c80] zet een vinkje voor die regel(s) welke met de bovenstaande regels corresponderen [*:b1eebe5c80] Sluit nu de webbrowser en vervolgens klik je daarna op de knop [b:b1eebe5c80]Fix checked[/b:b1eebe5c80] [*:b1eebe5c80] Klik hierna HijackThis op uit.[/list:u:b1eebe5c80] [b:b1eebe5c80] Start de computer na de fix opnieuw op[/b:b1eebe5c80] [color=#FF0000:b1eebe5c80][b:b1eebe5c80]Stap •2•[/b:b1eebe5c80][/color:b1eebe5c80] [b:b1eebe5c80]Welk programma[/b:b1eebe5c80]: Microsoft Safety Scanner [b:b1eebe5c80]Waarvoor/waarom[/b:b1eebe5c80]: specialistische scanner van Microsoft om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:b1eebe5c80]Moeilijkheidsgraad[/b:b1eebe5c80]: geen. [quote:b1eebe5c80]Opmerking: Microsoft Safety Scanner verloopt 10 dagen nadat het is gedownload. Als u opnieuw een scan wilt uitvoeren met de nieuwste definities ter voorkoming van schadelijke software, downloadt u Microsoft Safety Scanner opnieuw en voert u het opnieuw uit.[/quote:b1eebe5c80] Dowload de [b:b1eebe5c80]Microsoft Safety Scanner [/b:b1eebe5c80][url=http://www.microsoft.com/security/scanner/nl-nl/default.aspx]hier[/url]. Windows 2000 en Windows XP: start Microsoft's Safety Scanner middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start Microsoft's Safety Scanner middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. Zet vervolgens een vinkje bij "Ik accepteer de voorwaarden van de bovenstaande gebruiksovereenkomst". [b:b1eebe5c80]Scannen[/b:b1eebe5c80]: [list:b1eebe5c80][*:b1eebe5c80] Bij het starten van 'Microsoft's Safety Scanner', klik op de knop "Volgende", vervolgens kies je voor 'Snelle Scan'. [*:b1eebe5c80]Het scannen duurt wel even, dus wees geduldig.[/list:u:b1eebe5c80] [color=#FF0000:b1eebe5c80][b:b1eebe5c80]Stap •3•[/b:b1eebe5c80][/color:b1eebe5c80] [b:b1eebe5c80]Welk programma[/b:b1eebe5c80]: Malwarebytes MBAM [b:b1eebe5c80]Waarvoor/waarom[/b:b1eebe5c80]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:b1eebe5c80]Moeilijkheidsgraad[/b:b1eebe5c80]: geen. [b:b1eebe5c80]Download Malwarebytes MBAM via één van deze locaties[/b:b1eebe5c80]: [list:b1eebe5c80][*:b1eebe5c80][url=http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?][b:b1eebe5c80]Download.com[/b:b1eebe5c80][/url] [*:b1eebe5c80][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:b1eebe5c80]Softpedia.com[/b:b1eebe5c80][/url][*:b1eebe5c80][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:b1eebe5c80]Majorgeeks.com[/b:b1eebe5c80][/url][/list:u:b1eebe5c80] [b:b1eebe5c80]Allereerst[/b:b1eebe5c80]:[list:b1eebe5c80][*:b1eebe5c80] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:b1eebe5c80] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'! [/list:u:b1eebe5c80] [b:b1eebe5c80]Malwarebytes MBAM opstarten[/b:b1eebe5c80]: Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. [list:b1eebe5c80][*:b1eebe5c80][b:b1eebe5c80]Let op:[/b:b1eebe5c80] [list:b1eebe5c80][*:b1eebe5c80]Malwarebytes verstrekt nu de volledige versie van MBAM. [*:b1eebe5c80]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie. [*:b1eebe5c80]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken. [*:b1eebe5c80]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:b1eebe5c80][/list:u:b1eebe5c80] [img:b1eebe5c80]http://img30.imageshack.us/img30/3928/mbam2.png[/img:b1eebe5c80] [list:b1eebe5c80][*:b1eebe5c80][b:b1eebe5c80]Doe ook nog het volgende:[/b:b1eebe5c80] [list:b1eebe5c80][*:b1eebe5c80]Zodra het programma gestart is, ga dan naar het tabblad "[b:b1eebe5c80]Instellingen[/b:b1eebe5c80]". [*:b1eebe5c80]Vink hier aan: "[b:b1eebe5c80]Sluit Internet Explorer tijdens verwijdering van malware[/b:b1eebe5c80]".[/list:u:b1eebe5c80][/list:u:b1eebe5c80] [b:b1eebe5c80]Scannen[/b:b1eebe5c80]: [list:b1eebe5c80][*:b1eebe5c80] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:b1eebe5c80]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:b1eebe5c80]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:b1eebe5c80] [b:b1eebe5c80]Infecties gevonden[/b:b1eebe5c80]: [list:b1eebe5c80][*:b1eebe5c80]Klik nu eerst op OK om de melding weg te klikken [*:b1eebe5c80]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:b1eebe5c80]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:b1eebe5c80]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:b1eebe5c80]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:b1eebe5c80]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:b1eebe5c80] [b:b1eebe5c80]MBAM-Log[/b:b1eebe5c80]: [list:b1eebe5c80][*:b1eebe5c80] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:b1eebe5c80] [b:b1eebe5c80]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:b1eebe5c80] [color=#FF0000:b1eebe5c80][b:b1eebe5c80]Stap •4•[/b:b1eebe5c80][/color:b1eebe5c80] [b:b1eebe5c80]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:b1eebe5c80] [list:b1eebe5c80][*:b1eebe5c80] een nieuw Hijackthis-log [*:b1eebe5c80] MBAM scanlog[/list:u:b1eebe5c80]
  • Dank je zeer, Abraham. Hoe zou het toch moeten zonder jouw deskundigheid..!! Een vraag nog: In Diana's andere thread, "Hoe Ad-Aware verwijderen" [url]http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=213700[/url] geeft Diana aan dat ze al heeft gescand met MBAM maar dat die niets vond. Is het de combinatie van opeenvolgend HijackThis, Microsoft Safety Scanner en MBAM waardoor er voor MBAM mogelijk toch wat op te ruimen valt? Of zet je MBAM voor de zekerheid nog in, onder het motto better safe than sorry? Overigens lijkt dit geval weer eens akelig duidelijk te laten zien hoe zelfs een combinatie van een antivirusprogramma en MBAM malware over het hoofd kan zien, en hoe je een deskundige nodig hebt die een HijackThis-log kan interpreteren om een goede diagnose te kunnen stellen en het probleem te verhelpen.
  • Wat is precies het probleem met webnotify.exe? Ik kan er op internet niet veel over vinden. Tot nu toe reageert computer goed en de windowsscanner heeft niets gevonden. MBAM is nu bezig. 'Sluit explorer af tijdens verwijderen etc' is al automatisch aangevinkt bij instellingen. De MBAM was uitermate snel dit keer: Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Databaseversie: 7176 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 17-7-2011 21:44:45 mbam-log-2011-07-17 (21-44-45).txt Scantype: Snelle scan Objecten gescand: 182794 Verstreken tijd: 2 minuut/minuten, 44 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:47:49, on 17-7-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG10\avgchsvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG10\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Creative\Shared Files\CTDevSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Tablet.exe C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Program Files\AVG\AVG10\avgnsx.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\ezSP_Px.exe C:\WINDOWS\system32\taskswitch.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Brownie\BrstsWnd.exe C:\Program Files\Andrea Electronics\AudioCommander\AudioCommander.exe C:\Program Files\Andrea Electronics\AudioCommander\AEFltrs.exe C:\Program Files\Andrea Electronics\VoiceCenter\AndreaVC.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Brownie\brpjp04a.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe C:\Program Files\Creative\Software Update 3\SoftAuto.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\AVG\AVG10\avgrsx.exe C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\Program Files\WebNoti\WebNoti.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe Autorun O4 - HKLM\..\Run: [AudioCommander] "C:\Program Files\Andrea Electronics\AudioCommander\AudioCommander.exe" /tray O4 - HKLM\..\Run: [AEFltrs] "C:\Program Files\Andrea Electronics\AudioCommander\AEFltrs.exe" /NoDlg O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Andrea Electronics\VoiceCenter\AndreaVC.exe" /tray O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [JWOSetup] JWOSetup.exe -en O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTZDetec.exe] "C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe" O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.paradigit.nl O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15031/CTSUEng.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} - http://static.slide.com/uploader/SlideImageUploader.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.com/scan8/oscan8.cab O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1124110007421 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15111/CTPID.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\WINDOWS\system32\HPZipm12.exe (file missing) O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (file missing) O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe -- End of file - 11000 bytes
  • [quote:f404c1e6b9="diana"]Wat is precies het probleem met webnotify.exe? Ik kan er op internet niet veel over vinden. [/quote:f404c1e6b9]Deze informatie van Prevx is de enige informatie die ik vind die er wat noemenswaardigs over zegt. Prevx benoemt WebNoti.exe als adware: [url]http://www.prevx.com/filenames/34491167388258580-X1/WEBNOTI.EXE.html[/url] Overigens zie ik in je HijackThis-log WebNoti.exe nu niet meer in het register, maar nog wel in C:\Program Files\WebNoti\WebNoti.exe staan. Abraham kan ongetwijfeld aangeven wat je daar nog mee moet doen. Enne... mogelijk was het dus geen stukje Ad-Aware dat de kop op bleef steken, maar iets dat door die WebNoti.exe adware werd gepresenteerd?
  • [quote:a21d903c80="Stupendous Man"][quote:a21d903c80="diana"]Wat is precies het probleem met webnotify.exe? Ik kan er op internet niet veel over vinden. [/quote:a21d903c80]Deze informatie van Prevx is de enige informatie die ik vind die er wat noemenswaardigs over zegt. Prevx benoemt WebNoti.exe als adware: [url]http://www.prevx.com/filenames/34491167388258580-X1/WEBNOTI.EXE.html[/url] Overigens zie ik in je HijackThis-log WebNoti.exe nu niet meer in het register, maar nog wel in C:\Program Files\WebNoti\WebNoti.exe staan. Abraham kan ongetwijfeld aangeven wat je daar nog mee moet doen. Enne... mogelijk was het dus geen stukje Ad-Aware dat de kop op bleef steken, maar iets dat door die WebNoti.exe adware werd gepresenteerd?[/quote:a21d903c80] Ik zie het al. Webnoti is van Paiq. Dat is een datingsite. Ik zal Paiq informeren dat hun notifier te boek staat als zijnde malware. Aan Ad-aware is niks veranderd, staat nog steeds bij Software en is goed voor 25 Mb
  • [quote:39ff5ed363="diana"]Ik zie het al. Webnoti is van Paiq. Dat is een datingsite. Ik zal Paiq informeren dat hun notifier te boek staat als zijnde malware. [/quote:39ff5ed363]Ah, is die WebNoti.exe dan werkelijk wel als adware te beschouwen? Doet het iets ongewensts op je computer? Of is het een item dat je nodig hebt voor paiq? [quote:39ff5ed363="diana"]Aan Ad-aware is niks veranderd, staat nog steeds bij Software en is goed voor 25 Mb [/quote:39ff5ed363]Dan geldt daarvoor in principe nog wat eerder al is aangegeven over de deïnstallatie daarvan. Geef, zoals ik vanmiddag al voorstelde, eventueel gerust nog de directe link naar dat specifieke bericht over deïnstallatie-problemen in die Ad-Aware forum-thread, als je wilt dat ik/we even meedenk(en).
  • Hoi Diana, om het volgende te doen, dient AVG eerst gedeïnstalleerd te worden! AVG Remover (32-bits) 2011: http://download.avg.com/filedir/util/support/avg_remover_stf_x86_2011_1322.exe Na de herstart van jouw PC het volgende: [b:fbde7574bb]Welk programma[/b:fbde7574bb]: ComboFix [b:fbde7574bb]Waarvoor/waarom[/b:fbde7574bb]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:fbde7574bb]Moeilijkheidsgraad[/b:fbde7574bb]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:fbde7574bb]Downloadlokatie[/b:fbde7574bb]: Dit programma absoluut naar het bureaublad downloaden! [b:fbde7574bb]Download ComboFix via één van deze locaties[/b:fbde7574bb]: [list:fbde7574bb][*:fbde7574bb][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:fbde7574bb]Bleepingcomputer[/b:fbde7574bb][/url] [*:fbde7574bb][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:fbde7574bb]ForoSpyware[/b:fbde7574bb][/url] [*:fbde7574bb][url=http://subs.geekstogo.com/ComboFix.exe][b:fbde7574bb]Geekstogo[/b:fbde7574bb][/url][/list:u:fbde7574bb] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:fbde7574bb]Hier[/b:fbde7574bb][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:fbde7574bb]Hier[/b:fbde7574bb][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:fbde7574bb]hier[/b:fbde7574bb][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:fbde7574bb]Voor alle duidelijkheid nogmaals[/b:fbde7574bb]: ComboFix dient vanaf het bureaublad gestart te worden. [b:fbde7574bb]Opmerkingen[/b:fbde7574bb]: [list:fbde7574bb][*:fbde7574bb] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:fbde7574bb]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:fbde7574bb]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:fbde7574bb] [b:fbde7574bb]ComboFix is opgestart[/b:fbde7574bb]: [list:fbde7574bb][*:fbde7574bb]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:fbde7574bb]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:fbde7574bb]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:fbde7574bb]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:fbde7574bb]Post de inhoud van dit logbestand in je volgende bericht. [*:fbde7574bb]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:fbde7574bb] [b:fbde7574bb]Belangrijke opmerking[/b:fbde7574bb]: [list:fbde7574bb][*:fbde7574bb][b:fbde7574bb][color=Red:fbde7574bb]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:fbde7574bb][/b:fbde7574bb] [*:fbde7574bb][b:fbde7574bb][color=blue:fbde7574bb]Illegal operation attempted on a registery key that has been marked for deletion.[/color:fbde7574bb][/b:fbde7574bb] [*:fbde7574bb][b:fbde7574bb][color=Red:fbde7574bb]Start dan de computer opnieuw op.[/color:fbde7574bb][/b:fbde7574bb][/list:u:fbde7574bb] Hierna nog niet AVG herinstalleren!
  • ComboFix 11-07-17.03 - gebruiker 18-07-2011 5:56.17.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1505 [GMT 2:00] Gestart vanuit: c:\documents and settings\gebruiker\Bureaublad\ComboFix.exe . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Administrator.UW-C5C0C24F5CAE\WINDOWS c:\documents and settings\Default User\WINDOWS c:\documents and settings\gebruiker\WINDOWS c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\cc_20091121_104648.reg c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\cc_20091121_225929.reg c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\cc_20091125_133353.reg c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\cc_20091125_134029.reg c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\cc_20091125_134500.reg c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\cc_20091129_163004.reg c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\cc_20100118_194705.reg c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\cc_20100128_161838.reg c:\documents and settings\gebruiker\WINDOWS\Mijn documenten\desktop.ini c:\windows\IsUn0413.exe c:\windows\system32\config\systemprofile\WINDOWS . . (((((((((((((((((((( Bestanden Gemaakt van 2011-06-18 to 2011-07-18 )))))))))))))))))))))))))))))) . . 2011-07-17 06:28 . 2011-07-17 17:20 -------- d--h--r- c:\documents and settings\gebruiker\Onlangs geopend 2011-07-08 12:08 . 2011-07-08 12:08 -------- d-----w- c:\documents and settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A} 2011-07-08 12:02 . 2011-07-08 12:02 -------- d-----w- c:\program files\Uniblue 2011-07-08 12:02 . 2011-07-08 12:02 -------- d-----w- c:\documents and settings\gebruiker\Local Settings\Application Data\PackageAware 2011-07-08 09:30 . 2011-07-08 09:30 -------- d-----w- c:\program files\VS Revo Group 2011-07-07 10:15 . 2011-07-07 10:15 -------- d-----w- c:\program files\Common Files\Java 2011-06-29 18:39 . 2011-06-29 18:39 -------- d-----w- c:\documents and settings\gebruiker\Application Data\Ambient Design 2011-06-29 18:39 . 2011-06-29 18:39 -------- d-----w- c:\program files\Ambient Design 2011-06-27 14:18 . 2011-06-29 18:35 -------- d-----w- c:\documents and settings\gebruiker\Application Data\inkscape 2011-06-27 14:01 . 2008-04-14 17:02 116736 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll 2011-06-27 14:01 . 2001-09-06 19:27 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll 2011-06-27 14:01 . 2008-04-14 17:02 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll 2011-06-27 14:01 . 2001-09-06 19:27 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe 2011-06-27 14:01 . 2001-09-06 19:27 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe 2011-06-27 14:00 . 2001-09-06 19:27 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe 2011-06-27 14:00 . 2001-08-17 18:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys 2011-06-27 14:00 . 2004-08-03 20:29 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys 2011-06-27 14:00 . 2004-08-03 20:29 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys 2011-06-27 14:00 . 2008-04-13 18:36 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys 2011-06-27 14:00 . 2004-08-03 20:31 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys 2011-06-27 14:00 . 2001-09-06 17:08 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys 2011-06-27 14:00 . 2001-08-17 19:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys 2011-06-27 14:00 . 2001-09-06 19:27 54272 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll 2011-06-27 14:00 . 2001-09-06 19:27 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll 2011-06-27 13:58 . 2001-08-17 19:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys 2011-06-27 13:58 . 2001-08-17 19:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys 2011-06-27 13:58 . 2001-08-17 19:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys 2011-06-27 13:58 . 2001-08-17 19:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys 2011-06-27 13:58 . 2001-08-17 19:28 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys 2011-06-27 13:58 . 2001-08-17 19:28 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys 2011-06-27 13:58 . 2001-08-17 19:28 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys 2011-06-27 13:58 . 2001-08-17 19:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys 2011-06-27 13:58 . 2004-08-03 22:55 32384 -c--a-w- c:\windows\system32\dllcache\usb101et.sys 2011-06-27 13:58 . 2001-09-06 19:27 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll 2011-06-27 13:58 . 2001-09-06 19:27 28160 -c--a-w- c:\windows\system32\dllcache\umaxu40.dll 2011-06-27 13:58 . 2001-09-06 19:27 26624 -c--a-w- c:\windows\system32\dllcache\umaxu22.dll 2011-06-27 13:57 . 2001-09-06 19:27 69632 -c--a-w- c:\windows\system32\dllcache\umaxu12.dll 2011-06-27 13:57 . 2001-09-06 19:27 50688 -c--a-w- c:\windows\system32\dllcache\umaxscan.dll 2011-06-27 13:57 . 2001-08-17 19:58 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys 2011-06-27 13:57 . 2001-09-06 19:27 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll 2011-06-27 13:57 . 2001-09-06 19:27 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll 2011-06-27 13:57 . 2001-09-06 19:27 212480 -c--a-w- c:\windows\system32\dllcache\um54scan.dll 2011-06-27 13:57 . 2001-09-06 19:27 216576 -c--a-w- c:\windows\system32\dllcache\um34scan.dll 2011-06-27 13:57 . 2001-08-17 19:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys 2011-06-27 13:57 . 2001-08-17 18:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys 2011-06-27 13:57 . 2001-09-06 19:27 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll 2011-06-27 13:56 . 2001-08-17 18:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys 2011-06-27 13:56 . 2001-09-06 19:26 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll 2011-06-27 13:56 . 2001-08-17 18:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys 2011-06-27 13:56 . 2001-09-06 19:26 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll 2011-06-27 13:56 . 2001-08-17 18:12 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys 2011-06-27 13:56 . 2001-09-06 19:26 43008 -c--a-w- c:\windows\system32\dllcache\tp4res.dll 2011-06-27 13:56 . 2008-04-14 17:03 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe 2011-06-27 13:56 . 2001-09-06 19:27 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll 2011-06-27 13:56 . 2001-08-17 20:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys 2011-06-27 13:56 . 2001-08-17 20:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys 2011-06-27 13:56 . 2001-08-17 18:10 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys 2011-06-27 13:55 . 2001-08-17 18:14 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys 2011-06-27 13:55 . 2001-08-17 18:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys 2011-06-27 13:55 . 2001-09-06 19:26 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll 2011-06-27 13:55 . 2008-04-13 18:40 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys 2011-06-27 13:55 . 2001-08-17 18:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys 2011-06-27 13:55 . 2001-08-17 18:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys 2011-06-27 13:55 . 2001-08-17 19:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys 2011-06-27 13:55 . 2001-08-17 19:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys 2011-06-27 13:55 . 2001-08-17 18:50 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys 2011-06-27 13:55 . 2001-09-06 19:26 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll 2011-06-27 13:55 . 2001-09-06 19:27 94293 -c--a-w- c:\windows\system32\dllcache\sxports.dll 2011-06-27 13:54 . 2001-08-17 19:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys 2011-06-27 13:54 . 2001-08-17 20:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys 2011-06-27 13:54 . 2001-09-06 19:27 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll 2011-06-27 13:54 . 2001-09-06 19:27 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll 2011-06-27 13:54 . 2001-09-06 19:27 53760 -c--a-w- c:\windows\system32\dllcache\sw_wheel.dll 2011-06-27 13:54 . 2001-09-06 19:27 41472 -c--a-w- c:\windows\system32\dllcache\sw_effct.dll 2011-06-27 13:54 . 2001-09-06 19:27 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll 2011-06-27 13:54 . 2001-09-06 19:27 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll 2011-06-27 13:54 . 2001-09-06 16:20 286432 -c--a-w- c:\windows\system32\dllcache\stlnata.sys 2011-06-27 13:54 . 2001-09-06 16:19 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys 2011-06-27 13:54 . 2001-08-17 18:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys 2011-06-27 13:53 . 2001-09-06 19:27 99840 -c--a-w- c:\windows\system32\dllcache\srusd.dll 2011-06-27 13:53 . 2001-09-06 19:27 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll 2011-06-27 13:53 . 2001-08-17 19:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys 2011-06-27 13:53 . 2001-09-06 19:27 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll 2011-06-27 13:53 . 2001-08-17 19:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys 2011-06-27 13:53 . 2001-08-17 18:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys 2011-06-27 13:53 . 2001-09-06 19:27 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll 2011-06-27 13:53 . 2001-08-17 18:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys 2011-06-27 13:53 . 2001-08-17 19:53 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys 2011-06-27 13:53 . 2008-04-13 18:40 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys 2011-06-27 13:53 . 2004-08-04 12:00 143422 -c--a-w- c:\windows\system32\dllcache\softkey.dll 2011-06-27 13:53 . 2001-08-17 19:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys 2011-06-27 13:52 . 2001-08-17 18:51 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys 2011-06-27 13:52 . 2001-09-06 19:26 147200 -c--a-w- c:\windows\system32\dllcache\smidispb.dll 2011-06-27 13:52 . 2001-08-17 18:12 25034 -c--a-w- c:\windows\system32\dllcache\smcpwr2n.sys 2011-06-27 13:52 . 2001-09-06 18:56 36425 -c--a-w- c:\windows\system32\dllcache\smcirda.sys 2011-06-27 13:52 . 2001-08-17 18:12 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys 2011-06-27 13:52 . 2001-08-17 19:57 6784 -c--a-w- c:\windows\system32\dllcache\smbhc.sys 2011-06-27 13:52 . 2008-04-13 18:36 6912 -c--a-w- c:\windows\system32\dllcache\smbclass.sys 2011-06-27 13:52 . 2008-04-13 18:36 16000 -c--a-w- c:\windows\system32\dllcache\smbbatt.sys 2011-06-27 13:52 . 2001-09-06 19:27 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll 2011-06-27 13:52 . 2001-09-06 19:27 33792 -c--a-w- c:\windows\system32\dllcache\smb0w.dll 2011-06-27 13:52 . 2001-09-06 19:27 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll 2011-06-27 13:51 . 2001-09-06 19:27 28160 -c--a-w- c:\windows\system32\dllcache\sm91w.dll 2011-06-27 13:51 . 2004-08-03 20:31 63547 -c--a-w- c:\windows\system32\dllcache\sla30nd5.sys 2011-06-27 13:51 . 2001-08-17 18:12 91294 -c--a-w- c:\windows\system32\dllcache\skfpwin.sys 2011-06-27 13:51 . 2001-09-06 18:53 95146 -c--a-w- c:\windows\system32\dllcache\sk98xwin.sys 2011-06-27 13:51 . 2001-09-06 19:26 157696 -c--a-w- c:\windows\system32\dllcache\sisv256.dll 2011-06-27 13:51 . 2001-08-17 18:50 50432 -c--a-w- c:\windows\system32\dllcache\sisv.sys 2011-06-27 13:51 . 2001-09-06 19:27 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll 2011-06-27 13:51 . 2001-08-17 18:50 104064 -c--a-w- c:\windows\system32\dllcache\sisgrp.sys 2011-06-27 13:51 . 2001-09-06 19:26 150144 -c--a-w- c:\windows\system32\dllcache\sis6306v.dll 2011-06-27 13:51 . 2001-08-17 18:50 68608 -c--a-w- c:\windows\system32\dllcache\sis6306p.sys 2011-06-27 13:51 . 2001-09-06 18:49 161760 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys 2011-06-27 13:50 . 2001-07-21 20:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys 2011-06-27 13:50 . 2001-08-17 18:51 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys 2011-06-27 13:50 . 2001-09-06 19:26 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll 2011-06-27 13:50 . 2001-08-17 18:19 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys 2011-06-27 13:50 . 2001-09-06 18:47 6912 -c--a-w- c:\windows\system32\dllcache\serscan.sys 2011-06-27 13:50 . 2001-09-06 18:47 18176 -c--a-w- c:\windows\system32\dllcache\sermouse.sys 2011-06-27 13:50 . 2001-08-17 19:53 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys 2011-06-27 13:50 . 2008-04-13 18:45 11520 -c--a-w- c:\windows\system32\dllcache\scsiscan.sys 2011-06-27 13:50 . 2001-08-17 19:52 11648 -c--a-w- c:\windows\system32\dllcache\scsiprnt.sys 2011-06-27 13:50 . 2001-09-06 18:44 17536 -c--a-w- c:\windows\system32\dllcache\scr111.sys 2011-06-27 13:50 . 2001-09-06 18:44 16768 -c--a-w- c:\windows\system32\dllcache\scmstcs.sys 2011-06-27 13:50 . 2001-08-17 19:51 23936 -c--a-w- c:\windows\system32\dllcache\sccmusbm.sys . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-29 04:24 . 2010-09-16 19:47 25992 ----a-w- c:\windows\system32\pgdfgsvc.exe 2011-06-24 07:10 . 2011-05-19 07:22 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-06 11:35 . 2005-03-01 20:21 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-05-04 02:52 . 2010-06-06 07:14 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-05-04 00:25 . 2009-06-19 14:51 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-05-02 15:31 . 2005-03-01 20:19 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 17:25 . 2005-03-01 20:20 151552 ----a-w- c:\windows\system32\schannel.dll 2011-04-29 16:19 . 2005-03-01 20:19 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-26 11:07 . 2005-03-01 20:21 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-04-26 11:07 . 2005-03-01 20:18 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-04-25 16:05 . 2005-03-01 20:21 916480 ----a-w- c:\windows\system32\wininet.dll 2011-04-25 16:05 . 2005-03-01 20:19 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-04-25 16:05 . 2005-03-01 20:19 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-04-25 12:01 . 2005-03-01 20:18 385024 ----a-w- c:\windows\system32\html.iec 2011-04-21 13:37 . 2005-03-01 20:20 105472 ----a-w- c:\windows\system32\drivers\mup.sys . . ((((((((((((((((((((((((((((( SnapShot_2010-11-11_11.48.37 ))))))))))))))))))))))))))))))))))))))))) . + 2011-04-18 20:51 . 2011-04-18 20:51 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_4ddc769f\vcomp90.dll + 2011-01-11 08:59 . 2011-01-11 08:59 51024 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_214ee422\vcomp90.dll + 2011-04-18 20:51 . 2011-04-18 20:51 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90rus.dll + 2011-04-18 20:51 . 2011-04-18 20:51 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90kor.dll + 2011-04-18 20:51 . 2011-04-18 20:51 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90jpn.dll + 2011-04-18 20:51 . 2011-04-18 20:51 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90ita.dll + 2011-04-18 20:51 . 2011-04-18 20:51 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90fra.dll + 2011-04-18 20:51 . 2011-04-18 20:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esp.dll + 2011-04-18 20:51 . 2011-04-18 20:51 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90esn.dll + 2011-04-18 20:51 . 2011-04-18 20:51 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll + 2011-04-18 20:51 . 2011-04-18 20:51 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90deu.dll + 2011-04-18 20:51 . 2011-04-18 20:51 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90cht.dll + 2011-04-18 20:51 . 2011-04-18 20:51 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90chs.dll + 2011-01-11 08:59 . 2011-01-11 08:59 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90rus.dll + 2011-01-11 08:59 . 2011-01-11 08:59 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90kor.dll + 2011-01-11 08:59 . 2011-01-11 08:59 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90jpn.dll + 2011-01-11 08:59 . 2011-01-11 08:59 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90ita.dll + 2011-01-11 08:59 . 2011-01-11 08:59 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90fra.dll + 2011-01-11 08:59 . 2011-01-11 08:59 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90esp.dll + 2011-01-11 08:59 . 2011-01-11 08:59 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90esn.dll + 2011-01-11 08:59 . 2011-01-11 08:59 53584 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90enu.dll + 2011-01-11 08:59 . 2011-01-11 08:59 63312 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90deu.dll + 2011-01-11 08:59 . 2011-01-11 08:59 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90cht.dll + 2011-01-11 08:59 . 2011-01-11 08:59 35664 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_467ea28b\mfc90chs.dll + 2011-04-18 20:51 . 2011-04-18 20:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90u.dll + 2011-04-18 20:51 . 2011-04-18 20:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfcm90.dll + 2011-01-11 08:59 . 2011-01-11 08:59 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfcm90u.dll + 2011-01-11 08:59 . 2011-01-11 08:59 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.5570_x-ww_d5fe2ecb\mfcm90.dll + 2011-05-13 18:17 . 2011-05-13 18:17 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_452bf920\vcomp.dll + 2011-05-13 17:45 . 2011-05-13 17:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80KOR.dll + 2011-05-13 17:45 . 2011-05-13 17:45 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80JPN.dll + 2011-05-13 17:45 . 2011-05-13 17:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ITA.dll + 2011-05-13 17:45 . 2011-05-13 17:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80FRA.dll + 2011-05-13 17:45 . 2011-05-13 17:45 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ESP.dll + 2011-05-13 17:45 . 2011-05-13 17:45 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll + 2011-05-13 17:45 . 2011-05-13 17:45 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80DEU.dll + 2011-05-13 17:45 . 2011-05-13 17:45 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHT.dll + 2011-05-13 17:45 . 2011-05-13 17:45 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80CHS.dll + 2011-05-13 23:06 . 2011-05-13 23:06 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80u.dll + 2011-05-13 23:23 . 2011-05-13 23:23 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfcm80.dll + 2011-05-13 16:37 . 2011-05-13 16:37 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll + 2011-01-05 21:59 . 2011-01-05 21:59 21880 c:\windows\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5\Microsoft.Workflow.Compiler.exe + 2011-07-18 03:52 . 2011-07-18 03:52 16384 c:\windows\temp\Perflib_Perfdata_4d8.dat - 2007-01-29 08:58 . 2010-06-21 14:46 46080 c:\windows\system32\tzchange.exe + 2007-01-29 08:58 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe + 2005-05-11 18:20 . 2011-07-18 03:52 12341 c:\windows\system32\Tablet.dat - 2005-05-11 18:20 . 2010-11-11 11:35 12341 c:\windows\system32\Tablet.dat + 2011-05-28 09:05 . 2010-12-14 17:51 41984 c:\windows\system32\ReinstallBackups\0022\DriverFiles\usbaapl.sys + 2004-09-15 01:50 . 2011-07-17 14:16 89124 c:\windows\system32\perfc009.dat - 2005-03-01 20:19 . 2010-09-10 05:52 66560 c:\windows\system32\mshtmled.dll + 2005-03-01 20:19 . 2011-04-25 16:05 66560 c:\windows\system32\mshtmled.dll + 2007-08-13 17:54 . 2011-04-25 16:05 55296 c:\windows\system32\msfeedsbs.dll - 2007-08-13 17:54 . 2010-09-10 05:52 55296 c:\windows\system32\msfeedsbs.dll + 2009-07-16 10:05 . 2011-01-31 18:22 57988 c:\windows\system32\mlfcache.dat + 2011-06-18 12:23 . 2007-01-07 10:28 69632 c:\windows\system32\JWPath.dll + 2005-03-01 20:19 . 2011-04-25 16:05 25600 c:\windows\system32\jsproxy.dll - 2005-03-01 20:19 . 2010-09-10 05:52 25600 c:\windows\system32\jsproxy.dll - 2005-03-01 20:19 . 2008-04-14 17:02 86016 c:\windows\system32\isign32.dll + 2005-03-01 20:19 . 2010-11-18 18:15 86016 c:\windows\system32\isign32.dll + 2010-03-18 12:16 . 2010-03-18 12:16 70472 c:\windows\system32\dxva2.dll + 2011-05-28 09:05 . 2011-02-18 14:36 41984 c:\windows\system32\DRVSTORE\usbaapl_05A32DBD3911A2EF4222EF5BE7BB535FAB37D6C4\usbaapl.sys + 2011-01-31 18:32 . 2010-04-19 18:29 18432 c:\windows\system32\DRVSTORE\netaapl_8A27A03003759CB01567E831096473C330131D64\netaapl.sys - 2010-06-19 14:46 . 2010-04-19 18:47 41984 c:\windows\system32\drivers\usbaapl.sys + 2010-06-19 14:46 . 2011-02-18 14:36 41984 c:\windows\system32\drivers\usbaapl.sys + 2005-03-01 20:20 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys + 2011-06-18 06:03 . 2011-07-06 17:52 41272 c:\windows\system32\drivers\mbamswissarmy.sys + 2011-06-18 06:03 . 2011-07-06 17:52 22712 c:\windows\system32\drivers\mbam.sys - 2010-05-18 14:35 . 2010-05-18 14:35 91424 c:\windows\system32\dnssd.dll + 2011-04-06 14:20 . 2011-04-06 14:20 91424 c:\windows\system32\dnssd.dll + 2005-03-01 20:18 . 2009-04-20 17:22 45568 c:\windows\system32\dnsrslvr.dll - 2005-03-01 20:18 . 2008-04-14 17:02 45568 c:\windows\system32\dnsrslvr.dll - 2009-07-29 13:07 . 2010-09-10 05:52 12800 c:\windows\system32\dllcache\xpshims.dll + 2009-07-29 13:07 . 2011-04-25 16:05 12800 c:\windows\system32\dllcache\xpshims.dll + 2005-03-01 20:21 . 2008-04-14 17:02 11776 c:\windows\system32\dllcache\xolehlp.dll + 2005-03-01 20:21 . 2008-04-14 17:02 50176 c:\windows\system32\dllcache\xmlprovi.dll + 2005-03-01 20:21 . 2008-04-14 17:03 30720 c:\windows\system32\dllcache\xcopy.exe + 2005-03-01 20:21 . 2008-04-14 17:02 91648 c:\windows\system32\dllcache\xactsrv.dll + 2005-04-16 00:28 . 2008-04-14 17:02 52736 c:\windows\system32\dllcache\wzcsapi.dll + 2005-03-01 20:21 . 2008-04-14 17:02 18432 c:\windows\system32\dllcache\wtsapi32.dll + 2005-03-01 20:21 . 2008-04-14 17:02 51200 c:\windows\system32\dllcache\wstdecod.dll + 2005-08-28 19:12 . 2008-04-13 18:46 19200 c:\windows\system32\dllcache\wstcodec.sys + 2005-03-01 20:21 . 2008-04-14 17:02 24576 c:\windows\system32\dllcache\wsock32.dll + 2005-03-01 20:21 . 2008-04-14 17:02 41984 c:\windows\system32\dllcache\wsnmp32.dll + 2005-03-01 20:21 . 2008-04-14 17:02 19456 c:\windows\system32\dllcache\wshtcpip.dll + 2005-03-01 20:21 . 2008-04-14 17:02 11264 c:\windows\system32\dllcache\wshrm.dll + 2005-03-01 20:21 . 2008-04-14 17:02 14336 c:\windows\system32\dllcache\wship6.dll - 2008-05-09 10:56 . 2008-05-09 10:56 90112 c:\windows\system32\dllcache\wshext.dll + 2005-03-01 20:21 . 2008-05-09 10:56 90112 c:\windows\system32\dllcache\wshext.dll + 2005-03-01 20:21 . 2008-04-14 17:02 80896 c:\windows\system32\dllcache\wscsvc.dll + 2005-03-01 20:21 . 2008-04-14 17:03 13824 c:\windows\system32\dllcache\wscntfy.exe + 2005-03-01 20:21 . 2008-04-14 17:02 19968 c:\windows\system32\dllcache\ws2help.dll + 2005-03-01 20:21 . 2008-04-14 17:02 82432 c:\windows\system32\dllcache\ws2_32.dll + 2005-03-01 20:21 . 2008-04-14 17:03 11776 c:\windows\system32\dllcache\wpnpinst.exe + 2005-03-01 20:21 . 2008-04-14 17:03 32256 c:\windows\system32\dllcache\wpabaln.exe + 2005-04-16 00:28 . 2001-09-06 21:27 14336 c:\windows\system32\dllcache\wowfaxui.dll + 2005-03-01 20:21 . 2008-04-14 17:02 98304 c:\windows\system32\dllcache\wmiutils.dll + 2005-03-01 20:21 . 2008-04-14 17:02 41472 c:\windows\system32\dllcache\wmipsess.dll + 2005-03-01 20:21 . 2008-04-14 17:02 62464 c:\windows\system32\dllcache\wmipjobj.dll + 2005-03-01 20:21 . 2008-04-14 17:02 61952 c:\windows\system32\dllcache\wmipiprt.dll + 2005-03-01 20:21 . 2008-04-14 17:02 60928 c:\windows\system32\dllcache\wmicookr.dll + 2005-03-01 20:21 . 2008-04-14 17:02 88576 c:\windows\system32\dllcache\wmiaprpl.dll + 2005-03-01 20:21 . 2008-04-14 17:02 93696 c:\windows\system32\dllcache\wlnotify.dll + 2008-04-14 17:02 . 2008-04-14 17:02 69120 c:\windows\system32\dllcache\wlanapi.dll + 2005-03-01 20:21 . 2008-04-14 17:02 53760 c:\windows\system32\dllcache\winsta.dll + 2005-03-01 20:21 . 2008-04-14 17:02 17408 c:\windows\system32\dllcache\winshfhc.dll + 2005-03-01 20:21 . 2008-04-14 17:02 99840 c:\windows\system32\dllcache\winscard.dll + 2005-03-01 20:21 . 2008-04-14 17:02 16896 c:\windows\system32\dllcache\winrnr.dll + 2005-03-01 20:21 . 2008-04-14 17:02 32256 c:\windows\system32\dllcache\winipsec.dll + 2005-03-01 20:21 . 2008-04-14 17:02 75776 c:\windows\system32\dllcache\wiascr.dll + 2005-03-01 20:21 . 2008-04-14 17:03 66048 c:\windows\system32\dllcache\wextract.exe + 2005-03-01 20:21 . 2008-04-14 17:02 68096 c:\windows\system32\dllcache\webclnt.dll + 2005-04-16 09:21 . 2008-04-13 19:17 83072 c:\windows\system32\dllcache\wdmaud.sys + 2005-04-16 00:28 . 2008-04-14 17:03 23552 c:\windows\system32\dllcache\wdmaud.drv + 2005-03-01 20:21 . 2009-06-25 08:27 54272 c:\windows\system32\dllcache\wdigest.dll - 2009-06-25 08:27 . 2009-06-25 08:27 54272 c:\windows\system32\dllcache\wdigest.dll + 2011-06-27 13:59 . 2004-08-03 20:29 23615 c:\windows\system32\dllcache\wch7xxnt.sys + 2011-06-27 13:59 . 2008-04-14 16:34 32000 c:\windows\system32\dllcache\wceusbsh.sys + 2011-06-27 13:59 . 2001-08-17 18:10 35871 c:\windows\system32\dllcache\wbfirdma.sys + 2005-03-01 20:21 . 2008-04-14 17:02 43520 c:\windows\system32\dllcache\wbemsvc.dll + 2005-03-01 20:21 . 2008-04-14 17:02 18944 c:\windows\system32\dllcache\wbemprox.dll + 2005-03-01 20:21 . 2008-04-14 17:02 44032 c:\windows\system32\dllcache\wbemperf.dll + 2005-03-01 20:21 . 2008-04-14 17:02 71680 c:\windows\system32\dllcache\wbemcons.dll + 2008-09-23 05:02 . 2004-08-03 20:29 25471 c:\windows\system32\dllcache\watv10nt.sys + 2008-09-23 05:02 . 2004-08-03 20:29 22271 c:\windows\system32\dllcache\watv06nt.sys + 2011-06-27 13:59 . 2004-08-03 20:29 33599 c:\windows\system32\dllcache\watv04nt.sys + 2011-06-27 13:59 . 2004-08-03 20:29 19551 c:\windows\system32\dllcache\watv02nt.sys + 2011-06-27 13:59 . 2004-08-03 20:29 29311 c:\windows\system32\dllcache\watv01nt.sys + 2005-03-01 20:21 . 2008-04-13 18:44 17664 c:\windows\system32\dllcache\watchdog.sys + 2005-03-01 20:21 . 2008-04-13 18:57 34560 c:\windows\system32\dllcache\wanarp.sys + 2008-09-23 05:02 . 2004-08-03 20:29 11935 c:\windows\system32\dllcache\wadv11nt.sys + 2008-09-23 05:02 . 2004-08-03 20:29 11871 c:\windows\system32\dllcache\wadv09nt.sys + 2008-09-23 05:02 . 2004-08-03 20:29 11295 c:\windows\system32\dllcache\wadv08nt.sys + 2008-09-23 05:02 . 2004-08-03 20:29 11807 c:\windows\system32\dllcache\wadv07nt.sys + 2011-06-27 13:59 . 2004-08-03 20:29 11775 c:\windows\system32\dllcache\wadv05nt.sys + 2011-06-27 13:59 . 2004-08-03 20:29 12127 c:\windows\system32\dllcache\wadv02nt.sys + 2011-06-27 13:59 . 2004-08-03 20:29 12415 c:\windows\system32\dllcache\wadv01nt.sys + 2008-04-13 18:43 . 2008-04-13 18:43 14208 c:\windows\system32\dllcache\wacompen.sys + 2005-03-01 20:21 . 2008-04-14 17:03 30208 c:\windows\system32\dllcache\wabmig.exe + 2005-03-01 20:21 . 2008-04-14 17:02 85504 c:\windows\system32\dllcache\wabimp.dll + 2005-03-01 20:21 . 2008-04-14 17:02 32768 c:\windows\system32\dllcache\wabfind.dll + 2005-03-01 20:21 . 2010-10-11 14:59 45568 c:\windows\system32\dllcache\wab.exe + 2011-06-27 13:59 . 2001-08-17 18:13 16925 c:\windows\system32\dllcache\w940nd.sys + 2011-06-27 13:59 . 2001-08-17 18:13 19016 c:\windows\system32\dllcache\w926nd.sys + 2011-06-27 13:59 . 2001-08-17 18:13 19528 c:\windows\system32\dllcache\w840nd.sys + 2005-03-01 20:21 . 2008-04-14 17:02 15872 c:\windows\system32\dllcache\w3ssl.dll + 2011-06-27 13:59 . 2001-08-17 19:28 64605 c:\windows\system32\dllcache\vvoice.sys + 2005-03-01 20:21 . 2008-04-14 16:33 53504 c:\windows\system32\dllcache\volsnap.sys + 2005-03-01 20:21 . 2008-04-13 18:44 81664 c:\windows\system32\dllcache\videoprt.sys + 2011-06-27 13:59 . 2001-08-17 19:49 24576 c:\windows\system32\dllcache\viairda.sys + 2005-04-16 00:26 . 2008-04-13 18:36 42240 c:\windows\system32\dllcache\viaagp.sys + 2005-03-01 20:21 . 2008-04-13 18:44 20992 c:\windows\system32\dllcache\vga.sys + 2005-08-28 19:12 . 2008-04-14 17:02 54272 c:\windows\system32\dllcache\vfwwdm32.dll + 2005-03-01 20:21 . 2008-04-14 17:02 18944 c:\windows\system32\dllcache\version.dll + 2005-03-01 20:21 . 2008-04-14 17:02 26624 c:\windows\system32\dllcache\verifier.dll + 2005-03-01 20:21 . 2008-04-14 17:02 51712 c:\windows\system32\dllcache\vdmredir.dll + 2005-04-16 00:27 . 2001-08-17 22:02 58112 c:\windows\system32\dllcache\vdmindvd.sys + 2005-03-01 20:21 . 2008-04-14 17:02 26112 c:\windows\system32\dllcache\vdmdbg.dll + 2008-04-14 17:02 . 2008-04-14 17:02 11325 c:\windows\system32\dllcache\vchnt5.dll + 2005-03-01 20:21 . 2008-04-14 17:02 30749 c:\windows\system32\dllcache\vbajet32.dll + 2005-03-01 20:21 . 2008-04-14 17:03 50176 c:\windows\system32\dllcache\utilman.exe + 2005-04-16 00:28 . 2001-09-06 21:27 49211 c:\windows\system32\dllcache\usrvpa.dll + 2005-04-16 00:28 . 2001-09-06 21:27 45116 c:\windows\system32\dllcache\usrvoica.dll + 2005-04-16 00:28 . 2001-09-06 21:27 49209 c:\windows\system32\dllcache\usrv80a.dll + 2005-04-16 00:28 . 2001-09-06 21:27 41019 c:\windows\system32\dllcache\usrsvpia.dll + 2005-04-16 00:28 . 2001-09-06 21:27 69700 c:\windows\system32\dllcache\usrshuta.exe + 2005-04-16 00:28 . 2001-09-06 21:27 49211 c:\windows\system32\dllcache\usrsdpia.dll + 2005-04-16 00:28 . 2001-09-06 21:27 77883 c:\windows\system32\dllcache\usrrtosa.dll + 2005-04-16 00:28 . 2001-09-06 21:27 61508 c:\windows\system32\dllcache\usrprbda.exe + 2005-04-16 00:28 . 2001-09-06 21:27 77891 c:\windows\system32\dllcache\usrmlnka.exe + 2005-04-16 00:28 . 2001-09-06 21:27 53305 c:\windows\system32\dllcache\usrlbva.dll + 2005-04-16 00:28 . 2001-09-06 21:27 86073 c:\windows\system32\dllcache\usrfaxa.dll + 2005-04-16 00:28 . 2001-09-06 21:27 77890 c:\windows\system32\dllcache\usrdpa.dll + 2005-04-16 00:28 . 2001-09-06 21:27 69699 c:\windows\system32\dllcache\usrcoina.dll + 2005-04-16 00:27 . 2001-09-06 21:27 61500 c:\windows\system32\dllcache\usrcntra.dll + 2005-03-01 20:21 . 2008-04-14 17:03 26112 c:\windows\system32\dllcache\userinit.exe + 2005-04-16 00:27 . 2008-04-14 17:02 76288 c:\windows\system32\dllcache\usbui.dll + 2005-04-16 09:17 . 2008-04-13 18:45 20608 c:\windows\system32\dllcache\usbuhci.sys + 2005-03-01 20:21 . 2008-04-13 18:45 26368 c:\windows\system32\dllcache\usbstor.sys + 2005-03-01 20:21 . 2008-04-13 18:45 17152 c:\windows\system32\dllcache\usbohci.sys + 2005-03-01 20:21 . 2008-04-14 17:02 16896 c:\windows\system32\dllcache\usbmon.dll + 2005-04-16 00:27 . 2008-04-13 18:45 15872 c:\windows\system32\dllcache\usbintel.sys + 2005-03-01 20:21 . 2008-04-13 18:45 59520 c:\windows\system32\dllcache\usbhub.sys + 2005-04-16 09:17 . 2008-04-13 18:45 30208 c:\windows\system32\dllcache\usbehci.sys + 2005-05-11 16:31 . 2008-04-13 18:45 32128 c:\windows\system32\dllcache\usbccgp.sys + 2005-04-16 00:27 . 2008-04-13 18:45 25728 c:\windows\system32\dllcache\usbcamd2.sys + 2005-04-16 00:27 . 2008-04-13 18:45 25600 c:\windows\system32\dllcache\usbcamd.sys + 2007-02-10 16:14 . 2008-04-13 18:45 60032 c:\windows\system32\dllcache\usbaudio.sys + 2008-04-13 18:56 . 2008-04-13 18:56 12800 c:\windows\system32\dllcache\usb8023x.sys + 2005-03-01 20:21 . 2008-04-13 18:56 12800 c:\windows\system32\dllcache\usb8023.sys + 2005-03-01 20:21 . 2008-04-14 17:03 18432 c:\windows\system32\dllcache\ups.exe + 2005-03-01 20:21 . 2008-04-14 17:03 16896 c:\windows\system32\dllcache\upnpcont.exe + 2005-03-01 20:21 . 2008-04-14 17:02 13824 c:\windows\system32\dllcache\uniplat.dll + 2005-03-01 20:21 . 2008-04-14 17:02 78336 c:\windows\system32\dllcache\unimdmat.dll + 2005-03-01 20:21 . 2008-04-14 17:02 36352 c:\windows\system32\dllcache\umandlg.dll + 2005-03-01 20:21 . 2008-04-14 17:02 26624 c:\windows\system32\dllcache\udhisapi.dll + 2005-03-01 20:21 . 2008-04-13 18:32 66048 c:\windows\system32\dllcache\udfs.sys + 2008-04-13 18:36 . 2008-04-13 18:36 44672 c:\windows\system32\dllcache\uagp35.sys + 2005-03-01 20:21 . 2008-04-14 17:02 57856 c:\windows\system32\dllcache\twext.dll + 2005-03-01 20:21 . 2008-04-14 17:02 50688 c:\windows\system32\dllcache\twain_32.dll + 2005-04-16 00:27 . 2008-04-13 18:56 12288 c:\windows\system32\dllcache\tunmp.sys + 2008-04-14 17:02 . 2008-04-14 17:02 50688 c:\windows\system32\dllcache\tspkg.dll + 2008-04-14 17:02 . 2008-04-14 17:02 53248 c:\windows\system32\dllcache\tsgqec.dll + 2005-03-01 20:21 . 2008-04-14 17:03 12168 c:\windows\system32\dllcache\tsddd.dll + 2005-03-01 20:21 . 2008-04-14 17:02 94208 c:\windows\system32\dllcache\tscfgwmi.dll + 2005-04-16 00:27 . 2001-08-17 22:06 21376 c:\windows\system32\dllcache\tsbvcap.sys + 2005-03-01 20:21 . 2008-04-14 17:02 90112 c:\windows\system32\dllcache\trkwks.dll + 2005-03-01 20:21 . 2008-04-14 17:03 12800 c:\windows\system32\dllcache\tracert.exe + 2005-04-16 00:27 . 2001-08-17 22:01 51712 c:\windows\system32\dllcache\tosdvd.sys + 2005-04-16 00:27 . 2008-04-14 17:03 40840 c:\windows\system32\dllcache\termdd.sys - 2009-06-15 10:45 . 2009-06-15 10:45 79872 c:\windows\system32\dllcache\telnet.exe + 2005-03-01 20:21 . 2009-06-15 10:45 79872 c:\windows\system32\dllcache\telnet.exe + 2005-03-01 20:21 . 2008-04-14 17:03 21896 c:\windows\system32\dllcache\tdtcp.sys + 2005-03-01 20:21 . 2008-04-14 17:03 12040 c:\windows\system32\dllcache\tdpipe.sys + 2005-03-01 20:21 . 2008-04-13 19:00 19072 c:\windows\system32\dllcache\tdi.sys + 2008-04-14 17:03 . 2008-04-14 17:03 32827 c:\windows\system32\dllcache\tcptest.exe + 2005-03-01 20:21 . 2008-04-14 17:02 46080 c:\windows\system32\dllcache\tcpmonui.dll + 2005-03-01 20:21 . 2008-04-14 17:02 46080 c:\windows\system32\dllcache\tcpmon.dll + 2005-03-01 20:21 . 2008-04-14 17:02 14848 c:\windows\system32\dllcache\tcpmib.dll + 2005-03-01 20:21 . 2008-04-13 18:40 14976 c:\windows\system32\dllcache\tape.sys + 2005-04-16 09:21 . 2008-04-13 19:15 60800 c:\windows\system32\dllcache\sysaudio.sys + 2005-03-01 20:20 . 2008-04-14 17:02 57856 c:\windows\system32\dllcache\synceng.dll + 2005-04-16 09:21 . 2008-04-13 18:45 56576 c:\windows\system32\dllcache\swmidi.sys + 2005-03-01 20:20 . 2008-04-14 17:03 14336 c:\windows\system32\dllcache\svchost.exe + 2005-03-01 20:20 . 2009-10-21 05:40 75776 c:\windows\system32\dllcache\strmfilt.dll - 2009-10-21 05:40 . 2009-10-21 05:40 75776 c:\windows\system32\dllcache\strmfilt.dll + 2005-08-28 19:12 . 2008-04-13 18:46 15232 c:\windows\system32\dllcache\streamip.sys + 2005-04-16 00:27 . 2008-04-14 17:02 76288 c:\windows\system32\dllcache\storprop.dll + 2005-03-01 20:20 . 2008-04-14 17:03 14848 c:\windows\system32\dllcache\stimon.exe + 2005-03-01 20:20 . 2008-04-14 17:02 68096 c:\windows\system32\dllcache\sti.dll + 2005-03-01 20:20 . 2008-04-14 17:02 86528 c:\windows\system32\dllcache\stdprov.dll + 2005-03-01 20:20 . 2008-04-14 17:02 59392 c:\windows\system32\dllcache\stclient.dll + 2005-03-01 20:20 . 2008-04-14 17:02 26624 c:\windows\system32\dllcache\startoc.dll + 2005-03-01 20:20 . 2008-04-14 17:02 33280 c:\windows\system32\dllcache\sstub.dll + 2005-03-01 20:20 . 2008-04-14 17:03 14336 c:\windows\system32\dllcache\ssstars.scr + 2005-03-01 20:20 . 2008-04-14 17:03 18944 c:\windows\system32\dllcache\ssmyst.scr + 2005-03-01 20:20 . 2008-04-14 17:03 47616 c:\windows\system32\dllcache\ssmypics.scr + 2005-03-01 20:20 . 2008-04-14 17:03 20992 c:\windows\system32\dllcache\ssmarque.scr + 2005-03-01 20:20 . 2008-04-14 17:02 71680 c:\windows\system32\dllcache\ssdpsrv.dll + 2005-03-01 20:20 . 2008-04-14 17:02 34816 c:\windows\system32\dllcache\ssdpapi.dll + 2005-03-01 20:20 . 2008-04-14 17:03 19968 c:\windows\system32\dllcache\ssbezier.scr + 2005-03-01 20:20 . 2010-08-27 05:55 99840 c:\windows\system32\dllcache\srvsvc.dll - 2010-08-27 05:55 . 2010-08-27 05:55 99840 c:\windows\system32\dllcache\srvsvc.dll + 2005-03-01 20:20 . 2008-04-14 17:02 67584 c:\windows\system32\dllcache\srclient.dll + 2005-03-01 20:20 . 2008-04-14 17:02 58434 c:\windows\system32\dllcache\srchctls.dll + 2005-03-01 20:20 . 2008-04-14 16:43 73472 c:\windows\system32\dllcache\sr.sys + 2005-04-16 00:27 . 2001-09-06 21:27 72192 c:\windows\system32\dllcache\sprio800.dll + 2005-04-16 00:27 . 2001-09-06 21:27 70656 c:\windows\system32\dllcache\sprio600.dll - 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe + 2005-03-01 20:20 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe + 2005-03-01 20:20 . 2008-04-14 17:02 75264 c:\windows\system32\dllcache\spoolss.dll + 2005-03-01 20:20 . 2008-04-14 20:33 11264 c:\windows\system32\dllcache\spnpinst.exe + 2005-04-16 00:27 . 2001-09-06 21:27 69632 c:\windows\system32\dllcache\spnike.dll + 2005-03-01 20:20 . 2008-04-13 16:43 62976 c:\windows\system32\dllcache\spgrmr.dll + 2005-03-01 20:20 . 2008-04-14 17:03 26112 c:\windows\system32\dllcache\sort.exe + 2005-04-16 00:26 . 2008-04-13 18:46 25344 c:\windows\system32\dllcache\sonydcam.sys + 2008-04-14 17:02 . 2008-04-14 17:02 39936 c:\windows\system32\dllcache\snmpthrd.dll + 2005-03-01 20:20 . 2008-04-14 17:02 18944 c:\windows\system32\dllcache\snmpapi.dll + 2008-04-14 17:03 . 2008-04-14 17:03 33280 c:\windows\system32\dllcache\snmp.exe + 2005-03-01 20:20 . 2008-04-14 17:02 34816 c:\windows\system32\dllcache\sniffpol.dll + 2005-03-01 20:20 . 2008-04-14 17:03 50688 c:\windows\system32\dllcache\smss.exe + 2005-03-01 20:20 . 2008-04-14 17:03 91648 c:\windows\system32\dllcache\smlogsvc.exe + 2008-09-23 05:02 . 2004-08-03 20:41 13240 c:\windows\system32\dllcache\slwdmsup.sys + 2008-04-14 17:03 . 2008-04-14 17:03 73796 c:\windows\system32\dllcache\slserv.exe + 2008-04-14 17:03 . 2008-04-14 17:03 32866 c:\windows\system32\dllcache\slrundll.exe + 2008-09-23 05:02 . 2004-08-03 20:41 95424 c:\windows\system32\dllcache\slnthal.sys + 2005-08-28 19:12 . 2008-04-13 18:46 11136 c:\windows\system32\dllcache\slip.sys + 2008-04-14 17:02 . 2008-04-14 17:02 73832 c:\windows\system32\dllcache\slcoinst.dll + 2005-03-01 20:20 . 2008-04-14 17:02 98304 c:\windows\system32\dllcache\slbiop.dll + 2005-03-01 20:20 . 2008-04-14 17:02 25600 c:\windows\system32\dllcache\slayerxp.dll + 2005-03-01 20:20 . 2008-04-14 17:03 26112 c:\windows\system32\dllcache\skeys.exe + 2005-04-16 00:26 . 2004-08-03 22:31 32768 c:\windows\system32\dllcache\sisnic.sys + 2005-04-16 00:26 . 2008-04-13 18:36 40960 c:\windows\system32\dllcache\sisagp.sys + 2005-03-01 20:20 . 2008-04-14 17:03 71168 c:\windows\system32\dllcache\sigverif.exe + 2005-03-01 20:20 . 2008-04-14 17:02 13824 c:\windows\system32\dllcache\sigtab.dll + 2005-03-01 20:20 . 2008-04-14 17:03 20992 c:\windows\system32\dllcache\shutdown.exe + 2008-04-14 17:03 . 2008-04-14 17:03 16437 c:\windows\system32\dllcache\shtml.exe + 2008-04-14 17:02 . 2008-04-14 17:02 20536 c:\windows\system32\dllcache\shtml.dll + 2005-03-01 20:20 . 2008-04-14 17:02 28160 c:\windows\system32\dllcache\shscrap.dll + 2005-03-01 20:20 . 2008-04-14 17:03 78336 c:\windows\system32\dllcache\shrpubw.exe + 2005-03-01 20:20 . 2008-04-14 17:03 45056 c:\windows\system32\dllcache\shmgrate.exe + 2005-03-01 20:20 . 2008-04-14 17:02 65024 c:\windows\system32\dllcache\shimeng.dll + 2005-03-01 20:20 . 2008-04-14 17:02 68096 c:\windows\system32\dllcache\shgina.dll + 2005-03-01 20:20 . 2008-04-14 17:02 25088 c:\windows\system32\dllcache\shfolder.dll + 2005-03-01 20:20 . 2008-04-13 18:40 11392 c:\windows\system32\dllcache\sfloppy.sys + 2005-03-01 20:20 . 2008-04-13 18:40 11008 c:\windows\system32\dllcache\sffp_sd.sys + 2005-03-01 20:20 . 2008-04-13 18:40 11904 c:\windows\system32\dllcache\sffdisk.sys + 2008-04-14 17:03 . 2008-04-14 17:03 32768 c:\windows\system32\dllcache\setupn.exe + 2005-03-01 20:20 . 2008-04-14 17:03 73216 c:\windows\system32\dllcache\setup50.exe + 2005-03-01 20:20 . 2008-04-14 17:03 23040 c:\windows\system32\dllcache\setup.exe + 2005-03-01 20:20 . 2008-04-14 17:03 32768 c:\windows\system32\dllcache\sethc.exe + 2005-03-01 20:20 . 2008-04-14 17:02 56320 c:\windows\system32\dllcache\servdeps.dll + 2005-03-01 20:20 . 2008-04-14 16:36 65536 c:\windows\system32\dllcache\serial.sys + 2005-03-01 20:20 . 2008-04-13 18:40 15744 c:\windows\system32\dllcache\serenum.sys + 2005-03-01 20:20 . 2008-04-14 17:02 39424 c:\windows\system32\dllcache\sens.dll + 2005-03-01 20:20 . 2008-04-14 17:02 55296 c:\windows\system32\dllcache\sendmail.dll + 2005-03-01 20:20 . 2008-04-14 17:02 29696 c:\windows\system32\dllcache\sendcmsg.dll - 2009-02-03 19:59 . 2009-06-25 08:27 56832 c:\windows\system32\dllcache\secur32.dll + 2005-03-01 20:20 . 2009-06-25 08:27 56832 c:\windows\system32\dllcache\secur32.dll + 2005-03-01 20:20 . 2008-04-14 17:02 18944 c:\windows\system32\dllcache\seclogon.dll + 2005-03-01 20:20 . 2008-04-14 17:02 29184 c:\windows\system32\dllcache\sdhcinst.dll + 2005-03-01 20:20 . 2008-04-13 18:36 79232 c:\windows\system32\dllcache\sdbus.sys + 2005-03-01 20:20 . 2008-04-14 17:03 78336 c:\windows\system32\dllcache\sdbinst.exe + 2005-03-01 20:20 . 2008-04-13 18:40 96384 c:\windows\system32\dllcache\scsiport.sys + 2005-03-01 20:20 . 2008-04-14 17:03 36352 c:\windows\system32\dllcache\scrcons.exe + 2005-03-01 20:20 . 2008-04-14 17:02 21504 c:\windows\system32\dllcache\sclgntfy.dll + 2011-06-27 13:49 . 2001-09-06 18:42 23936 c:\windows\system32\dllcache\sccmn50m.sys + 2005-03-01 20:20 . 2008-04-14 17:03 98304 c:\windows\system32\dllcache\scardsvr.exe + 2005-03-01 20:20 . 2008-04-14 17:02 70656 c:\windows\system32\dllcache\scarddlg.dll + 2011-06-27 13:49 . 2008-04-13 18:40 43904 c:\windows\system32\dllcache\sbp2port.sys + 2005-03-01 20:20 . 2008-04-14 17:03 13824 c:\windows\system32\dllcache\savedump.exe + 2005-03-01 20:20 . 2008-04-14 17:02 64000 c:\windows\system32\dllcache\samlib.dll + 2005-03-01 20:20 . 2008-04-14 17:02 45568 c:\windows\system32\dllcache\safrslv.dll + 2005-03-01 20:20 . 2008-04-14 17:02 29696 c:\windows\system32\dllcache\safrdm.dll + 2005-03-01 20:20 . 2008-04-14 17:02 43520 c:\windows\system32\dllcache\safrcdlg.dll + 2011-06-27 13:49 . 2001-08-17 18:50 75392 c:\windows\system32\dllcache\s3savmxm.sys + 2011-06-27 13:49 . 2001-08-17 18:50 77824 c:\windows\system32\dllcache\s3sav4m.sys + 2011-06-27 13:49 . 2001-08-17 18:50 61504 c:\windows\system32\dllcache\s3sav3dm.sys + 2011-06-27 13:49 . 2001-09-06 19:26 62496 c:\windows\system32\dllcache\s3mtrio.dll + 2011-06-27 13:49 . 2001-08-17 18:50 41216 c:\windows\system32\dllcache\s3mt3d.sys + 2011-06-27 13:48 . 2001-08-17 19:57 65664 c:\windows\system32\dllcache\s3legacy.sys + 2011-06-27 13:28 . 2001-09-06 19:26 66048 c:\windows\system32\dllcache\s3legacy.dll + 2011-06-27 13:48 . 2001-09-06 19:27 83456 c:\windows\system32\dllcache\rwia450.dll + 2011-06-27 13:48 . 2001-09-06 19:27 80896 c:\windows\system32\dllcache\rwia430.dll + 2011-06-27 13:48 . 2008-04-14 17:02 29696 c:\windows\system32\dllcache\rw450ext.dll + 2011-06-27 13:48 . 2008-04-14 17:02 28160 c:\windows\system32\dllcache\rw430ext.dll + 2008-04-14 17:02 . 2008-04-14 17:02 29184 c:\windows\system32\dllcache\rw330ext.dll + 2008-04-14 17:02 . 2008-04-14 17:02 27648 c:\windows\system32\dllcache\rw001ext.dll + 2005-03-01 20:20 . 2008-04-14 17:03 14336 c:\windows\system32\dllcache\runonce.exe + 2005-03-01 20:20 . 2008-04-14 17:03 33792 c:\windows\system32\dllcache\rundll32.exe + 2005-03-01 20:20 . 2008-04-14 17:02 44032 c:\windows\system32\dllcache\rtutils.dll + 2011-06-27 13:48 . 2004-08-03 20:31 20992 c:\windows\system32\dllcache\rtl8139.sys + 2011-06-27 13:48 . 2001-08-17 18:12 19017 c:\windows\system32\dllcache\rtl8029.sys + 2005-03-01 20:20 . 2008-04-14 17:02 31744 c:\windows\system32\dllcache\rtipxmib.dll + 2011-06-27 13:48 . 2001-08-17 18:19 30720 c:\windows\system32\dllcache\rthwcls.sys + 2005-03-01 20:20 . 2008-04-14 17:03 78336 c:\windows\system32\dllcache\rtcshare.exe + 2005-03-01 20:20 . 2008-04-14 17:02 92672 c:\windows\system32\dllcache\rsvpsp.dll + 2005-03-01 20:20 . 2008-04-14 17:02 18944 c:\windows\system32\dllcache\rsmps.dll + 2011-06-27 13:48 . 2001-09-06 19:27 10240 c:\windows\system32\dllcache\rsmgrstr.dll + 2005-03-01 20:20 . 2008-04-14 17:02 40448 c:\windows\system32\dllcache\rshx32.dll + 2005-03-01 20:20 . 2008-04-14 17:03 15872 c:\windows\system32\dllcache\rsh.exe + 2005-03-01 20:20 . 2008-04-14 17:02 61440 c:\windows\system32\dllcache\rrcm.dll + 2011-06-27 13:48 . 2008-04-14 16:34 79360 c:\windows\system32\dllcache\rocket.sys + 2008-04-13 18:56 . 2008-04-13 18:56 30592 c:\windows\system32\dllcache\rndismpx.sys + 2005-03-01 20:20 . 2008-04-13 18:56 30592 c:\windows\system32\dllcache\rndismp.sys + 2011-06-27 13:48 . 2001-08-17 18:12 37563 c:\windows\system32\dllcache\rlnet5.sys + 2005-04-16 00:26 . 2001-08-17 21:24 12032 c:\windows\system32\dllcache\riodrv.sys + 2005-04-16 00:26 . 2001-08-17 21:24 12032 c:\windows\system32\dllcache\rio8drv.sys + 2008-04-09 15:10 . 2008-04-13 18:46 59136 c:\windows\system32\dllcache\rfcomm.sys + 2005-03-01 20:20 . 2008-04-14 17:03 14848 c:\windows\system32\dllcache\rexec.exe + 2005-03-01 20:20 . 2008-04-14 17:02 58880 c:\windows\system32\dllcache\resutils.dll + 2011-06-27 13:48 . 2001-09-06 19:27 86097 c:\windows\system32\dllcache\reslog32.dll + 2005-03-01 20:20 . 2008-04-14 17:02 61440 c:\windows\system32\dllcache\remotepg.dll + 2005-03-01 20:20 . 2008-04-14 17:03 12288 c:\windows\system32\dllcache\regsvr32.exe + 2005-03-01 20:20 . 2008-04-14 17:02 59904 c:\windows\system32\dllcache\regsvc.dll + 2005-03-01 20:20 . 2008-04-14 17:02 49664 c:\windows\system32\dllcache\regapi.dll + 2005-03-01 20:20 . 2008-04-14 17:03 56832 c:\windows\system32\dllcache\reg.exe + 2005-04-16 00:26 . 2008-04-14 16:34 58112 c:\windows\system32\dllcache\redbook.sys + 2008-09-23 05:02 . 2004-08-03 20:41 13776 c:\windows\system32\dllcache\recagent.sys + 2005-03-01 20:20 . 2008-04-14 17:03 67072 c:\windows\system32\dllcache\rdshost.exe + 2005-03-01 20:20 . 2008-04-14 17:03 13824 c:\windows\system32\dllcache\rdsaddin.exe + 2005-03-01 20:20 . 2008-04-14 17:03 87176 c:\windows\system32\dllcache\rdpwsx.dll + 2005-03-01 20:20 . 2008-04-14 17:02 19968 c:\windows\system32\dllcache\rdpsnd.dll + 2005-03-01 20:20 . 2008-04-14 17:03 92424 c:\windows\system32\dllcache\rdpdd.dll + 2005-03-01 20:20 . 2008-04-14 17:03 62976 c:\windows\system32\dllcache\rdpclip.exe + 2005-03-01 20:20 . 2008-04-14 17:03 22016 c:\windows\system32\dllcache\rcp.exe + 2005-03-01 20:20 . 2008-04-14 17:03 35840 c:\windows\system32\dllcache\rcimlby.exe + 2005-03-01 20:20 . 2008-04-14 17:02 58368 c:\windows\system32\dllcache\rastapi.dll + 2005-03-01 20:20 . 2008-04-14 17:02 16384 c:\windows\system32\dllcache\rassapi.dll + 2008-04-14 17:02 . 2008-04-14 17:02 61952 c:\windows\system32\dllcache\rasqec.dll + 2005-03-01 20:20 . 2008-04-13 19:19 48384 c:\windows\system32\dllcache\raspptp.sys + 2005-03-01 20:20 . 2008-04-13 18:57 41472 c:\windows\system32\dllcache\raspppoe.sys + 2005-03-01 20:20 . 2008-04-14 17:03 57856 c:\windows\system32\dllcache\rasphone.exe + 2005-03-01 20:20 . 2008-04-14 17:02 61440 c:\windows\system32\dllcache\rasman.dll + 2005-03-01 20:20 . 2008-04-13 19:19 51328 c:\windows\system32\dllcache\rasl2tp.sys + 2011-06-27 13:48 . 2001-08-17 19:51 19584 c:\windows\system32\dllcache\rasirda.sys + 2005-03-01 20:20 . 2009-10-12 13:40 79872 c:\windows\system32\dllcache\raschap.dll - 2009-10-12 13:40 . 2009-10-12 13:40 79872 c:\windows\system32\dllcache\raschap.dll + 2005-03-01 20:20 . 2008-04-14 17:02 88576 c:\windows\system32\dllcache\rasauto.dll + 2008-04-13 18:41 . 2008-04-13 18:41 20736 c:\windows\system32\dllcache\ramdisk.sys + 2005-03-01 20:20 . 2008-04-14 17:02 43520 c:\windows\system32\dllcache\racpldlg.dll + 2011-06-27 13:47 . 2001-09-06 19:27 41984 c:\windows\system32\dllcache\qvusd.dll + 2008-04-14 17:02 . 2008-04-14 17:02 76800 c:\windows\system32\dllcache\qutil.dll + 2005-03-01 20:20 . 2008-04-14 17:03 20480 c:\windows\system32\dllcache\qprocess.exe + 2005-03-01 20:20 . 2008-04-14 17:02 18944 c:\windows\system32\dllcache\qmgrprxy.dll + 2008-04-14 17:02 . 2008-04-14 17:02 62464 c:\windows\system32\dllcache\qcliprov.dll + 2005-03-01 20:20 . 2008-04-14 17:02 34304 c:\windows\system32\dllcache\pstorsvc.dll + 2005-03-01 20:20 . 2008-04-14 17:02 43520 c:\windows\system32\dllcache\pstorec.dll + 2011-06-27 13:47 . 2001-09-06 19:27 35328 c:\windows\system32\dllcache\psisload.dll + 2011-06-27 13:47 . 2001-09-06 18:24 16128 c:\windows\system32\dllcache\pscr.sys + 2005-03-01 20:20 . 2008-04-13 18:56 69120 c:\windows\system32\dllcache\psched.sys + 2005-03-01 20:20 . 2008-04-14 17:02 98304 c:\windows\system32\dllcache\psbase.dll + 2005-03-01 20:20 . 2008-04-14 17:02 23040 c:\windows\system32\dllcache\psapi.dll + 2005-03-01 20:20 . 2008-04-14 17:03 50688 c:\windows\system32\dllcache\proquota.exe + 2005-03-01 20:20 . 2008-04-14 17:02 27648 c:\windows\system32\dllcache\profmap.dll + 2005-04-16 00:26 . 2008-04-14 16:32 39936 c:\windows\system32\dllcache\processr.sys + 2011-06-27 13:47 . 2008-04-13 18:41 17664 c:\windows\system32\dllcache\ppa3.sys + 2011-06-27 13:47 . 2001-08-17 19:53 17792 c:\windows\system32\dllcache\ppa.sys + 2005-03-01 20:20 . 2008-04-14 17:02 17408 c:\windows\system32\dllcache\powrprof.dll + 2005-03-01 20:20 . 2008-04-14 17:03 49152 c:\windows\system32\dllcache\powercfg.exe + 2005-03-01 20:20 . 2008-04-14 17:02 58880 c:\windows\system32\dllcache\pnrpnsp.dll + 2005-04-16 00:27 . 2008-04-14 17:02 15360 c:\windows\system32\dllcache\pjlmon.dll + 2005-03-01 20:20 . 2008-04-14 17:03 18432 c:\windows\system32\dllcache\ping.exe + 2005-03-01 20:20 . 2008-04-13 18:35 24064 c:\windows\system32\dllcache\pidgen.dll + 2005-04-16 00:27 . 2008-04-14 17:02 35328 c:\windows\system32\dllcache\pid.dll + 2011-06-27 13:46 . 2001-08-17 20:07 19840 c:\windows\system32\dllcache\philtune.sys + 2011-06-27 13:46 . 2001-08-17 20:04 92416 c:\windows\system32\dllcache\phildec.sys + 2011-06-27 13:46 . 2001-08-17 20:04 75776 c:\windows\system32\dllcache\philcam1.sys + 2011-06-27 13:46 . 2001-09-06 19:27 16896 c:\windows\system32\dllcache\philcam1.dll + 2011-06-27 13:46 . 2008-04-13 18:44 28032 c:\windows\system32\dllcache\perm3.sys + 2011-06-27 13:46 . 2008-04-13 18:44 27904 c:\windows\system32\dllcache\perm2.sys + 2005-03-01 20:20 . 2008-04-14 17:02 35328 c:\windows\system32\dllcache\perfproc.dll + 2005-03-01 20:20 . 2008-04-14 17:02 26112 c:\windows\system32\dllcache\perfos.dll + 2005-03-01 20:20 . 2008-04-14 17:02 18432 c:\windows\system32\dllcache\perfnet.dll + 2005-03-01 20:20 . 2008-04-14 17:03 15872 c:\windows\system32\dllcache\perfmon.exe + 2005-03-01 20:20 . 2008-04-14 17:02 26624 c:\windows\system32\dllcache\perfdisk.dll + 2005-03-01 20:20 . 2008-04-14 17:02 41472 c:\windows\system32\dllcache\perfctrs.dll + 2011-06-27 13:46 . 2001-09-06 19:27 86016 c:\windows\system32\dllcache\pctspk.exe + 2011-06-27 13:46 . 2001-08-17 18:11 35328 c:\windows\system32\dllcache\pcntpci5.sys + 2011-06-27 13:46 . 2001-08-17 18:11 29769 c:\windows\system32\dllcache\pcntn5m.sys + 2011-06-27 13:46 . 2001-08-17 18:11 30282 c:\windows\system32\dllcache\pcntn5hl.sys + 2011-06-27 13:46 . 2001-08-17 18:12 26153 c:\windows\system32\dllcache\pcmlm56.sys + 2005-03-01 20:20 . 2008-04-13 18:40 24960 c:\windows\system32\dllcache\pciidex.sys + 2005-03-01 20:20 . 2008-04-14 16:43 68224 c:\windows\system32\dllcache\pci.sys + 2005-03-01 20:20 . 2008-04-14 17:02 38400 c:\windows\system32\dllcache\pchsvc.dll + 2011-06-27 13:45 . 2004-08-03 20:31 29502 c:\windows\system32\dllcache\pca200e.sys + 2011-06-27 13:45 . 2001-08-17 18:12 30495 c:\windows\system32\dllcache\pc100nds.sys + 2005-03-01 20:20 . 2008-04-14 17:02 69632 c:\windows\system32\dllcache\pautoenr.dll + 2005-03-01 20:20 . 2008-04-13 18:40 19712 c:\windows\system32\dllcache\partmgr.sys + 2005-04-16 00:26 . 2008-04-14 16:43 80256 c:\windows\system32\dllcache\parport.sys + 2011-06-27 13:45 . 2004-08-04 12:00 14336 c:\windows\system32\dllcache\padrs412.dll + 2011-06-27 13:45 . 2004-08-04 12:00 36927 c:\windows\system32\dllcache\padrs411.dll + 2005-03-01 20:20 . 2008-04-14 17:03 58880 c:\windows\system32\dllcache\packager.exe + 2005-04-16 00:26 . 2008-04-14 16:43 46848 c:\windows\system32\dllcache\p3.sys + 2011-06-27 13:45 . 2001-09-06 19:27 42496 c:\windows\system32\dllcache\ovui2rc.dll + 2011-06-27 13:45 . 2001-09-06 19:27 44544 c:\windows\system32\dllcache\ovui2.dll + 2011-06-27 13:45 . 2001-08-17 20:05 25216 c:\windows\system32\dllcache\ovsound2.sys + 2011-06-27 13:45 . 2001-09-06 19:27 39424 c:\windows\system32\dllcache\ovcoms.exe + 2011-06-27 13:45 . 2001-09-06 19:27 20480 c:\windows\system32\dllcache\ovcomc.dll + 2011-06-27 13:45 . 2001-08-17 20:05 31872 c:\windows\system32\dllcache\ovce.sys + 2011-06-27 13:45 . 2001-08-17 20:05 28032 c:\windows\system32\dllcache\ovcd.sys + 2011-06-27 13:45 . 2001-08-17 20:05 48000 c:\windows\system32\dllcache\ovcam2.sys + 2011-06-27 13:45 . 2001-08-17 20:05 25088 c:\windows\system32\dllcache\ovca.sys + 2011-06-27 13:45 . 2001-09-06 18:09 54666 c:\windows\system32\dllcache\otcsercb.sys + 2011-06-27 13:45 . 2001-09-06 18:09 43785 c:\windows\system32\dllcache\otceth5.sys + 2011-06-27 13:44 . 2001-08-17 18:12 27209 c:\windows\system32\dllcache\otc06x5.sys + 2005-03-01 20:20 . 2008-04-14 17:02 68096 c:\windows\system32\dllcache\osuninst.dll + 2011-06-27 13:44 . 2001-08-17 18:20 54528 c:\windows\system32\dllcache\opl3sax.sys + 2005-03-01 20:20 . 2008-04-14 17:03 51712 c:\windows\system32\dllcache\oobebaln.exe + 2005-03-01 20:20 . 2008-04-14 17:02 84992 c:\windows\system32\dllcache\olepro32.dll + 2005-03-01 20:20 . 2008-04-14 17:02 73728 c:\windows\system32\dllcache\oledb32r.dll + 2005-03-01 20:20 . 2008-04-14 17:02 37376 c:\windows\system32\dllcache\olecnv32.dll + 2005-03-01 20:20 . 2008-04-14 17:02 74752 c:\windows\system32\dllcache\olecli32.dll + 2005-04-16 09:17 . 2008-04-13 18:46 61696 c:\windows\system32\dllcache\ohci1394.sys + 2005-03-01 20:20 . 2008-04-14 17:02 35328 c:\windows\system32\dllcache\oemiglib.dll + 2005-03-01 20:20 . 2008-04-14 17:03 60928 c:\windows\system32\dllcache\oemig50.exe + 2005-03-01 20:20 . 2008-04-14 17:02 20511 c:\windows\system32\dllcache\odtext32.dll + 2005-03-01 20:20 . 2008-04-14 17:02 20510 c:\windows\system32\dllcache\odpdx32.dll + 2005-03-01 20:20 . 2008-04-14 17:02 20510 c:\windows\system32\dllcache\odfox32.dll + 2005-03-01 20:20 . 2008-04-14 17:02 20510 c:\windows\system32\dllcache\odexl32.dll + 2005-03-01 20:20 . 2008-04-14 17:02 20511 c:\windows\system32\dllcache\oddbse32.dll + 2005-03-01 20:20 . 2008-04-13 17:26 12288 c:\windows\system32\dllcache\odbcp32r.dll + 2005-03-01 20:20 . 2008-04-14 17:01 57375 c:\windows\system32\dllcache\odbcji32.dll + 2005-03-01 20:20 . 2007-03-28 12:54 98304 c:\windows\system32\dllcache\odbcint.dll + 2005-03-01 20:20 . 2008-04-14 17:02 65536 c:\windows\system32\dllcache\odbccu32.dll + 2005-03-01 20:20 . 2008-04-14 17:02 65536 c:\windows\system32\dllcache\odbccr32.dll + 2005-03-01 20:20 . 2008-04-14 17:03 69632 c:\windows\system32\dllcache\odbcconf.exe + 2005-03-01 20:20 . 2008-04-14 17:03 32768 c:\windows\system32\dllcache\odbcad32.exe + 2005-03-01 20:20 . 2008-04-14 17:02 16384 c:\windows\system32\dllcache\odbc32gt.dll + 2005-03-01 20:20 . 2008-04-14 17:02 17408 c:\windows\system32\dllcache\ocmsn.dll + 2005-03-01 20:20 . 2008-04-14 17:02 68096 c:\windows\system32\dllcache\ocmanage.dll + 2005-03-01 20:20 . 2008-04-14 17:02 15872 c:\windows\system32\dllcache\ocgen.dll + 2005-03-01 20:20 . 2008-04-13 18:56 88320 c:\windows\system32\dllcache\nwlnkipx.sys + 2005-03-01 20:20 . 2008-04-14 17:02 15360 c:\windows\system32\dllcache\ntvdmd.dll - 2004-09-15 01:50 . 2004-08-04 19:00 36864 c:\windows\system32\dllcache\ntsdexts.dll + 2005-03-01 20:20 . 2004-08-04 12:00 36864 c:\windows\system32\dllcache\ntsdexts.dll - 2004-09-15 01:50 . 2004-08-04 19:00 31744 c:\windows\system32\dllcache\ntsd.exe + 2005-03-01 20:20 . 2004-08-04 12:00 31744 c:\windows\system32\dllcache\ntsd.exe + 2005-03-01 20:20 . 2008-04-14 17:02 92160 c:\windows\system32\dllcache\ntprint.dll + 2005-03-01 20:20 . 2008-04-14 17:02 63488 c:\windows\system32\dllcache\ntoc.dll + 2005-03-01 20:20 . 2008-04-14 17:02 40960 c:\windows\system32\dllcache\ntmsapi.dll + 2005-03-01 20:20 . 2008-04-14 17:02 44032 c:\windows\system32\dllcache\ntlanman.dll + 2011-06-27 13:44 . 2001-08-17 18:49 51552 c:\windows\system32\dllcache\ntgrip.sys + 2005-03-01 20:20 . 2008-04-14 17:02 67072 c:\windows\system32\dllcache\ntdsapi.dll + 2005-03-01 20:20 . 2008-04-14 17:03 76800 c:\windows\system32\dllcache\nslookup.exe + 2011-06-27 13:44 . 2008-04-13 18:54 28672 c:\windows\system32\dllcache\nscirda.sys + 2005-03-01 20:20 . 2008-04-14 17:02 55296 c:\windows\system32\dllcache\npptools.dll + 2005-03-01 20:20 . 2008-04-14 17:03 15360 c:\windows\system32\dllcache\nppagent.exe + 2005-03-01 20:20 . 2008-04-13 18:32 30848 c:\windows\system32\dllcache\npfs
  • Het kan er allemaal niet op, een hele lange lijst met data zoals hierboven. Die gaat dus nog een eind door. het laatste deel plaats ik hieronder, ik hoor wel of je nog meer wilt zien van het log. -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2008-04-24 368640] "SoftAuto.exe"="c:\program files\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JWOSetup"="JWOSetup.exe -en" [X] "SoundMan"="SOUNDMAN.EXE" [2003-12-19 65024] "ezShieldProtector for Px"="c:\windows\system32\ezSP_Px.exe" [2002-08-20 40960] "CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2008-01-08 864256] "AudioCommander"="c:\program files\Andrea Electronics\AudioCommander\AudioCommander.exe" [2008-08-29 888832] "AEFltrs"="c:\program files\Andrea Electronics\AudioCommander\AEFltrs.exe" [2008-08-29 741376] "VoiceCenter"="c:\program files\Andrea Electronics\VoiceCenter\AndreaVC.exe" [2008-07-31 1134592] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Google Updater.lnk backup=c:\windows\pss\Google Updater.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^TabUserW.exe.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\TabUserW.exe.lnk backup=c:\windows\pss\TabUserW.exe.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^gebruiker^Menu Start^Programma's^Opstarten^Last.fm Helper.lnk] path=c:\documents and settings\gebruiker\Menu Start\Programma's\Opstarten\Last.fm Helper.lnk backup=c:\windows\pss\Last.fm Helper.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] 2007-08-31 10:01 1037736 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2005-02-16 15:15 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2005-02-16 15:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-04-26 23:22 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype] 2007-08-31 19:13 988584 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] 2004-04-28 13:10 73728 ------w- c:\program files\Logitech\MediaLife\MediaLifeService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck] 2003-11-10 14:06 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] 2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] 2005-07-15 21:48 479232 ----a-w- c:\program files\Google\Gmail Notifier\gnotify.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Soulseek\\slsk.exe"= "c:\\Program Files\\DropUpload\\DropUpLoad.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\GigaTribe\\gigatribe.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "4210:TCP"= 4210:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface . R0 fasttrak;fasttrak;c:\windows\system32\drivers\fasttrak.sys [11-11-2004 17:52 70656] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2-9-2009 16:40 64288] R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [11-11-2004 17:53 77312] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 14:16 130384] S2 Nmpdrv_N;Nmpdrv_N USB Controller Service; [x] S3 aeaudio2;AE USB Audio Driver2 (WDM);c:\windows\system32\drivers\AEAudio2.sys [21-12-2009 17:18 113664] S3 aeaudiol;AE USB Audio Driver-Lower (WDM);c:\windows\system32\drivers\AEAudioL.sys [21-12-2009 17:18 15104] S3 EMCR;EMCR;c:\windows\system32\drivers\emcr7sk.sys [11-11-2004 17:52 68224] S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [31-10-2008 17:11 23096] S3 MusCVideo;MusCVideo;c:\windows\system32\drivers\MusCVideo.sys [31-10-2008 17:11 3768] S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [21-9-2008 17:06 223128] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 14:16 753504] S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21-9-2008 17:00 642560] . Inhoud van de 'Gedeelde Taken' map . 2011-07-15 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50] . 2011-07-18 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-16 06:39] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = localhost;*.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 213.46.228.196 62.179.104.196 DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://download.ewido.net/ewidoOnlineScan.cab DPF: {1D185838-009D-47C8-824B-B65B4854430E} - hxxp://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - hxxp://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab FF - ProfilePath - c:\documents and settings\gebruiker\Application Data\Mozilla\Firefox\Profiles\0a42b5n7.Standaardgebruiker\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=nl&t=3|http://www.google.com/search?hl=nl&client=ig&q=weather+Amsterdam FF - Ext: IE View: {6e84150a-d526-41f1-a480-a67d3fed910d} - %profile%\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d} FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\AVG\AVG10\Firefox4 . - - - - ORPHANS VERWIJDERD - - - - . MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe AddRemove-Grootwoordenboek Nederlands-Engels en Engels-Nederlands - c:\windows\IsUn0413.exe AddRemove-Microsoft Interactive Training - c:\windows\IsUn0413.exe AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\documents and settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}\bm_installer.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-07-18 06:03 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•¤|ÿÿÿÿ•¤|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(676) c:\windows\system32\Ati2evxx.dll . Voltooingstijd: 2011-07-18 06:05:54 ComboFix-quarantined-files.txt 2011-07-18 04:05 ComboFix2.txt 2010-11-11 11:50 ComboFix3.txt 2010-08-20 17:09 ComboFix4.txt 2010-02-11 21:53 ComboFix5.txt 2011-07-18 03:54 . Pre-Run: 15.613.095.936 bytes beschikbaar Post-Run: 15.654.862.848 bytes beschikbaar . Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - CF3061249398D9A85167615DFF555FDE
  • Hoi Diana, ComboFix heeft dus al het een ander verwijdert, wat niet in Windows hoort te zitten! Maar de lengte van dit log bevordert niet bepaald het overzicht - daar kan jij ook niks aan doen hoor. We doen het opnieuw nu via een script! Open een nieuw kladblok bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:6c5fa03717]Kladblok[/b:6c5fa03717]". Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster [b:6c5fa03717][color=Blue:6c5fa03717]KILLALL:: [/color:6c5fa03717][/b:6c5fa03717] Sla dit kladblokbestand op je bureaublad op als [b:6c5fa03717]CFScript.txt[/b:6c5fa03717]. [b:6c5fa03717][color=Red:6c5fa03717]Nu eerst de antivirus deaktiveren![/color:6c5fa03717][/b:6c5fa03717] Sleep CFScript.txt in ComboFix.exe [img:6c5fa03717]http://img517.imageshack.us/img517/8662/cfscript10uc2.gif[/img:6c5fa03717] Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt. Post het Combofix log dat na het opnieuw starten wordt getoond!
  • Dat wordt vanavond, want ik ben nu elders. Ik heb Combofix nog een keer laten draaien na die lange uitdraai, en toen was de log veel korter. Evengoed jouw procedure doen?
  • Post dan vanavond dat tweede log, terug te vinden als C:\ComboFix2.txt
  • [quote:fbecdc3fa1="Abraham54"]Post dan vanavond dat tweede log, terug te vinden als C:\ComboFix2.txt[/quote:fbecdc3fa1] Daar staat het niet, maar ik denk dat het deze is: ComboFix 11-07-17.03 - gebruiker 18-07-2011 6:45.18.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1509 [GMT 2:00] Gestart vanuit: c:\documents and settings\gebruiker\Bureaublad\ComboFix.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-06-18 to 2011-07-18 )))))))))))))))))))))))))))))) . . 2011-07-17 06:28 . 2011-07-17 17:20 -------- d--h--r- c:\documents and settings\gebruiker\Onlangs geopend 2011-07-08 12:08 . 2011-07-08 12:08 -------- d-----w- c:\documents and settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A} 2011-07-08 12:02 . 2011-07-08 12:02 -------- d-----w- c:\program files\Uniblue 2011-07-08 12:02 . 2011-07-08 12:02 -------- d-----w- c:\documents and settings\gebruiker\Local Settings\Application Data\PackageAware 2011-07-08 09:30 . 2011-07-08 09:30 -------- d-----w- c:\program files\VS Revo Group 2011-07-07 10:15 . 2011-07-07 10:15 -------- d-----w- c:\program files\Common Files\Java 2011-06-29 18:39 . 2011-06-29 18:39 -------- d-----w- c:\documents and settings\gebruiker\Application Data\Ambient Design 2011-06-29 18:39 . 2011-06-29 18:39 -------- d-----w- c:\program files\Ambient Design 2011-06-27 14:18 . 2011-06-29 18:35 -------- d-----w- c:\documents and settings\gebruiker\Application Data\inkscape 2011-06-27 14:01 . 2008-04-14 17:02 116736 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll 2011-06-27 14:01 . 2001-09-06 19:27 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll 2011-06-27 14:01 . 2008-04-14 17:02 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll 2011-06-27 14:01 . 2001-09-06 19:27 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe 2011-06-27 14:01 . 2001-09-06 19:27 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe 2011-06-27 14:00 . 2001-09-06 19:27 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe 2011-06-27 14:00 . 2001-08-17 18:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys 2011-06-27 14:00 . 2004-08-03 20:29 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys 2011-06-27 14:00 . 2004-08-03 20:29 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys 2011-06-27 14:00 . 2008-04-13 18:36 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys 2011-06-27 14:00 . 2004-08-03 20:31 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys 2011-06-27 14:00 . 2001-09-06 17:08 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys 2011-06-27 14:00 . 2001-08-17 19:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys 2011-06-27 14:00 . 2001-09-06 19:27 54272 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll 2011-06-27 14:00 . 2001-09-06 19:27 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll 2011-06-27 13:58 . 2001-08-17 19:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys 2011-06-27 13:58 . 2001-08-17 19:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys 2011-06-27 13:58 . 2001-08-17 19:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys 2011-06-27 13:58 . 2001-08-17 19:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys 2011-06-27 13:58 . 2001-08-17 19:28 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys 2011-06-27 13:58 . 2001-08-17 19:28 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys 2011-06-27 13:58 . 2001-08-17 19:28 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys 2011-06-27 13:58 . 2001-08-17 19:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys 2011-06-27 13:58 . 2004-08-03 22:55 32384 -c--a-w- c:\windows\system32\dllcache\usb101et.sys 2011-06-27 13:58 . 2001-09-06 19:27 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll 2011-06-27 13:58 . 2001-09-06 19:27 28160 -c--a-w- c:\windows\system32\dllcache\umaxu40.dll 2011-06-27 13:58 . 2001-09-06 19:27 26624 -c--a-w- c:\windows\system32\dllcache\umaxu22.dll 2011-06-27 13:57 . 2001-09-06 19:27 69632 -c--a-w- c:\windows\system32\dllcache\umaxu12.dll 2011-06-27 13:57 . 2001-09-06 19:27 50688 -c--a-w- c:\windows\system32\dllcache\umaxscan.dll 2011-06-27 13:57 . 2001-08-17 19:58 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys 2011-06-27 13:57 . 2001-09-06 19:27 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll 2011-06-27 13:57 . 2001-09-06 19:27 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll 2011-06-27 13:57 . 2001-09-06 19:27 212480 -c--a-w- c:\windows\system32\dllcache\um54scan.dll 2011-06-27 13:57 . 2001-09-06 19:27 216576 -c--a-w- c:\windows\system32\dllcache\um34scan.dll 2011-06-27 13:57 . 2001-08-17 19:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys 2011-06-27 13:57 . 2001-08-17 18:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys 2011-06-27 13:57 . 2001-09-06 19:27 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll 2011-06-27 13:56 . 2001-08-17 18:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys 2011-06-27 13:56 . 2001-09-06 19:26 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll 2011-06-27 13:56 . 2001-08-17 18:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys 2011-06-27 13:56 . 2001-09-06 19:26 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll 2011-06-27 13:56 . 2001-08-17 18:12 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys 2011-06-27 13:56 . 2001-09-06 19:26 43008 -c--a-w- c:\windows\system32\dllcache\tp4res.dll 2011-06-27 13:56 . 2008-04-14 17:03 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe 2011-06-27 13:56 . 2001-09-06 19:27 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll 2011-06-27 13:56 . 2001-08-17 20:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys 2011-06-27 13:56 . 2001-08-17 20:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys 2011-06-27 13:56 . 2001-08-17 18:10 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys 2011-06-27 13:55 . 2001-08-17 18:14 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys 2011-06-27 13:55 . 2001-08-17 18:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys 2011-06-27 13:55 . 2001-09-06 19:26 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll 2011-06-27 13:55 . 2008-04-13 18:40 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys 2011-06-27 13:55 . 2001-08-17 18:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys 2011-06-27 13:55 . 2001-08-17 18:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys 2011-06-27 13:55 . 2001-08-17 19:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys 2011-06-27 13:55 . 2001-08-17 19:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys 2011-06-27 13:55 . 2001-08-17 18:50 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys 2011-06-27 13:55 . 2001-09-06 19:26 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll 2011-06-27 13:55 . 2001-09-06 19:27 94293 -c--a-w- c:\windows\system32\dllcache\sxports.dll 2011-06-27 13:54 . 2001-08-17 19:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys 2011-06-27 13:54 . 2001-08-17 20:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys 2011-06-27 13:54 . 2001-09-06 19:27 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll 2011-06-27 13:54 . 2001-09-06 19:27 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll 2011-06-27 13:54 . 2001-09-06 19:27 53760 -c--a-w- c:\windows\system32\dllcache\sw_wheel.dll 2011-06-27 13:54 . 2001-09-06 19:27 41472 -c--a-w- c:\windows\system32\dllcache\sw_effct.dll 2011-06-27 13:54 . 2001-09-06 19:27 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll 2011-06-27 13:54 . 2001-09-06 19:27 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll 2011-06-27 13:54 . 2001-09-06 16:20 286432 -c--a-w- c:\windows\system32\dllcache\stlnata.sys 2011-06-27 13:54 . 2001-09-06 16:19 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys 2011-06-27 13:54 . 2001-08-17 18:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys 2011-06-27 13:53 . 2001-09-06 19:27 99840 -c--a-w- c:\windows\system32\dllcache\srusd.dll 2011-06-27 13:53 . 2001-09-06 19:27 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll 2011-06-27 13:53 . 2001-08-17 19:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys 2011-06-27 13:53 . 2001-09-06 19:27 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll 2011-06-27 13:53 . 2001-08-17 19:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys 2011-06-27 13:53 . 2001-08-17 18:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys 2011-06-27 13:53 . 2001-09-06 19:27 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll 2011-06-27 13:53 . 2001-08-17 18:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys 2011-06-27 13:53 . 2001-08-17 19:53 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys 2011-06-27 13:53 . 2008-04-13 18:40 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys 2011-06-27 13:53 . 2004-08-04 12:00 143422 -c--a-w- c:\windows\system32\dllcache\softkey.dll 2011-06-27 13:53 . 2001-08-17 19:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys 2011-06-27 13:52 . 2001-08-17 18:51 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys 2011-06-27 13:52 . 2001-09-06 19:26 147200 -c--a-w- c:\windows\system32\dllcache\smidispb.dll 2011-06-27 13:52 . 2001-08-17 18:12 25034 -c--a-w- c:\windows\system32\dllcache\smcpwr2n.sys 2011-06-27 13:52 . 2001-09-06 18:56 36425 -c--a-w- c:\windows\system32\dllcache\smcirda.sys 2011-06-27 13:52 . 2001-08-17 18:12 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys 2011-06-27 13:52 . 2001-08-17 19:57 6784 -c--a-w- c:\windows\system32\dllcache\smbhc.sys 2011-06-27 13:52 . 2008-04-13 18:36 6912 -c--a-w- c:\windows\system32\dllcache\smbclass.sys 2011-06-27 13:52 . 2008-04-13 18:36 16000 -c--a-w- c:\windows\system32\dllcache\smbbatt.sys 2011-06-27 13:52 . 2001-09-06 19:27 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll 2011-06-27 13:52 . 2001-09-06 19:27 33792 -c--a-w- c:\windows\system32\dllcache\smb0w.dll 2011-06-27 13:52 . 2001-09-06 19:27 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll 2011-06-27 13:51 . 2001-09-06 19:27 28160 -c--a-w- c:\windows\system32\dllcache\sm91w.dll 2011-06-27 13:51 . 2004-08-03 20:31 63547 -c--a-w- c:\windows\system32\dllcache\sla30nd5.sys 2011-06-27 13:51 . 2001-08-17 18:12 91294 -c--a-w- c:\windows\system32\dllcache\skfpwin.sys 2011-06-27 13:51 . 2001-09-06 18:53 95146 -c--a-w- c:\windows\system32\dllcache\sk98xwin.sys 2011-06-27 13:51 . 2001-09-06 19:26 157696 -c--a-w- c:\windows\system32\dllcache\sisv256.dll 2011-06-27 13:51 . 2001-08-17 18:50 50432 -c--a-w- c:\windows\system32\dllcache\sisv.sys 2011-06-27 13:51 . 2001-09-06 19:27 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll 2011-06-27 13:51 . 2001-08-17 18:50 104064 -c--a-w- c:\windows\system32\dllcache\sisgrp.sys 2011-06-27 13:51 . 2001-09-06 19:26 150144 -c--a-w- c:\windows\system32\dllcache\sis6306v.dll 2011-06-27 13:51 . 2001-08-17 18:50 68608 -c--a-w- c:\windows\system32\dllcache\sis6306p.sys 2011-06-27 13:51 . 2001-09-06 18:49 161760 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys 2011-06-27 13:50 . 2001-07-21 20:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys 2011-06-27 13:50 . 2001-08-17 18:51 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys 2011-06-27 13:50 . 2001-09-06 19:26 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll 2011-06-27 13:50 . 2001-08-17 18:19 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys 2011-06-27 13:50 . 2001-09-06 18:47 6912 -c--a-w- c:\windows\system32\dllcache\serscan.sys 2011-06-27 13:50 . 2001-09-06 18:47 18176 -c--a-w- c:\windows\system32\dllcache\sermouse.sys 2011-06-27 13:50 . 2001-08-17 19:53 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys 2011-06-27 13:50 . 2008-04-13 18:45 11520 -c--a-w- c:\windows\system32\dllcache\scsiscan.sys 2011-06-27 13:50 . 2001-08-17 19:52 11648 -c--a-w- c:\windows\system32\dllcache\scsiprnt.sys 2011-06-27 13:50 . 2001-09-06 18:44 17536 -c--a-w- c:\windows\system32\dllcache\scr111.sys 2011-06-27 13:50 . 2001-09-06 18:44 16768 -c--a-w- c:\windows\system32\dllcache\scmstcs.sys 2011-06-27 13:50 . 2001-08-17 19:51 23936 -c--a-w- c:\windows\system32\dllcache\sccmusbm.sys . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-29 04:24 . 2010-09-16 19:47 25992 ----a-w- c:\windows\system32\pgdfgsvc.exe 2011-06-24 07:10 . 2011-05-19 07:22 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-06 11:35 . 2005-03-01 20:21 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-05-04 02:52 . 2010-06-06 07:14 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-05-04 00:25 . 2009-06-19 14:51 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-05-02 15:31 . 2005-03-01 20:19 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 17:25 . 2005-03-01 20:20 151552 ----a-w- c:\windows\system32\schannel.dll 2011-04-29 16:19 . 2005-03-01 20:19 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-26 11:07 . 2005-03-01 20:21 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-04-26 11:07 . 2005-03-01 20:18 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-04-25 16:05 . 2005-03-01 20:21 916480 ----a-w- c:\windows\system32\wininet.dll 2011-04-25 16:05 . 2005-03-01 20:19 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-04-25 16:05 . 2005-03-01 20:19 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-04-25 12:01 . 2005-03-01 20:18 385024 ----a-w- c:\windows\system32\html.iec 2011-04-21 13:37 . 2005-03-01 20:20 105472 ----a-w- c:\windows\system32\drivers\mup.sys . . ((((((((((((((((((((((((((((( SnapShot_2011-07-18_04.03.03 ))))))))))))))))))))))))))))))))))))))))) . + 2011-07-18 04:42 . 2011-07-18 04:42 16384 c:\windows\temp\Perflib_Perfdata_76c.dat + 2005-05-11 18:20 . 2011-07-18 04:42 12341 c:\windows\system32\Tablet.dat - 2005-05-11 18:20 . 2011-07-18 03:52 12341 c:\windows\system32\Tablet.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2008-04-24 368640] "SoftAuto.exe"="c:\program files\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JWOSetup"="JWOSetup.exe -en" [X] "SoundMan"="SOUNDMAN.EXE" [2003-12-19 65024] "ezShieldProtector for Px"="c:\windows\system32\ezSP_Px.exe" [2002-08-20 40960] "CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2008-01-08 864256] "AudioCommander"="c:\program files\Andrea Electronics\AudioCommander\AudioCommander.exe" [2008-08-29 888832] "AEFltrs"="c:\program files\Andrea Electronics\AudioCommander\AEFltrs.exe" [2008-08-29 741376] "VoiceCenter"="c:\program files\Andrea Electronics\VoiceCenter\AndreaVC.exe" [2008-07-31 1134592] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Google Updater.lnk backup=c:\windows\pss\Google Updater.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^TabUserW.exe.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\TabUserW.exe.lnk backup=c:\windows\pss\TabUserW.exe.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^gebruiker^Menu Start^Programma's^Opstarten^Last.fm Helper.lnk] path=c:\documents and settings\gebruiker\Menu Start\Programma's\Opstarten\Last.fm Helper.lnk backup=c:\windows\pss\Last.fm Helper.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] 2007-08-31 10:01 1037736 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2005-02-16 15:15 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2005-02-16 15:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-04-26 23:22 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype] 2007-08-31 19:13 988584 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] 2004-04-28 13:10 73728 ------w- c:\program files\Logitech\MediaLife\MediaLifeService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck] 2003-11-10 14:06 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] 2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] 2005-07-15 21:48 479232 ----a-w- c:\program files\Google\Gmail Notifier\gnotify.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Soulseek\\slsk.exe"= "c:\\Program Files\\DropUpload\\DropUpLoad.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\GigaTribe\\gigatribe.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "4210:TCP"= 4210:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface . R0 fasttrak;fasttrak;c:\windows\system32\drivers\fasttrak.sys [11-11-2004 17:52 70656] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2-9-2009 16:40 64288] R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [11-11-2004 17:53 77312] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 14:16 130384] S2 Nmpdrv_N;Nmpdrv_N USB Controller Service; [x] S3 aeaudio2;AE USB Audio Driver2 (WDM);c:\windows\system32\drivers\AEAudio2.sys [21-12-2009 17:18 113664] S3 aeaudiol;AE USB Audio Driver-Lower (WDM);c:\windows\system32\drivers\AEAudioL.sys [21-12-2009 17:18 15104] S3 EMCR;EMCR;c:\windows\system32\drivers\emcr7sk.sys [11-11-2004 17:52 68224] S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [31-10-2008 17:11 23096] S3 MusCVideo;MusCVideo;c:\windows\system32\drivers\MusCVideo.sys [31-10-2008 17:11 3768] S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [21-9-2008 17:06 223128] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 14:16 753504] S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21-9-2008 17:00 642560] . Inhoud van de 'Gedeelde Taken' map . 2011-07-15 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50] . 2011-07-18 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-16 06:39] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = localhost;*.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 213.46.228.196 62.179.104.196 DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://download.ewido.net/ewidoOnlineScan.cab DPF: {1D185838-009D-47C8-824B-B65B4854430E} - hxxp://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - hxxp://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab FF - ProfilePath - c:\documents and settings\gebruiker\Application Data\Mozilla\Firefox\Profiles\0a42b5n7.Standaardgebruiker\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=nl&t=3|http://www.google.com/search?hl=nl&client=ig&q=weather+Amsterdam FF - Ext: IE View: {6e84150a-d526-41f1-a480-a67d3fed910d} - %profile%\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d} FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\AVG\AVG10\Firefox4 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-07-18 06:52 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•¤|ÿÿÿÿ•¤|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(676) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(3708) c:\windows\system32\tabhook.dll c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2011-07-18 06:55:16 ComboFix-quarantined-files.txt 2011-07-18 04:55 ComboFix2.txt 2011-07-18 04:05 ComboFix3.txt 2010-11-11 11:50 ComboFix4.txt 2010-08-20 17:09 ComboFix5.txt 2011-07-18 04:45 . Pre-Run: 15.653.863.424 bytes beschikbaar Post-Run: 15.644.160.000 bytes beschikbaar . Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - D9D9B99A5CBB26968578E19B4E23BF33
  • Hoi Diana, het volgende script verwijdert Lavasoft AdAware: open een nieuw kladblok bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:6e1126809b]Kladblok[/b:6e1126809b]". Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster [b:6e1126809b][color=Blue:6e1126809b]Folder:: c:\program files\Lavasoft c:\programdata\Lavasoft[/color:6e1126809b][/b:6e1126809b] Sla dit kladblokbestand op je bureaublad op als [b:6e1126809b]CFScript.txt[/b:6e1126809b]. [b:6e1126809b][color=Red:6e1126809b]Nu eerst de antivirus deaktiveren![/color:6e1126809b][/b:6e1126809b] Sleep CFScript.txt in ComboFix.exe [img:6e1126809b]http://img517.imageshack.us/img517/8662/cfscript10uc2.gif[/img:6e1126809b] Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt. Post het Combofix log dat na het opnieuw starten wordt getoond!
  • ComboFix 11-07-19.01 - gebruiker 19-07-2011 8:55.19.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1600 [GMT 2:00] Gestart vanuit: c:\documents and settings\gebruiker\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\gebruiker\Bureaublad\CFScript.txt * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Lavasoft c:\program files\Lavasoft\Ad-Aware\ShellExt.dll . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_Lavasoft_Ad-Aware_Service -------\Service_Lavasoft Ad-Aware Service . . (((((((((((((((((((( Bestanden Gemaakt van 2011-06-19 to 2011-07-19 )))))))))))))))))))))))))))))) . . 2011-07-18 05:03 . 2011-07-08 07:48 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2011-07-18 05:03 . 2011-07-08 07:48 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll 2011-07-18 05:03 . 2011-07-08 07:48 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll 2011-07-18 05:03 . 2011-07-08 07:48 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll 2011-07-18 05:03 . 2011-07-08 07:48 1850328 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll 2011-07-18 05:03 . 2011-07-08 07:48 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll 2011-07-18 05:03 . 2010-01-01 08:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-07-18 05:03 . 2010-01-01 08:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-07-17 06:28 . 2011-07-19 06:51 -------- d--h--r- c:\documents and settings\gebruiker\Onlangs geopend 2011-07-08 12:08 . 2011-07-08 12:08 -------- d-----w- c:\documents and settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A} 2011-07-08 12:02 . 2011-07-08 12:02 -------- d-----w- c:\program files\Uniblue 2011-07-08 12:02 . 2011-07-08 12:02 -------- d-----w- c:\documents and settings\gebruiker\Local Settings\Application Data\PackageAware 2011-07-08 09:30 . 2011-07-08 09:30 -------- d-----w- c:\program files\VS Revo Group 2011-07-07 10:15 . 2011-07-07 10:15 -------- d-----w- c:\program files\Common Files\Java 2011-06-29 18:39 . 2011-06-29 18:39 -------- d-----w- c:\documents and settings\gebruiker\Application Data\Ambient Design 2011-06-29 18:39 . 2011-06-29 18:39 -------- d-----w- c:\program files\Ambient Design 2011-06-27 14:18 . 2011-06-29 18:35 -------- d-----w- c:\documents and settings\gebruiker\Application Data\inkscape 2011-06-27 14:01 . 2008-04-14 17:02 116736 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll 2011-06-27 14:01 . 2001-09-06 19:27 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll 2011-06-27 14:01 . 2008-04-14 17:02 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll 2011-06-27 14:01 . 2001-09-06 19:27 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe 2011-06-27 14:01 . 2001-09-06 19:27 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe 2011-06-27 14:00 . 2001-09-06 19:27 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe 2011-06-27 14:00 . 2001-08-17 18:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys 2011-06-27 14:00 . 2004-08-03 20:29 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys 2011-06-27 14:00 . 2004-08-03 20:29 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys 2011-06-27 14:00 . 2008-04-13 18:36 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys 2011-06-27 14:00 . 2004-08-03 20:31 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys 2011-06-27 14:00 . 2001-09-06 17:08 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys 2011-06-27 14:00 . 2001-08-17 19:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys 2011-06-27 14:00 . 2001-09-06 19:27 54272 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll 2011-06-27 14:00 . 2001-09-06 19:27 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll 2011-06-27 13:58 . 2001-08-17 19:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys 2011-06-27 13:58 . 2001-08-17 19:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys 2011-06-27 13:58 . 2001-08-17 19:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys 2011-06-27 13:58 . 2001-08-17 19:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys 2011-06-27 13:58 . 2001-08-17 19:28 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys 2011-06-27 13:58 . 2001-08-17 19:28 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys 2011-06-27 13:58 . 2001-08-17 19:28 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys 2011-06-27 13:58 . 2001-08-17 19:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys 2011-06-27 13:58 . 2004-08-03 22:55 32384 -c--a-w- c:\windows\system32\dllcache\usb101et.sys 2011-06-27 13:58 . 2001-09-06 19:27 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll 2011-06-27 13:58 . 2001-09-06 19:27 28160 -c--a-w- c:\windows\system32\dllcache\umaxu40.dll 2011-06-27 13:58 . 2001-09-06 19:27 26624 -c--a-w- c:\windows\system32\dllcache\umaxu22.dll 2011-06-27 13:57 . 2001-09-06 19:27 69632 -c--a-w- c:\windows\system32\dllcache\umaxu12.dll 2011-06-27 13:57 . 2001-09-06 19:27 50688 -c--a-w- c:\windows\system32\dllcache\umaxscan.dll 2011-06-27 13:57 . 2001-08-17 19:58 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys 2011-06-27 13:57 . 2001-09-06 19:27 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll 2011-06-27 13:57 . 2001-09-06 19:27 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll 2011-06-27 13:57 . 2001-09-06 19:27 212480 -c--a-w- c:\windows\system32\dllcache\um54scan.dll 2011-06-27 13:57 . 2001-09-06 19:27 216576 -c--a-w- c:\windows\system32\dllcache\um34scan.dll 2011-06-27 13:57 . 2001-08-17 19:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys 2011-06-27 13:57 . 2001-08-17 18:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys 2011-06-27 13:57 . 2001-09-06 19:27 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll 2011-06-27 13:56 . 2001-08-17 18:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys 2011-06-27 13:56 . 2001-09-06 19:26 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll 2011-06-27 13:56 . 2001-08-17 18:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys 2011-06-27 13:56 . 2001-09-06 19:26 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll 2011-06-27 13:56 . 2001-08-17 18:12 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys 2011-06-27 13:56 . 2001-09-06 19:26 43008 -c--a-w- c:\windows\system32\dllcache\tp4res.dll 2011-06-27 13:56 . 2008-04-14 17:03 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe 2011-06-27 13:56 . 2001-09-06 19:27 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll 2011-06-27 13:56 . 2001-08-17 20:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys 2011-06-27 13:56 . 2001-08-17 20:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys 2011-06-27 13:56 . 2001-08-17 18:10 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys 2011-06-27 13:55 . 2001-08-17 18:14 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys 2011-06-27 13:55 . 2001-08-17 18:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys 2011-06-27 13:55 . 2001-09-06 19:26 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll 2011-06-27 13:55 . 2008-04-13 18:40 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys 2011-06-27 13:55 . 2001-08-17 18:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys 2011-06-27 13:55 . 2001-08-17 18:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys 2011-06-27 13:55 . 2001-08-17 19:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys 2011-06-27 13:55 . 2001-08-17 19:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys 2011-06-27 13:55 . 2001-08-17 18:50 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys 2011-06-27 13:55 . 2001-09-06 19:26 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll 2011-06-27 13:55 . 2001-09-06 19:27 94293 -c--a-w- c:\windows\system32\dllcache\sxports.dll 2011-06-27 13:54 . 2001-08-17 19:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys 2011-06-27 13:54 . 2001-08-17 20:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys 2011-06-27 13:54 . 2001-09-06 19:27 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll 2011-06-27 13:54 . 2001-09-06 19:27 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll 2011-06-27 13:54 . 2001-09-06 19:27 53760 -c--a-w- c:\windows\system32\dllcache\sw_wheel.dll 2011-06-27 13:54 . 2001-09-06 19:27 41472 -c--a-w- c:\windows\system32\dllcache\sw_effct.dll 2011-06-27 13:54 . 2001-09-06 19:27 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll 2011-06-27 13:54 . 2001-09-06 19:27 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll 2011-06-27 13:54 . 2001-09-06 16:20 286432 -c--a-w- c:\windows\system32\dllcache\stlnata.sys 2011-06-27 13:54 . 2001-09-06 16:19 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys 2011-06-27 13:54 . 2001-08-17 18:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys 2011-06-27 13:53 . 2001-09-06 19:27 99840 -c--a-w- c:\windows\system32\dllcache\srusd.dll 2011-06-27 13:53 . 2001-09-06 19:27 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll 2011-06-27 13:53 . 2001-08-17 19:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys 2011-06-27 13:53 . 2001-09-06 19:27 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll 2011-06-27 13:53 . 2001-08-17 19:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys 2011-06-27 13:53 . 2001-08-17 18:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys 2011-06-27 13:53 . 2001-09-06 19:27 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll 2011-06-27 13:53 . 2001-08-17 18:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys 2011-06-27 13:53 . 2001-08-17 19:53 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys 2011-06-27 13:53 . 2008-04-13 18:40 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys 2011-06-27 13:53 . 2004-08-04 12:00 143422 -c--a-w- c:\windows\system32\dllcache\softkey.dll 2011-06-27 13:53 . 2001-08-17 19:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys 2011-06-27 13:52 . 2001-08-17 18:51 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys 2011-06-27 13:52 . 2001-09-06 19:26 147200 -c--a-w- c:\windows\system32\dllcache\smidispb.dll 2011-06-27 13:52 . 2001-08-17 18:12 25034 -c--a-w- c:\windows\system32\dllcache\smcpwr2n.sys 2011-06-27 13:52 . 2001-09-06 18:56 36425 -c--a-w- c:\windows\system32\dllcache\smcirda.sys 2011-06-27 13:52 . 2001-08-17 18:12 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys 2011-06-27 13:52 . 2001-08-17 19:57 6784 -c--a-w- c:\windows\system32\dllcache\smbhc.sys 2011-06-27 13:52 . 2008-04-13 18:36 6912 -c--a-w- c:\windows\system32\dllcache\smbclass.sys 2011-06-27 13:52 . 2008-04-13 18:36 16000 -c--a-w- c:\windows\system32\dllcache\smbbatt.sys 2011-06-27 13:52 . 2001-09-06 19:27 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll 2011-06-27 13:52 . 2001-09-06 19:27 33792 -c--a-w- c:\windows\system32\dllcache\smb0w.dll 2011-06-27 13:52 . 2001-09-06 19:27 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll 2011-06-27 13:51 . 2001-09-06 19:27 28160 -c--a-w- c:\windows\system32\dllcache\sm91w.dll 2011-06-27 13:51 . 2004-08-03 20:31 63547 -c--a-w- c:\windows\system32\dllcache\sla30nd5.sys 2011-06-27 13:51 . 2001-08-17 18:12 91294 -c--a-w- c:\windows\system32\dllcache\skfpwin.sys 2011-06-27 13:51 . 2001-09-06 18:53 95146 -c--a-w- c:\windows\system32\dllcache\sk98xwin.sys 2011-06-27 13:51 . 2001-09-06 19:26 157696 -c--a-w- c:\windows\system32\dllcache\sisv256.dll 2011-06-27 13:51 . 2001-08-17 18:50 50432 -c--a-w- c:\windows\system32\dllcache\sisv.sys 2011-06-27 13:51 . 2001-09-06 19:27 238592 -c--a-w- c:\windows\system32\dllcache\sisgrv.dll 2011-06-27 13:51 . 2001-08-17 18:50 104064 -c--a-w- c:\windows\system32\dllcache\sisgrp.sys 2011-06-27 13:51 . 2001-09-06 19:26 150144 -c--a-w- c:\windows\system32\dllcache\sis6306v.dll 2011-06-27 13:51 . 2001-08-17 18:50 68608 -c--a-w- c:\windows\system32\dllcache\sis6306p.sys 2011-06-27 13:51 . 2001-09-06 18:49 161760 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys 2011-06-27 13:50 . 2001-07-21 20:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys 2011-06-27 13:50 . 2001-08-17 18:51 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys 2011-06-27 13:50 . 2001-09-06 19:26 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll 2011-06-27 13:50 . 2001-08-17 18:19 36480 -c--a-w- c:\windows\system32\dllcache\sfmanm.sys . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-06 17:52 . 2011-06-18 06:03 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-06 17:52 . 2011-06-18 06:03 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-29 04:24 . 2010-09-16 19:47 25992 ----a-w- c:\windows\system32\pgdfgsvc.exe 2011-06-24 07:10 . 2011-05-19 07:22 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-06 11:35 . 2005-03-01 20:21 1859072 ----a-w- c:\windows\system32\win32k.sys 2011-05-04 02:52 . 2010-06-06 07:14 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-05-04 00:25 . 2009-06-19 14:51 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-05-02 15:31 . 2005-03-01 20:19 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 17:25 . 2005-03-01 20:20 151552 ----a-w- c:\windows\system32\schannel.dll 2011-04-29 16:19 . 2005-03-01 20:19 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-26 11:07 . 2005-03-01 20:21 293888 ----a-w- c:\windows\system32\winsrv.dll 2011-04-26 11:07 . 2005-03-01 20:18 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-04-25 16:05 . 2005-03-01 20:21 916480 ----a-w- c:\windows\system32\wininet.dll 2011-04-25 16:05 . 2005-03-01 20:19 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-04-25 16:05 . 2005-03-01 20:19 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-04-25 12:01 . 2005-03-01 20:18 385024 ----a-w- c:\windows\system32\html.iec 2011-04-21 13:37 . 2005-03-01 20:20 105472 ----a-w- c:\windows\system32\drivers\mup.sys 2011-07-08 07:48 . 2011-07-18 05:03 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot_2011-07-18_04.03.03 ))))))))))))))))))))))))))))))))))))))))) . + 2011-07-19 07:03 . 2011-07-19 07:03 16384 c:\windows\temp\Perflib_Perfdata_6f8.dat + 2005-05-11 18:20 . 2011-07-19 07:03 12341 c:\windows\system32\Tablet.dat - 2005-05-11 18:20 . 2011-07-18 03:52 12341 c:\windows\system32\Tablet.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2008-04-24 368640] "SoftAuto.exe"="c:\program files\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JWOSetup"="JWOSetup.exe -en" [X] "SoundMan"="SOUNDMAN.EXE" [2003-12-19 65024] "ezShieldProtector for Px"="c:\windows\system32\ezSP_Px.exe" [2002-08-20 40960] "CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2008-01-08 864256] "AudioCommander"="c:\program files\Andrea Electronics\AudioCommander\AudioCommander.exe" [2008-08-29 888832] "AEFltrs"="c:\program files\Andrea Electronics\AudioCommander\AEFltrs.exe" [2008-08-29 741376] "VoiceCenter"="c:\program files\Andrea Electronics\VoiceCenter\AndreaVC.exe" [2008-07-31 1134592] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Google Updater.lnk backup=c:\windows\pss\Google Updater.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^TabUserW.exe.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\TabUserW.exe.lnk backup=c:\windows\pss\TabUserW.exe.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^gebruiker^Menu Start^Programma's^Opstarten^Last.fm Helper.lnk] path=c:\documents and settings\gebruiker\Menu Start\Programma's\Opstarten\Last.fm Helper.lnk backup=c:\windows\pss\Last.fm Helper.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] 2007-08-31 10:01 1037736 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2005-02-16 15:15 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2005-02-16 15:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-04-26 23:22 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype] 2007-08-31 19:13 988584 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] 2004-04-28 13:10 73728 ------w- c:\program files\Logitech\MediaLife\MediaLifeService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck] 2003-11-10 14:06 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] 2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] 2005-07-15 21:48 479232 ----a-w- c:\program files\Google\Gmail Notifier\gnotify.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Soulseek\\slsk.exe"= "c:\\Program Files\\DropUpload\\DropUpLoad.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\GigaTribe\\gigatribe.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "4210:TCP"= 4210:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface . R0 fasttrak;fasttrak;c:\windows\system32\drivers\fasttrak.sys [11-11-2004 17:52 70656] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2-9-2009 16:40 64288] R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [11-11-2004 17:53 77312] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 14:16 130384] S2 Nmpdrv_N;Nmpdrv_N USB Controller Service; [x] S3 aeaudio2;AE USB Audio Driver2 (WDM);c:\windows\system32\drivers\AEAudio2.sys [21-12-2009 17:18 113664] S3 aeaudiol;AE USB Audio Driver-Lower (WDM);c:\windows\system32\drivers\AEAudioL.sys [21-12-2009 17:18 15104] S3 EMCR;EMCR;c:\windows\system32\drivers\emcr7sk.sys [11-11-2004 17:52 68224] S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [31-10-2008 17:11 23096] S3 MusCVideo;MusCVideo;c:\windows\system32\drivers\MusCVideo.sys [31-10-2008 17:11 3768] S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [21-9-2008 17:06 223128] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 14:16 753504] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21-9-2008 17:00 642560] . Inhoud van de 'Gedeelde Taken' map . 2011-07-15 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50] . 2011-07-19 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-16 06:39] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = localhost;*.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 213.46.228.196 62.179.104.196 DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://download.ewido.net/ewidoOnlineScan.cab DPF: {1D185838-009D-47C8-824B-B65B4854430E} - hxxp://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - hxxp://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab FF - ProfilePath - c:\documents and settings\gebruiker\Application Data\Mozilla\Firefox\Profiles\0a42b5n7.Standaardgebruiker\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=nl&t=3|http://www.google.com/search?hl=nl&client=ig&q=weather+Amsterdam . - - - - ORPHANS VERWIJDERD - - - - . SafeBoot-Lavasoft Ad-Aware Service . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-07-19 09:12 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•¤|ÿÿÿÿ•¤|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(680) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(616) c:\windows\system32\tabhook.dll c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\CTsvcCDA.exe c:\program files\Creative\Shared Files\CTDevSrv.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\Tablet.exe c:\windows\system32\wscntfy.exe c:\windows\system32\Ati2evxx.exe c:\windows\SOUNDMAN.EXE c:\windows\system32\rundll32.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Voltooingstijd: 2011-07-19 09:16:59 - machine werd herstart ComboFix-quarantined-files.txt 2011-07-19 07:16 ComboFix2.txt 2011-07-18 04:55 ComboFix3.txt 2011-07-18 04:05 ComboFix4.txt 2010-11-11 11:50 ComboFix5.txt 2011-07-19 06:53 . Pre-Run: 15.608.811.520 bytes beschikbaar Post-Run: 15.612.473.344 bytes beschikbaar . Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - 0EA4F0DCE095271D2A12FAB90E1650D5 NB Lavasoft is weg uit Programfiles, maar Ad-Aware staat nog wel steeds in de lijst 'Software'. Zo te zien is die vervelende 'service' van Lavasoft uitgeschakeld.
  • Hoi Diana, die AAW-service moet nu inderdaad weg zijn. Wat gebeurt er indien in de Sofwarelijst op Lavasoft klikt? Krijg je dan de melding van Windows dit iten uit de lijst te laten verwijderen?

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.