Vraag & Antwoord
Graag logje bekijken
16 antwoorden
- Hoi,
Ik vertrouwde het niet na opeens veel spam te hebben gekregen en problemen met verzenden van post. En jawel, Combofix kwam met een melding. Daarna ook een Hijackthislog gemaakt, zie onder. Graag jullie deskundige blik op met name de Hijackthiglog!
ComboFix 09-11-20.02 - gebruiker 21-11-2009 9:10.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1464 [GMT 1:00]
Gestart vanuit: c:\documents and settings\gebruiker\Bureaublad\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
* Nieuw herstelpunt werd aangemaakt
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\gebruiker\Application Data\mdbu.bin
c:\documents and settings\gebruiker\Menu Start\Programma's\Opstarten\OpenOffice.org 3.1 .lnk
c:\windows\system32\drivers\pciide.sys
Besmet exemplaar van c:\windows\system32\drivers\vaxscsi.sys werd aangetroffen en gedesinfecteerd
Hersteld exemplaar van - Kitty ate it :p
.
(((((((((((((((((((( Bestanden Gemaakt van 2009-10-21 to 2009-11-21 ))))))))))))))))))))))))))))))
.
2009-11-21 08:03 . 2009-11-21 08:01 399872 —-a-w- c:\windows\system32\CF14009.exe
2009-11-14 15:01 . 2009-11-21 00:11 0 —-a-w- c:\documents and settings\gebruiker\Local Settings\Application Data\prvlcl.dat
2009-11-13 17:58 . 2009-11-21 00:53 ——– d–h–r- c:\documents and settings\gebruiker\Onlangs geopend
2009-11-13 17:47 . 2009-10-16 11:12 1119488 —-a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll
2009-11-12 21:43 . 2009-11-12 21:43 152576 —-a-w- c:\documents and settings\gebruiker\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-12 21:43 . 2009-11-12 21:43 79488 —-a-w- c:\documents and settings\gebruiker\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-12 12:39 . 2009-11-11 17:03 4026136 —-a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgui.exe
2009-11-12 12:39 . 2009-11-11 17:03 2016536 —-a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtray.exe
2009-11-12 12:39 . 2009-11-11 17:03 1257240 —-a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgfrw.exe
2009-11-12 12:39 . 2009-11-11 17:03 496920 —-a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgchjwx.dll
2009-11-12 12:39 . 2009-11-11 17:03 600344 —-a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgnsx.exe
2009-11-12 12:39 . 2009-11-11 17:03 3963672 —-a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgcorex.dll
2009-11-11 17:12 . 2009-11-11 17:12 ——– d—–w- c:\documents and settings\gebruiker\Local Settings\Application Data\AVG Security Toolbar
2009-11-11 17:03 . 2009-11-11 17:10 ——– d—–w- C:\$AVG
2009-11-11 17:03 . 2009-11-13 17:47 ——– d—–w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-11-11 17:03 . 2009-11-11 17:03 ——– d—–w- c:\documents and settings\All Users\Application Data\avg9
2009-10-31 21:57 . 2009-10-31 21:57 ——– d—–w- c:\documents and settings\gebruiker\Application Data\Winamp
2009-10-29 21:32 . 2007-02-27 13:31 21504 —-a-w- c:\windows\system32\drivers\motmodem.sys
2009-10-29 21:32 . 2006-11-13 13:45 1419232 —-a-w- c:\windows\system32\wdfcoinstaller01005.dll
2009-10-29 21:17 . 2009-10-29 21:17 ——– d—–w- c:\documents and settings\gebruiker\Local Settings\Application Data\BVRP Software
2009-10-29 21:15 . 2009-10-29 21:33 ——– d—–w- c:\program files\Motorola Phone Tools
2009-10-29 19:48 . 2009-10-29 19:48 ——– d—–w- c:\program files\Common Files\Motorola Shared
2009-10-29 19:47 . 2009-10-29 19:47 ——– d—–w- c:\program files\Carambis
2009-10-26 20:56 . 2009-10-26 20:56 25992 —-a-w- c:\windows\system32\pgdfgsvc.exe
2009-10-26 18:30 . 2007-03-12 15:42 3495784 —-a-w- c:\windows\system32\d3dx9_33.dll
2009-10-26 18:26 . 2009-10-26 18:26 ——– d—–w- c:\documents and settings\All Users\Application Data\HEMA Fotoservice
2009-10-26 18:26 . 2009-10-26 18:26 ——– d—–w- c:\program files\HEMA Fotoservice
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-21 08:22 . 2009-02-27 19:52 ——– d—–w- c:\program files\DNA
2009-11-21 08:22 . 2009-02-27 19:52 ——– d—–w- c:\documents and settings\gebruiker\Application Data\DNA
2009-11-21 08:21 . 2005-05-11 18:20 12341 —-a-w- c:\windows\system32\Tablet.dat
2009-11-21 08:19 . 2008-04-09 16:23 12 —-a-w- c:\windows\bthservsdp.dat
2009-11-20 23:40 . 2007-08-26 16:38 ——– d—–w- c:\documents and settings\All Users\Application Data\Google Updater
2009-11-18 18:16 . 2009-09-17 19:15 1 —-a-w- c:\documents and settings\gebruiker\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-11-16 17:14 . 2005-05-27 22:23 ——– d—–w- c:\program files\Soulseek
2009-11-12 21:44 . 2005-05-14 20:18 ——– d—–w- c:\program files\Java
2009-11-11 18:51 . 2008-04-22 15:36 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
2009-11-11 18:50 . 2008-05-28 14:26 4045528 —-a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-11-11 17:03 . 2008-05-24 17:27 333192 —-a-w- c:\windows\system32\drivers\avgldx86.sys
2009-11-11 17:03 . 2008-05-24 17:27 360584 —-a-w- c:\windows\system32\drivers\avgtdix.sys
2009-11-11 17:03 . 2008-01-17 19:04 28424 —-a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-11-11 17:03 . 2008-05-24 17:27 12464 —-a-w- c:\windows\system32\avgrsstx.dll
2009-11-11 17:03 . 2008-05-24 17:27 ——– d—–w- c:\program files\AVG
2009-11-07 12:11 . 2007-01-11 12:46 ——– d—a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-07 12:11 . 2009-07-08 16:41 ——– d—–w- c:\program files\SpywareBlaster
2009-10-31 21:57 . 2005-06-07 11:05 ——– d—–w- c:\program files\Winamp
2009-10-29 22:04 . 2009-02-27 19:52 ——– d—–w- c:\documents and settings\gebruiker\Application Data\BitTorrent
2009-10-29 21:17 . 2007-05-02 16:12 ——– d—–w- c:\program files\Avanquest update
2009-10-29 21:15 . 2007-05-02 16:11 ——– d—–w- c:\documents and settings\All Users\Application Data\BVRP Software
2009-10-29 21:15 . 2005-04-16 09:19 ——– d–h–w- c:\program files\InstallShield Installation Information
2009-10-29 21:15 . 2007-05-02 16:30 92064 —-a-w- c:\documents and settings\gebruiker\mqdmmdm.sys
2009-10-29 21:15 . 2007-05-02 16:30 79328 —-a-w- c:\documents and settings\gebruiker\mqdmserd.sys
2009-10-29 21:15 . 2007-05-02 16:30 5936 —-a-w- c:\documents and settings\gebruiker\mqdmwhnt.sys
2009-10-29 21:15 . 2007-05-02 16:30 9232 —-a-w- c:\documents and settings\gebruiker\mqdmmdfl.sys
2009-10-29 21:15 . 2007-05-02 16:30 66656 —-a-w- c:\documents and settings\gebruiker\mqdmbus.sys
2009-10-29 21:15 . 2007-05-02 16:30 6208 —-a-w- c:\documents and settings\gebruiker\mqdmcmnt.sys
2009-10-29 21:15 . 2007-05-02 16:30 4048 —-a-w- c:\documents and settings\gebruiker\mqdmcr.sys
2009-10-29 21:15 . 2007-05-02 16:11 25600 —-a-w- c:\documents and settings\gebruiker\usbsermptxp.sys
2009-10-29 21:15 . 2007-05-02 16:11 22768 —-a-w- c:\documents and settings\gebruiker\usbsermpt.sys
2009-10-29 19:49 . 2009-10-29 19:49 0 —ha-w- c:\windows\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
2009-10-29 19:49 . 2009-10-29 19:49 0 —ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-10-25 06:05 . 2004-09-15 01:50 91632 —-a-w- c:\windows\system32\perfc013.dat
2009-10-25 06:05 . 2004-09-15 01:50 511866 —-a-w- c:\windows\system32\perfh013.dat
2009-10-19 15:49 . 2005-05-11 21:14 79128 —-a-w- c:\documents and settings\gebruiker\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-19 15:39 . 2009-10-19 15:39 ——– d—–w- c:\program files\MSECache
2009-10-19 14:39 . 2009-09-23 14:39 3695616 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AutoLaunch.exe
2009-10-19 14:39 . 2009-09-02 14:39 2353992 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-Aware.exe
2009-10-14 07:51 . 2005-06-06 16:44 ——– d—–w- c:\program files\Sony
2009-10-13 17:28 . 2009-10-13 17:28 ——– d—–w- c:\program files\Bonjour
2009-10-13 17:28 . 2009-10-13 17:27 ——– d—–w- c:\program files\QuickTime
2009-10-13 17:26 . 2008-03-22 16:58 ——– d—–w- c:\program files\Common Files\Apple
2009-10-11 03:17 . 2009-06-19 14:51 411368 —-a-w- c:\windows\system32\deploytk.dll
2009-10-02 17:39 . 2009-10-02 17:39 ——– d—–w- c:\program files\Amazon
2009-09-14 06:48 . 2008-01-11 18:26 2034 —-a-w- c:\documents and settings\gebruiker\Application Data\SAS7_000.DAT
2009-09-11 14:20 . 2005-03-01 20:20 136192 —-a-w- c:\windows\system32\msv1_0.dll
2009-09-10 13:54 . 2008-09-01 03:58 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 13:53 . 2008-05-28 14:26 19160 —-a-w- c:\windows\system32\drivers\mbam.sys
2009-09-04 21:05 . 2005-03-01 20:19 58880 —-a-w- c:\windows\system32\msasn1.dll
2009-09-02 14:39 . 2009-09-02 16:11 15688 —-a-w- c:\windows\system32\lsdelete.exe
2009-09-02 14:39 . 2009-09-02 14:40 64160 —-a-w- c:\windows\system32\drivers\Lbd.sys
2009-09-02 14:39 . 2009-09-02 14:39 85352 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\32\AAWDriverTool.exe
2009-09-02 14:39 . 2009-09-02 14:39 64160 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\32\lbd.sys
2009-08-29 08:00 . 2005-03-01 20:21 916480 —-a-w- c:\windows\system32\wininet.dll
2009-08-26 08:02 . 2005-03-01 20:20 247326 —-a-w- c:\windows\system32\strmdll.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-09-03_21.55.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 19:54 . 2009-07-11 19:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2009-07-12 00:07 . 2009-07-12 00:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-12 00:19 . 2009-07-12 00:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
+ 2009-11-21 08:21 . 2009-11-21 08:21 16384 c:\windows\temp\Perflib_Perfdata_7a8.dat
+ 2005-05-26 02:16 . 2009-08-06 17:24 44768 c:\windows\system32\wups2.dll
+ 2005-04-20 15:21 . 2009-08-06 17:24 35552 c:\windows\system32\wups.dll
+ 2005-03-01 20:21 . 2009-08-06 17:24 53472 c:\windows\system32\wuauclt.exe
+ 2005-06-06 16:45 . 2009-04-28 20:20 96752 c:\windows\system32\vxblock.dll
+ 2009-10-06 16:28 . 2009-08-06 17:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2009-10-06 16:28 . 2009-08-06 17:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2005-06-06 17:00 . 2009-04-28 20:20 66032 c:\windows\system32\pxinsa64.exe
- 2005-06-06 16:45 . 2008-11-20 19:19 72176 c:\windows\system32\pxhpinst.exe
+ 2005-06-06 16:45 . 2009-04-28 20:20 72176 c:\windows\system32\pxhpinst.exe
+ 2005-06-06 17:00 . 2009-04-28 20:20 66544 c:\windows\system32\pxcpya64.exe
- 2004-09-15 01:50 . 2009-08-21 02:44 71904 c:\windows\system32\perfc009.dat
+ 2004-09-15 01:50 . 2009-10-25 06:05 71904 c:\windows\system32\perfc009.dat
- 2007-08-13 17:54 . 2009-07-03 17:00 55296 c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 17:54 . 2009-08-29 08:00 55296 c:\windows\system32\msfeedsbs.dll
- 2005-03-01 20:19 . 2009-07-03 17:00 25600 c:\windows\system32\jsproxy.dll
+ 2005-03-01 20:19 . 2009-08-29 08:00 25600 c:\windows\system32\jsproxy.dll
+ 2009-10-29 19:50 . 2006-08-11 07:42 90436 c:\windows\system32\DRVSTORE\Netmon-mod_9AD3A142CE55E6AECAA17B567997991448C3690E\Motorola-Netmon-Serial.sys
+ 2009-10-29 21:32 . 2007-02-27 13:31 21504 c:\windows\system32\DRVSTORE\motport_71D29C62AEE638CB12228E143B8BA0A030CBEC0F\motport.sys
+ 2009-10-29 21:32 . 2007-01-23 20:36 22016 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\Motousbnet.sys
+ 2009-10-29 21:32 . 2006-12-14 09:27 40832 c:\windows\system32\DRVSTORE\motodrv_790AECF80A9B3907D8D111D32F7F2573FDCB388A\motodrv.sys
+ 2009-10-29 19:50 . 2006-12-13 16:52 20992 c:\windows\system32\DRVSTORE\motmodem_EB300D82ECD3AD9E7DA068DFA2569A01A85B9F9C\motmodem.sys
+ 2009-10-29 21:32 . 2007-02-27 13:31 21504 c:\windows\system32\DRVSTORE\motmodem_5A78965824B665693BA32EB804F366C0662AB61B\motmodem.sys
+ 2009-10-29 21:32 . 2007-02-27 13:31 17792 c:\windows\system32\DRVSTORE\motccgp_B54E2AE72FC4F575918F765D66FD7A32A96B836E\motccgp.sys
+ 2009-10-29 19:50 . 2006-08-11 07:34 66592 c:\windows\system32\DRVSTORE\M2501uc_6ABE1D60E560C01F808EBE80F1BCA5A3D9FDEC66\M2501uc.sys
+ 2009-10-29 19:50 . 2006-08-11 07:34 90128 c:\windows\system32\DRVSTORE\M2501md_3F9C70CED7D1F0C5A3749D5A551A3DAA6C9518B6\M2501md.sys
+ 2009-10-29 19:50 . 2006-12-06 15:33 94592 c:\windows\system32\DRVSTORE\M2501HCD_B072F3C073A4376B25683AA0AD2B77942B3E843A\M2501HCD.sys
+ 2009-10-29 19:50 . 2006-08-11 07:34 90128 c:\windows\system32\DRVSTORE\M2501at_2F5F7EFE99B5F227AF0764DFDBB083834C1FFEC1\M2501md.sys
+ 2006-11-02 06:22 . 2006-11-02 06:22 32224 c:\windows\system32\drivers\wdfldr.sys
+ 2008-11-20 19:19 . 2009-04-28 20:20 44944 c:\windows\system32\drivers\pxhelp20.sys
+ 2008-12-12 09:11 . 2008-12-12 09:11 61440 c:\windows\system32\dnssd.dll
- 2007-07-24 13:17 . 2007-07-24 13:17 61440 c:\windows\system32\dnssd.dll
+ 2008-12-12 09:18 . 2008-12-12 09:18 87336 c:\windows\system32\dns-sd.exe
+ 2009-07-29 13:07 . 2009-08-29 08:00 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-07-29 13:07 . 2009-07-03 17:00 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2005-04-20 15:21 . 2009-08-06 17:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2005-03-01 20:21 . 2009-08-06 17:24 53472 c:\windows\system32\dllcache\wuauclt.exe
- 2007-10-10 23:53 . 2009-07-03 17:00 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2007-10-10 23:53 . 2009-08-29 08:00 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-09-04 21:05 . 2009-09-04 21:05 58880 c:\windows\system32\dllcache\msasn1.dll
- 2005-03-01 20:19 . 2009-07-03 17:00 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2005-03-01 20:19 . 2009-08-29 08:00 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2005-03-01 20:18 . 2009-08-06 17:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2005-03-01 20:18 . 2009-08-06 17:24 96480 c:\windows\system32\cdm.dll
+ 2009-06-24 17:56 . 2009-06-24 17:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
+ 2008-05-27 22:49 . 2008-05-27 22:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-13 18:58 . 2007-04-13 18:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-13 18:57 . 2007-04-13 18:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-13 18:57 . 2007-04-13 18:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-13 19:30 . 2007-04-13 19:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2008-05-27 23:30 . 2008-05-27 23:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2009-11-11 07:35 . 2009-11-11 07:35 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2005-05-11 18:54 . 2009-08-12 20:51 23040 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2005-05-11 18:54 . 2009-11-11 07:36 23040 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2005-05-11 18:54 . 2009-11-11 07:36 61440 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2005-05-11 18:54 . 2009-08-12 20:51 61440 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2005-05-11 18:54 . 2009-11-11 07:36 27136 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2005-05-11 18:54 . 2009-08-12 20:51 27136 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2005-05-11 18:54 . 2009-11-11 07:36 11264 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2005-05-11 18:54 . 2009-08-12 20:51 11264 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2005-05-11 18:54 . 2009-11-11 07:36 86016 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2005-05-11 18:54 . 2009-08-12 20:51 86016 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2005-05-11 18:54 . 2009-11-11 07:36 12288 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2005-05-11 18:54 . 2009-08-12 20:51 12288 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-10-13 17:28 . 2009-10-13 17:28 86016 c:\windows\Installer\{07287123-B8AC-41CE-8346-3D777245C35B}\PrntWzrdIco.exe
+ 2009-04-03 16:01 . 2009-04-03 16:01 71504 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\XL12CNVP.DLL
+ 2009-04-03 15:57 . 2009-04-03 15:57 21320 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\WRD12EXE.EXE
+ 2009-04-02 12:35 . 2009-04-02 12:35 16712 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\PXBPROXY.DLL
+ 2009-04-02 12:35 . 2009-04-02 12:35 68496 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\PXBCOM.EXE
+ 2006-10-26 19:13 . 2006-10-26 19:13 72472 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\XL12CNVP.DLL
+ 2007-03-21 16:58 . 2007-03-21 16:58 24416 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\WRD12EXE.EXE
+ 2006-10-26 19:07 . 2006-10-26 19:07 17680 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\PXBPROXY.DLL
+ 2007-03-21 17:00 . 2007-03-21 17:00 72096 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\PXBCOM.EXE
+ 2009-10-15 10:50 . 2009-07-03 17:00 12800 c:\windows\ie8updates\KB974455-IE8\xpshims.dll
+ 2009-10-15 10:50 . 2009-07-03 17:00 55296 c:\windows\ie8updates\KB974455-IE8\msfeedsbs.dll
+ 2009-10-15 10:50 . 2009-07-03 17:00 25600 c:\windows\ie8updates\KB974455-IE8\jsproxy.dll
+ 2009-10-15 10:45 . 2009-10-15 10:45 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_dcbfbb2c\System.Drawing.Design.dll
+ 2009-10-15 10:45 . 2009-10-15 10:45 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_2b2e6e1a\CustomMarshalers.dll
+ 2009-10-15 10:59 . 2009-10-15 10:59 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\b4a9e413d5cd6d6ec2d50aa05381e293\UIAutomationProvider.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\8acb476a0d4ee17a12881e17ae74a6af\System.Windows.Presentation.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\4b87ca3482a3c0ee733e028ecee7de65\System.Web.DynamicData.Design.ni.dll
+ 2009-10-15 17:40 . 2009-10-15 17:40 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\a0c71055364bd356971791284c3fb910\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-10-15 17:40 . 2009-10-15 17:40 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll
+ 2009-10-15 10:57 . 2009-10-15 10:57 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3dd0f86c966c75755d62eab8ddf0634c\PresentationFontCache.ni.exe
+ 2009-10-15 10:56 . 2009-10-15 10:56 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\034d081fe294bab1ee1ecc98c1181424\PresentationCFFRasterizer.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2673aec397c52796aef05bb9d2668df\Microsoft.Vsa.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\1ded203bd27031c3a5e3441f94b528c0\Microsoft.VisualC.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\d513fe1a81c441e7656a9b062cff4e9f\Microsoft.Build.Framework.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c5d504724d7f351b1d034615dbb72a2a\Microsoft.Build.Framework.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a664ccab020f93f1d533919f57131190\dfsvc.ni.exe
+ 2009-10-15 17:04 . 2009-10-15 17:04 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-09-17 19:11 . 2009-09-17 19:11 11264 c:\windows\assembly\GAC_MSIL\cli_basetypes\1.0.13.0__ce2cb7e279207b9e\cli_basetypes.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-09-17 19:12 . 2009-09-17 19:12 64000 c:\windows\assembly\GAC_32\cli_cppuhelper\1.0.16.0__ce2cb7e279207b9e\cli_cppuhelper.dll
+ 2009-10-15 10:45 . 2008-04-14 17:02 57344 c:\windows\$NtUninstallKB974571$\msasn1.dll
+ 2009-10-15 10:43 . 2008-07-08 13:07 26488 c:\windows\$hf_mig$\KB975467\update\spcustom.dll
+ 2009-10-15 10:43 . 2008-07-08 13:07 18808 c:\windows\$hf_mig$\KB975467\spmsg.dll
+ 2009-10-15 10:45 . 2009-05-26 11:41 26488 c:\windows\$hf_mig$\KB975025\update\spcustom.dll
+ 2009-10-15 10:45 . 2009-05-26 11:41 18808 c:\windows\$hf_mig$\KB975025\spmsg.dll
+ 2009-10-15 10:45 . 2009-05-26 11:41 26488 c:\windows\$hf_mig$\KB974571\update\spcustom.dll
+ 2009-10-15 10:45 . 2009-05-26 11:41 18808 c:\windows\$hf_mig$\KB974571\spmsg.dll
+ 2009-09-04 21:02 . 2009-09-04 21:02 58880 c:\windows\$hf_mig$\KB974571\SP3QFE\msasn1.dll
+ 2009-10-15 10:50 . 2008-07-08 13:07 26488 c:\windows\$hf_mig$\KB974455-IE8\update\spcustom.dll
+ 2009-10-15 10:50 . 2008-07-08 13:07 18808 c:\windows\$hf_mig$\KB974455-IE8\spmsg.dll
+ 2009-10-15 09:01 . 2009-08-29 07:52 12800 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\xpshims.dll
+ 2009-10-15 09:01 . 2009-08-29 07:52 55296 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\msfeedsbs.dll
+ 2009-10-15 09:01 . 2009-08-29 07:52 25600 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\jsproxy.dll
+ 2009-10-15 10:45 . 2009-05-26 11:41 26488 c:\windows\$hf_mig$\KB974112\update\spcustom.dll
+ 2009-10-15 10:45 . 2009-05-26 11:41 18808 c:\windows\$hf_mig$\KB974112\spmsg.dll
+ 2009-10-15 10:44 . 2009-05-26 11:41 26488 c:\windows\$hf_mig$\KB973525\update\spcustom.dll
+ 2009-10-15 10:44 . 2009-05-26 11:41 18808 c:\windows\$hf_mig$\KB973525\spmsg.dll
+ 2009-09-10 07:00 . 2008-07-08 13:07 26488 c:\windows\$hf_mig$\KB971961-IE8\update\spcustom.dll
+ 2009-09-10 07:00 . 2008-07-08 13:07 18808 c:\windows\$hf_mig$\KB971961-IE8\spmsg.dll
+ 2009-10-15 10:44 . 2009-05-26 11:41 26488 c:\windows\$hf_mig$\KB971486\update\spcustom.dll
+ 2009-10-15 10:44 . 2009-05-26 11:41 18808 c:\windows\$hf_mig$\KB971486\spmsg.dll
+ 2009-10-15 10:46 . 2008-07-08 13:07 26488 c:\windows\$hf_mig$\KB969059\update\spcustom.dll
+ 2009-10-15 10:46 . 2008-07-08 13:07 18808 c:\windows\$hf_mig$\KB969059\spmsg.dll
+ 2009-09-10 07:00 . 2008-07-08 13:07 26488 c:\windows\$hf_mig$\KB956844\update\spcustom.dll
+ 2009-09-10 07:00 . 2008-07-08 13:07 18808 c:\windows\$hf_mig$\KB956844\spmsg.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2006-07-28 06:10 . 2006-07-28 06:10 6144 c:\windows\system32\mot_ci.dll
+ 2009-10-29 21:32 . 2006-12-06 16:33 6400 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\motswch.sys
+ 2009-10-29 21:32 . 2007-01-23 20:36 6016 c:\windows\system32\DRVSTORE\motousbnet_ABB6512ACA55A7A4E2FA3DE425ED10A6DA3518DB\motfilt.sys
+ 2009-10-29 21:32 . 2006-07-28 07:10 6144 c:\windows\system32\DRVSTORE\motodrv_790AECF80A9B3907D8D111D32F7F2573FDCB388A\mot_ci.dll
+ 2009-10-29 21:32 . 2006-12-06 16:33 6400 c:\windows\system32\DRVSTORE\motccgp_B54E2AE72FC4F575918F765D66FD7A32A96B836E\motswch.sys
+ 2009-10-29 21:32 . 2007-01-23 18:03 7680 c:\windows\system32\DRVSTORE\motccgp_B54E2AE72FC4F575918F765D66FD7A32A96B836E\motccgpfl.sys
+ 2009-10-29 19:50 . 2006-08-11 07:34 5808 c:\windows\system32\DRVSTORE\M2501uc_6ABE1D60E560C01F808EBE80F1BCA5A3D9FDEC66\M2501wn.sys
+ 2009-10-29 19:50 . 2006-08-11 07:34 9360 c:\windows\system32\DRVSTORE\M2501md_3F9C70CED7D1F0C5A3749D5A551A3DAA6C9518B6\M2501mf.sys
+ 2009-10-29 19:50 . 2006-08-11 07:34 6144 c:\windows\system32\DRVSTORE\M2501md_3F9C70CED7D1F0C5A3749D5A551A3DAA6C9518B6\M2501cn.sys
+ 2009-10-29 19:50 . 2006-08-11 07:34 6144 c:\windows\system32\DRVSTORE\M2501at_2F5F7EFE99B5F227AF0764DFDBB083834C1FFEC1\M2501cn.sys
+ 2005-05-11 18:54 . 2009-11-11 07:36 4096 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2005-05-11 18:54 . 2009-08-12 20:51 4096 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-09-17 19:11 . 2009-09-17 19:11 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_uretypes\2.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_uretypes.dll
+ 2009-09-17 19:11 . 2009-09-17 19:11 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_ure\16.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_ure.dll
+ 2009-09-17 19:12 . 2009-09-17 19:12 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_oootypes\2.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_oootypes.dll
+ 2009-09-17 19:11 . 2009-09-17 19:11 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_basetypes\13.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_basetypes.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-08-21 02:44 . 2009-08-21 02:44 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-08-21 02:44 . 2009-08-21 02:44 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-09-17 19:11 . 2009-09-17 19:11 7680 c:\windows\assembly\GAC_MSIL\cli_ure\1.0.16.0__ce2cb7e279207b9e\cli_ure.dll
+ 2009-09-17 19:12 . 2009-09-17 19:12 3072 c:\windows\assembly\GAC_32\policy.1.0.cli_cppuhelper\16.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_cppuhelper.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-07-12 00:12 . 2009-07-12 00:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-12 00:09 . 2009-07-12 00:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-12 00:08 . 2009-07-12 00:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2005-03-01 20:21 . 2009-08-06 17:24 209632 c:\windows\system32\wuweb.dll
+ 2005-03-01 20:21 . 2009-08-06 17:24 327896 c:\windows\system32\wucltui.dll
+ 2005-03-01 20:21 . 2009-08-06 17:23 575704 c:\windows\system32\wuapi.dll
+ 2005-03-01 20:21 . 2009-04-01 21:02 604160 c:\windows\system32\wmspdmod.dll
+ 2005-06-06 16:45 . 2009-04-28 20:20 436720 c:\windows\system32\pxwave.dll
+ 2005-06-06 16:45 . 2009-04-28 20:20 219632 c:\windows\system32\pxmas.dll
+ 2005-06-06 16:45 . 2009-04-28 20:20 551408 c:\windows\system32\pxdrv.dll
+ 2007-06-18 08:24 . 2009-04-28 20:20 129520 c:\windows\system32\pxafs.dll
+ 2005-06-06 16:45 . 2009-04-28 20:20 670192 c:\windows\system32\px.dll
+ 2004-09-15 01:50 . 2009-10-25 06:05 444028 c:\windows\system32\perfh009.dat
- 2004-09-15 01:50 . 2009-08-21 02:44 444028 c:\windows\system32\perfh009.dat
- 2005-03-01 20:20 . 2009-07-03 17:00 206848 c:\windows\system32\occache.dll
+ 2005-03-01 20:20 . 2009-08-29 08:00 206848 c:\windows\system32\occache.dll
+ 2005-05-26 02:19 . 2009-08-06 17:23 215920 c:\windows\system32\muweb.dll
+ 2005-08-16 07:40 . 2009-08-06 17:23 274288 c:\windows\system32\mucltui.dll
+ 2007-08-13 17:54 . 2009-08-29 08:00 594432 c:\windows\system32\msfeeds.dll
- 2007-08-13 17:54 . 2009-07-03 17:00 594432 c:\windows\system32\msfeeds.dll
- 2005-03-01 20:19 . 2009-03-08 02:33 726528 c:\windows\system32\jscript.dll
+ 2005-03-01 20:19 . 2009-06-22 06:48 726528 c:\windows\system32\jscript.dll
+ 2009-11-12 21:44 . 2009-10-11 03:17 149280 c:\windows\system32\javaws.exe
- 2009-08-04 21:58 . 2009-07-25 03:23 149280 c:\windows\system32\javaws.exe
+ 2009-11-12 21:44 . 2009-10-11 03:17 145184 c:\windows\system32\javaw.exe
- 2009-08-04 21:58 . 2009-07-25 03:23 145184 c:\windows\system32\javaw.exe
+ 2009-11-12 21:44 . 2009-10-11 03:17 145184 c:\windows\system32\java.exe
- 2009-08-04 21:58 . 2009-07-25 03:23 145184 c:\windows\system32\java.exe
+ 2005-03-01 20:18 . 2009-08-29 08:00 184320 c:\windows\system32\iepeers.dll
- 2005-03-01 20:18 . 2009-07-03 17:00 184320 c:\windows\system32\iepeers.dll
+ 2005-03-01 20:18 . 2009-08-29 08:00 387584 c:\windows\system32\iedkcs32.dll
+ 2005-03-01 20:18 . 2009-08-28 10:37 173056 c:\windows\system32\ie4uinit.exe
- 2005-03-01 20:18 . 2009-07-03 11:01 173056 c:\windows\system32\ie4uinit.exe
+ 2004-09-14 18:59 . 2009-11-11 16:20 315560 c:\windows\system32\FNTCACHE.DAT
+ 2006-11-02 06:22 . 2006-11-02 06:22 492000 c:\windows\system32\drivers\wdf01000.sys
+ 2005-03-01 20:21 . 2009-08-06 17:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2005-03-01 20:21 . 2009-08-06 17:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2005-03-01 20:21 . 2009-08-06 17:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2005-03-01 20:21 . 2009-04-01 21:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
+ 2005-03-01 20:21 . 2009-08-29 08:00 916480 c:\windows\system32\dllcache\wininet.dll
+ 2009-09-10 05:58 . 2009-06-21 21:49 153088 c:\windows\system32\dllcache\triedit.dll
+ 2005-03-01 20:20 . 2009-08-26 08:02 247326 c:\windows\system32\dllcache\strmdll.dll
- 2005-03-01 20:20 . 2008-10-03 10:05 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2005-03-01 20:20 . 2009-08-29 08:00 206848 c:\windows\system32\dllcache\occache.dll
- 2005-03-01 20:20 . 2009-07-03 17:00 206848 c:\windows\system32\dllcache\occache.dll
- 2009-06-25 08:27 . 2009-06-25 08:27 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2009-06-25 08:27 . 2009-09-11 14:20 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2007-10-10 23:53 . 2009-08-29 08:00 594432 c:\windows\system32\dllcache\msfeeds.dll
- 2007-10-10 23:53 . 2009-07-03 17:00 594432 c:\windows\system32\dllcache\msfeeds.dll
- 2008-05-09 10:56 . 2009-03-08 02:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2008-05-09 10:56 . 2009-06-22 06:48 726528 c:\windows\system32\dllcache\jscript.dll
+ 2009-07-29 13:07 . 2009-08-29 08:00 246272 c:\windows\system32\dllcache\ieproxy.dll
- 2009-07-29 13:07 . 2009-07-03 17:00 246272 c:\windows\system32\dllcache\ieproxy.dll
- 2005-03-01 20:18 . 2009-07-03 17:00 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2005-03-01 20:18 . 2009-08-29 08:00 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2005-03-01 20:18 . 2009-08-29 08:00 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2005-03-01 20:18 . 2009-07-03 11:01 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2005-03-01 20:18 . 2009-08-28 10:37 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-08-07 21:51 . 2009-08-07 21:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-13 18:58 . 2007-04-13 18:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-13 18:56 . 2007-04-13 18:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2008-05-27 22:48 . 2008-05-27 22:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-13 19:30 . 2007-04-13 19:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2008-05-27 23:30 . 2008-05-27 23:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2009-10-13 17:26 . 2009-10-13 17:26 694272 c:\windows\Installer\9a0ead.msi
+ 2009-10-29 21:32 . 2009-10-29 21:32 118784 c:\windows\Installer\2fbbdea.msi
+ 2009-11-11 17:02 . 2009-11-11 17:02 424448 c:\windows\Installer\2606e9.msi
+ 2009-10-19 15:40 . 2009-10-19 15:40 355328 c:\windows\Installer\1ff9377.msi
- 2005-05-11 18:54 . 2009-08-12 20:51 409600 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2005-05-11 18:54 . 2009-11-11 07:36 409600 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2005-05-11 18:54 . 2009-11-11 07:36 286720 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2005-05-11 18:54 . 2009-08-12 20:51 286720 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2005-05-11 18:54 . 2009-08-12 20:51 249856 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2005-05-11 18:54 . 2009-11-11 07:36 249856 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2005-05-11 18:54 . 2009-11-11 07:36 794624 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2005-05-11 18:54 . 2009-08-12 20:51 794624 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2005-05-11 18:54 . 2009-11-11 07:36 135168 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2005-05-11 18:54 . 2009-08-12 20:51 135168 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2005-05-11 18:54 . 2009-08-12 20:51 593920 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2005-05-11 18:54 . 2009-11-11 07:36 593920 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2007-04-19 11:53 . 2007-04-19 11:53 109408 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\OUTLCTL.DLL
+ 2006-10-26 18:49 . 2006-10-26 18:49 509200 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\WRD12CVR.DLL
+ 2007-05-10 07:04 . 2007-05-10 07:04 846248 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\OICE.EXE
+ 2006-10-26 18:12 . 2006-10-26 18:12 396592 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\MOC.EXE
+ 2009-11-04 08:52 . 2008-07-08 13:07 401272 c:\windows\ie8updates\KB976749-IE8\spuninst\updspapi.dll
+ 2009-11-04 08:52 . 2008-07-08 13:07 234872 c:\windows\ie8updates\KB976749-IE8\spuninst\spuninst.exe
+ 2009-10-15 10:50 . 2009-07-03 17:00 915456 c:\windows\ie8updates\KB974455-IE8\wininet.dll
+ 2009-10-15 10:50 . 2009-05-26 11:41 401272 c:\windows\ie8updates\KB974455-IE8\spuninst\updspapi.dll
+ 2009-10-15 10:50 . 2008-07-08 13:07 234872 c:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe
+ 2009-10-15 10:50 . 2009-07-03 17:00 206848 c:\windows\ie8updates\KB974455-IE8\occache.dll
+ 2009-10-15 10:50 . 2009-07-03 17:00 594432 c:\windows\ie8updates\KB974455-IE8\msfeeds.dll
+ 2009-10-15 10:50 . 2009-07-03 17:00 246272 c:\windows\ie8updates\KB974455-IE8\ieproxy.dll
+ 2009-10-15 10:50 . 2009-07-03 17:00 184320 c:\windows\ie8updates\KB974455-IE8\iepeers.dll
+ 2009-10-15 10:50 . 2009-07-03 17:00 386048 c:\windows\ie8updates\KB974455-IE8\iedkcs32.dll
+ 2009-10-15 10:50 . 2009-07-03 11:01 173056 c:\windows\ie8updates\KB974455-IE8\ie4uinit.exe
+ 2009-09-10 07:00 . 2008-07-08 13:07 401272 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2009-09-10 07:00 . 2008-07-08 13:07 234872 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe
+ 2009-09-10 07:00 . 2009-03-08 02:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll
+ 2009-10-15 10:45 . 2009-10-15 10:45 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_d838b12c\System.Drawing.dll
+ 2009-10-15 10:45 . 2009-10-15 10:45 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_3ac0a2b6\System.Drawing.Design.dll
+ 2009-10-15 10:45 . 2009-10-15 10:45 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_6128b847\CustomMarshalers.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\e2098e43d115155d6ba91ba3a7e577cf\WsatConfig.ni.exe
+ 2009-10-15 10:59 . 2009-10-15 10:59 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bf92bc207f927cbbd6dfc9dc0c3eae68\WindowsFormsIntegration.ni.dll
+ 2009-10-15 10:59 . 2009-10-15 10:59 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll
+ 2009-10-15 10:59 . 2009-10-15 10:59 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\c2fbf25609b704061a93500efa6f241d\UIAutomationClient.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\eb23b78564687badff1bd1f1d0a0ec97\System.Xml.Linq.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\e7666364bf9f3ba5f4833c9efedd8218\System.Web.Routing.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5f1b8791e6c47e5bd5e7018c346c586\System.Web.RegularExpressions.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\884eacddf339b8b342f66aedff5f8ef9\System.Web.Extensions.Design.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\9e199645bd26f1afe58ebe185d1e7f0f\System.Web.Entity.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\652017ebe962ab2eb271c2524f31cd61\System.Web.Entity.Design.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\d0070c1c1a642ae30394e00bc0d82336\System.Web.DynamicData.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\1896753d02d146be1988d32241300f51\System.Web.Abstractions.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\408e637346ef628a3f54fb1b9b83ac9f\System.Transactions.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1f61bccb700d687775cf778dd77752e9\System.ServiceProcess.ni.dll
+ 2009-10-15 17:38 . 2009-10-15 17:38 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\a9e9b885a6601469c4058375cc74d856\System.Security.ni.dll
+ 2009-10-15 17:38 . 2009-10-15 17:38 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9bc34a79af9c3ed2cf17a0226c769b4c\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\af21e3011fb4e107b13ea5c40c351ec4\System.Runtime.Remoting.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\5f74a84e9d28c2332c51f6e30da0e125\System.Net.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\2c208e4c5521f31057ea7d6e93c6a567\System.Management.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\818b20a7c6f3b2fe97bf008ca24080c1\System.Management.Instrumentation.ni.dll
+ 2009-10-15 17:04 . 2009-10-15 17:04 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\6c273eb9d1ee8b66b5ecb073de4b785d\System.IO.Log.ni.dll
+ 2009-10-15 17:04 . 2009-10-15 17:04 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\7222db518afb4eaaa138824278249bc7\System.IdentityModel.Selectors.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.Wrapper.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.ni.dll
+ 2009-10-15 10:58 . 2009-10-15 10:58 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ca6d7208c0fb72ff97429f2636ced321\System.Drawing.Design.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c92fc19800e701c90f90ab7a2ab44c47\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a601f47a98ee67df424685c9a66ea449\System.DirectoryServices.Protocols.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\b91b44015859163646f210d284f7166a\System.Data.Services.Client.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1b35297e07b85071daecdb06f96750a1\System.Data.Services.Design.ni.dll
+ 2009-10-15 18:03 . 2009-10-15 18:03 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\cf906bf9146d1f0013451ec63b58e064\System.Data.Entity.Design.ni.dll
+ 2009-10-15 17:40 . 2009-10-15 17:40 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\4ff4134b0d490c090e03d74e104517c4\System.Data.DataSetExtensions.ni.dll
+ 2009-10-15 17:38 . 2009-10-15 17:38 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7c743462baccf29b3567b0e3ec9ac134\System.Configuration.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\443e3a85c491b2de4a2ac654cb957484\System.Configuration.Install.ni.dll
+ 2009-10-15 17:40 . 2009-10-15 17:40 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\cba35f47925431a54d0e6ae147a292f1\System.AddIn.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6af32fe5cbec0aa54e2efa6910c73651\SMSvcHost.ni.exe
+ 2009-10-15 17:39 . 2009-10-15 17:39 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\7602d7687fb9bd21cd9ae60d2b187c99\SMDiagnostics.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a23dc25782df04533a13e348203e4dc5\ServiceModelReg.ni.exe
+ 2009-10-15 10:58 . 2009-10-15 10:58 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96f74da5fc40b92f09069230bc0df4f0\PresentationFramework.Royale.ni.dll
+ 2009-10-15 10:58 . 2009-10-15 10:58 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bb4d16b042b72c2c85a0f8ac9d48f28\PresentationFramework.Luna.ni.dll
+ 2009-10-15 10:58 . 2009-10-15 10:58 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\30c5c2682d3c5bdaa83bb9a36ee48afa\PresentationFramework.Aero.ni.dll
+ 2009-10-15 10:58 . 2009-10-15 10:58 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07e952efd70f5608e221a008e6231ace\PresentationFramework.Classic.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\eade8c1c9c1e8e5ffb50e6c9b9af0f6a\MSBuild.ni.exe
+ 2009-10-15 17:39 . 2009-10-15 17:39 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fc4d66e0a92b3767006a84f2519d2457\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 766976 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\f12731a5f0438e6222946ee230855465\Microsoft.MapPoint.Data.VirtualEarthTileDataSource.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 434176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\ebfa04377cf6af693e8c85f92d0dea93\Microsoft.MapPoint.Data.CompactMapFile.ni.dll
+ 2009-10-15 17:38 . 2009-10-15 17:38 438272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\c50a335c1846d477d449a651cfda95a0\Microsoft.MapPoint.MapControl3D.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 344064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\c1196985ae26d4f39b1cddd0082bcd41\Microsoft.MapPoint.Utility.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 411648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\a12ad0659422b0b89cd038d385c10766\Microsoft.MapPoint.Network.ni.dll
+ 2009-10-15 17:38 . 2009-10-15 17:38 340992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\3efd7406004839433904161b59a78636\Microsoft.MapPoint.UtilityPartialTrust.ni.dll
+ 2009-10-15 17:38 . 2009-10-15 17:38 472064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\383dc3d16d1210666f600d93e6225d36\Microsoft.MapPoint.Rendering3D.Utility.ni.dll
+ 2009-10-15 17:38 . 2009-10-15 17:38 840192 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\1e11979aa5e16c23699260ab5464691d\Microsoft.MapPoint.Geometry.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\58ca3ecc52b7246b448c109817198a0b\Microsoft.Build.Utilities.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4dd43724dd92026577c6f588270137a0\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\8c651f75bb741330370986dcad8e9e5b\Microsoft.Build.Engine.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a6dcbae619ccd938bfe808c54d6d3ae0\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\77688ce14f221ed94a9f442ae4736123\CustomMarshalers.ni.dll
+ 2009-10-15 17:39 . 2009-10-15 17:39 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a17c65f0cffaa4f792dd38d50df9d526\ComSvcConfig.ni.exe
+ 2009-10-15 17:04 . 2009-10-15 17:04 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\85d7c111956b478766d90625b35d963f\AspNetMMCExt.ni.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-09-17 19:11 . 2009-09-17 19:11 114688 c:\windows\assembly\GAC_MSIL\cli_uretypes\1.0.2.0__ce2cb7e279207b9e\cli_uretypes.dll
+ 2009-09-17 19:12 . 2009-09-17 19:12 839680 c:\windows\assembly\GAC_MSIL\cli_oootypes\1.0.2.0__ce2cb7e279207b9e\cli_oootypes.dll
+ 2009-10-15 10:52 . 2009-10-15 10:52 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-08-21 02:44 . 2009-08-21 02:44 507904 c:\windows\assembly\ - Het kon er blijkbaar niet op, hier alsnog de hijackthislog.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:37:43, on 21-11-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ezSP_Px.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\gebruiker\Bureaublad\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe Autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTZDetec.exe] C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.paradigit.nl
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} (Installer Class) - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} (MALPlaybackCtrl Class) - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1124110007421
O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} (clsDefault Class) - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15109/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: MD Simple Burner Service (NetMDSB) - Sony Corporation - C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\WINDOWS\system32\HPZipm12.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
–
End of file - 11053 bytes - Hallo Diana, het gebruik van Combofix zonder daartoe opdracht te hebben gekregen, is volkomen af te raden.
Daarvoor is het een te specialistisch tool!
In wezen is de Combofixscan ook niet volledig succesvol geweest, want je hebt niet voldaan aan bepaalde voorwaarden daarvoor.
Maar hoe het ook zij, hoe staat het nu met je problemen- je HJT-log ziet er overigens goed uit. - [quote:84a9bc9e97="Abraham54"]Hallo Diana, het gebruik van Combofix zonder daartoe opdracht te hebben gekregen, is volkomen af te raden.
Daarvoor is het een te specialistisch tool!
In wezen is de Combofixscan ook niet volledig succesvol geweest, want je hebt niet voldaan aan bepaalde voorwaarden daarvoor.
Maar hoe het ook zij, hoe staat het nu met je problemen- je HJT-log ziet er overigens goed uit.[/quote:84a9bc9e97]
Je bedoelt de voorwaarde van het uitschakelen van het antivirusprogramma. Dat lukt niet bij AVG, die laat zich niet uitschakelen.
Maar het lijkt wel geholpen te hebben, e-mails die eerder niet verzonden werden zijn nu wel verzonden.
De spam blijft overigens.
bedankt voor het nakijken!
diana - Waar heb jij je email ondergebracht?
- [quote:921815af14="Abraham54"]Waar heb jij je email ondergebracht?[/quote:921815af14]
Outlook Express. Overigens is het al vanaf 12.00 rustig met de spam, geen viagra e.d. meer ontvangen daarna.
Het lijkt erop dat alles weer in orde is. - Wat ik bedoelde met mijn vraag, waar jij je emailadres hebt.
Dus bij je provider, of hotmail of googlemail? - [quote:116ba40f60="Abraham54"]Wat ik bedoelde met mijn vraag, waar jij je emailadres hebt.
Dus bij je provider, of hotmail of googlemail?[/quote:116ba40f60]
Bij provider en googlemail. Bij googlemail heb ik onlangs het wachtwoord gewijzigd omdat dat aangeraden werd. Misschien was dat niet op tijd. Bedoel je dat?
Is het verstandig om de Combofixlog te plaatsen op een gespecialiseerd forum? Of hebben jullie daar ook voldoende verstand van? - Even dit, een goed wachtwoord bestaat uit minimaal acht tekens, opgebouwd met Hoofd- en kleine letters, cijfers en tekens!
Ook het wachtwoord wat je bij je provider gebruikt eventueel ook aanpassen!
Wat Combofix betreft, welnu daar gaan we: [b:414c74bee5]Laat Combofix jouw Windows gaat scannen[/b:414c74bee5] (KLIK).
[b:414c74bee5]Hoe Combofix goed te gebruiken[/b:414c74bee5] (KLIK)
[b:414c74bee5]Aanvulling: om Combofix te kunnen gebruiken geldt het volgende:[/b:414c74bee5]
[b:414c74bee5]- er mogen geen webbrowsers openstaan
- antivirus moet geheel gedeaktiveerd zijn
- actieve mal- en spywarescanners moeten gedeaktiveerd zijn.[/b:414c74bee5]
Niet in het actieve Combofixvnster klikken – dit zal Combofix doen bevriezen!
Combofix sluit de internet verbinding – probeer deze tussentijds niet te herstellen!
[b:414c74bee5]Vistagebruikers starten Combofix op met Administratorrechten!
En vergeten niet Windows Defender tijdelijk uit te schakelen: zie daarvoor http://windowshelp.microsoft.com/Windows/nl-NL/help/31d797aa-091d-4d67-a556-dbfaf21bf0dc1043.mspx
[/b:414c74bee5]
[b:414c74bee5]Hier vindt je gegevens hoe antivirus te deaktiveren[/b:414c74bee5] (KLIK) - [quote:12fdd72848="Abraham54"]Even dit, een goed wachtwoord bestaat uit minimaal acht tekens, opgebouwd met Hoofd- en kleine letters, cijfers en tekens!
Ook het wachtwoord wat je bij je provider gebruikt eventueel ook aanpassen!
Wat Combofix betreft, welnu daar gaan we: [b:12fdd72848]Laat Combofix jouw Windows gaat scannen[/b:12fdd72848] (KLIK).
[b:12fdd72848]Hoe Combofix goed te gebruiken[/b:12fdd72848] (KLIK)
[b:12fdd72848]Aanvulling: om Combofix te kunnen gebruiken geldt het volgende:[/b:12fdd72848]
[b:12fdd72848]- er mogen geen webbrowsers openstaan
- antivirus moet geheel gedeaktiveerd zijn
- actieve mal- en spywarescanners moeten gedeaktiveerd zijn.[/b:12fdd72848]
Niet in het actieve Combofixvnster klikken – dit zal Combofix doen bevriezen!
Combofix sluit de internet verbinding – probeer deze tussentijds niet te herstellen!
[b:12fdd72848]Vistagebruikers starten Combofix op met Administratorrechten!
En vergeten niet Windows Defender tijdelijk uit te schakelen: zie daarvoor http://windowshelp.microsoft.com/Windows/nl-NL/help/31d797aa-091d-4d67-a556-dbfaf21bf0dc1043.mspx
[/b:12fdd72848]
[b:12fdd72848]Hier vindt je gegevens hoe antivirus te deaktiveren[/b:12fdd72848] (KLIK)[/quote:12fdd72848]
Merci, hele goeie tip over uitschakelen AVG.
Hieronder de derde log die ik met Combofix gedaan heb. In log 2 zaten iets meer besmettingen, dus het gaat vooruit. Adaware vond bij een volledige scan ook nog wat, maar ik kan de log daarvan niet vinden.
ComboFix 09-11-20.05 - gebruiker 21-11-2009 22:35.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1460 [GMT 1:00]
Gestart vanuit: c:\documents and settings\gebruiker\Bureaublad\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\System32\Drivers\d347prt.sys . . . is geïnfecteerd!!
c:\windows\system32\DRIVERS\vobid.sys . . . is geïnfecteerd!!
.
(((((((((((((((((((( Bestanden Gemaakt van 2009-10-21 to 2009-11-21 ))))))))))))))))))))))))))))))
.
2009-11-21 21:30 . 2004-08-04 12:00 13952 -c–a-w- c:\windows\system32\dllcache\cbidf2k.sys
2009-11-21 21:30 . 2004-08-04 12:00 13952 —-a-w- c:\windows\system32\drivers\cbidf2k.sys
2009-11-21 21:30 . 2008-04-13 18:40 96512 -c–a-w- c:\windows\system32\dllcache\atapi.sys
2009-11-21 21:30 . 2008-04-13 18:40 96512 —-a-w- c:\windows\system32\drivers\atapi.sys
2009-11-21 09:45 . 2009-11-21 17:50 ——– d–h–r- c:\documents and settings\gebruiker\Onlangs geopend
2009-11-21 08:49 . 2009-11-21 08:49 93360 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-21 08:49 . 2009-11-21 08:49 93360 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\SBREDrv.sys
2009-11-21 08:49 . 2009-11-21 08:49 554280 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\sbap.dll
2009-11-21 08:49 . 2009-11-21 08:49 537576 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\aawapi.dll
2009-11-21 08:49 . 2009-11-21 08:49 212480 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\VipreBridge.dll
2009-11-21 08:49 . 2009-11-21 08:49 283944 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Vipre.dll
2009-11-21 08:49 . 2009-11-21 08:49 1223976 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\SBTE.dll
2009-11-21 08:49 . 2009-11-21 08:49 242984 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\SBRE.dll
2009-11-21 08:48 . 2009-11-21 08:48 ——– dc-h–w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-21 08:48 . 2009-10-03 08:15 2924848 -c–a-w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
2009-11-21 08:03 . 2009-11-21 08:01 399872 —-a-w- c:\windows\system32\CF14009.exe
2009-11-14 15:01 . 2009-11-21 21:11 0 —-a-w- c:\documents and settings\gebruiker\Local Settings\Application Data\prvlcl.dat
2009-11-13 17:47 . 2009-10-16 11:12 1119488 —-a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll
2009-11-12 21:43 . 2009-11-12 21:43 152576 —-a-w- c:\documents and settings\gebruiker\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-12 21:43 . 2009-11-12 21:43 79488 —-a-w- c:\documents and settings\gebruiker\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-11 17:12 . 2009-11-11 17:12 ——– d—–w- c:\documents and settings\gebruiker\Local Settings\Application Data\AVG Security Toolbar
2009-11-11 17:03 . 2009-11-11 17:10 ——– d—–w- C:\$AVG
2009-11-11 17:03 . 2009-11-13 17:47 ——– d—–w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-11-11 17:03 . 2009-11-11 17:03 ——– d—–w- c:\documents and settings\All Users\Application Data\avg9
2009-10-31 21:57 . 2009-10-31 21:57 ——– d—–w- c:\documents and settings\gebruiker\Application Data\Winamp
2009-10-29 21:32 . 2007-02-27 13:31 21504 —-a-w- c:\windows\system32\drivers\motmodem.sys
2009-10-29 21:32 . 2006-11-13 13:45 1419232 —-a-w- c:\windows\system32\wdfcoinstaller01005.dll
2009-10-29 19:48 . 2009-10-29 19:48 ——– d—–w- c:\program files\Common Files\Motorola Shared
2009-10-29 19:47 . 2009-10-29 19:47 ——– d—–w- c:\program files\Carambis
2009-10-26 20:56 . 2009-11-21 09:49 25992 —-a-w- c:\windows\system32\pgdfgsvc.exe
2009-10-26 18:30 . 2007-03-12 15:42 3495784 —-a-w- c:\windows\system32\d3dx9_33.dll
2009-10-26 18:26 . 2009-10-26 18:26 ——– d—–w- c:\documents and settings\All Users\Application Data\HEMA Fotoservice
2009-10-26 18:26 . 2009-10-26 18:26 ——– d—–w- c:\program files\HEMA Fotoservice
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-21 21:34 . 2005-05-11 18:20 12341 —-a-w- c:\windows\system32\Tablet.dat
2009-11-21 21:32 . 2008-04-09 16:23 12 —-a-w- c:\windows\bthservsdp.dat
2009-11-21 19:24 . 2007-05-02 16:11 ——– d—–w- c:\documents and settings\All Users\Application Data\BVRP Software
2009-11-21 19:24 . 2005-04-16 09:19 ——– d–h–w- c:\program files\InstallShield Installation Information
2009-11-21 19:22 . 2005-06-06 16:44 ——– d—–w- c:\program files\Sony
2009-11-21 18:51 . 2009-02-27 19:52 ——– d—–w- c:\documents and settings\gebruiker\Application Data\DNA
2009-11-21 18:49 . 2009-02-27 19:52 ——– d—–w- c:\program files\DNA
2009-11-21 18:12 . 2005-05-27 22:23 ——– d—–w- c:\program files\Soulseek
2009-11-21 09:47 . 2006-04-28 15:58 ——– d—–w- c:\program files\XnView
2009-11-21 08:49 . 2009-09-02 14:39 862040 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\threatwork.exe
2009-11-21 08:49 . 2009-09-02 16:11 15880 —-a-w- c:\windows\system32\lsdelete.exe
2009-11-21 08:49 . 2009-09-02 14:39 390288 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lavalicense.dll
2009-11-21 08:49 . 2009-09-02 14:39 206944 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lavamessage.dll
2009-11-21 08:49 . 2009-09-02 14:39 15880 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lsdelete.exe
2009-11-21 08:49 . 2009-09-02 14:39 370744 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\UpdateManager.dll
2009-11-21 08:49 . 2009-09-02 14:39 163728 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\ShellExt.dll
2009-11-21 08:49 . 2009-09-02 14:39 194104 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Savapibridge.dll
2009-11-21 08:49 . 2009-09-02 14:39 5908024 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Resources.dll
2009-11-21 08:49 . 2009-09-02 14:39 327000 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\RPAPI.dll
2009-11-21 08:49 . 2009-09-02 14:39 87496 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\PrivacyClean.dll
2009-11-21 08:49 . 2009-09-02 14:39 933120 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\CEAPI.dll
2009-11-21 08:48 . 2009-09-23 14:39 641632 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AutoLaunch.exe
2009-11-21 08:48 . 2009-09-02 14:39 816272 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-AwareCommand.exe
2009-11-21 08:48 . 2009-09-02 14:39 822904 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-AwareAdmin.exe
2009-11-21 08:48 . 2009-09-02 14:39 1638640 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-Aware.exe
2009-11-21 08:48 . 2009-09-02 14:39 788880 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWTray.exe
2009-11-21 08:48 . 2009-09-02 14:39 1184912 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWService.exe
2009-11-20 23:40 . 2007-08-26 16:38 ——– d—–w- c:\documents and settings\All Users\Application Data\Google Updater
2009-11-18 18:16 . 2009-09-17 19:15 1 —-a-w- c:\documents and settings\gebruiker\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-11-12 21:44 . 2005-05-14 20:18 ——– d—–w- c:\program files\Java
2009-11-11 18:51 . 2008-04-22 15:36 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
2009-11-11 18:50 . 2008-05-28 14:26 4045528 —-a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-11-11 17:03 . 2008-05-24 17:27 333192 —-a-w- c:\windows\system32\drivers\avgldx86.sys
2009-11-11 17:03 . 2008-05-24 17:27 360584 —-a-w- c:\windows\system32\drivers\avgtdix.sys
2009-11-11 17:03 . 2008-01-17 19:04 28424 —-a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-11-11 17:03 . 2008-05-24 17:27 12464 —-a-w- c:\windows\system32\avgrsstx.dll
2009-11-11 17:03 . 2008-05-24 17:27 ——– d—–w- c:\program files\AVG
2009-11-07 12:11 . 2007-01-11 12:46 ——– d—a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-07 12:11 . 2009-07-08 16:41 ——– d—–w- c:\program files\SpywareBlaster
2009-10-31 21:57 . 2005-06-07 11:05 ——– d—–w- c:\program files\Winamp
2009-10-29 22:04 . 2009-02-27 19:52 ——– d—–w- c:\documents and settings\gebruiker\Application Data\BitTorrent
2009-10-29 21:17 . 2007-05-02 16:12 ——– d—–w- c:\program files\Avanquest update
2009-10-29 21:15 . 2007-05-02 16:30 92064 —-a-w- c:\documents and settings\gebruiker\mqdmmdm.sys
2009-10-29 21:15 . 2007-05-02 16:30 79328 —-a-w- c:\documents and settings\gebruiker\mqdmserd.sys
2009-10-29 21:15 . 2007-05-02 16:30 5936 —-a-w- c:\documents and settings\gebruiker\mqdmwhnt.sys
2009-10-29 21:15 . 2007-05-02 16:30 9232 —-a-w- c:\documents and settings\gebruiker\mqdmmdfl.sys
2009-10-29 21:15 . 2007-05-02 16:30 66656 —-a-w- c:\documents and settings\gebruiker\mqdmbus.sys
2009-10-29 21:15 . 2007-05-02 16:30 6208 —-a-w- c:\documents and settings\gebruiker\mqdmcmnt.sys
2009-10-29 21:15 . 2007-05-02 16:30 4048 —-a-w- c:\documents and settings\gebruiker\mqdmcr.sys
2009-10-29 21:15 . 2007-05-02 16:11 25600 —-a-w- c:\documents and settings\gebruiker\usbsermptxp.sys
2009-10-29 21:15 . 2007-05-02 16:11 22768 —-a-w- c:\documents and settings\gebruiker\usbsermpt.sys
2009-10-29 19:49 . 2009-10-29 19:49 0 —ha-w- c:\windows\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
2009-10-29 19:49 . 2009-10-29 19:49 0 —ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-10-25 06:05 . 2004-09-15 01:50 91632 —-a-w- c:\windows\system32\perfc013.dat
2009-10-25 06:05 . 2004-09-15 01:50 511866 —-a-w- c:\windows\system32\perfh013.dat
2009-10-19 15:49 . 2005-05-11 21:14 79128 —-a-w- c:\documents and settings\gebruiker\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-19 15:39 . 2009-10-19 15:39 ——– d—–w- c:\program files\MSECache
2009-10-13 17:28 . 2009-10-13 17:28 ——– d—–w- c:\program files\Bonjour
2009-10-13 17:28 . 2009-10-13 17:27 ——– d—–w- c:\program files\QuickTime
2009-10-13 17:26 . 2008-03-22 16:58 ——– d—–w- c:\program files\Common Files\Apple
2009-10-11 03:17 . 2009-06-19 14:51 411368 —-a-w- c:\windows\system32\deploytk.dll
2009-10-02 17:39 . 2009-10-02 17:39 ——– d—–w- c:\program files\Amazon
2009-09-23 14:39 . 2009-09-23 14:39 17632 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\WSCUpdate.dll
2009-09-23 14:39 . 2009-09-23 14:39 68640 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\64\lbd.sys
2009-09-23 14:39 . 2009-09-23 14:39 303976 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\64\AAWDriverTool.exe
2009-09-23 14:39 . 2009-09-02 14:39 640760 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWWSC.exe
2009-09-23 12:55 . 2009-09-02 14:40 64288 —-a-w- c:\windows\system32\drivers\Lbd.sys
2009-09-14 06:48 . 2008-01-11 18:26 2034 —-a-w- c:\documents and settings\gebruiker\Application Data\SAS7_000.DAT
2009-09-11 14:20 . 2005-03-01 20:20 136192 —-a-w- c:\windows\system32\msv1_0.dll
2009-09-10 13:54 . 2008-09-01 03:58 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 13:53 . 2008-05-28 14:26 19160 —-a-w- c:\windows\system32\drivers\mbam.sys
2009-09-04 21:05 . 2005-03-01 20:19 58880 —-a-w- c:\windows\system32\msasn1.dll
2009-09-02 14:39 . 2009-09-02 14:39 85352 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\32\AAWDriverTool.exe
2009-09-02 14:39 . 2009-09-02 14:39 64160 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\32\lbd.sys
2009-08-29 08:00 . 2005-03-01 20:21 916480 ——w- c:\windows\system32\wininet.dll
2009-08-26 08:02 . 2005-03-01 20:20 247326 —-a-w- c:\windows\system32\strmdll.dll
.
((((((((((((((((((((((((((((( SnapShot_2009-11-21_19.17.04 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-21 21:34 . 2009-11-21 21:34 16384 c:\windows\temp\Perflib_Perfdata_538.dat
+ 2004-09-14 17:14 . 2009-11-21 19:31 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2004-09-14 17:14 . 2009-11-21 08:51 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2004-09-14 17:14 . 2009-11-21 19:31 32768 c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat
- 2004-09-14 17:14 . 2009-11-21 08:51 32768 c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat
+ 2009-09-02 16:11 . 2009-11-21 19:31 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
- 2009-09-02 16:11 . 2009-11-21 08:51 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2009-11-21 19:31 . 2009-11-21 19:31 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-11-21 08:51 . 2009-11-21 08:51 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-10-16 11:12 1119488 —-a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2007-12-18 401408]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-11-12 323392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ezShieldProtector for Px"="c:\windows\system32\ezSP_Px.exe" [2002-08-20 40960]
"CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632]
"BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2008-01-08 864256]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-11-21 788880]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-11-12 2020120]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2003-12-19 65024]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-11-11 17:03 12464 —-a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^TabUserW.exe.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\TabUserW.exe.lnk
backup=c:\windows\pss\TabUserW.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^gebruiker^Menu Start^Programma's^Opstarten^Last.fm Helper.lnk]
path=c:\documents and settings\gebruiker\Menu Start\Programma's\Opstarten\Last.fm Helper.lnk
backup=c:\windows\pss\Last.fm Helper.lnkStartup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Soulseek\\slsk.exe"=
"c:\\Program Files\\DropUpload\\DropUpLoad.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Zapr\\Zapr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
R0 fasttrak;fasttrak;c:\windows\system32\drivers\fasttrak.sys [11-11-2004 16:52 70656]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2-9-2009 15:40 64288]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [11-11-2004 16:53 77312]
R0 VOBID;VOBID;c:\windows\system32\drivers\vobid.sys [1-8-2003 13:47 29239]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [24-5-2008 18:27 333192]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [24-5-2008 18:27 360584]
R1 vobiw;vobiw;c:\windows\system32\drivers\vobIW.sys [6-7-2004 16:06 188416]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [11-11-2009 18:03 285392]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24-9-2009 12:17 1184912]
R3 cdrdrv;Cdrdrv;c:\windows\system32\drivers\Cdrdrv.sys [3-8-2004 10:10 62976]
S2 Nmpdrv_N;Nmpdrv_N USB Controller Service; [x]
S3 EMCR;EMCR;c:\windows\system32\drivers\emcr7sk.sys [11-11-2004 16:52 68224]
S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [31-10-2008 16:11 23096]
S3 MusCVideo;MusCVideo;c:\windows\system32\drivers\MusCVideo.sys [31-10-2008 16:11 3768]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [30-5-2008 16:07 337800]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21-9-2008 16:00 642560]
.
Inhoud van de 'Gedeelde Taken' map
2009-11-21 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 08:48]
2009-11-21 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-16 06:39]
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.google.nl/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = localhost;*.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Name-Space Handler: ftp\* - {419A0123-4312-1122-A0C0-434FDA6DA542} - c:\program files\CoreFTP\pftpns.dll
DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://download.ewido.net/ewidoOnlineScan.cab
DPF: {1D185838-009D-47C8-824B-B65B4854430E} - hxxp://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - hxxp://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab
FF - ProfilePath - c:\documents and settings\gebruiker\Application Data\Mozilla\Firefox\Profiles\0a42b5n7.Standaardgebruiker\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=nl&t=3|http://www.google.com/search?hl=nl&client=ig&q=weather+Amsterdam
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-21 22:45
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen …
scannen van verborgen autostart items …
scannen van verborgen bestanden …
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A231240]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf76bbf28
\Driver\ACPI -> ACPI.sys @ 0xf7587cb8
\Driver\atapi -> 0x8a231240
\Driver\iaStor -> IASTOR.SYS @ 0xbaf122f0
IoDeviceObjectType -> ParseProcedure -> ntoskrnl.exe @ 0x8057b6b1
\Device\Harddisk0\DR0 -> ParseProcedure -> ntoskrnl.exe @ 0x8057b6b1
NDIS: Broadcom NetXtreme Gigabit Ethernet -> SendCompleteHandler -> NDIS.sys @ 0xf7a20bb0
PacketIndicateHandler -> NDIS.sys @ 0xf7a2da21
SendHandler -> NDIS.sys @ 0xf7a0b87b
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•¤|ÿÿÿÿ•¤|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
——————— DLLs Geladen Onder Lopende Processen ———————
- - - - - - - > 'winlogon.exe'(716)
c:\windows\system32\Ati2evxx.dll
.
Voltooingstijd: 2009-11-21 22:47
ComboFix-quarantined-files.txt 2009-11-21 21:47
ComboFix2.txt 2009-11-21 19:20
ComboFix3.txt 2009-11-21 08:30
ComboFix4.txt 2009-09-08 16:02
ComboFix5.txt 2009-11-21 21:29
Pre-Run: 14.442.385.408 bytes beschikbaar
Post-Run: 14.408.286.208 bytes beschikbaar
- - End Of File - - BCCCB007F1351859679A31EDF40968F0 - Halo Diana, een snelle vraag ivm het vervolg - beschik jij over een XP-Home installatie CD?
- [quote:7bb7e5ff4b="Abraham54"]Halo Diana, een snelle vraag ivm het vervolg - beschik jij over een XP-Home installatie CD?[/quote:7bb7e5ff4b]
Nee, er zit iets op mijn computer van de fabrikant om opnieuw de computer te kunnen installeren. Drukken op f10 geloof ik.
Maar dit is al een veel betere log:
ComboFix 09-11-21.01 - gebruiker 22-11-2009 6:00.7.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1329 [GMT 1:00]
Gestart vanuit: c:\documents and settings\gebruiker\Bureaublad\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
(((((((((((((((((((( Bestanden Gemaakt van 2009-10-22 to 2009-11-22 ))))))))))))))))))))))))))))))
.
2009-11-21 21:58 . 2009-11-21 21:58 ——– d–h–r- c:\documents and settings\gebruiker\Onlangs geopend
2009-11-21 21:30 . 2004-08-04 12:00 13952 -c–a-w- c:\windows\system32\dllcache\cbidf2k.sys
2009-11-21 21:30 . 2004-08-04 12:00 13952 —-a-w- c:\windows\system32\drivers\cbidf2k.sys
2009-11-21 21:30 . 2008-04-13 18:40 96512 -c–a-w- c:\windows\system32\dllcache\atapi.sys
2009-11-21 21:30 . 2008-04-13 18:40 96512 ——w- c:\windows\system32\drivers\atapi.sys
2009-11-21 08:49 . 2009-11-21 08:49 93360 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-21 08:49 . 2009-11-21 08:49 93360 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\SBREDrv.sys
2009-11-21 08:49 . 2009-11-21 08:49 554280 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\sbap.dll
2009-11-21 08:49 . 2009-11-21 08:49 537576 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\aawapi.dll
2009-11-21 08:49 . 2009-11-21 08:49 212480 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\VipreBridge.dll
2009-11-21 08:49 . 2009-11-21 08:49 283944 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Vipre.dll
2009-11-21 08:49 . 2009-11-21 08:49 1223976 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\SBTE.dll
2009-11-21 08:49 . 2009-11-21 08:49 242984 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\SBRE.dll
2009-11-21 08:48 . 2009-11-21 08:48 ——– dc-h–w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-21 08:48 . 2009-10-03 08:15 2924848 -c–a-w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
2009-11-21 08:03 . 2009-11-21 08:01 399872 —-a-w- c:\windows\system32\CF14009.exe
2009-11-14 15:01 . 2009-11-21 22:11 0 —-a-w- c:\documents and settings\gebruiker\Local Settings\Application Data\prvlcl.dat
2009-11-13 17:47 . 2009-10-16 11:12 1119488 —-a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll
2009-11-12 21:43 . 2009-11-12 21:43 152576 —-a-w- c:\documents and settings\gebruiker\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-12 21:43 . 2009-11-12 21:43 79488 —-a-w- c:\documents and settings\gebruiker\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-11 17:12 . 2009-11-11 17:12 ——– d—–w- c:\documents and settings\gebruiker\Local Settings\Application Data\AVG Security Toolbar
2009-11-11 17:03 . 2009-11-11 17:10 ——– d—–w- C:\$AVG
2009-11-11 17:03 . 2009-11-13 17:47 ——– d—–w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-11-11 17:03 . 2009-11-11 17:03 ——– d—–w- c:\documents and settings\All Users\Application Data\avg9
2009-10-31 21:57 . 2009-10-31 21:57 ——– d—–w- c:\documents and settings\gebruiker\Application Data\Winamp
2009-10-29 21:32 . 2007-02-27 13:31 21504 —-a-w- c:\windows\system32\drivers\motmodem.sys
2009-10-29 21:32 . 2006-11-13 13:45 1419232 —-a-w- c:\windows\system32\wdfcoinstaller01005.dll
2009-10-29 19:48 . 2009-10-29 19:48 ——– d—–w- c:\program files\Common Files\Motorola Shared
2009-10-26 20:56 . 2009-11-21 09:49 25992 —-a-w- c:\windows\system32\pgdfgsvc.exe
2009-10-26 18:30 . 2007-03-12 15:42 3495784 —-a-w- c:\windows\system32\d3dx9_33.dll
2009-10-26 18:26 . 2009-10-26 18:26 ——– d—–w- c:\documents and settings\All Users\Application Data\HEMA Fotoservice
2009-10-26 18:26 . 2009-10-26 18:26 ——– d—–w- c:\program files\HEMA Fotoservice
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-22 05:02 . 2009-02-27 19:52 ——– d—–w- c:\documents and settings\gebruiker\Application Data\DNA
2009-11-22 04:57 . 2007-01-11 12:46 ——– d—a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-22 04:57 . 2009-07-08 16:41 ——– d—–w- c:\program files\SpywareBlaster
2009-11-22 04:57 . 2006-02-26 14:33 ——– d—–w- c:\program files\Hitman Pro
2009-11-22 04:52 . 2005-05-11 18:20 12341 —-a-w- c:\windows\system32\Tablet.dat
2009-11-22 04:52 . 2009-02-27 19:52 ——– d—–w- c:\program files\DNA
2009-11-22 04:50 . 2008-04-09 16:23 12 —-a-w- c:\windows\bthservsdp.dat
2009-11-22 04:24 . 2005-04-16 09:19 ——– d–h–w- c:\program files\InstallShield Installation Information
2009-11-21 22:14 . 2008-09-01 03:27 ——– d—–w- c:\program files\Spybot - Search & Destroy
2009-11-21 22:00 . 2005-04-20 15:20 ——– d—–w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-21 19:24 . 2007-05-02 16:11 ——– d—–w- c:\documents and settings\All Users\Application Data\BVRP Software
2009-11-21 19:22 . 2005-06-06 16:44 ——– d—–w- c:\program files\Sony
2009-11-21 18:12 . 2005-05-27 22:23 ——– d—–w- c:\program files\Soulseek
2009-11-21 09:47 . 2006-04-28 15:58 ——– d—–w- c:\program files\XnView
2009-11-21 08:49 . 2009-09-02 14:39 862040 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\threatwork.exe
2009-11-21 08:49 . 2009-09-02 16:11 15880 —-a-w- c:\windows\system32\lsdelete.exe
2009-11-21 08:49 . 2009-09-02 14:39 390288 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lavalicense.dll
2009-11-21 08:49 . 2009-09-02 14:39 206944 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lavamessage.dll
2009-11-21 08:49 . 2009-09-02 14:39 15880 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lsdelete.exe
2009-11-21 08:49 . 2009-09-02 14:39 370744 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\UpdateManager.dll
2009-11-21 08:49 . 2009-09-02 14:39 163728 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\ShellExt.dll
2009-11-21 08:49 . 2009-09-02 14:39 194104 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Savapibridge.dll
2009-11-21 08:49 . 2009-09-02 14:39 5908024 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Resources.dll
2009-11-21 08:49 . 2009-09-02 14:39 327000 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\RPAPI.dll
2009-11-21 08:49 . 2009-09-02 14:39 87496 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\PrivacyClean.dll
2009-11-21 08:49 . 2009-09-02 14:39 933120 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\CEAPI.dll
2009-11-21 08:48 . 2009-09-23 14:39 641632 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AutoLaunch.exe
2009-11-21 08:48 . 2009-09-02 14:39 816272 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-AwareCommand.exe
2009-11-21 08:48 . 2009-09-02 14:39 822904 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-AwareAdmin.exe
2009-11-21 08:48 . 2009-09-02 14:39 1638640 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-Aware.exe
2009-11-21 08:48 . 2009-09-02 14:39 788880 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWTray.exe
2009-11-21 08:48 . 2009-09-02 14:39 1184912 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWService.exe
2009-11-20 23:40 . 2007-08-26 16:38 ——– d—–w- c:\documents and settings\All Users\Application Data\Google Updater
2009-11-18 18:16 . 2009-09-17 19:15 1 —-a-w- c:\documents and settings\gebruiker\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-11-12 21:44 . 2005-05-14 20:18 ——– d—–w- c:\program files\Java
2009-11-11 18:51 . 2008-04-22 15:36 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
2009-11-11 18:50 . 2008-05-28 14:26 4045528 —-a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-11-11 17:03 . 2008-05-24 17:27 333192 —-a-w- c:\windows\system32\drivers\avgldx86.sys
2009-11-11 17:03 . 2008-05-24 17:27 360584 —-a-w- c:\windows\system32\drivers\avgtdix.sys
2009-11-11 17:03 . 2008-01-17 19:04 28424 —-a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-11-11 17:03 . 2008-05-24 17:27 12464 —-a-w- c:\windows\system32\avgrsstx.dll
2009-11-11 17:03 . 2008-05-24 17:27 ——– d—–w- c:\program files\AVG
2009-10-31 21:57 . 2005-06-07 11:05 ——– d—–w- c:\program files\Winamp
2009-10-29 22:04 . 2009-02-27 19:52 ——– d—–w- c:\documents and settings\gebruiker\Application Data\BitTorrent
2009-10-29 21:17 . 2007-05-02 16:12 ——– d—–w- c:\program files\Avanquest update
2009-10-29 21:15 . 2007-05-02 16:30 92064 —-a-w- c:\documents and settings\gebruiker\mqdmmdm.sys
2009-10-29 21:15 . 2007-05-02 16:30 79328 —-a-w- c:\documents and settings\gebruiker\mqdmserd.sys
2009-10-29 21:15 . 2007-05-02 16:30 5936 —-a-w- c:\documents and settings\gebruiker\mqdmwhnt.sys
2009-10-29 21:15 . 2007-05-02 16:30 9232 —-a-w- c:\documents and settings\gebruiker\mqdmmdfl.sys
2009-10-29 21:15 . 2007-05-02 16:30 66656 —-a-w- c:\documents and settings\gebruiker\mqdmbus.sys
2009-10-29 21:15 . 2007-05-02 16:30 6208 —-a-w- c:\documents and settings\gebruiker\mqdmcmnt.sys
2009-10-29 21:15 . 2007-05-02 16:30 4048 —-a-w- c:\documents and settings\gebruiker\mqdmcr.sys
2009-10-29 21:15 . 2007-05-02 16:11 25600 —-a-w- c:\documents and settings\gebruiker\usbsermptxp.sys
2009-10-29 21:15 . 2007-05-02 16:11 22768 —-a-w- c:\documents and settings\gebruiker\usbsermpt.sys
2009-10-29 19:49 . 2009-10-29 19:49 0 —ha-w- c:\windows\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
2009-10-29 19:49 . 2009-10-29 19:49 0 —ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-10-25 06:05 . 2004-09-15 01:50 91632 —-a-w- c:\windows\system32\perfc013.dat
2009-10-25 06:05 . 2004-09-15 01:50 511866 —-a-w- c:\windows\system32\perfh013.dat
2009-10-19 15:49 . 2005-05-11 21:14 79128 —-a-w- c:\documents and settings\gebruiker\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-19 15:39 . 2009-10-19 15:39 ——– d—–w- c:\program files\MSECache
2009-10-13 17:28 . 2009-10-13 17:28 ——– d—–w- c:\program files\Bonjour
2009-10-13 17:28 . 2009-10-13 17:27 ——– d—–w- c:\program files\QuickTime
2009-10-13 17:26 . 2008-03-22 16:58 ——– d—–w- c:\program files\Common Files\Apple
2009-10-11 03:17 . 2009-06-19 14:51 411368 —-a-w- c:\windows\system32\deploytk.dll
2009-10-02 17:39 . 2009-10-02 17:39 ——– d—–w- c:\program files\Amazon
2009-09-23 14:39 . 2009-09-23 14:39 17632 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\WSCUpdate.dll
2009-09-23 14:39 . 2009-09-23 14:39 68640 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\64\lbd.sys
2009-09-23 14:39 . 2009-09-23 14:39 303976 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\64\AAWDriverTool.exe
2009-09-23 14:39 . 2009-09-02 14:39 640760 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWWSC.exe
2009-09-23 12:55 . 2009-09-02 14:40 64288 —-a-w- c:\windows\system32\drivers\Lbd.sys
2009-09-14 06:48 . 2008-01-11 18:26 2034 —-a-w- c:\documents and settings\gebruiker\Application Data\SAS7_000.DAT
2009-09-11 14:20 . 2005-03-01 20:20 136192 —-a-w- c:\windows\system32\msv1_0.dll
2009-09-10 13:54 . 2008-09-01 03:58 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 13:53 . 2008-05-28 14:26 19160 —-a-w- c:\windows\system32\drivers\mbam.sys
2009-09-04 21:05 . 2005-03-01 20:19 58880 —-a-w- c:\windows\system32\msasn1.dll
2009-09-02 14:39 . 2009-09-02 14:39 85352 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\32\AAWDriverTool.exe
2009-09-02 14:39 . 2009-09-02 14:39 64160 —-a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\32\lbd.sys
2009-08-29 08:00 . 2005-03-01 20:21 916480 ——w- c:\windows\system32\wininet.dll
2009-08-26 08:02 . 2005-03-01 20:20 247326 —-a-w- c:\windows\system32\strmdll.dll
.
((((((((((((((((((((((((((((( SnapShot_2009-11-21_19.17.04 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-22 04:52 . 2009-11-22 04:52 16384 c:\windows\temp\Perflib_Perfdata_210.dat
- 2004-09-14 17:14 . 2009-11-21 08:51 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2004-09-14 17:14 . 2009-11-21 19:31 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2004-09-14 17:14 . 2009-11-21 19:31 32768 c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat
- 2004-09-14 17:14 . 2009-11-21 08:51 32768 c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat
+ 2009-09-02 16:11 . 2009-11-21 19:31 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
- 2009-09-02 16:11 . 2009-11-21 08:51 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2005-08-03 08:33 . 2008-03-20 17:06 1480232 c:\windows\system32\LegitCheckControl.dll
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-10-16 11:12 1119488 —-a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"CTZDetec.exe"="c:\program files\Creative\Creative Media Lite\CTZDetec.exe" [2007-12-18 401408]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-11-12 323392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ezShieldProtector for Px"="c:\windows\system32\ezSP_Px.exe" [2002-08-20 40960]
"CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632]
"BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2008-01-08 864256]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-11-21 788880]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-11-12 2020120]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2003-12-19 65024]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-11-11 17:03 12464 —-a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^TabUserW.exe.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\TabUserW.exe.lnk
backup=c:\windows\pss\TabUserW.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^gebruiker^Menu Start^Programma's^Opstarten^Last.fm Helper.lnk]
path=c:\documents and settings\gebruiker\Menu Start\Programma's\Opstarten\Last.fm Helper.lnk
backup=c:\windows\pss\Last.fm Helper.lnkStartup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Soulseek\\slsk.exe"=
"c:\\Program Files\\DropUpload\\DropUpLoad.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Zapr\\Zapr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
R0 fasttrak;fasttrak;c:\windows\system32\drivers\fasttrak.sys [11-11-2004 16:52 70656]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2-9-2009 15:40 64288]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [11-11-2004 16:53 77312]
R0 VOBID;VOBID;c:\windows\system32\drivers\vobid.sys [1-8-2003 13:47 29239]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [24-5-2008 18:27 333192]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [24-5-2008 18:27 360584]
R1 vobiw;vobiw;c:\windows\system32\drivers\vobIW.sys [6-7-2004 16:06 188416]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [11-11-2009 18:03 285392]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24-9-2009 12:17 1184912]
R3 cdrdrv;Cdrdrv;c:\windows\system32\drivers\Cdrdrv.sys [3-8-2004 10:10 62976]
S2 Nmpdrv_N;Nmpdrv_N USB Controller Service; [x]
S3 EMCR;EMCR;c:\windows\system32\drivers\emcr7sk.sys [11-11-2004 16:52 68224]
S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [31-10-2008 16:11 23096]
S3 MusCVideo;MusCVideo;c:\windows\system32\drivers\MusCVideo.sys [31-10-2008 16:11 3768]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [30-5-2008 16:07 337800]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [21-9-2008 16:06 223128]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21-9-2008 16:00 642560]
.
Inhoud van de 'Gedeelde Taken' map
2009-11-21 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 08:48]
2009-11-22 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-16 06:39]
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.google.nl/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = localhost;*.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Name-Space Handler: ftp\* - {419A0123-4312-1122-A0C0-434FDA6DA542} - c:\program files\CoreFTP\pftpns.dll
DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://download.ewido.net/ewidoOnlineScan.cab
DPF: {1D185838-009D-47C8-824B-B65B4854430E} - hxxp://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - hxxp://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab
FF - ProfilePath - c:\documents and settings\gebruiker\Application Data\Mozilla\Firefox\Profiles\0a42b5n7.Standaardgebruiker\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=nl&t=3|http://www.google.com/search?hl=nl&client=ig&q=weather+Amsterdam
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-22 06:07
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen …
scannen van verborgen autostart items …
scannen van verborgen bestanden …
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•¤|ÿÿÿÿ•¤|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
——————— DLLs Geladen Onder Lopende Processen ———————
- - - - - - - > 'winlogon.exe'(696)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3312)
c:\windows\system32\tabhook.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Voltooingstijd: 2009-11-22 06:10
ComboFix-quarantined-files.txt 2009-11-22 05:10
ComboFix2.txt 2009-11-22 04:40
ComboFix3.txt 2009-11-21 21:47
ComboFix4.txt 2009-11-21 19:20
ComboFix5.txt 2009-11-22 04:58
Pre-Run: 14.828.433.408 bytes beschikbaar
Post-Run: 14.791.208.960 bytes beschikbaar
- - End Of File - - 2A63DC9947A199AA4231ACD25E3016F5 - Hallo Diana, ik voeg naar die CD, omdat in je vorige Cobofix log de MBR een rootkit zou bevatten, maar volgenns de laatste Combofixscan is de MBR schoon!
Ik heb daar overigens geen verklaring voor.
Hoe gaat het nu met jouw Windows! - [quote:86407a93ab="Abraham54"]Hallo Diana, ik voeg naar die CD, omdat in je vorige Cobofix log de MBR een rootkit zou bevatten, maar volgenns de laatste Combofixscan is de MBR schoon!
Ik heb daar overigens geen verklaaring voor.
Hoe gaat het nu met jouw Windows![/quote:86407a93ab]
Het gaat heel goed, ik heb ongeveer zes, zeven keer Combofix laten draaien met tussenpozen en het lijkt erop dat ie steeds meer kon weghalen. Geweldig programma!De eerste keren gaf hij steeds aan dat een rootkit gevonden was en dan startte de computer opnieuw op en begon Combofix opnieuw. Maar de laatste keren gaf hij niet meer aan dat er een rootkit was gevonden. I'm very happy! Ik had ondertussen ook een aantal programma's die ik nooit gebruik verwijderd, misschien dat dat ook geholpen heeft. Ik heb mijn wachtwoord van mijn provider ook gewijzigd en de spam is helemaal opgehouden. (Afkloppen.) - Dan zal ik nog een geweldig tool erbij geven, want het is echt niet de bedoeling, dat Combofix je standaard scanner wordt!
Download, installeer en blijf [b:4824d242f7]MBAM[/b:4824d242f7] gebruiken.
Al meteen na de installatie wil [b:4824d242f7]MBAM[/b:4824d242f7] zijn database opwaarderen – toestaan dus.
Ook bij herhaald gebruik: eerst de tab [b:4824d242f7]Update[/b:4824d242f7] aandoen!
[b:4824d242f7]Download MBAM[/b:4824d242f7]
Start [b:4824d242f7]MBAM[/b:4824d242f7] en kies voor [b:4824d242f7]Snelle Scan[/b:4824d242f7]
[b:4824d242f7]N.B.: Vistagebruik(st)ers starten MBAM middels rechtsklikken en dan kiezen voor Als Administrator uitvoeren.[/b:4824d242f7]
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik dan op de knop [b:4824d242f7]OK[/b:4824d242f7] , daarna op de knop [b:4824d242f7]Bekijk Resultaten[/b:4824d242f7] om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klikken op: [b:4824d242f7]Verwijder geselecteerde[/b:4824d242f7] .
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Het log wordt automatisch bewaard door [b:4824d242f7]MBAM[/b:4824d242f7] en dat kan je terugvinden door op de tab [b:4824d242f7]Logs[/b:4824d242f7] te klikken in [b:4824d242f7]MBAM[/b:4824d242f7] .
Indien [b:4824d242f7]MBAM[/b:4824d242f7] moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op [b:4824d242f7]OK[/b:4824d242f7] klikken!
Daarna zal [b:4824d242f7]MBAM[/b:4824d242f7] vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.
Hierna een nieuw Hijack This Log aanmaken en het resultaat daarvan samen met het scanresultaat van MBAM posten;
tevens een Uninstall-lijst posten (Start HijackThis, klik op de knop [b:4824d242f7]Open the Misc Tools section[/b:4824d242f7], dan op de knop [b:4824d242f7]Open Uninstall Manager[/b:4824d242f7] en als laatse op de knop [b:4824d242f7]Save[/b:4824d242f7]). - [quote:e76e237261="Abraham54"]Dan zal ik nog een geweldig tool erbij geven, want het is echt niet de bedoeling, dat Combofix je standaard scanner wordt!
Download, installeer en blijf [b:e76e237261]MBAM[/b:e76e237261] gebruiken.
Al meteen na de installatie wil [b:e76e237261]MBAM[/b:e76e237261] zijn database opwaarderen – toestaan dus.
Ook bij herhaald gebruik: eerst de tab [b:e76e237261]Update[/b:e76e237261] aandoen!
[b:e76e237261]Download MBAM[/b:e76e237261]
Start [b:e76e237261]MBAM[/b:e76e237261] en kies voor [b:e76e237261]Snelle Scan[/b:e76e237261]
[b:e76e237261]N.B.: Vistagebruik(st)ers starten MBAM middels rechtsklikken en dan kiezen voor Als Administrator uitvoeren.[/b:e76e237261]
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik dan op de knop [b:e76e237261]OK[/b:e76e237261] , daarna op de knop [b:e76e237261]Bekijk Resultaten[/b:e76e237261] om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klikken op: [b:e76e237261]Verwijder geselecteerde[/b:e76e237261] .
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Het log wordt automatisch bewaard door [b:e76e237261]MBAM[/b:e76e237261] en dat kan je terugvinden door op de tab [b:e76e237261]Logs[/b:e76e237261] te klikken in [b:e76e237261]MBAM[/b:e76e237261] .
Indien [b:e76e237261]MBAM[/b:e76e237261] moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op [b:e76e237261]OK[/b:e76e237261] klikken!
Daarna zal [b:e76e237261]MBAM[/b:e76e237261] vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.
Hierna een nieuw Hijack This Log aanmaken en het resultaat daarvan samen met het scanresultaat van MBAM posten;
tevens een Uninstall-lijst posten (Start HijackThis, klik op de knop [b:e76e237261]Open the Misc Tools section[/b:e76e237261], dan op de knop [b:e76e237261]Open Uninstall Manager[/b:e76e237261] en als laatse op de knop [b:e76e237261]Save[/b:e76e237261]).[/quote:e76e237261]
Malwarebytes héb ik al als standaardprogramma, maar die kon niet wat Combofix kan. Overigens zie ik het risico van Combofix wel in, maar ik heb er al langer ervaring mee, je moet gewoon goed opletten wat je doet.
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.
Gerelateerde vragen
- URL zonder extensie wil niet helemaal lukken
- https verbinding met ssl in owncloud
- afspelen met audacity werkt niet goed
- Computer!Totaal-forum maakt plaats voor v&a-module
- computer start soms niet op
- Pro show gold 4 overgangen tussen tekstdia's
- wie kan mij meer vertellen over een Gigabyte GA-B85M-HD3
- Windows Tijdelijke bestanden