igorfranken
-
Items
19 -
Registratiedatum
-
Laatst bezocht
igorfranken's prestaties
-
Inmiddels heeft zich een ernstig probleem voorgedaan waardoor ik niet verder kwam dan het opstartscherm in "dos". Niets wat ik probeerde hielp. Veilige modus startte niet eens op. Ik heb de PC opnieuw moeten installeren en natuurlijk is het probleem nu weg. Dank iig voor alle hulp!!!
-
hmmmm ik had de log gepost, maar zie niets meer... nog een keer: 10:35:44.0445 4564 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06 10:35:44.0633 4564 ============================================================ 10:35:44.0633 4564 Current date / time: 2011/12/10 10:35:44.0633 10:35:44.0633 4564 SystemInfo: 10:35:44.0633 4564 10:35:44.0633 4564 OS Version: 5.1.2600 ServicePack: 2.0 10:35:44.0633 4564 Product type: Workstation 10:35:44.0633 4564 ComputerName: LANS 10:35:44.0633 4564 UserName: Igor Franken 10:35:44.0633 4564 Windows directory: C:\WINDOWS 10:35:44.0633 4564 System windows directory: C:\WINDOWS 10:35:44.0633 4564 Processor architecture: Intel x86 10:35:44.0633 4564 Number of processors: 2 10:35:44.0633 4564 Page size: 0x1000 10:35:44.0633 4564 Boot type: Normal boot 10:35:44.0633 4564 ============================================================ 10:35:45.0289 4564 Initialize success 10:35:51.0055 2596 ============================================================ 10:35:51.0055 2596 Scan started 10:35:51.0055 2596 Mode: Manual; 10:35:51.0055 2596 ============================================================ 10:35:51.0617 2596 Abiosdsk - ok 10:35:51.0680 2596 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 10:35:51.0680 2596 abp480n5 - ok 10:35:51.0758 2596 ACPI (12139c5b5d7366e54ef3029c65b8ca97) C:\WINDOWS\system32\DRIVERS\ACPI.sys 10:35:51.0758 2596 ACPI - ok 10:35:51.0789 2596 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys 10:35:51.0789 2596 ACPIEC - ok 10:35:51.0805 2596 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 10:35:51.0820 2596 adpu160m - ok 10:35:51.0898 2596 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys 10:35:51.0898 2596 aec - ok 10:35:51.0945 2596 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys 10:35:51.0961 2596 AFD - ok 10:35:52.0008 2596 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys 10:35:52.0008 2596 agp440 - ok 10:35:52.0055 2596 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 10:35:52.0070 2596 agpCPQ - ok 10:35:52.0070 2596 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 10:35:52.0086 2596 Aha154x - ok 10:35:52.0086 2596 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 10:35:52.0102 2596 aic78u2 - ok 10:35:52.0117 2596 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 10:35:52.0117 2596 aic78xx - ok 10:35:52.0148 2596 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 10:35:52.0148 2596 AliIde - ok 10:35:52.0164 2596 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys 10:35:52.0164 2596 alim1541 - ok 10:35:52.0180 2596 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys 10:35:52.0195 2596 amdagp - ok 10:35:52.0227 2596 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 10:35:52.0227 2596 amsint - ok 10:35:52.0305 2596 arusb(TP-LINK) (d8aa72b3760402b4a30925d9778e4688) C:\WINDOWS\system32\DRIVERS\arusb.sys 10:35:52.0320 2596 arusb(TP-LINK) - ok 10:35:52.0367 2596 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 10:35:52.0383 2596 asc - ok 10:35:52.0414 2596 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 10:35:52.0414 2596 asc3350p - ok 10:35:52.0445 2596 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 10:35:52.0461 2596 asc3550 - ok 10:35:52.0492 2596 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 10:35:52.0508 2596 AsyncMac - ok 10:35:52.0539 2596 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys 10:35:52.0555 2596 atapi - ok 10:35:52.0633 2596 Atdisk - ok 10:35:52.0680 2596 ati2mtag (f5fc6ac1e7bc776871361d463fc86be2) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 10:35:52.0773 2596 ati2mtag - ok 10:35:52.0820 2596 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 10:35:52.0820 2596 Atmarpc - ok 10:35:52.0867 2596 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 10:35:52.0867 2596 audstub - ok 10:35:52.0961 2596 AVGIDSDriver (2d18221aab3db2d408d6c55c0f23090a) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys 10:35:52.0961 2596 AVGIDSDriver - ok 10:35:52.0992 2596 AVGIDSEH (1af676db3f3d4cc709cfab2571cf5fc3) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys 10:35:52.0992 2596 AVGIDSEH - ok 10:35:53.0008 2596 AVGIDSFilter (4c51e233c87f9ec7598551de554bc99d) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys 10:35:53.0008 2596 AVGIDSFilter - ok 10:35:53.0023 2596 AVGIDSShim (c3fc426e54f55c1cc3219e415b88e10c) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys 10:35:53.0023 2596 AVGIDSShim - ok 10:35:53.0055 2596 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\WINDOWS\system32\DRIVERS\avgldx86.sys 10:35:53.0055 2596 Avgldx86 - ok 10:35:53.0086 2596 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 10:35:53.0086 2596 Avgmfx86 - ok 10:35:53.0102 2596 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys 10:35:53.0102 2596 Avgrkx86 - ok 10:35:53.0117 2596 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\WINDOWS\system32\DRIVERS\avgtdix.sys 10:35:53.0133 2596 Avgtdix - ok 10:35:53.0164 2596 AVMNgBasM779 (7eeaaa9c92fd1d51bac0fc68a279cf89) C:\WINDOWS\system32\DRIVERS\AVerBas.sys 10:35:53.0180 2596 AVMNgBasM779 - ok 10:35:53.0211 2596 AVMNgCapM779 (e16da689492b316ad2eb328a86552366) C:\WINDOWS\system32\DRIVERS\AVerCap.sys 10:35:53.0227 2596 AVMNgCapM779 - ok 10:35:53.0242 2596 AVMNgTunM779 (cd50ffb839452c71b06d8f8728779bbd) C:\WINDOWS\system32\DRIVERS\AVerTun.sys 10:35:53.0258 2596 AVMNgTunM779 - ok 10:35:53.0273 2596 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 10:35:53.0273 2596 Beep - ok 10:35:53.0305 2596 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\Drivers\BrScnUsb.sys 10:35:53.0320 2596 BrScnUsb - ok 10:35:53.0352 2596 btaudio (75f2f99751005d1dd9afcd599e2bf544) C:\WINDOWS\system32\drivers\btaudio.sys 10:35:53.0367 2596 btaudio - ok 10:35:53.0461 2596 BTDriver (ed53d949fca98b9f633f4dce97b1d859) C:\WINDOWS\system32\DRIVERS\btport.sys 10:35:53.0477 2596 BTDriver - ok 10:35:53.0555 2596 BthEnum (d24b8d1784c68a25060fffbe8ed34b76) C:\WINDOWS\system32\DRIVERS\BthEnum.sys 10:35:53.0555 2596 BthEnum - ok 10:35:53.0617 2596 BTHMODEM (9df0adf74ce1d6371ed60cf92eb1d9a6) C:\WINDOWS\system32\DRIVERS\bthmodem.sys 10:35:53.0617 2596 BTHMODEM - ok 10:35:53.0680 2596 BthPan (10355270be12641b9764235da39dcf0f) C:\WINDOWS\system32\DRIVERS\bthpan.sys 10:35:53.0680 2596 BthPan - ok 10:35:53.0758 2596 BTHPORT (9ff1251afdb3406104e67196c7abb3a8) C:\WINDOWS\system32\Drivers\BTHport.sys 10:35:53.0773 2596 BTHPORT - ok 10:35:53.0836 2596 BTHUSB (f06d4cb9918b462a84d9ac00027efc30) C:\WINDOWS\system32\Drivers\BTHUSB.sys 10:35:53.0836 2596 BTHUSB - ok 10:35:53.0930 2596 BTKRNL (1a8a1d4dc2cf946eecdb7ffc853bdc1d) C:\WINDOWS\system32\DRIVERS\btkrnl.sys 10:35:53.0977 2596 BTKRNL - ok 10:35:54.0023 2596 btwhid (8f9ecc34280dbe5f2df32cd7cf2aa439) C:\WINDOWS\system32\DRIVERS\btwhid.sys 10:35:54.0039 2596 btwhid - ok 10:35:54.0102 2596 BTWUSB (65d626c2f030a9555b716efaa1cfb4ba) C:\WINDOWS\system32\Drivers\btwusb.sys 10:35:54.0117 2596 BTWUSB - ok 10:35:54.0164 2596 catchme - ok 10:35:54.0211 2596 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 10:35:54.0227 2596 cbidf - ok 10:35:54.0258 2596 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 10:35:54.0258 2596 cbidf2k - ok 10:35:54.0273 2596 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 10:35:54.0289 2596 CCDECODE - ok 10:35:54.0320 2596 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 10:35:54.0320 2596 cd20xrnt - ok 10:35:54.0352 2596 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 10:35:54.0367 2596 Cdaudio - ok 10:35:54.0383 2596 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys 10:35:54.0383 2596 Cdfs - ok 10:35:54.0414 2596 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys 10:35:54.0414 2596 Cdrom - ok 10:35:54.0430 2596 Changer - ok 10:35:54.0477 2596 CmdIde (026ba1f2d9c9f742ec3823d0214cd67c) C:\WINDOWS\system32\DRIVERS\cmdide.sys 10:35:54.0477 2596 CmdIde - ok 10:35:54.0523 2596 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 10:35:54.0539 2596 Cpqarray - ok 10:35:54.0586 2596 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys 10:35:54.0586 2596 ctsfm2k - ok 10:35:54.0633 2596 CTUSFSYN (4ee8822adb764edd28ce44e808097995) C:\WINDOWS\system32\drivers\ctusfsyn.sys 10:35:54.0633 2596 CTUSFSYN - ok 10:35:54.0680 2596 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 10:35:54.0695 2596 dac2w2k - ok 10:35:54.0758 2596 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 10:35:54.0758 2596 dac960nt - ok 10:35:54.0820 2596 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys 10:35:54.0820 2596 Disk - ok 10:35:54.0898 2596 dmboot (d9542b70560cda5c4f5e62b1eed412cd) C:\WINDOWS\system32\drivers\dmboot.sys 10:35:54.0930 2596 dmboot - ok 10:35:54.0992 2596 dmio (b5f7ac6bb9445e9c59e0686fe52a47e8) C:\WINDOWS\system32\drivers\dmio.sys 10:35:54.0992 2596 dmio - ok 10:35:55.0023 2596 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 10:35:55.0023 2596 dmload - ok 10:35:55.0055 2596 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys 10:35:55.0070 2596 DMusic - ok 10:35:55.0133 2596 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 10:35:55.0133 2596 dpti2o - ok 10:35:55.0180 2596 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys 10:35:55.0180 2596 drmkaud - ok 10:35:55.0273 2596 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys 10:35:55.0273 2596 DSproct - ok 10:35:55.0336 2596 E100B (be27de641e52d8b295dea40b213318f7) C:\WINDOWS\system32\DRIVERS\e100b325.sys 10:35:55.0352 2596 E100B - ok 10:35:55.0445 2596 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys 10:35:55.0445 2596 e1express - ok 10:35:55.0477 2596 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys 10:35:55.0477 2596 Fastfat - ok 10:35:55.0492 2596 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys 10:35:55.0492 2596 Fdc - ok 10:35:55.0523 2596 Fips (dac8cab287a959c2f717d3748177374b) C:\WINDOWS\system32\drivers\Fips.sys 10:35:55.0539 2596 Fips - ok 10:35:55.0555 2596 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 10:35:55.0570 2596 Flpydisk - ok 10:35:55.0602 2596 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 10:35:55.0617 2596 FltMgr - ok 10:35:55.0617 2596 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 10:35:55.0633 2596 Fs_Rec - ok 10:35:55.0648 2596 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 10:35:55.0648 2596 Ftdisk - ok 10:35:55.0711 2596 GEARAspiWDM (8c18f85edd5d47f34068f3efd5689fa9) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys 10:35:55.0711 2596 GEARAspiWDM - ok 10:35:55.0711 2596 GMSIPCI - ok 10:35:55.0758 2596 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys 10:35:55.0758 2596 Gpc - ok 10:35:55.0789 2596 HDAudBus (e31363d186b3e1d7c4e9117884a6aee5) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 10:35:55.0789 2596 HDAudBus - ok 10:35:55.0820 2596 HidIr (07577916997e89563ed508c2ab6ff415) C:\WINDOWS\system32\DRIVERS\hidir.sys 10:35:55.0836 2596 HidIr - ok 10:35:55.0930 2596 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys 10:35:55.0930 2596 HidUsb - ok 10:35:55.0977 2596 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 10:35:55.0977 2596 hpn - ok 10:35:56.0008 2596 HSFHWBS2 - ok 10:35:56.0023 2596 HSF_DP - ok 10:35:56.0102 2596 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys 10:35:56.0117 2596 HTTP - ok 10:35:56.0180 2596 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys 10:35:56.0195 2596 i2omgmt - ok 10:35:56.0211 2596 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys 10:35:56.0227 2596 i2omp - ok 10:35:56.0242 2596 i8042prt (ddb567b5fe32d917a34b98de50b3c923) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 10:35:56.0258 2596 i8042prt - ok 10:35:56.0289 2596 iaStor (019cf5f31c67030841233c545a0e217a) C:\WINDOWS\system32\drivers\iaStor.sys 10:35:56.0289 2596 iaStor - ok 10:35:56.0320 2596 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys 10:35:56.0336 2596 Imapi - ok 10:35:56.0367 2596 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 10:35:56.0383 2596 ini910u - ok 10:35:56.0414 2596 IntelIde (133b243ee5ccc607686a5648b807542d) C:\WINDOWS\system32\DRIVERS\intelide.sys 10:35:56.0430 2596 IntelIde - ok 10:35:56.0492 2596 intelppm (17f6ae3cb6b478c6054e2e894a6d89bf) C:\WINDOWS\system32\DRIVERS\intelppm.sys 10:35:56.0492 2596 intelppm - ok 10:35:56.0570 2596 Intels51 (eb6d8e9cd813596b6d59d878337a4998) C:\WINDOWS\system32\DRIVERS\Intels51.sys 10:35:56.0602 2596 Intels51 - ok 10:35:56.0633 2596 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 10:35:56.0648 2596 Ip6Fw - ok 10:35:56.0695 2596 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 10:35:56.0711 2596 IpFilterDriver - ok 10:35:56.0742 2596 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys 10:35:56.0742 2596 IpInIp - ok 10:35:56.0805 2596 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys 10:35:56.0820 2596 IpNat - ok 10:35:56.0914 2596 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys 10:35:56.0930 2596 IPSec - ok 10:35:56.0961 2596 IrBus (0461e205fa8870f9020ffe7c64721e75) C:\WINDOWS\system32\DRIVERS\IrBus.sys 10:35:56.0977 2596 IrBus - ok 10:35:57.0008 2596 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys 10:35:57.0008 2596 IRENUM - ok 10:35:57.0039 2596 isapnp (fd298ad13acb19fc43b627aca0806231) C:\WINDOWS\system32\DRIVERS\isapnp.sys 10:35:57.0039 2596 isapnp - ok 10:35:57.0055 2596 Kbdclass (59549e9180ce29d832289e1a1d9e3c60) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 10:35:57.0070 2596 Kbdclass - ok 10:35:57.0086 2596 kbdhid (6b97674104b15a2dd135f7b365223194) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 10:35:57.0086 2596 kbdhid - ok 10:35:57.0117 2596 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys 10:35:57.0117 2596 kmixer - ok 10:35:57.0164 2596 KSecDD (1be7cc2535d760ae4d481576eb789f24) C:\WINDOWS\system32\drivers\KSecDD.sys 10:35:57.0164 2596 KSecDD - ok 10:35:57.0195 2596 lbrtfdc - ok 10:35:57.0242 2596 LHidKe (952c825c2a3014d4d1648309c42d8718) C:\WINDOWS\system32\DRIVERS\LHidKE.Sys 10:35:57.0258 2596 LHidKe - ok 10:35:57.0305 2596 LHidUsbK (01b150189a1406a67a9489f8c3ee6c23) C:\WINDOWS\system32\Drivers\LHidUsbK.Sys 10:35:57.0305 2596 LHidUsbK - ok 10:35:57.0336 2596 LMouKE (bb9cc32385c3320074009fe4b9b3b3b6) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys 10:35:57.0336 2596 LMouKE - ok 10:35:57.0367 2596 LUsbKbd (78ca51c6755fbb7b3ace41100ab3eeb7) C:\WINDOWS\system32\Drivers\LUsbKbd.Sys 10:35:57.0383 2596 LUsbKbd - ok 10:35:57.0398 2596 MBAMSwissArmy - ok 10:35:57.0398 2596 mcdbus - ok 10:35:57.0445 2596 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys 10:35:57.0461 2596 MHNDRV - ok 10:35:57.0492 2596 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 10:35:57.0492 2596 mnmdd - ok 10:35:57.0539 2596 Modem (7151be7fe5bd6671bf8ab745c419a42e) C:\WINDOWS\system32\drivers\Modem.sys 10:35:57.0539 2596 Modem - ok 10:35:57.0570 2596 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys 10:35:57.0586 2596 MODEMCSA - ok 10:35:57.0664 2596 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys 10:35:57.0695 2596 monfilt - ok 10:35:57.0742 2596 Mouclass (0ff36ca1ac0b7d2e46c291d30b516df1) C:\WINDOWS\system32\DRIVERS\mouclass.sys 10:35:57.0758 2596 Mouclass - ok 10:35:57.0789 2596 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys 10:35:57.0805 2596 mouhid - ok 10:35:57.0820 2596 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys 10:35:57.0820 2596 MountMgr - ok 10:35:57.0898 2596 MPE (55a9a7e6bb297bf0f5b144029dcb79cc) C:\WINDOWS\system32\DRIVERS\MPE.sys 10:35:57.0898 2596 MPE - ok 10:35:57.0992 2596 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 10:35:58.0008 2596 mraid35x - ok 10:35:58.0055 2596 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 10:35:58.0055 2596 MRxDAV - ok 10:35:58.0086 2596 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 10:35:58.0102 2596 MRxSmb - ok 10:35:58.0133 2596 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys 10:35:58.0133 2596 Msfs - ok 10:35:58.0180 2596 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys 10:35:58.0180 2596 MSKSSRV - ok 10:35:58.0273 2596 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 10:35:58.0273 2596 MSPCLOCK - ok 10:35:58.0305 2596 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys 10:35:58.0320 2596 MSPQM - ok 10:35:58.0320 2596 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 10:35:58.0336 2596 mssmbios - ok 10:35:58.0367 2596 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys 10:35:58.0383 2596 MSTEE - ok 10:35:58.0461 2596 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys 10:35:58.0461 2596 Mup - ok 10:35:58.0492 2596 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 10:35:58.0508 2596 NABTSFEC - ok 10:35:58.0539 2596 NAL (1e59aaed42a5e3a5ed86ec403f9c0776) C:\WINDOWS\system32\Drivers\iqvw32.sys 10:35:58.0633 2596 NAL - ok 10:35:58.0680 2596 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys 10:35:58.0680 2596 NDIS - ok 10:35:58.0711 2596 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 10:35:58.0711 2596 NdisIP - ok 10:35:58.0742 2596 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 10:35:58.0758 2596 NdisTapi - ok 10:35:58.0773 2596 Ndisuio (eefa1ce63805d2145978621be5c6d955) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 10:35:58.0773 2596 Ndisuio - ok 10:35:58.0789 2596 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 10:35:58.0805 2596 NdisWan - ok 10:35:58.0836 2596 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys 10:35:58.0836 2596 NDProxy - ok 10:35:58.0898 2596 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys 10:35:58.0898 2596 NetBIOS - ok 10:35:58.0914 2596 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys 10:35:58.0930 2596 NetBT - ok 10:35:58.0961 2596 NetProbe (44831972666e9989b375c05f010944b2) C:\WINDOWS\system32\DRIVERS\netprobe.sys 10:35:58.0961 2596 NetProbe - ok 10:35:58.0977 2596 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys 10:35:58.0977 2596 Npfs - ok 10:35:59.0039 2596 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys 10:35:59.0055 2596 Ntfs - ok 10:35:59.0086 2596 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 10:35:59.0086 2596 Null - ok 10:35:59.0164 2596 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 10:35:59.0211 2596 nv - ok 10:35:59.0227 2596 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 10:35:59.0242 2596 NwlnkFlt - ok 10:35:59.0273 2596 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 10:35:59.0273 2596 NwlnkFwd - ok 10:35:59.0336 2596 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys 10:35:59.0352 2596 ossrv - ok 10:35:59.0398 2596 Parport (83a120f43a1424d9c51701fd91d3bc8e) C:\WINDOWS\system32\DRIVERS\parport.sys 10:35:59.0398 2596 Parport - ok 10:35:59.0445 2596 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys 10:35:59.0445 2596 PartMgr - ok 10:35:59.0477 2596 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys 10:35:59.0492 2596 ParVdm - ok 10:35:59.0539 2596 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys 10:35:59.0555 2596 pccsmcfd - ok 10:35:59.0586 2596 PCI (3060407163c2daf8b0dbc878c3052cf0) C:\WINDOWS\system32\DRIVERS\pci.sys 10:35:59.0586 2596 PCI - ok 10:35:59.0617 2596 PCIDump - ok 10:35:59.0648 2596 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys 10:35:59.0648 2596 PCIIde - ok 10:35:59.0695 2596 Pcmcia (8673108cad88d629ba0f7758ec5b1924) C:\WINDOWS\system32\drivers\Pcmcia.sys 10:35:59.0711 2596 Pcmcia - ok 10:35:59.0742 2596 PDCOMP - ok 10:35:59.0773 2596 PDFRAME - ok 10:35:59.0805 2596 PDRELI - ok 10:35:59.0852 2596 PDRFRAME - ok 10:35:59.0914 2596 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 10:35:59.0930 2596 perc2 - ok 10:35:59.0992 2596 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 10:36:00.0008 2596 perc2hib - ok 10:36:00.0055 2596 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys 10:36:00.0070 2596 PptpMiniport - ok 10:36:00.0117 2596 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys 10:36:00.0133 2596 PSched - ok 10:36:00.0164 2596 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 10:36:00.0164 2596 Ptilink - ok 10:36:00.0195 2596 PxHelp20 (7c81ae3c9b82ba2da437ed4d31bc56cf) C:\WINDOWS\system32\Drivers\PxHelp20.sys 10:36:00.0195 2596 PxHelp20 - ok 10:36:00.0211 2596 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 10:36:00.0227 2596 ql1080 - ok 10:36:00.0258 2596 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 10:36:00.0273 2596 Ql10wnt - ok 10:36:00.0320 2596 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 10:36:00.0336 2596 ql12160 - ok 10:36:00.0367 2596 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 10:36:00.0383 2596 ql1240 - ok 10:36:00.0430 2596 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 10:36:00.0430 2596 ql1280 - ok 10:36:00.0492 2596 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 10:36:00.0492 2596 RasAcd - ok 10:36:00.0539 2596 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 10:36:00.0555 2596 Rasl2tp - ok 10:36:00.0586 2596 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 10:36:00.0586 2596 RasPppoe - ok 10:36:00.0617 2596 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 10:36:00.0633 2596 Raspti - ok 10:36:00.0648 2596 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys 10:36:00.0664 2596 Rdbss - ok 10:36:00.0664 2596 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 10:36:00.0680 2596 RDPCDD - ok 10:36:00.0711 2596 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 10:36:00.0727 2596 rdpdr - ok 10:36:00.0789 2596 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys 10:36:00.0789 2596 RDPWD - ok 10:36:00.0898 2596 redbook (7bb9c58a13323f5edc89c88f98c80cba) C:\WINDOWS\system32\DRIVERS\redbook.sys 10:36:00.0914 2596 redbook - ok 10:36:01.0008 2596 RFCOMM (99c4b74981a1413f142a3903130088cb) C:\WINDOWS\system32\DRIVERS\rfcomm.sys 10:36:01.0008 2596 RFCOMM - ok 10:36:01.0086 2596 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 10:36:01.0102 2596 Secdrv - ok 10:36:01.0180 2596 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys 10:36:01.0180 2596 serenum - ok 10:36:01.0242 2596 Serial (97e86d03d082d369cb025113b4b7b781) C:\WINDOWS\system32\DRIVERS\serial.sys 10:36:01.0258 2596 Serial - ok 10:36:01.0289 2596 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys 10:36:01.0305 2596 Sfloppy - ok 10:36:01.0336 2596 Simbad - ok 10:36:01.0383 2596 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys 10:36:01.0383 2596 sisagp - ok 10:36:01.0430 2596 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys 10:36:01.0445 2596 SLIP - ok 10:36:01.0461 2596 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 10:36:01.0477 2596 Sparrow - ok 10:36:01.0508 2596 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys 10:36:01.0508 2596 splitter - ok 10:36:01.0555 2596 sr (a859c2da6b06024c9b4d995b90fe8175) C:\WINDOWS\system32\DRIVERS\sr.sys 10:36:01.0555 2596 sr - ok 10:36:01.0586 2596 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys 10:36:01.0586 2596 Srv - ok 10:36:01.0648 2596 STHDA (797fcc1d859b203958e915bb82528da9) C:\WINDOWS\system32\drivers\sthda.sys 10:36:01.0680 2596 STHDA - ok 10:36:01.0711 2596 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 10:36:01.0727 2596 streamip - ok 10:36:01.0742 2596 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys 10:36:01.0758 2596 swenum - ok 10:36:01.0758 2596 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys 10:36:01.0773 2596 swmidi - ok 10:36:01.0805 2596 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 10:36:01.0805 2596 symc810 - ok 10:36:01.0820 2596 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 10:36:01.0820 2596 symc8xx - ok 10:36:01.0852 2596 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 10:36:01.0883 2596 sym_hi - ok 10:36:01.0930 2596 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 10:36:01.0930 2596 sym_u3 - ok 10:36:01.0961 2596 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys 10:36:01.0977 2596 sysaudio - ok 10:36:02.0055 2596 Tcpip (1cc09561e21a48a7f649a40f18235860) C:\WINDOWS\system32\DRIVERS\tcpip.sys 10:36:02.0070 2596 Tcpip - ok 10:36:02.0102 2596 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys 10:36:02.0117 2596 TDPIPE - ok 10:36:02.0164 2596 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys 10:36:02.0164 2596 TDTCP - ok 10:36:02.0195 2596 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys 10:36:02.0211 2596 TermDD - ok 10:36:02.0242 2596 TosIde (5bc2144ab4f6090f12e49e9648b5a702) C:\WINDOWS\system32\DRIVERS\toside.sys 10:36:02.0242 2596 TosIde - ok 10:36:02.0305 2596 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys 10:36:02.0305 2596 Udfs - ok 10:36:02.0398 2596 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 10:36:02.0398 2596 ultra - ok 10:36:02.0477 2596 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys 10:36:02.0477 2596 Update - ok 10:36:02.0555 2596 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys 10:36:02.0555 2596 usbaudio - ok 10:36:02.0602 2596 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 10:36:02.0602 2596 usbccgp - ok 10:36:02.0648 2596 usbehci (708579b01fed227aadb393cb0c3b4a2c) C:\WINDOWS\system32\DRIVERS\usbehci.sys 10:36:02.0664 2596 usbehci - ok 10:36:02.0695 2596 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys 10:36:02.0711 2596 usbhub - ok 10:36:02.0758 2596 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys 10:36:02.0758 2596 usbprint - ok 10:36:02.0805 2596 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 10:36:02.0805 2596 USBSTOR - ok 10:36:02.0867 2596 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 10:36:02.0883 2596 usbuhci - ok 10:36:02.0930 2596 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys 10:36:02.0945 2596 VgaSave - ok 10:36:02.0992 2596 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys 10:36:02.0992 2596 viaagp - ok 10:36:03.0023 2596 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys 10:36:03.0039 2596 ViaIde - ok 10:36:03.0055 2596 VolSnap (4d90d2768b7d0902b011bf6707b10423) C:\WINDOWS\system32\drivers\VolSnap.sys 10:36:03.0055 2596 VolSnap - ok 10:36:03.0102 2596 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys 10:36:03.0102 2596 Wanarp - ok 10:36:03.0117 2596 WDICA - ok 10:36:03.0164 2596 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys 10:36:03.0164 2596 wdmaud - ok 10:36:03.0180 2596 winachsf - ok 10:36:03.0258 2596 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 10:36:03.0258 2596 WpdUsb - ok 10:36:03.0336 2596 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 10:36:03.0336 2596 WSTCODEC - ok 10:36:03.0383 2596 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 10:36:03.0383 2596 WudfPf - ok 10:36:03.0414 2596 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 10:36:03.0430 2596 WudfRd - ok 10:36:03.0508 2596 xcpip - ok 10:36:03.0523 2596 xpsec - ok 10:36:03.0555 2596 {95808DC4-FA4A-4c74-92FE-5B863F82066B} (8098180b3f6c430a4e60333bc036f936) C:\Program Files\CyberLink\PowerDVD\000.fcl 10:36:03.0555 2596 {95808DC4-FA4A-4c74-92FE-5B863F82066B} - ok 10:36:03.0586 2596 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0 10:36:03.0586 2596 \Device\Harddisk0\DR0 - ok 10:36:03.0602 2596 Boot (0x1200) (5bf28e2ba2823571e91e44ed6e1676bd) \Device\Harddisk0\DR0\Partition0 10:36:03.0602 2596 \Device\Harddisk0\DR0\Partition0 - ok 10:36:03.0602 2596 ============================================================ 10:36:03.0602 2596 Scan finished 10:36:03.0602 2596 ============================================================ 10:36:03.0602 3328 Detected object count: 0 10:36:03.0602 3328 Actual detected object count: 0
-
Hij blijft nog steeds dezelfde meldingen geven... Moet ik al deze meldingen serieus nemen die de diverse tools eruit halen?? Nog suggesties?
-
Bij deze... Zie je er nog heil in?? Emsisoft Emergency Kit - Versie 1.0 Laatste Update: 03-12-2011 8:29:04 Scaninstellingen: Scantype: Diepe Scan Objecten: Geheugen, Sporen, Cookies, C:\ Scan archieven: Aan Heuristieken: Uit ADS Scan: Aan Scan gestart: 03-12-2011 8:29:44 C:\config.Bin\ Ontdekt: Trace.Directory.SpyEye!A2 c:\documents and settings\ernest\favorieten\search\looksmart.url Ontdekt: Trace.File.Suspicious!A2 c:\documents and settings\ernest\bureaublad\Check PC For Errors.lnk Ontdekt: Trace.File.Registry Cleaner 4.0!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@2o7[2].txt Ontdekt: Trace.TrackingCookie.2o7!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@com[1].txt Ontdekt: Trace.TrackingCookie.com!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@counter3.sextracker[1].txt Ontdekt: Trace.TrackingCookie.counter3.sextracker!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@doubleclick[1].txt Ontdekt: Trace.TrackingCookie.doubleclick!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@pro-market[1].txt Ontdekt: Trace.TrackingCookie.pro-market!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@serving-sys[2].txt Ontdekt: Trace.TrackingCookie.serving-sys!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@sextracker[1].txt Ontdekt: Trace.TrackingCookie.sextracker!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@specificclick[1].txt Ontdekt: Trace.TrackingCookie.specificclick!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@stat.onestat[2].txt Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@statcounter[2].txt Ontdekt: Trace.TrackingCookie.statcounter!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@tradedoubler[2].txt Ontdekt: Trace.TrackingCookie.tradedoubler!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@weborama[1].txt Ontdekt: Trace.TrackingCookie.weborama!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7166 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7228 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7229 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7561 Ontdekt: Trace.TrackingCookie.1xxx.cqcounter.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7581 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7585 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7587 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7588 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7628 Ontdekt: Trace.TrackingCookie.ads.adgoto.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7640 Ontdekt: Trace.TrackingCookie.ads.adgoto.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7641 Ontdekt: Trace.TrackingCookie.ads.adgoto.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:8061 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:8073 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:8074 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:8077 Ontdekt: Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:8389 Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:11408 Ontdekt: Trace.TrackingCookie.ad.zanox.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:11901 Ontdekt: Trace.TrackingCookie.adfarm1.adition.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:12448 Ontdekt: Trace.TrackingCookie.adserv!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:12497 Ontdekt: Trace.TrackingCookie.www.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:12498 Ontdekt: Trace.TrackingCookie.www.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:12511 Ontdekt: Trace.TrackingCookie.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:12512 Ontdekt: Trace.TrackingCookie.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:12526 Ontdekt: Trace.TrackingCookie.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13354 Ontdekt: Trace.TrackingCookie.www.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13355 Ontdekt: Trace.TrackingCookie.www.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13356 Ontdekt: Trace.TrackingCookie.www.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13357 Ontdekt: Trace.TrackingCookie.www.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13358 Ontdekt: Trace.TrackingCookie.www.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13424 Ontdekt: Trace.TrackingCookie.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13425 Ontdekt: Trace.TrackingCookie.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13426 Ontdekt: Trace.TrackingCookie.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13427 Ontdekt: Trace.TrackingCookie.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13434 Ontdekt: Trace.TrackingCookie.ass4all.com!A2 C:\Documents and Settings\Administrator\Cookies\administrator@com[1].txt Ontdekt: Trace.TrackingCookie.com!A2 C:\Documents and Settings\Ernest\Cookies\ernest@2o7[2].txt Ontdekt: Trace.TrackingCookie.2o7!A2 C:\Documents and Settings\Ernest\Cookies\ernest@adtech[1].txt Ontdekt: Trace.TrackingCookie.adtech!A2 C:\Documents and Settings\Ernest\Cookies\ernest@bs.serving-sys[1].txt Ontdekt: Trace.TrackingCookie.bs.serving-sys!A2 C:\Documents and Settings\Ernest\Cookies\ernest@com[1].txt Ontdekt: Trace.TrackingCookie.com!A2 C:\Documents and Settings\Ernest\Cookies\ernest@fl01.ct2.comclick[2].txt Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Documents and Settings\Ernest\Cookies\ernest@pro-market[1].txt Ontdekt: Trace.TrackingCookie.pro-market!A2 C:\Documents and Settings\Ernest\Cookies\ernest@questionmarket[2].txt Ontdekt: Trace.TrackingCookie.questionmarket!A2 C:\Documents and Settings\Ernest\Cookies\ernest@ru4[1].txt Ontdekt: Trace.TrackingCookie.ru4!A2 C:\Documents and Settings\Ernest\Cookies\ernest@serving-sys[1].txt Ontdekt: Trace.TrackingCookie.serving-sys!A2 C:\Documents and Settings\Ernest\Cookies\ernest@specificclick[2].txt Ontdekt: Trace.TrackingCookie.specificclick!A2 C:\Documents and Settings\Ernest\Cookies\ernest@stat.onestat[2].txt Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Ernest\Cookies\ernest@trafficmp[1].txt Ontdekt: Trace.TrackingCookie.trafficmp!A2 C:\Documents and Settings\Ernest\Cookies\ernest@weborama[1].txt Ontdekt: Trace.TrackingCookie.weborama!A2 C:\Documents and Settings\Ernest\Cookies\ernest@xxxcounter[1].txt Ontdekt: Trace.TrackingCookie.xxxcounter!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@advertising[2].txt Ontdekt: Trace.TrackingCookie.advertising!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@adviva[2].txt Ontdekt: Trace.TrackingCookie.adviva!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@doubleclick[2].txt Ontdekt: Trace.TrackingCookie.doubleclick!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@fastclick[2].txt Ontdekt: Trace.TrackingCookie.fastclick!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@fl01.ct2.comclick[2].txt Ontdekt: Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@mediaplex[2].txt Ontdekt: Trace.TrackingCookie.mediaplex!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@metriweb[1].txt Ontdekt: Trace.TrackingCookie.metriweb!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@pointroll[2].txt Ontdekt: Trace.TrackingCookie.pointroll!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@pro-market[1].txt Ontdekt: Trace.TrackingCookie.pro-market!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@questionmarket[2].txt Ontdekt: Trace.TrackingCookie.questionmarket!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@realmedia[2].txt Ontdekt: Trace.TrackingCookie.realmedia!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@ru4[2].txt Ontdekt: Trace.TrackingCookie.ru4!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@serving-sys[1].txt Ontdekt: Trace.TrackingCookie.serving-sys!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@smartadserver[2].txt Ontdekt: Trace.TrackingCookie.smartadserver!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@specificclick[1].txt Ontdekt: Trace.TrackingCookie.specificclick!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@stat.onestat[1].txt Ontdekt: Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@statcounter[1].txt Ontdekt: Trace.TrackingCookie.statcounter!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@tradedoubler[1].txt Ontdekt: Trace.TrackingCookie.tradedoubler!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@tribalfusion[2].txt Ontdekt: Trace.TrackingCookie.tribalfusion!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@weborama[1].txt Ontdekt: Trace.TrackingCookie.weborama!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@zedo[2].txt Ontdekt: Trace.TrackingCookie.zedo!A2 C:\config.Bin\E952C8AD7D83556 Ontdekt: Trojan.Win32.EyeStye!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\1\5be7eb41-46bba90e/apps\MyLoader.class Ontdekt: Exploit.Java.CVE-2008!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\31\7c8907df-79f658c8/data\MyPayload.class Ontdekt: Exploit.Java.CVE!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\39\69538a27-2500bbf4/apps\MyLoader.class Ontdekt: Exploit.Java.CVE-2008!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\61\69a922bd-14ce5eaf Ontdekt: Exploit.Java.CVE!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\61\69a922bd-201ade78 Ontdekt: Exploit.Java.CVE!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\61\69a922bd-46df71db Ontdekt: Exploit.Java.CVE!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\61\69a922bd-6164fbc2 Ontdekt: Exploit.Java.CVE!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\61\69a922bd-6bdedf8d Ontdekt: Exploit.Java.CVE!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\61\69a922bd-76d04392 Ontdekt: Exploit.Java.CVE!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\7\4a885207-7f41296a/data\MyPayload.class Ontdekt: Exploit.Java.CVE!IK C:\Documents and Settings\Igor Franken\Bureaublad\Backup Oude PC Goris (8-12-2007)\Igor\Bureaublad\Bureaublad\file7.zip/Agent 2 build646 keygen\keygen.exe Ontdekt: possible-Threat.Keygen!IK C:\Documents and Settings\Igor Franken\Bureaublad\Backup Oude PC Goris (8-12-2007)\Igor2\Bureaublad\Bureaublad\file7.zip/Agent 2 build646 keygen\keygen.exe Ontdekt: possible-Threat.Keygen!IK C:\Documents and Settings\Igor Franken\Bureaublad\ComboFix.exe/$0\List.bat Ontdekt: Virus.Win32.HTML!IK C:\System Volume Information\_restore{D26103C1-3760-4E9D-B6C7-BA3C8AD98EF9}\RP1377\A0169511.dll Ontdekt: Trojan.Trash!IK C:\System Volume Information\_restore{D26103C1-3760-4E9D-B6C7-BA3C8AD98EF9}\RP1385\A0171061.bat Ontdekt: Virus.Win32.HTML!IK Gescand Bestanden: 274689 Sporen: 541290 Cookies: 2834 Processen: 79 Gevonden Bestanden: 16 Sporen: 3 Cookies: 86 Processen: 0 Registersleutels: 0 Scan Geëindigd: 03-12-2011 10:45:29 Scantijd: 2:15:45 C:\System Volume Information\_restore{D26103C1-3760-4E9D-B6C7-BA3C8AD98EF9}\RP1377\A0169511.dll Verwijderd Trojan.Trash!IK C:\Documents and Settings\Igor Franken\Bureaublad\Backup Oude PC Goris (8-12-2007)\Igor\Bureaublad\Bureaublad\file7.zip/Agent 2 build646 keygen\keygen.exe Verwijderd possible-Threat.Keygen!IK C:\Documents and Settings\Igor Franken\Bureaublad\Backup Oude PC Goris (8-12-2007)\Igor2\Bureaublad\Bureaublad\file7.zip/Agent 2 build646 keygen\keygen.exe Verwijderd possible-Threat.Keygen!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\31\7c8907df-79f658c8/data\MyPayload.class Verwijderd Exploit.Java.CVE!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\61\69a922bd-14ce5eaf Verwijderd Exploit.Java.CVE!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\61\69a922bd-201ade78 Verwijderd Exploit.Java.CVE!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\61\69a922bd-46df71db Verwijderd Exploit.Java.CVE!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\61\69a922bd-6164fbc2 Verwijderd Exploit.Java.CVE!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\61\69a922bd-6bdedf8d Verwijderd Exploit.Java.CVE!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\61\69a922bd-76d04392 Verwijderd Exploit.Java.CVE!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\7\4a885207-7f41296a/data\MyPayload.class Verwijderd Exploit.Java.CVE!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\1\5be7eb41-46bba90e/apps\MyLoader.class Verwijderd Exploit.Java.CVE-2008!IK C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\39\69538a27-2500bbf4/apps\MyLoader.class Verwijderd Exploit.Java.CVE-2008!IK C:\config.Bin\E952C8AD7D83556 Verwijderd Trojan.Win32.EyeStye!IK C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@zedo[2].txt Verwijderd Trace.TrackingCookie.zedo!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@tribalfusion[2].txt Verwijderd Trace.TrackingCookie.tribalfusion!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@smartadserver[2].txt Verwijderd Trace.TrackingCookie.smartadserver!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@realmedia[2].txt Verwijderd Trace.TrackingCookie.realmedia!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@pointroll[2].txt Verwijderd Trace.TrackingCookie.pointroll!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@metriweb[1].txt Verwijderd Trace.TrackingCookie.metriweb!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@mediaplex[2].txt Verwijderd Trace.TrackingCookie.mediaplex!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@fastclick[2].txt Verwijderd Trace.TrackingCookie.fastclick!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@adviva[2].txt Verwijderd Trace.TrackingCookie.adviva!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@advertising[2].txt Verwijderd Trace.TrackingCookie.advertising!A2 C:\Documents and Settings\Ernest\Cookies\ernest@xxxcounter[1].txt Verwijderd Trace.TrackingCookie.xxxcounter!A2 C:\Documents and Settings\Ernest\Cookies\ernest@trafficmp[1].txt Verwijderd Trace.TrackingCookie.trafficmp!A2 C:\Documents and Settings\Ernest\Cookies\ernest@ru4[1].txt Verwijderd Trace.TrackingCookie.ru4!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@ru4[2].txt Verwijderd Trace.TrackingCookie.ru4!A2 C:\Documents and Settings\Ernest\Cookies\ernest@questionmarket[2].txt Verwijderd Trace.TrackingCookie.questionmarket!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@questionmarket[2].txt Verwijderd Trace.TrackingCookie.questionmarket!A2 C:\Documents and Settings\Ernest\Cookies\ernest@fl01.ct2.comclick[2].txt Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@fl01.ct2.comclick[2].txt Verwijderd Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Documents and Settings\Ernest\Cookies\ernest@bs.serving-sys[1].txt Verwijderd Trace.TrackingCookie.bs.serving-sys!A2 C:\Documents and Settings\Ernest\Cookies\ernest@adtech[1].txt Verwijderd Trace.TrackingCookie.adtech!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:12511 Verwijderd Trace.TrackingCookie.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:12512 Verwijderd Trace.TrackingCookie.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:12526 Verwijderd Trace.TrackingCookie.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13424 Verwijderd Trace.TrackingCookie.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13425 Verwijderd Trace.TrackingCookie.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13426 Verwijderd Trace.TrackingCookie.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13427 Verwijderd Trace.TrackingCookie.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13434 Verwijderd Trace.TrackingCookie.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:12497 Verwijderd Trace.TrackingCookie.www.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:12498 Verwijderd Trace.TrackingCookie.www.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13354 Verwijderd Trace.TrackingCookie.www.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13355 Verwijderd Trace.TrackingCookie.www.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13356 Verwijderd Trace.TrackingCookie.www.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13357 Verwijderd Trace.TrackingCookie.www.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:13358 Verwijderd Trace.TrackingCookie.www.ass4all.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:12448 Verwijderd Trace.TrackingCookie.adserv!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:11901 Verwijderd Trace.TrackingCookie.adfarm1.adition.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:11408 Verwijderd Trace.TrackingCookie.ad.zanox.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7628 Verwijderd Trace.TrackingCookie.ads.adgoto.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7640 Verwijderd Trace.TrackingCookie.ads.adgoto.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7641 Verwijderd Trace.TrackingCookie.ads.adgoto.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7581 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7585 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7587 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7588 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:8061 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:8073 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:8074 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:8077 Verwijderd Trace.TrackingCookie.adbrite.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7561 Verwijderd Trace.TrackingCookie.1xxx.cqcounter.com!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7166 Verwijderd Trace.TrackingCookie.doubleclick.net!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@weborama[1].txt Verwijderd Trace.TrackingCookie.weborama!A2 C:\Documents and Settings\Ernest\Cookies\ernest@weborama[1].txt Verwijderd Trace.TrackingCookie.weborama!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@weborama[1].txt Verwijderd Trace.TrackingCookie.weborama!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@tradedoubler[2].txt Verwijderd Trace.TrackingCookie.tradedoubler!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@tradedoubler[1].txt Verwijderd Trace.TrackingCookie.tradedoubler!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@statcounter[2].txt Verwijderd Trace.TrackingCookie.statcounter!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@statcounter[1].txt Verwijderd Trace.TrackingCookie.statcounter!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@stat.onestat[2].txt Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7228 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:7229 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\cookies.sqlite:8389 Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Ernest\Cookies\ernest@stat.onestat[2].txt Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@stat.onestat[1].txt Verwijderd Trace.TrackingCookie.stat.onestat!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@specificclick[1].txt Verwijderd Trace.TrackingCookie.specificclick!A2 C:\Documents and Settings\Ernest\Cookies\ernest@specificclick[2].txt Verwijderd Trace.TrackingCookie.specificclick!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@specificclick[1].txt Verwijderd Trace.TrackingCookie.specificclick!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@sextracker[1].txt Verwijderd Trace.TrackingCookie.sextracker!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@serving-sys[2].txt Verwijderd Trace.TrackingCookie.serving-sys!A2 C:\Documents and Settings\Ernest\Cookies\ernest@serving-sys[1].txt Verwijderd Trace.TrackingCookie.serving-sys!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@serving-sys[1].txt Verwijderd Trace.TrackingCookie.serving-sys!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@pro-market[1].txt Verwijderd Trace.TrackingCookie.pro-market!A2 C:\Documents and Settings\Ernest\Cookies\ernest@pro-market[1].txt Verwijderd Trace.TrackingCookie.pro-market!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@pro-market[1].txt Verwijderd Trace.TrackingCookie.pro-market!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@doubleclick[1].txt Verwijderd Trace.TrackingCookie.doubleclick!A2 C:\Documents and Settings\Ernestine tijdelijk\Cookies\ernestine_tijdelijk@doubleclick[2].txt Verwijderd Trace.TrackingCookie.doubleclick!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@counter3.sextracker[1].txt Verwijderd Trace.TrackingCookie.counter3.sextracker!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@com[1].txt Verwijderd Trace.TrackingCookie.com!A2 C:\Documents and Settings\Administrator\Cookies\administrator@com[1].txt Verwijderd Trace.TrackingCookie.com!A2 C:\Documents and Settings\Ernest\Cookies\ernest@com[1].txt Verwijderd Trace.TrackingCookie.com!A2 C:\Documents and Settings\Igor Franken\Cookies\igor_franken@2o7[2].txt Verwijderd Trace.TrackingCookie.2o7!A2 C:\Documents and Settings\Ernest\Cookies\ernest@2o7[2].txt Verwijderd Trace.TrackingCookie.2o7!A2 c:\documents and settings\ernest\bureaublad\Check PC For Errors.lnk Verwijderd Trace.File.Registry Cleaner 4.0!A2 c:\documents and settings\ernest\favorieten\search\looksmart.url Verwijderd Trace.File.Suspicious!A2 C:\config.Bin\ Verwijderd Trace.Directory.SpyEye!A2 Verwijderd Bestanden: 14 Sporen: 3 Cookies: 82
-
Bij deze: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # IEXPLORE.EXE=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=e33ecaaea15b5d4694ea71270441e714 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2011-11-26 09:59:16 # local_time=2011-11-26 10:59:16 (+0100, West-Europa (standaardtijd)) # country="Netherlands" # lang=1033 # osver=5.1.2600 NT Service Pack 2 # compatibility_mode=512 16777215 100 0 1809215 1809215 0 0 # compatibility_mode=1032 16777173 100 95 42045 65467477 0 0 # compatibility_mode=8192 67108863 100 0 3712 3712 0 0 # scanned=151050 # found=9 # cleaned=9 # scan_time=9044 C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CoolWWWSearchOleHelp1.zip Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DNSFlushcws1.zip Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DNSFlushcws6.zip Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudCgp.zip Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\0\43296140-2415db1e a variant of Java/TrojanDownloader.Agent.ME trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\27\58ce481b-4a05393a a variant of Java/TrojanDownloader.Agent.ME trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\Ernest\Application Data\Sun\Java\Deployment\cache\6.0\44\3b21af6c-50e39b29 a variant of Java/Agent.DT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\Ernest\Local Settings\Temporary Internet Files\Content.IE5\11DWR2NS\field[1].swf SWF/Exploit.Agent.CM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\Igor Franken\Application Data\Sun\Java\Deployment\cache\6.0\44\113698ac-4685cd71 multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
-
Ja helaas wel!! Typisch is dat IE bij elke pagina de melding geeft en Mozilla helemaal niets! Nog suggesties? Dank iig voor de hulp zover!
-
Opdracht voltooid, wacht op nadere instructies... ComboFix 11-11-14.02 - Igor Franken 14-11-2011 19:30:48.4.2 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.31.1043.18.2046.1161 [GMT 1:00] Gestart vanuit: c:\documents and settings\Igor Franken\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Igor Franken\Bureaublad\CFScript.txt AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . FILE :: "c:\windows\system32\drivers\yjksjus.sys" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Thumbs.db . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-14 to 2011-11-14 )))))))))))))))))))))))))))))) . . 2011-11-13 21:18 . 2011-11-13 21:18 -------- d-----w- c:\documents and settings\Ernestine tijdelijk\Application Data\Malwarebytes 2011-11-11 06:05 . 2011-11-11 09:29 1324 ----a-w- c:\documents and settings\Ernestine tijdelijk\Local Settings\Application Data\d3d9caps.tmp 2011-11-05 09:55 . 2011-11-05 09:55 388096 ----a-r- c:\documents and settings\Igor Franken\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-05 09:55 . 2011-11-05 09:55 -------- d-----w- c:\program files\Trend Micro 2011-11-05 09:29 . 2011-11-14 18:30 -------- d--h--r- c:\documents and settings\Igor Franken\Onlangs geopend 2011-11-05 09:20 . 2011-11-05 09:20 -------- d-----w- c:\program files\CCleaner 2011-10-31 18:58 . 2011-10-31 18:58 89088 ----a-w- C:\mbr.exe 2011-10-31 18:33 . 2011-10-31 18:33 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-10-31 18:33 . 2011-10-31 18:33 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-25 16:19 . 2011-05-14 07:18 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-14 15:12 . 2011-09-14 15:12 1409 ----a-w- c:\windows\QTFont.for 2011-08-31 16:00 . 2011-05-21 07:59 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-10-31 18:33 . 2011-05-28 09:09 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys [-] 2008-06-20 . 1CC09561E21A48A7F649A40F18235860 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 1CC09561E21A48A7F649A40F18235860 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\tcpip.sys [7] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748$\tcpip.sys [7] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys [7] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys [7] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys [-] 2004-09-02 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917953$\tcpip.sys . [-] 2008-04-14 17:02 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\comres.dll [-] 2004-09-02 11:00 . F0BAE7D75B268BA326D9323DD7C73D8F . 822784 . . [2001.12.4414.258] . . c:\windows\system32\comres.dll . [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ws2help.dll [-] 2004-09-02 . 3B728289DFA923A2C12BE827382C2DB1 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\ws2help.dll . [-] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\regedit.exe [-] 2004-09-02 . 39C7FA0F39376599CFA59888816F477B . 153088 . . [5.1.2600.2180] . . c:\windows\regedit.exe . [-] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\usp10.dll [-] 2004-09-02 . 24B72C7A002170ECC72B6AA5F642A705 . 406528 . . [1.0420.2600.2180] . . c:\windows\system32\usp10.dll . [-] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ksuser.dll [-] 2004-08-04 . 9001FC03FF453DCE7635794ED49379EE . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ksuser.dll [-] 2004-08-04 . 9001FC03FF453DCE7635794ED49379EE . 4096 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\ksuser.dll [-] 2004-08-04 . 9001FC03FF453DCE7635794ED49379EE . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\ksuser.dll . [-] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\hnetcfg.dll [-] 2004-09-02 . 490BF3896AE3EBD21B448FFB1579AA09 . 347648 . . [5.1.2600.2180] . . c:\windows\system32\hnetcfg.dll . [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\d3d9.dll [-] 2004-09-02 . 66B9B43A5E0777F465CA492039176455 . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\d3d9.dll . [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ddraw.dll [-] 2004-09-02 . B54EF2F95DD3A188A2E4798C2CFB7EE7 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\ddraw.dll . [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\olepro32.dll [-] 2004-09-02 11:00 . DFB4A7A3E7948686DBC4B0DEA4A0AE94 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\olepro32.dll . [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\perfctrs.dll [-] 2004-09-02 . D521890151A11C410F6A94EE3C37CD14 . 41472 . . [5.1.2600.2180] . . c:\windows\system32\perfctrs.dll . [-] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\version.dll [-] 2004-09-02 . D67A94C11062EEE45BED5106DFDB9C0A . 18944 . . [5.1.2600.2180] . . c:\windows\system32\version.dll . [-] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\w32time.dll [-] 2004-09-02 . EF361E7A6319C445C21C81A131CF1F99 . 175616 . . [5.1.2600.2180] . . c:\windows\system32\w32time.dll . [-] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\midimap.dll [-] 2004-09-02 . E291F42AE2793304990C6EA77C482979 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\midimap.dll . ((((((((((((((((((((((((((((( SnapShot_2011-11-12_11.06.48 ))))))))))))))))))))))))))))))))))))))))) . + 2008-10-24 20:15 . 2008-10-24 20:15 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll + 2008-10-24 20:15 . 2008-10-24 20:15 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll + 2008-10-24 20:15 . 2008-10-24 20:15 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll + 2008-10-24 20:15 . 2008-10-24 20:15 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll + 2008-10-24 20:15 . 2008-10-24 20:15 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll + 2008-10-24 20:15 . 2008-10-24 20:15 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll + 2008-10-24 20:15 . 2008-10-24 20:15 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll + 2008-10-24 20:15 . 2008-10-24 20:15 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll + 2008-10-24 20:15 . 2008-10-24 20:15 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll + 2011-11-14 14:53 . 2011-11-14 14:53 16384 c:\windows\temp\Perflib_Perfdata_d20.dat + 2011-11-13 23:42 . 2011-11-13 23:42 49936 c:\windows\Installer\{95120000-00AF-0413-0000-0000000FF1CE}\ppvwicon.exe - 2011-11-03 14:43 . 2011-11-03 14:43 49936 c:\windows\Installer\{95120000-00AF-0413-0000-0000000FF1CE}\ppvwicon.exe + 2011-09-12 19:54 . 2011-11-12 11:59 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll - 2011-09-12 19:54 . 2011-09-12 19:54 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll + 2006-10-26 12:03 . 2006-10-26 12:03 78648 c:\windows\Installer\$PatchCache$\Managed\00002159FA0031400000000000F01FEC\12.0.4518\INTLDATE.DLL + 2011-08-10 16:42 . 2011-08-10 16:42 7070208 c:\windows\Installer\84b707.msp + 2009-07-27 03:31 . 2009-07-27 03:31 3738624 c:\windows\Installer\84b6ff.msp + 2010-11-20 22:33 . 2010-11-20 22:33 1980928 c:\windows\Installer\84b6f4.msp + 2009-10-03 04:41 . 2011-10-27 21:04 50295240 c:\windows\system32\MRT.exe + 2011-11-12 11:58 . 2011-11-12 11:58 20333568 c:\windows\Installer\11fe5b4.msp + 2009-04-04 08:05 . 2009-04-04 08:05 36948992 c:\windows\Installer\11fe5a9.msp + 2008-08-11 10:49 . 2008-08-11 10:49 22457344 c:\windows\Installer\11fe59e.msp + 2009-04-03 17:21 . 2009-04-03 17:21 16037736 c:\windows\Installer\$PatchCache$\Managed\00002159FA0031400000000000F01FEC\12.0.6425\OART.DLL + 2006-10-27 13:14 . 2006-10-27 13:14 14151456 c:\windows\Installer\$PatchCache$\Managed\00002159FA0031400000000000F01FEC\12.0.4518\OART.DLL . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2010-04-16 3872080] "NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-07-21 966712] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Logitech BT Wizard"="LBTWiz.exe -silent" [X] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-12-20 28160] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-18 57393] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-18 40960] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-02-07 71216] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 54832] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-09-02 110592] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2006-09-11 229952] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624] "SetDefPrt"="c:\program files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 49152] "ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2005-07-19 933888] "ISUSPM Startup"="c:\progra~1\common~1\instal~1\update~1\isuspm.exe" [2004-07-27 221184] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-09-10 2338656] "SigmatelSysTrayApp"="stsystra.exe" [2006-03-20 282624] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-09-02 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] Statusvenster.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [2010-2-6 802816] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2006-04-27 09:30 53248 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWlgn.DLL . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"= "c:\\Program Files\\DrayTek Router Tools V3.7\\SyslogRd.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Spotify\\spotify.exe"= "c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"= "c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\AVG\\AVG10\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "110:TCP"= 110:TCP:svchost . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22-02-2011 7:13 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16-03-2011 15:03 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [07-01-2011 5:41 248656] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [04-04-2011 23:59 297168] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [08-02-2011 4:33 269520] R2 NetProbe;NetProbe Packet Driver;c:\windows\system32\drivers\NetProbe.sys [06-03-2008 13:10 5365] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14-04-2011 20:28 134480] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10-02-2011 6:53 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10-02-2011 6:53 27216] R3 AVMNgBasM779;AVerMedia M779 Base Driver;c:\windows\system32\drivers\AVerBas.sys [22-06-2007 11:28 49152] R3 AVMNgCapM779;AVerMedia M779 Audio/Video Capture Driver;c:\windows\system32\drivers\AVerCap.sys [22-06-2007 11:28 219392] R3 AVMNgTunM779;AVerMedia M779 TVTuner Driver;c:\windows\system32\drivers\AVerTun.sys [22-06-2007 11:28 147456] R3 xcpip;Stuurprogramma voor TCP/IP-protocol;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?] R3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [18-08-2011 0:33 7390560] S3 arusb(TP-LINK);Atheros Wireless Network Adapter Service(TP-LINK);c:\windows\system32\drivers\arusb.sys [30-10-2010 11:40 458240] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] . Inhoud van de 'Gedeelde Taken' map . 2011-11-09 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 12:21] . 2011-11-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2046336143-3254812235-588441659-1008Core.job - c:\documents and settings\Ernestine tijdelijk\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-09-01 19:16] . 2011-11-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2046336143-3254812235-588441659-1008UA.job - c:\documents and settings\Ernestine tijdelijk\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-09-01 19:16] . . ------- Bijkomende Scan ------- . IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000 IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm Trusted Zone: ing.nl TCP: DhcpNameServer = 10.2.1.70 FF - ProfilePath - c:\documents and settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\ . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-11-14 19:39 Windows 5.1.2600 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(892) c:\program files\common files\logitech\bluetooth\LBTWlgn.dll c:\program files\common files\logitech\bluetooth\LBTServ.dll . - - - - - - - > 'winlogon.exe'(5060) c:\program files\common files\logitech\bluetooth\LBTWlgn.dll c:\program files\common files\logitech\bluetooth\LBTServ.dll . - - - - - - - > 'explorer.exe'(5332) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\browselc.dll c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.NLD c:\windows\Microsoft.NET\Framework\v2.0.50727\Fusion.dll c:\program files\Cucusoft\YouTube-Mate\Filter\ffdshow.ax c:\program files\Common Files\Ahead\DSFilter\NeVideo.ax c:\program files\Common Files\Ahead\Lib\AdvrCntr2.dll c:\program files\Cyberlink\PowerDVD\NavFilter\clm4splt.ax . Voltooingstijd: 2011-11-14 19:41:36 ComboFix-quarantined-files.txt 2011-11-14 18:41 ComboFix2.txt 2011-11-12 11:09 ComboFix3.txt 2011-05-28 08:06 . Pre-Run: 202.934.677.504 bytes beschikbaar Post-Run: 203.184.939.008 bytes beschikbaar . - - End Of File - - 59DF22886218E0F4B592D62B3CEA8AA3
-
Hoop dat het is goedgegaan... ComboFix 11-11-12.02 - Igor Franken 12-11-2011 12:00:06.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.31.1043.18.2046.1460 [GMT 1:00] Gestart vanuit: c:\documents and settings\Igor Franken\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\Ernest\Application Data\910874458.log c:\documents and settings\Ernest\Menu Start\Programma's\Opstarten\c4fdfb316da.dat C:\Thumbs.db c:\windows\kb913800.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-12 to 2011-11-12 )))))))))))))))))))))))))))))) . . 2011-11-12 07:56 . 2011-11-12 07:56 54016 ----a-w- c:\windows\system32\drivers\yjksjus.sys 2011-11-11 06:05 . 2011-11-11 09:29 1324 ----a-w- c:\documents and settings\Ernestine tijdelijk\Local Settings\Application Data\d3d9caps.tmp 2011-11-05 09:55 . 2011-11-05 09:55 388096 ----a-r- c:\documents and settings\Igor Franken\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-05 09:55 . 2011-11-05 09:55 -------- d-----w- c:\program files\Trend Micro 2011-11-05 09:29 . 2011-11-12 10:57 -------- d--h--r- c:\documents and settings\Igor Franken\Onlangs geopend 2011-11-05 09:20 . 2011-11-05 09:20 -------- d-----w- c:\program files\CCleaner 2011-10-31 18:58 . 2011-10-31 18:58 89088 ----a-w- C:\mbr.exe 2011-10-31 18:33 . 2011-10-31 18:33 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-10-31 18:33 . 2011-10-31 18:33 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-10-14 09:26 . 2011-10-14 09:26 -------- d-----r- c:\documents and settings\Ernestine tijdelijk\Application Data\Brother . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-25 16:19 . 2011-05-14 07:18 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-14 15:12 . 2011-09-14 15:12 1409 ----a-w- c:\windows\QTFont.for 2011-08-31 16:00 . 2011-05-21 07:59 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-10-31 18:33 . 2011-05-28 09:09 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\atapi.sys [-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\atapi.sys [-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys . [-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\asyncmac.sys [-] 2004-09-02 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\asyncmac.sys [-] 2004-09-02 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys . [-] 2002-08-29 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\beep.sys [-] 2002-08-29 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys [-] 2002-08-29 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys . [-] 2008-04-14 . 380397621E94B32C744E7B2CC1330390 . 25088 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\kbdclass.sys [-] 2004-08-03 . 59549E9180CE29D832289E1A1D9E3C60 . 25216 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\kbdclass.sys [-] 2004-08-03 . 59549E9180CE29D832289E1A1D9E3C60 . 25216 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys . [-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ndis.sys [-] 2004-09-02 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ndis.sys [-] 2004-09-02 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ndis.sys . [-] 2002-08-29 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\null.sys [-] 2002-08-29 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys [-] 2002-08-29 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys . [-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys [-] 2008-06-20 . 1CC09561E21A48A7F649A40F18235860 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 1CC09561E21A48A7F649A40F18235860 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys [-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\tcpip.sys [7] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748$\tcpip.sys [7] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys [7] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys [7] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys [-] 2004-09-02 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917953$\tcpip.sys . [-] 2008-04-14 . 69EAA7501F53A40E8C04C69F2391224F . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\browser.dll [-] 2004-09-02 . 195B1255D9383AEFFBDFA8A11AE4D282 . 77312 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\browser.dll [-] 2004-09-02 . 195B1255D9383AEFFBDFA8A11AE4D282 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll . [-] 2008-04-14 . 8754210A3399D19610CE2D71E0C3E5D9 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\lsass.exe [-] 2004-09-02 . 34A82DEBEFB057FCCCBE15F619FC98A7 . 13312 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\lsass.exe [-] 2004-09-02 . 34A82DEBEFB057FCCCBE15F619FC98A7 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe . [-] 2008-04-14 17:02 . 49DEEDAED168FD4723934755BF55CCFE . 822784 . . [2001.12.4414.700] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\comres.dll [-] 2004-09-02 11:00 . F0BAE7D75B268BA326D9323DD7C73D8F . 822784 . . [2001.12.4414.258] . . c:\windows\system32\comres.dll . [-] 2008-04-14 . 5C0073A51C4873430FA8B262E92183FF . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\qmgr.dll [-] 2004-09-02 . 772027CC5FFAEA3E7D10AF2691EE7095 . 382464 . . [6.6.2600.2180] . . c:\windows\ERDNT\cache\qmgr.dll [-] 2004-09-02 . 772027CC5FFAEA3E7D10AF2691EE7095 . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll . [-] 2009-02-09 . D8D28F6CABEC7D42B8E487E290563B9A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll [-] 2009-02-09 . D9883335CC1C17AFC3A09C8AC3E4DBE4 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll [-] 2009-02-09 . 72C2074FFA3B38078173A11008198019 . 401408 . . [5.1.2600.3520] . . c:\windows\ERDNT\cache\rpcss.dll [-] 2009-02-09 . 72C2074FFA3B38078173A11008198019 . 401408 . . [5.1.2600.3520] . . c:\windows\system32\rpcss.dll [-] 2009-02-09 . 72C2074FFA3B38078173A11008198019 . 401408 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\rpcss.dll [-] 2008-04-14 . 70357A0F411DF464F9FF434F2DDCB68F . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\rpcss.dll [7] 2005-07-26 . B52BD9DB0BD6D01BDB01B0DBFBB804CD . 397824 . . [5.1.2600.2726] . . c:\windows\$NtUninstallKB956572$\rpcss.dll [7] 2005-07-26 . 23B465FD2354D83218AC091D0EE6D91B . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll [7] 2005-04-28 . 6D61211D515EA7E31FDB7B0FA9CEF878 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll [7] 2005-04-28 . 0468AA524F6912F449BC14CF7DACAF68 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll [-] 2004-09-02 . DDE0457B7706C3AD4E5AFDD502698A06 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB894391$\rpcss.dll . [-] 2009-02-09 . 657B69389B893F440B07590C9E963F23 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe [-] 2009-02-09 . D98A222A707FFE40043E533FE7A6BA24 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe [-] 2009-02-09 . CE06E39F34BBF6B0ADA70F37F70CF0D8 . 111104 . . [5.1.2600.3520] . . c:\windows\ERDNT\cache\services.exe [-] 2009-02-09 . CE06E39F34BBF6B0ADA70F37F70CF0D8 . 111104 . . [5.1.2600.3520] . . c:\windows\system32\services.exe [-] 2009-02-09 . CE06E39F34BBF6B0ADA70F37F70CF0D8 . 111104 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\services.exe [-] 2008-04-14 . B77BC5CD88EB96D4352AF5202EC4AEC2 . 109056 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\services.exe [-] 2004-09-02 . 39991CD3C17B7529D039151A88E84499 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\services.exe . [-] 2008-04-14 . 1247D4D5444E28519BBE31BE8AB4C029 . 510464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\winlogon.exe [-] 2004-09-02 . 732ED791711DF9C9DD15E5515BC681B8 . 504832 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\winlogon.exe [-] 2004-09-02 . 732ED791711DF9C9DD15E5515BC681B8 . 504832 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe . [-] 2008-04-14 . 0A9CF5D3CF63A8699F28C814EF821C7E . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\cryptsvc.dll [-] 2004-09-02 . 5F321535D399516B6D780FF9EF8D8B7A . 60416 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\cryptsvc.dll [-] 2004-09-02 . 5F321535D399516B6D780FF9EF8D8B7A . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll . [-] 2008-07-07 20:32 . 68180553F674B487BE777CFD6BE70726 . 253952 . . [2001.12.4414.320] . . c:\windows\ERDNT\cache\es.dll [-] 2008-07-07 20:32 . 68180553F674B487BE777CFD6BE70726 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\es.dll [-] 2008-07-07 20:32 . 68180553F674B487BE777CFD6BE70726 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\dllcache\es.dll [-] 2008-07-07 20:30 . 97912DC0679D2DA60CCE589BBC196D72 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll [-] 2008-07-07 20:26 . F6C37073A269C163A5FDAE5BFF47F367 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll [-] 2008-07-07 20:23 . B3A4422CBD8DAA6710431F67C679DA24 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll [-] 2008-04-14 17:02 . 42A7FC383B174D91162EBF44C8AA5349 . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\es.dll [7] 2005-07-26 04:42 . 094ECC4FB57ABA154F840C8414867E90 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974$\es.dll [7] 2005-07-26 04:36 . 3732BE0811CE6E15A56AD1CEC02CF532 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll [-] 2004-09-02 11:00 . 3F59BCDFAC47550F43001C4CE8CB0B91 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll . [-] 2008-04-14 . 58211BB9D2F5C761BFB504C2BBBA8D99 . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\imm32.dll [-] 2004-09-02 . 7ADE4584ED6657CAE3D523CF101992BD . 110080 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\imm32.dll [-] 2004-09-02 . 7ADE4584ED6657CAE3D523CF101992BD . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll . [-] 2009-03-21 . B30975B6B1B08A5A18AAC7E3577C7C53 . 1027072 . . [5.1.2600.3541] . . c:\windows\ERDNT\cache\kernel32.dll [-] 2009-03-21 . B30975B6B1B08A5A18AAC7E3577C7C53 . 1027072 . . [5.1.2600.3541] . . c:\windows\system32\kernel32.dll [-] 2009-03-21 . B30975B6B1B08A5A18AAC7E3577C7C53 . 1027072 . . [5.1.2600.3541] . . c:\windows\system32\dllcache\kernel32.dll [-] 2009-03-21 . CE7EFE07C7119C8CD09D953AD9ECA7CD . 1030656 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll [-] 2009-03-21 . 93E2307273AE7B2D5418E132902373A7 . 1032704 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll [-] 2009-03-21 . 67A29642EC9A1ADA0768605B21AA4552 . 1030144 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll [-] 2008-04-14 . 09BCB7171F8172C2BA0189FE1F9C25CB . 1030656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\kernel32.dll [7] 2007-04-16 . 68757F5935D6D76DD10975B7B7A9751D . 1027072 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll [7] 2007-04-16 . 6557EA471552BB9AF16B66902D572BD5 . 1025536 . . [5.1.2600.3119] . . c:\windows\$NtUninstallKB959426$\kernel32.dll [7] 2006-07-05 . 8672CE1E9BAF84EC0665D73DB8849EDB . 1026048 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll [7] 2006-07-05 . F2352FB7D9E5C70374568724A32B5CB7 . 1025024 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll . [-] 2008-04-14 . FE6417AB01E9A5B124A58BE2B5DB663B . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\lpk.dll [-] 2004-09-02 . 8DF7AC820F9B3FD5E713E9A74827931C . 22016 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\lpk.dll [-] 2004-09-02 . 8DF7AC820F9B3FD5E713E9A74827931C . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll . [-] 2008-04-14 . 074C38B50CE71E3EC6DD3F6DAABF4EEF . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\msvcrt.dll [-] 2008-04-14 . 61E70054981A2F9E64CEA7CA9479C0AA . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\asms\70\msft\windows\mswincrt\msvcrt.dll [-] 2004-09-02 . 687ABDBF4790F907FB0D3A50B8D9FE3A . 343040 . . [7.0.2600.2180] . . c:\windows\ERDNT\cache\msvcrt.dll [-] 2004-09-02 . 687ABDBF4790F907FB0D3A50B8D9FE3A . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll [-] 2004-09-02 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll [-] 2004-09-02 . 40AC9CE966A05B05C9A4DB5B306A26C3 . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll . [-] 2008-06-20 . 74816260AECBE87C473962A359007EEB . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll [-] 2008-06-20 . 18740E8EC5BE4B6D66FA0E4CBFD3B9C6 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll [-] 2008-06-20 . FF59588E31F864FED9D0258969559A4B . 247296 . . [5.1.2600.3394] . . c:\windows\ERDNT\cache\mswsock.dll [-] 2008-06-20 . FF59588E31F864FED9D0258969559A4B . 247296 . . [5.1.2600.3394] . . c:\windows\system32\mswsock.dll [-] 2008-06-20 . FF59588E31F864FED9D0258969559A4B . 247296 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\mswsock.dll [-] 2008-06-20 . 71AB52C70B9436C0A0B704FDE9D1A7CD . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll [-] 2008-04-14 . 6BBC05038DF477F12E930A0F99F7D219 . 247296 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\mswsock.dll [-] 2004-09-02 . 0C53DB0671AB5A93D169DAFFC8DA11CF . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\mswsock.dll . [-] 2009-02-06 . 45AE58ACDD9B4A8767064544533F94E2 . 408064 . . [5.1.2600.3520] . . c:\windows\ERDNT\cache\netlogon.dll [-] 2009-02-06 . 45AE58ACDD9B4A8767064544533F94E2 . 408064 . . [5.1.2600.3520] . . c:\windows\system32\netlogon.dll [-] 2009-02-06 . 45AE58ACDD9B4A8767064544533F94E2 . 408064 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\netlogon.dll [-] 2008-04-14 . E6A7071DF6855AB7CCCC220AC3AAD087 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\netlogon.dll [-] 2004-09-02 . B3FDAC7A518B6B684BEFE792DC1DC560 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB968389$\netlogon.dll . [-] 2008-04-14 . 32167CE0150DC2A269D99689A143FB67 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\powrprof.dll [-] 2004-09-02 . D5A792DB732622A393A0469FE6EAA728 . 17408 . . [6.00.2900.2180] . . c:\windows\ERDNT\cache\powrprof.dll [-] 2004-09-02 . D5A792DB732622A393A0469FE6EAA728 . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll . [-] 2008-04-14 . 0E3B585761E23C1E35442E972B7E45F9 . 185856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\scecli.dll [-] 2004-09-02 . 5AE934F6837B5A583DED535C4BE5A804 . 184832 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\scecli.dll [-] 2004-09-02 . 5AE934F6837B5A583DED535C4BE5A804 . 184832 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll . [-] 2008-04-14 . E6DCF5DD55AC2655971A478718307D18 . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\sfc.dll [-] 2004-09-02 . 0B10A3122527910CE60D23A7F29C28B1 . 5120 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\sfc.dll [-] 2004-09-02 . 0B10A3122527910CE60D23A7F29C28B1 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll . [-] 2008-04-14 . E410EC73E2BE2A41D923B006F51C8427 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\svchost.exe [-] 2004-09-02 . AB8C6D89A897BACBA4657FDF00E344A6 . 14336 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\svchost.exe [-] 2004-09-02 . AB8C6D89A897BACBA4657FDF00E344A6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe [-] 2004-09-02 . AB8C6D89A897BACBA4657FDF00E344A6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\svchost.exe . [-] 2008-04-14 . 6818A533ED3B2FA9936DF3DAF45352DF . 26112 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\userinit.exe [-] 2004-09-02 . DE7A0EE4A6A28E6DFE3118EB22468DA6 . 24576 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\userinit.exe [-] 2004-09-02 . DE7A0EE4A6A28E6DFE3118EB22468DA6 . 24576 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe . [-] 2008-04-14 . 520391367546218929749612ABFE840C . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ws2_32.dll [-] 2004-09-02 . 06EBCBE58321E924980148B7E3DBD753 . 82944 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ws2_32.dll [-] 2004-09-02 . 06EBCBE58321E924980148B7E3DBD753 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll . [-] 2008-04-14 . 7ED22EA6D840CD388BD68B68580468E1 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ws2help.dll [-] 2004-09-02 . 3B728289DFA923A2C12BE827382C2DB1 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\ws2help.dll . [-] 2008-04-14 . E67C9B97306DEEFBB481072CE5FF8E07 . 153088 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\regedit.exe [-] 2004-09-02 . 39C7FA0F39376599CFA59888816F477B . 153088 . . [5.1.2600.2180] . . c:\windows\regedit.exe . [-] 2008-04-14 . 0996802B726C0CFE94A44CDBD661983A . 406016 . . [1.0420.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\usp10.dll [-] 2004-09-02 . 24B72C7A002170ECC72B6AA5F642A705 . 406528 . . [1.0420.2600.2180] . . c:\windows\system32\usp10.dll . [-] 2008-04-14 . 2D54DB081CDACF8C0B738B9F25B25DCD . 4096 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ksuser.dll [-] 2004-08-04 . 9001FC03FF453DCE7635794ED49379EE . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ksuser.dll [-] 2004-08-04 . 9001FC03FF453DCE7635794ED49379EE . 4096 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\ksuser.dll [-] 2004-08-04 . 9001FC03FF453DCE7635794ED49379EE . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\ksuser.dll . [-] 2008-04-14 . E98A8C802CDB31FCF4121D9DFBEA3677 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ctfmon.exe [-] 2004-09-02 . 7DE46C9C40ABB58C8FDFE0212A3BF2B4 . 15360 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ctfmon.exe [-] 2004-09-02 . 7DE46C9C40ABB58C8FDFE0212A3BF2B4 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe . [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\srsvc.dll [-] 2004-09-02 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\srsvc.dll [-] 2004-09-02 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll . [-] 2008-04-14 . 6F1E5DBA783B147536659395D7B15485 . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\wscntfy.exe [-] 2004-09-02 . D6381A7C1704BE7A8FD5EFDFD9F1463B . 13824 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\wscntfy.exe [-] 2004-09-02 . D6381A7C1704BE7A8FD5EFDFD9F1463B . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe . [-] 2008-04-14 . FD3C38635808920F8235BF2FED642F54 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\xmlprov.dll [-] 2004-09-02 . F4C8D4B0A294AAF37FE50C407B6E03F9 . 129536 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\xmlprov.dll [-] 2004-09-02 . F4C8D4B0A294AAF37FE50C407B6E03F9 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll . [-] 2008-04-14 . CA64B9406EEDA4FFA2DAEAE1DABCCE42 . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\eventlog.dll [-] 2004-09-02 . F1720914CAB06FDE4BE250E3767713CF . 55808 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\eventlog.dll [-] 2004-09-02 . F1720914CAB06FDE4BE250E3767713CF . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll . [-] 2008-04-14 . 328CBDD2445F5B3A047644567EEB557F . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\sfcfiles.dll [-] 2004-09-02 . 486594A19F7AEDEBEA600855FFD5E914 . 1548288 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\sfcfiles.dll [-] 2004-09-02 . 486594A19F7AEDEBEA600855FFD5E914 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll . [-] 2008-04-14 . 2FD5B89BF9289C774C5C730DEA96CD91 . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\regsvc.dll [-] 2004-09-02 . D01BB100558945178E4BCB33B0FE9364 . 59904 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\regsvc.dll [-] 2004-09-02 . D01BB100558945178E4BCB33B0FE9364 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll . [-] 2008-04-14 . 7C288AE0F75CB18CFF1DF6179A67AD8F . 193536 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\schedsvc.dll [-] 2004-09-02 . D245B3E32F8AB3B2FB576AFCFDEC105E . 192000 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\schedsvc.dll [-] 2004-09-02 . D245B3E32F8AB3B2FB576AFCFDEC105E . 192000 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll . [-] 2008-04-14 . 5B9D0DE64BE96A806819516440FD211C . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ssdpsrv.dll [-] 2004-09-02 . B02FDCE64F64CDE3AA809D28D25D2A12 . 71680 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ssdpsrv.dll [-] 2004-09-02 . B02FDCE64F64CDE3AA809D28D25D2A12 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll . [-] 2008-04-14 . 6F18B42068D29B1F6F283DC37057836D . 347648 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\hnetcfg.dll [-] 2004-09-02 . 490BF3896AE3EBD21B448FFB1579AA09 . 347648 . . [5.1.2600.2180] . . c:\windows\system32\hnetcfg.dll . [-] 2008-04-14 . 434A70FA278EB3C42140E3755C2FA4F8 . 175616 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\appmgmts.dll [-] 2004-09-02 . CC888653E0DEC81B525B956C77960F88 . 175616 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\appmgmts.dll [-] 2004-09-02 . CC888653E0DEC81B525B956C77960F88 . 175616 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll . [-] 2004-09-02 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\acpiec.sys [-] 2004-09-02 . 63F517B1A87DABF3F5ACB8A7952FC1D1 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys . [-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\agp440.sys [-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\AGP440.SYS [-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\system32\drivers\AGP440.SYS . [-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ip6fw.sys [-] 2004-09-02 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\ip6fw.sys [-] 2004-09-02 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys . [-] 2008-04-14 . C56A45A03DCA11712DE9FDF98224230B . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\msgsvc.dll [-] 2004-09-02 . 1405B1431F51CAB25FE9B2ECF13CB198 . 33792 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\msgsvc.dll [-] 2004-09-02 . 1405B1431F51CAB25FE9B2ECF13CB198 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll . [-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\ERDNT\cache\mspmsnsv.dll [-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll [-] 2005-08-03 17:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [-] 2005-08-03 17:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll [-] 2004-09-02 11:00 . 61A79E8D4A440095EA2EB9FD694CD1AE . 25600 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll . [-] 2010-02-17 . 1BA87670B4305072123A0CC0F478A340 . 2068096 . . [5.1.2600.3670] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe [-] 2010-02-17 . 1BA87670B4305072123A0CC0F478A340 . 2068096 . . [5.1.2600.3670] . . c:\windows\system32\dllcache\ntkrnlpa.exe [-] 2010-02-16 . 38D52FDA70F0275385D4CFD88E824688 . 2026496 . . [5.1.2600.3670] . . c:\windows\ERDNT\cache\ntkrnlpa.exe [-] 2010-02-16 . 38D52FDA70F0275385D4CFD88E824688 . 2026496 . . [5.1.2600.3670] . . c:\windows\system32\ntkrnlpa.exe [-] 2010-02-16 . F6049CA4515D37D5DA502D162E9B6AA0 . 2071168 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe [-] 2010-02-16 . 7C4F935FC449E4D27C685A5BC1792664 . 2071296 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . 6A42A70506E7ACFF6C3ACD740E22A01F . 2070528 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe [-] 2009-12-09 . 06B79556F2BAC4EC207E7A26F7D9728C . 2025472 . . [5.1.2600.3654] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe [-] 2009-12-09 . F63B0CC3CE1E6E8EA39B4933B595C73A . 2070400 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3GDR\ntkrnlpa.exe [-] 2009-08-04 . AB21A63A3B15653043E71126E5BBE3DE . 2070528 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe [-] 2009-08-04 . BF6965EA17CC1E48DA287783AEEF3CDB . 2070400 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntkrnlpa.exe [-] 2009-08-04 . 20B768F98D8F664EE06986C1742F1A0B . 2025472 . . [5.1.2600.3610] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe [-] 2009-02-10 . 6A94A7317E28B6543D94174F9016BB68 . 2070400 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe [-] 2009-02-09 . 3F52B22DDBC323A39F11B64E1D381D0E . 2025472 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe [-] 2009-02-09 . 07EE73D79A7CA142463470AEF230082B . 2070528 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . DE961B54D30C7DD6AA6C3BD27D584E30 . 2070400 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe [-] 2008-08-14 . 456B34656C7DE51728BDAB378E563463 . 2025472 . . [5.1.2600.3427] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe [-] 2008-08-14 . C92E65CBB38161373319BB11340DE919 . 2070400 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe [-] 2008-04-14 . 6129DA5C68C13DCA12E77580730FD770 . 2070272 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntkrnlpa.exe [7] 2007-02-28 . CA7BD390DD6C35AF9BF6B56B3B6B086F . 2021888 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe [7] 2005-10-12 . F864A9D7DB8E519FB9F36D1DF60DAF12 . 2019840 . . [5.1.2600.2774] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe [7] 2005-03-02 . C26D84B802567E629D42861A11C7EC04 . 2061312 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe . [-] 2008-04-14 17:02 . AC1A78237B53044735693633F8235468 . 437248 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntmssvc.dll [-] 2004-09-02 11:00 . AC75E028773CBBD7D8B1313F382E7C05 . 437248 . . [5.1.2400.2180] . . c:\windows\ERDNT\cache\ntmssvc.dll [-] 2004-09-02 11:00 . AC75E028773CBBD7D8B1313F382E7C05 . 437248 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll . [-] 2008-04-14 . 3A9974C925F4500BFF226F61DE1C4AF8 . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\dsound.dll [-] 2004-09-02 . 4AAB7EC0EA6C53C6B381546F15C286CA . 367616 . . [5.3.2600.2180] . . c:\windows\ERDNT\cache\dsound.dll [-] 2004-09-02 . 4AAB7EC0EA6C53C6B381546F15C286CA . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dsound.dll . [-] 2008-04-14 . 85F98F220C5E69E08149186BFEEF7B70 . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\d3d9.dll [-] 2004-09-02 . 66B9B43A5E0777F465CA492039176455 . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\d3d9.dll . [-] 2008-04-14 . 7D2ABE7AA2D6CBC1CB0A1EB8B2619FCF . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ddraw.dll [-] 2004-09-02 . B54EF2F95DD3A188A2E4798C2CFB7EE7 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\ddraw.dll . [-] 2008-04-14 17:02 . 6508ED3152C29B28B5E9183160DD2686 . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\olepro32.dll [-] 2004-09-02 11:00 . DFB4A7A3E7948686DBC4B0DEA4A0AE94 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\olepro32.dll . [-] 2008-04-14 . E62337E275E82AA3F0ABFFED7E6E01E2 . 41472 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\perfctrs.dll [-] 2004-09-02 . D521890151A11C410F6A94EE3C37CD14 . 41472 . . [5.1.2600.2180] . . c:\windows\system32\perfctrs.dll . [-] 2008-04-14 . 85844EC167674A67F547E13747E3E0E3 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\version.dll [-] 2004-09-02 . D67A94C11062EEE45BED5106DFDB9C0A . 18944 . . [5.1.2600.2180] . . c:\windows\system32\version.dll . [-] 2010-02-17 . FD62829F3524A1BE95FD384A3C445AAB . 2194304 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe [-] 2010-02-16 . 481961F97B0526A66EF676E0D00C4180 . 2191232 . . [5.1.2600.3670] . . c:\windows\Driver Cache\i386\ntoskrnl.exe [-] 2010-02-16 . 481961F97B0526A66EF676E0D00C4180 . 2191232 . . [5.1.2600.3670] . . c:\windows\system32\dllcache\ntoskrnl.exe [-] 2010-02-16 . E3ADA72560FE0DAE340389CE1DD0EF36 . 2148352 . . [5.1.2600.3670] . . c:\windows\ERDNT\cache\ntoskrnl.exe [-] 2010-02-16 . E3ADA72560FE0DAE340389CE1DD0EF36 . 2148352 . . [5.1.2600.3670] . . c:\windows\system32\ntoskrnl.exe [-] 2010-02-16 . B79C48187CA08D2EC27DA4939953F082 . 2194432 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . 5037978D6ED651AEC5D6ACC87D65C715 . 2193664 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe [-] 2009-12-09 . 1E2C845C28B7BF68A39E4B7823DBF73A . 2147328 . . [5.1.2600.3654] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe [-] 2009-12-09 . 13C15BFF7E82D3F9FD215ADD54A3929D . 2193536 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3GDR\ntoskrnl.exe [-] 2009-08-04 . 270DE336026B0815F064BB8BD4CFD336 . 2193536 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe [-] 2009-08-04 . 2F1443AB72A64182FD8258BBAE801EA7 . 2193664 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe [-] 2009-08-04 . 278A3E51A4A9703DEC651A459E0AA9D0 . 2147328 . . [5.1.2600.3610] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe [-] 2009-02-10 . 7625D5BAFD2A4A8458468B139C893BB7 . 2193536 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe [-] 2009-02-09 . A9C6F20FC84246A2761C10430B2BF5CF . 2147328 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe [-] 2009-02-09 . 27380B877348030B0662A39C47AAEC11 . 2193408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe [-] 2008-08-14 . E332B6DE826D4222A758E3264AD8D520 . 2193536 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe [-] 2008-08-14 . F73F850155AFE927F19C7DA0E73E7809 . 2147328 . . [5.1.2600.3427] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe [-] 2008-08-14 . 3E5E63D926C5E9F81045F3646815D2A1 . 2193536 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe [-] 2008-04-14 . 140A1BAD8A6642C1386BB5B388EB447F . 2193408 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\ntoskrnl.exe [7] 2007-02-28 . 4192EC8ADFE1D11896021A6617ED907F . 2142208 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe [7] 2005-10-12 . 0C67EB019C222CFA25F8D663DBFB49F2 . 2140672 . . [5.1.2600.2774] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe [7] 2005-03-02 . 5DB3E8DEC987B5D350E4A105DCEAEE6A . 2183936 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe . [-] 2008-04-14 . 81CBF363C414620CAA61BD6843D8FDB9 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\srsvc.dll [-] 2004-09-02 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\srsvc.dll [-] 2004-09-02 . 0B96A1E4252F663222C9C3BAC89F596C . 170496 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll . [-] 2008-04-14 . 390D8E65F362327AD510B08971478301 . 176128 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\w32time.dll [-] 2004-09-02 . EF361E7A6319C445C21C81A131CF1F99 . 175616 . . [5.1.2600.2180] . . c:\windows\system32\w32time.dll . [-] 2008-04-14 . 5203C84A11E39CBB1408F5E2767B04ED . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\260e3108a35423121f4aaa9d90f9f113\midimap.dll [-] 2004-09-02 . E291F42AE2793304990C6EA77C482979 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\midimap.dll . ((((((((((((((((((((((((((((( SnapShot@2011-05-28_08.01.45 ))))))))))))))))))))))))))))))))))))))))) . + 2006-10-26 11:40 . 2006-10-26 11:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll + 2006-10-26 11:40 . 2006-10-26 11:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll + 2006-10-26 11:40 . 2006-10-26 11:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll + 2006-10-26 11:40 . 2006-10-26 11:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll + 2006-10-26 11:40 . 2006-10-26 11:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll + 2006-10-26 11:40 . 2006-10-26 11:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll + 2006-10-26 11:40 . 2006-10-26 11:40 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll + 2006-10-26 11:40 . 2006-10-26 11:40 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll + 2006-10-26 11:40 . 2006-10-26 11:40 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll + 2006-10-26 11:40 . 2006-10-26 11:40 95744 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll + 2011-07-30 07:06 . 2011-07-30 07:06 82432 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll + 2007-07-21 08:33 . 2004-10-06 08:40 90112 c:\windows\twain_32\BrMfSc07\Lang\BrTwdUsa.dll - 2007-07-21 08:33 . 2004-10-06 07:40 90112 c:\windows\twain_32\BrMfSc07\Lang\BrTwdUsa.dll + 2007-07-21 08:33 . 2004-10-06 08:40 90112 c:\windows\twain_32\BrMfSc07\Lang\BrTwdSwe.dll - 2007-07-21 08:33 . 2004-10-06 07:40 90112 c:\windows\twain_32\BrMfSc07\Lang\BrTwdSwe.dll - 2007-07-21 08:33 . 2004-10-06 08:16 94208 c:\windows\twain_32\BrMfSc07\Lang\BrTwdSpa.dll + 2007-07-21 08:33 . 2004-10-06 09:16 94208 c:\windows\twain_32\BrMfSc07\Lang\BrTwdSpa.dll + 2010-02-06 06:30 . 2004-11-10 08:13 77824 c:\windows\twain_32\BrMfSc07\Lang\BrTwdRus.dll + 2007-07-21 08:33 . 2004-10-06 08:40 94208 c:\windows\twain_32\BrMfSc07\Lang\BrTwdPor.dll - 2007-07-21 08:33 . 2004-10-06 07:40 94208 c:\windows\twain_32\BrMfSc07\Lang\BrTwdPor.dll + 2007-07-21 08:33 . 2004-10-06 08:40 90112 c:\windows\twain_32\BrMfSc07\Lang\BrTwdNor.dll - 2007-07-21 08:33 . 2004-10-06 07:40 90112 c:\windows\twain_32\BrMfSc07\Lang\BrTwdNor.dll + 2007-07-21 08:33 . 2005-03-03 08:35 73728 c:\windows\twain_32\BrMfSc07\Lang\BrTwdJpn.dll - 2007-07-21 08:33 . 2005-03-03 07:35 73728 c:\windows\twain_32\BrMfSc07\Lang\BrTwdJpn.dll - 2007-07-21 08:33 . 2004-10-06 07:40 94208 c:\windows\twain_32\BrMfSc07\Lang\BrTwdIta.dll + 2007-07-21 08:33 . 2004-10-06 08:40 94208 c:\windows\twain_32\BrMfSc07\Lang\BrTwdIta.dll - 2007-07-21 08:33 . 2004-10-06 07:40 94208 c:\windows\twain_32\BrMfSc07\Lang\BrTwdGer.dll + 2007-07-21 08:33 . 2004-10-06 08:40 94208 c:\windows\twain_32\BrMfSc07\Lang\BrTwdGer.dll + 2007-07-21 08:33 . 2004-10-06 08:40 94208 c:\windows\twain_32\BrMfSc07\Lang\BrTwdFre.dll - 2007-07-21 08:33 . 2004-10-06 07:40 94208 c:\windows\twain_32\BrMfSc07\Lang\BrTwdFre.dll + 2007-07-21 08:33 . 2004-10-06 08:40 90112 c:\windows\twain_32\BrMfSc07\Lang\BrTwdEng.dll - 2007-07-21 08:33 . 2004-10-06 07:40 90112 c:\windows\twain_32\BrMfSc07\Lang\BrTwdEng.dll - 2007-07-21 08:33 . 2004-10-06 07:40 90112 c:\windows\twain_32\BrMfSc07\Lang\BrTwdDut.dll + 2007-07-21 08:33 . 2004-10-06 08:40 90112 c:\windows\twain_32\BrMfSc07\Lang\BrTwdDut.dll - 2007-07-21 08:33 . 2004-10-06 07:40 90112 c:\windows\twain_32\BrMfSc07\Lang\BrTwdDan.dll + 2007-07-21 08:33 . 2004-10-06 08:40 90112 c:\windows\twain_32\BrMfSc07\Lang\BrTwdDan.dll - 2007-07-21 08:33 . 2004-11-16 08:32 73728 c:\windows\twain_32\BrMfSc07\Lang\BrTwdChn.dll + 2007-07-21 08:33 . 2004-11-16 09:32 73728 c:\windows\twain_32\BrMfSc07\Lang\BrTwdChn.dll - 2007-07-21 08:33 . 2004-08-16 13:49 49152 c:\windows\twain_32\BrMfSc07\Common\BrStiIf.dll + 2007-07-21 08:33 . 2004-08-16 14:49 49152 c:\windows\twain_32\BrMfSc07\Common\BrStiIf.dll + 2007-07-21 08:33 . 2004-10-15 16:35 77824 c:\windows\twain_32\BrMfSc07\Common\BrScnDev.dll - 2007-07-21 08:33 . 2004-10-15 15:35 77824 c:\windows\twain_32\BrMfSc07\Common\BrScnDev.dll + 2011-11-12 06:46 . 2011-11-12 06:46 16384 c:\windows\temp\Perflib_Perfdata_f14.dat + 2011-08-06 07:51 . 2005-01-10 16:15 20992 c:\windows\system32\sfman32.dll - 2007-06-22 10:54 . 2005-01-10 02:15 20992 c:\windows\system32\sfman32.dll + 2011-08-08 19:16 . 2005-01-10 16:15 20992 c:\windows\system32\ReinstallBackups\0017\DriverFiles\sfman32.dll + 2011-08-06 07:06 . 2004-09-02 11:00 23552 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\wdmaud.drv + 2011-08-06 07:06 . 2004-08-03 21:08 48640 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\stream.sys + 2011-08-06 07:06 . 2004-08-03 21:08 60288 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\drmk.sys + 2005-09-02 01:05 . 2011-10-30 11:09 90374 c:\windows\system32\perfc013.dat - 2005-09-02 01:05 . 2011-05-25 21:32 90374 c:\windows\system32\perfc013.dat - 2005-09-02 01:05 . 2011-05-25 21:32 70588 c:\windows\system32\perfc009.dat + 2005-09-02 01:05 . 2011-10-30 11:09 70588 c:\windows\system32\perfc009.dat + 2007-12-08 10:22 . 2011-05-18 08:13 75264 c:\windows\system32\nmwcdcls.dll - 2007-12-08 10:22 . 2010-07-30 13:17 75264 c:\windows\system32\nmwcdcls.dll + 2009-03-08 02:31 . 2010-05-06 10:36 55296 c:\windows\system32\msfeedsbs.dll - 2009-03-08 02:31 . 2009-03-08 02:31 55296 c:\windows\system32\msfeedsbs.dll - 2005-09-02 01:04 . 2009-03-08 02:33 25600 c:\windows\system32\jsproxy.dll + 2005-09-02 01:04 . 2010-05-06 10:36 25600 c:\windows\system32\jsproxy.dll + 2011-07-30 07:05 . 2008-08-26 08:26 18816 c:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys - 2011-01-22 06:24 . 2008-08-26 08:26 18816 c:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys + 2011-07-30 07:04 . 2011-05-18 08:13 75264 c:\windows\system32\DRVSTORE\nmwcdnsuc_8DD24D1409E3E5A28AF250E6C12966A02CC4D11B\nmwcdcls.dll + 2011-07-30 07:04 . 2011-05-18 08:13 75264 c:\windows\system32\DRVSTORE\nmwcdnsu_8DD24D1409E3E5A28AF250E6C12966A02CC4D11B\nmwcdcls.dll + 2011-07-30 07:04 . 2011-05-18 08:13 75264 c:\windows\system32\DRVSTORE\ccdcmbo_8DD24D1409E3E5A28AF250E6C12966A02CC4D11B\nmwcdcls.dll + 2011-07-30 07:04 . 2011-05-18 08:12 23168 c:\windows\system32\DRVSTORE\ccdcmbo_8DD24D1409E3E5A28AF250E6C12966A02CC4D11B\ccdcmbo.sys + 2011-07-30 07:04 . 2011-05-18 08:13 75264 c:\windows\system32\DRVSTORE\ccdcmb_8DD24D1409E3E5A28AF250E6C12966A02CC4D11B\nmwcdcls.dll + 2011-07-30 07:04 . 2011-05-18 08:12 18176 c:\windows\system32\DRVSTORE\ccdcmb_8DD24D1409E3E5A28AF250E6C12966A02CC4D11B\ccdcmb.sys - 2011-01-22 06:24 . 2008-08-26 08:26 18816 c:\windows\system32\drivers\pccsmcfd.sys + 2011-07-30 07:05 . 2008-08-26 08:26 18816 c:\windows\system32\drivers\pccsmcfd.sys - 2004-08-03 21:59 . 2004-09-02 11:00 36352 c:\windows\system32\drivers\disk.sys + 2004-08-03 21:59 . 2004-08-03 20:59 36352 c:\windows\system32\drivers\disk.sys - 2007-12-08 10:28 . 2004-08-03 22:10 38016 c:\windows\system32\drivers\bthmodem.sys + 2007-12-08 10:28 . 2004-08-03 21:10 38016 c:\windows\system32\drivers\bthmodem.sys + 2007-07-21 08:33 . 2004-10-15 11:50 15295 c:\windows\system32\drivers\BrScnUsb.sys - 2007-07-21 08:33 . 2004-10-15 10:50 15295 c:\windows\system32\drivers\BrScnUsb.sys + 2011-03-16 14:03 . 2011-03-16 14:03 32592 c:\windows\system32\drivers\avgrkx86.sys + 2011-03-01 12:25 . 2011-03-01 12:25 34896 c:\windows\system32\drivers\avgmfx86.sys + 2011-02-10 05:53 . 2011-02-10 05:53 27216 c:\windows\system32\drivers\AVGIDSShim.sys + 2011-02-10 05:53 . 2011-02-10 05:53 24144 c:\windows\system32\drivers\AVGIDSFilter.sys + 2011-02-22 06:13 . 2011-02-22 06:13 22992 c:\windows\system32\drivers\AVGIDSEH.sys - 2007-06-22 10:45 . 2009-03-08 02:33 25600 c:\windows\system32\dllcache\jsproxy.dll + 2007-06-22 10:45 . 2010-05-06 10:36 25600 c:\windows\system32\dllcache\jsproxy.dll - 2007-06-22 10:54 . 2005-12-06 19:34 40448 c:\windows\system32\CiEcho.dll + 2007-06-22 10:54 . 2005-12-07 09:34 40448 c:\windows\system32\CiEcho.dll + 2011-07-30 07:03 . 2011-07-30 07:03 78336 c:\windows\Installer\b26da7.msi + 2011-09-12 19:54 . 2011-09-12 19:54 38400 c:\windows\Installer\6501e36.msi + 2011-08-06 07:05 . 2011-08-06 07:05 45056 c:\windows\Installer\{FCD9CD52-7222-4672-94A0-A722BA702FD0}\NewShortcut1.EXE + 2011-07-30 07:05 . 2011-07-30 07:05 10134 c:\windows\Installer\{C373F7C4-05D2-4047-96D1-6AF30661C6AA}\ARPPRODUCTICON.exe + 2011-07-30 07:07 . 2011-07-30 07:07 53248 c:\windows\Installer\{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}\ARPPRODUCTICON.exe + 2011-11-03 14:43 . 2011-11-03 14:43 49936 c:\windows\Installer\{95120000-00AF-0413-0000-0000000FF1CE}\ppvwicon.exe + 2011-09-14 11:34 . 2011-09-14 11:34 34632 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe - 2008-03-18 20:23 . 2011-04-17 00:27 90112 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\xlicons.exe + 2008-03-18 20:23 . 2011-09-03 04:32 90112 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\xlicons.exe - 2008-03-18 20:23 . 2011-04-17 00:27 45056 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\wordicon.exe + 2008-03-18 20:23 . 2011-09-03 04:32 45056 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\wordicon.exe - 2008-03-18 20:23 . 2011-04-17 00:27 22528 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\unbndico.exe + 2008-03-18 20:23 . 2011-09-03 04:32 22528 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\unbndico.exe + 2008-03-18 20:23 . 2011-09-03 04:32 30720 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\pptico.exe - 2008-03-18 20:23 . 2011-04-17 00:27 30720 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\pptico.exe - 2008-03-18 20:23 . 2011-04-17 00:27 16384 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\PEicons.exe + 2008-03-18 20:23 . 2011-09-03 04:32 16384 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\PEicons.exe - 2008-03-18 20:23 . 2011-04-17 00:27 34304 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\misc.exe + 2008-03-18 20:23 . 2011-09-03 04:32 34304 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\misc.exe + 2011-09-12 19:54 . 2011-09-12 19:54 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll + 2011-07-30 07:05 . 2011-07-30 07:05 24255 c:\windows\Installer\{2CC53A53-44F4-4667-8584-2FFC9ACB2242}\ARPPRODUCTICON.exe + 2011-07-30 07:06 . 2011-07-30 07:06 10134 c:\windows\Installer\{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}\ARPPRODUCTICON.exe + 2010-09-23 03:47 . 2010-09-23 03:47 35760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\reader_sl.exe + 2010-09-23 02:03 . 2010-09-23 02:03 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\eula.exe + 2010-09-20 22:07 . 2010-09-20 22:07 70584 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\adobeextractfiles.dll + 2010-09-23 01:52 . 2010-09-23 01:52 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\acrotextextractor.exe + 2010-09-22 17:12 . 2010-09-22 17:12 15800 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\AcroRd32Info.exe - 2007-06-22 10:54 . 2004-07-29 22:47 24576 c:\windows\inresdut.dll + 2007-06-22 10:54 . 2004-07-30 12:47 24576 c:\windows\inresdut.dll + 2011-06-07 00:09 . 2009-03-08 02:33 12288 c:\windows\ie8updates\KB982381-IE8\xpshims.dll + 2011-06-07 00:09 . 2008-07-08 13:07 18808 c:\windows\ie8updates\KB982381-IE8\spmsg.dll + 2011-06-07 00:09 . 2008-07-08 13:07 26488 c:\windows\ie8updates\KB982381-IE8\spcustom.dll + 2011-06-07 00:09 . 2009-03-08 02:31 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll + 2011-06-07 00:09 . 2009-03-08 02:33 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll + 2011-06-07 00:09 . 2009-05-26 11:41 18808 c:\windows\ie8updates\KB981332-IE8\spmsg.dll + 2011-06-07 00:09 . 2009-05-26 11:41 26488 c:\windows\ie8updates\KB981332-IE8\spcustom.dll + 2011-06-07 00:10 . 2008-07-08 13:07 18808 c:\windows\ie8updates\KB976662-IE8\spmsg.dll + 2011-06-07 00:10 . 2008-07-08 13:07 26488 c:\windows\ie8updates\KB976662-IE8\spcustom.dll + 2011-06-07 00:09 . 2008-07-08 13:07 18808 c:\windows\ie8updates\KB971961-IE8\spmsg.dll + 2011-06-07 00:09 . 2008-07-08 13:07 26488 c:\windows\ie8updates\KB971961-IE8\spcustom.dll + 2011-07-30 07:04 . 2011-05-18 08:09 8576 c:\windows\system32\DRVSTORE\nmwcdnsuc_8DD24D1409E3E5A28AF250E6C12966A02CC4D11B\nmwcdnsuc.sys + 2011-07-30 07:04 . 2011-05-18 08:12 8192 c:\windows\system32\DRVSTORE\ccdcmbm_8DD24D1409E3E5A28AF250E6C12966A02CC4D11B\usbser_lowerflt.sys + 2011-07-30 07:04 . 2011-05-18 08:12 8192 c:\windows\system32\DRVSTORE\ccdcmbj_8DD24D1409E3E5A28AF250E6C12966A02CC4D11B\usbser_lowerfltj.sys + 2008-03-18 20:23 . 2011-09-03 04:32 3584 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\opwicon.exe - 2008-03-18 20:23 . 2011-04-17 00:27 3584 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\opwicon.exe + 2008-03-18 20:23 . 2011-09-03 04:32 8192 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\mspicons.exe - 2008-03-18 20:23 . 2011-04-17 00:27 8192 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\mspicons.exe - 2008-03-18 20:23 . 2011-04-17 00:27 2560 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\cagicon.exe + 2008-03-18 20:23 . 2011-09-03 04:32 2560 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\cagicon.exe + 2011-07-30 07:04 . 2011-07-30 07:04 3262 c:\windows\Installer\{2D99A593-C841-43A7-B7C9-D6F3AE70B756}\ARPPRODUCTICON.exe - 2007-07-21 08:33 . 2004-10-28 07:35 131072 c:\windows\twain_32\BrMfSc07\Common\BrTwdsUi.dll + 2007-07-21 08:33 . 2004-10-28 08:35 131072 c:\windows\twain_32\BrMfSc07\Common\BrTwdsUi.dll - 2007-07-21 08:33 . 2004-12-07 16:28 180224 c:\windows\twain_32\BrMfSc07\Common\BrTwdScn.dll + 2007-07-21 08:33 . 2004-12-07 17:28 180224 c:\windows\twain_32\BrMfSc07\Common\BrTwdScn.dll + 2007-07-21 08:33 . 2004-10-28 08:35 131072 c:\windows\twain_32\BrMfSc07\Common\BrTwds.dll - 2007-07-21 08:33 . 2004-10-28 07:35 131072 c:\windows\twain_32\BrMfSc07\Common\BrTwds.dll + 2005-09-02 01:05 . 2010-05-06 10:37 916480 c:\windows\system32\wininet.dll - 2005-09-02 01:05 . 2009-03-08 02:33 420352 c:\windows\system32\vbscript.dll + 2005-09-02 01:05 . 2010-03-10 06:17 420352 c:\windows\system32\vbscript.dll - 2007-06-22 10:28 . 2006-07-24 09:20 112128 c:\windows\system32\staco.dll + 2011-08-08 18:58 . 2006-03-20 14:04 112128 c:\windows\system32\staco.dll + 2011-08-08 18:58 . 2006-03-20 14:02 208896 c:\windows\system32\stacapi.dll - 2007-06-22 10:28 . 2006-07-24 09:20 208896 c:\windows\system32\stacapi.dll + 2007-07-21 08:33 . 2002-06-29 02:01 100864 c:\windows\system32\spool\drivers\w32x86\brotherdcp_115c3509\brqikmon.exe - 2007-07-21 08:33 . 2002-06-29 01:01 100864 c:\windows\system32\spool\drivers\w32x86\brotherdcp_115c3509\brqikmon.exe - 2007-07-21 08:33 . 2005-04-28 17:40 996104 c:\windows\system32\spool\drivers\w32x86\brotherdcp_115c3509\briu05a.dll + 2007-07-21 08:33 . 2005-06-04 14:31 996104 c:\windows\system32\spool\drivers\w32x86\brotherdcp_115c3509\briu05a.dll + 2007-07-21 08:33 . 2005-04-28 18:41 118784 c:\windows\system32\spool\drivers\w32x86\brotherdcp_115c3509\bril05a.dll - 2007-07-21 08:33 . 2005-04-28 17:41 118784 c:\windows\system32\spool\drivers\w32x86\brotherdcp_115c3509\bril05a.dll - 2007-06-22 10:54 . 2005-01-10 02:15 115200 c:\windows\system32\sfms32.dll + 2011-08-06 07:51 . 2005-01-10 16:15 115200 c:\windows\system32\sfms32.dll + 2011-08-08 19:16 . 2005-01-10 16:15 115200 c:\windows\system32\ReinstallBackups\0017\DriverFiles\sfms32.dll + 2011-08-08 19:16 . 2005-05-25 15:34 158464 c:\windows\system32\ReinstallBackups\0017\DriverFiles\ctusfsyn.sys + 2011-08-08 19:16 . 2005-01-10 16:15 138752 c:\windows\system32\ReinstallBackups\0017\DriverFiles\ctsfm2k.sys + 2011-08-08 19:16 . 2005-01-10 16:15 106496 c:\windows\system32\ReinstallBackups\0017\DriverFiles\ctoss2k.sys + 2011-08-06 07:06 . 2006-03-20 14:04 112128 c:\windows\system32\ReinstallBackups\0016\DriverFiles\staco.dll + 2011-08-06 07:06 . 2006-07-24 09:20 208896 c:\windows\system32\ReinstallBackups\0016\DriverFiles\stacapi.dll + 2011-08-06 07:06 . 2004-03-16 10:58 136960 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\portcls.sys + 2011-08-06 07:06 . 2004-08-03 21:15 140928 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\ks.sys + 2002-01-08 16:00 . 2002-01-08 16:00 176128 c:\windows\system32\RcdScan.dll + 2005-09-02 01:05 . 2011-10-30 11:09 508108 c:\windows\system32\perfh013.dat - 2005-09-02 01:05 . 2011-05-25 21:32 508108 c:\windows\system32\perfh013.dat - 2005-09-02 01:05 . 2011-05-25 21:32 440488 c:\windows\system32\perfh009.dat + 2005-09-02 01:05 . 2011-10-30 11:09 440488 c:\windows\system32\perfh009.dat + 2005-09-02 01:05 . 2010-05-06 10:37 206848 c:\windows\system32\occache.dll + 2005-09-02 01:05 . 2010-05-06 10:37 611840 c:\windows\system32\mstime.dll - 2005-09-02 01:05 . 2009-03-08 02:32 611840 c:\windows\system32\mstime.dll + 2009-03-08 02:32 . 2010-05-06 10:36 599040 c:\windows\system32\msfeeds.dll + 2011-10-25 16:19 . 2011-10-25 16:19 247968 c:\windows\system32\Macromed\Flash\FlashUtil11c_Plugin.exe + 2011-10-22 04:39 . 2011-10-22 04:39 247968 c:\windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe + 2011-10-22 04:39 . 2011-10-22 04:39 335520 c:\windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.dll + 2005-09-02 01:04 . 2009-12-09 05:55 726528 c:\windows\system32\jscript.dll - 2005-09-02 01:04 . 2009-03-08 02:33 726528 c:\windows\system32\jscript.dll + 2005-09-02 01:04 . 2010-05-06 10:36 184320 c:\windows\system32\iepeers.dll + 2005-09-02 01:04 . 2010-05-06 10:36 387584 c:\windows\system32\iedkcs32.dll + 2005-09-02 01:04 . 2010-05-05 13:30 173056 c:\windows\system32\ie4uinit.exe - 2005-09-02 01:04 . 2009-03-08 02:32 173056 c:\windows\system32\ie4uinit.exe + 2000-03-23 11:50 . 2000-03-23 11:50 446464 c:\windows\system32\hhactivex.dll + 2008-08-02 05:37 . 2011-09-06 11:59 204120 c:\windows\system32\FNTCACHE.DAT + 2011-07-30 07:05 . 2011-01-03 12:50 592896 c:\windows\system32\DRVSTORE\pccswpddri_58E92219CA3FF6890A1AA097BB664B7DC817D147\PCCSWpdDriver.dll + 2011-07-30 07:04 . 2011-05-18 08:09 137600 c:\windows\system32\DRVSTORE\nmwcdnsu_8DD24D1409E3E5A28AF250E6C12966A02CC4D11B\nmwcdnsu.sys + 2011-07-30 07:04 . 2011-05-18 08:13 605696 c:\windows\system32\DRVSTORE\ccdcmb_8DD24D1409E3E5A28AF250E6C12966A02CC4D11B\nmwcdcocls.dll + 2011-07-30 07:04 . 2011-05-18 08:13 123904 c:\windows\system32\DRVSTORE\ccdcmb_8DD24D1409E3E5A28AF250E6C12966A02CC4D11B\ccdcmbwu.dll + 2000-11-01 22:10 . 2000-11-01 22:10 164180 c:\windows\system32\drivers\windrvr.sys + 2011-01-03 12:50 . 2011-01-03 12:50 592896 c:\windows\system32\drivers\UMDF\PCCSWpdDriver.dll - 2007-06-22 10:54 . 2005-05-25 01:34 158464 c:\windows\system32\drivers\ctusfsyn.sys + 2011-08-06 07:51 . 2005-05-25 15:34 158464 c:\windows\system32\drivers\ctusfsyn.sys + 2011-08-06 07:51 . 2005-01-10 16:15 138752 c:\windows\system32\drivers\ctsfm2k.sys - 2007-06-22 10:54 . 2005-01-10 02:15 138752 c:\windows\system32\drivers\ctsfm2k.sys + 2011-08-06 07:51 . 2005-01-10 16:15 106496 c:\windows\system32\drivers\ctoss2k.sys - 2007-06-22 10:54 . 2005-01-10 02:15 106496 c:\windows\system32\drivers\ctoss2k.sys + 2011-04-04 22:59 . 2011-04-04 22:59 297168 c:\windows\system32\drivers\avgtdix.sys + 2011-01-07 04:41 . 2011-01-07 04:41 248656 c:\windows\system32\drivers\avgldx86.sys + 2011-04-14 19:28 . 2011-05-27 17:05 134480 c:\windows\system32\drivers\AVGIDSDriver.sys + 2007-06-22 10:45 . 2010-05-06 10:37 916480 c:\windows\system32\dllcache\wininet.dll - 2007-12-18 14:43 . 2009-03-08 02:33 420352 c:\windows\system32\dllcache\vbscript.dll + 2007-12-18 14:43 . 2010-03-10 06:17 420352 c:\windows\system32\dllcache\vbscript.dll + 2009-03-08 02:34 . 2010-05-06 10:37 206848 c:\windows\system32\dllcache\occache.dll + 2007-06-22 10:45 . 2010-05-06 10:37 611840 c:\windows\system32\dllcache\mstime.dll - 2007-06-22 10:45 . 2009-03-08 02:32 611840 c:\windows\system32\dllcache\mstime.dll + 2007-06-22 10:45 . 2009-12-09 05:55 726528 c:\windows\system32\dllcache\jscript.dll - 2007-06-22 10:45 . 2009-03-08 02:33 726528 c:\windows\system32\dllcache\jscript.dll + 2007-06-22 10:45 . 2010-05-06 10:36 184320 c:\windows\system32\dllcache\iepeers.dll + 2009-03-08 12:09 . 2010-05-06 10:36 387584 c:\windows\system32\dllcache\iedkcs32.dll - 2009-03-08 02:32 . 2009-03-08 02:32 173056 c:\windows\system32\dllcache\ie4uinit.exe + 2009-03-08 02:32 . 2010-05-05 13:30 173056 c:\windows\system32\dllcache\ie4uinit.exe + 2007-06-22 10:54 . 2006-01-18 20:07 160768 c:\windows\system32\cifilter.dll - 2007-06-22 10:54 . 2006-01-18 06:07 160768 c:\windows\system32\cifilter.dll + 2011-08-08 18:58 . 2006-03-20 14:00 282624 c:\windows\stsystra.exe - 2007-06-22 10:49 . 2006-07-24 09:20 282624 c:\windows\stsystra.exe + 2011-07-30 07:08 . 2011-07-30 07:08 689152 c:\windows\Installer\b26e1c.msi + 2011-07-30 07:07 . 2011-07-30 07:07 737280 c:\windows\Installer\b26e16.msi + 2011-07-30 07:05 . 2011-07-30 07:05 689664 c:\windows\Installer\b26dfb.msi + 2011-07-30 07:05 . 2011-07-30 07:05 496128 c:\windows\Installer\b26df6.msi + 2011-07-30 07:04 . 2011-07-30 07:04 337408 c:\windows\Installer\b26dc2.msi + 2011-09-04 00:43 . 2011-09-04 00:43 381440 c:\windows\Installer\3163eee.msi + 2011-11-03 14:43 . 2011-11-03 14:43 360448 c:\windows\Installer\1d0d84.msi + 2008-03-18 20:23 . 2011-09-03 04:32 114688 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\outicon.exe - 2008-03-18 20:23 . 2011-04-17 00:27 114688 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\outicon.exe - 2008-03-18 20:23 . 2011-04-17 00:27 167936 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\accicons.exe + 2008-03-18 20:23 . 2011-09-03 04:32 167936 c:\windows\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\accicons.exe + 2011-07-30 07:08 . 2011-07-30 07:08 287934 c:\windows\Installer\{07D77970-B205-460C-84E4-263F30455597}\ARPPRODUCTICON.exe + 2010-09-20 22:07 . 2010-09-20 22:07 338856 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\readerupdater.exe + 2010-09-10 17:17 . 2010-09-10 17:17 684032 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\JP2KLib.dll + 2010-09-22 19:41 . 2010-09-22 19:41 542168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\AdobeCollabSync.exe + 2010-09-20 22:07 . 2010-09-20 22:07 932288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\adobearm.exe + 2010-09-23 03:47 . 2010-09-23 03:47 349616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\AcroRd32.exe + 2010-09-22 17:04 . 2010-09-22 17:04 660912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\AcroPDF.dll + 2010-09-22 18:39 . 2010-09-22 18:39 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\acrobroker.exe + 2010-09-20 22:07 . 2010-09-20 22:07 338856 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\acrobatupdater.exe + 2010-09-22 17:50 . 2010-09-22 17:50 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\a3dutility.exe + 2011-06-07 00:09 . 2009-03-08 02:34 914944 c:\windows\ie8updates\KB982381-IE8\wininet.dll + 2011-06-07 00:09 . 2010-02-22 14:29 401272 c:\windows\ie8updates\KB982381-IE8\updspapi.dll + 2011-06-07 00:09 . 2009-05-26 11:41 765304 c:\windows\ie8updates\KB982381-IE8\update.exe + 2011-06-07 00:09 . 2010-02-22 14:29 401272 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll + 2011-06-07 00:09 . 2008-07-08 13:07 234872 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe + 2011-06-07 00:09 . 2008-07-08 13:07 234872 c:\windows\ie8updates\KB982381-IE8\spuninst.exe + 2011-06-07 00:09 . 2009-03-08 02:34 109568 c:\windows\ie8updates\KB982381-IE8\occache.dll + 2011-06-07 00:09 . 2009-03-08 02:32 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll + 2011-06-07 00:09 . 2009-03-08 02:32 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll + 2011-06-07 00:09 . 2009-03-08 02:33 246784 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll + 2011-06-07 00:09 . 2009-03-08 02:31 183808 c:\windows\ie8updates\KB982381-IE8\iepeers.dll + 2011-06-07 00:09 . 2009-03-08 02:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll + 2011-06-07 00:09 . 2009-03-08 12:09 391536 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll + 2011-06-07 00:09 . 2009-03-08 02:32 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe + 2011-06-07 00:09 . 2009-03-08 02:33 420352 c:\windows\ie8updates\KB981332-IE8\vbscript.dll + 2011-06-07 00:09 . 2009-05-26 11:41 401272 c:\windows\ie8updates\KB981332-IE8\updspapi.dll + 2011-06-07 00:09 . 2009-05-26 11:41 765304 c:\windows\ie8updates\KB981332-IE8\update.exe + 2011-06-07 00:09 . 2009-05-26 11:41 401272 c:\windows\ie8updates\KB981332-IE8\spuninst\updspapi.dll + 2011-06-07 00:09 . 2009-05-26 11:41 234872 c:\windows\ie8updates\KB981332-IE8\spuninst\spuninst.exe + 2011-06-07 00:09 . 2009-05-26 11:41 234872 c:\windows\ie8updates\KB981332-IE8\spuninst.exe + 2011-06-07 00:10 . 2008-07-08 13:07 401272 c:\windows\ie8updates\KB976662-IE8\updspapi.dll + 2011-06-07 00:10 . 2008-07-08 13:07 765304 c:\windows\ie8updates\KB976662-IE8\update.exe + 2011-06-07 00:10 . 2008-07-08 13:07 401272 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll + 2011-06-07 00:10 . 2008-07-08 13:07 234872 c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe + 2011-06-07 00:10 . 2008-07-08 13:07 234872 c:\windows\ie8updates\KB976662-IE8\spuninst.exe + 2011-06-07 00:10 . 2009-06-22 06:48 726528 c:\windows\ie8updates\KB976662-IE8\jscript.dll + 2011-06-07 00:09 . 2008-07-08 13:07 401272 c:\windows\ie8updates\KB971961-IE8\updspapi.dll + 2011-06-07 00:09 . 2008-07-08 13:07 765304 c:\windows\ie8updates\KB971961-IE8\update.exe + 2011-06-07 00:09 . 2008-07-08 13:07 401272 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll + 2011-06-07 00:09 . 2008-07-08 13:07 234872 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe + 2011-06-07 00:09 . 2008-07-08 13:07 234872 c:\windows\ie8updates\KB971961-IE8\spuninst.exe + 2011-06-07 00:09 . 2009-03-08 02:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll - 2010-04-14 08:26 . 2010-04-14 08:26 1837296 c:\windows\system32\WUDFUpdate_01009.dll + 2011-01-03 11:05 . 2011-01-03 11:05 1837296 c:\windows\system32\WUDFUpdate_01009.dll + 2005-09-02 01:05 . 2010-05-06 10:37 1209344 c:\windows\system32\urlmon.dll - 2007-06-22 10:49 . 2006-07-24 09:20 1052672 c:\windows\system32\stlang.dll + 2011-08-08 18:58 . 2006-03-20 18:54 1052672 c:\windows\system32\stlang.dll + 2007-07-21 08:33 . 2005-06-04 14:31 1705467 c:\windows\system32\spool\drivers\w32x86\brotherdcp_115c3509\brio05a.dll - 2007-07-21 08:33 . 2005-04-28 17:40 1705467 c:\windows\system32\spool\drivers\w32x86\brotherdcp_115c3509\brio05a.dll + 2011-08-06 07:06 . 2006-07-24 09:20 1156648 c:\windows\system32\ReinstallBackups\0016\DriverFiles\sthda.sys + 2005-09-02 01:05 . 2010-05-06 10:37 5950976 c:\windows\system32\mshtml.dll + 2009-07-18 03:21 . 2011-10-25 16:19 8522400 c:\windows\system32\Macromed\Flash\NPSWF32.dll + 2009-03-08 02:32 . 2010-05-06 10:36 1985536 c:\windows\system32\iertutil.dll + 2011-07-30 07:05 . 2011-01-03 11:05 1837296 c:\windows\system32\DRVSTORE\pccswpddri_58E92219CA3FF6890A1AA097BB664B7DC817D147\WUDFUpdate_01009.dll + 2011-07-30 07:04 . 2011-05-18 08:09 1461992 c:\windows\system32\DRVSTORE\ccdcmb_8DD24D1409E3E5A28AF250E6C12966A02CC4D11B\wdfcoinstaller01009.dll + 2011-08-08 18:58 . 2006-03-20 14:06 1156648 c:\windows\system32\drivers\sthda.sys - 2007-06-22 10:28 . 2006-07-24 09:20 1156648 c:\windows\system32\drivers\sthda.sys + 2007-06-22 10:54 . 2006-01-04 13:41 1389056 c:\windows\system32\drivers\monfilt.sys - 2007-06-22 10:54 . 2006-01-03 23:41 1389056 c:\windows\system32\drivers\monfilt.sys + 2007-06-22 10:45 . 2010-05-06 10:37 1209344 c:\windows\system32\dllcache\urlmon.dll + 2007-01-04 05:05 . 2010-05-06 10:37 5950976 c:\windows\system32\dllcache\mshtml.dll + 2011-08-10 15:43 . 2011-08-10 15:43 3795968 c:\windows\Installer\ecedc2b.msp + 2011-09-06 19:48 . 2011-09-06 19:48 8181248 c:\windows\Installer\ecedc23.msp + 2011-07-27 05:39 . 2011-07-27 05:39 9892352 c:\windows\Installer\ecedc1b.msp + 2011-07-30 07:06 . 2011-07-30 07:06 3891712 c:\windows\Installer\b26e11.msi + 2011-10-26 05:46 . 2011-10-26 05:46 1611776 c:\windows\Installer\86cf4bf.msi + 2011-10-14 08:49 . 2011-10-14 08:49 3504640 c:\windows\Installer\8576c.msi + 2011-04-29 10:28 . 2011-04-29 10:28 1995264 c:\windows\Installer\84d79a2.msp + 2010-08-13 16:02 . 2010-08-13 16:02 2545664 c:\windows\Installer\84d799a.msp + 2011-04-29 10:33 . 2011-04-29 10:33 8173568 c:\windows\Installer\84d7992.msp + 2011-03-17 18:01 . 2011-03-17 18:01 9563648 c:\windows\Installer\84d798a.msp + 2010-08-04 13:12 . 2010-08-04 13:12 1004544 c:\windows\Installer\84d7982.msp + 2011-04-29 10:30 . 2011-04-29 10:30 1197056 c:\windows\Installer\84d797b.msp + 2011-08-06 07:05 . 2011-08-06 07:05 8367104 c:\windows\Installer\5b33de.msi + 2011-09-07 23:36 . 2011-09-07 23:36 6069248 c:\windows\Installer\45c49.msp + 2011-04-28 10:23 . 2011-04-28 10:23 9607680 c:\windows\Installer\45262.msp + 2011-09-01 16:45 . 2011-09-01 16:45 1241088 c:\windows\Installer\44dd453.msi + 2011-11-05 09:55 . 2011-11-05 09:55 1094656 c:\windows\Installer\3c0b4bf.msi + 2010-09-22 17:05 . 2010-09-22 17:05 2405784 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\rt3d.dll + 2010-06-19 16:51 . 2010-06-19 16:51 5713920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\AGM.dll + 2009-08-19 16:04 . 2009-08-19 16:04 4542296 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\WRD12CNV.DLL + 2009-08-17 13:32 . 2009-08-17 13:32 1787728 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\PPCNV.DLL + 2009-08-17 15:38 . 2009-08-17 15:38 8554872 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\OARTCONV.DLL + 2011-06-07 00:09 . 2009-03-08 02:34 1206784 c:\windows\ie8updates\KB982381-IE8\urlmon.dll + 2011-06-07 00:09 . 2009-03-08 02:41 5937152 c:\windows\ie8updates\KB982381-IE8\mshtml.dll + 2011-06-07 00:09 . 2009-03-08 02:32 1985024 c:\windows\ie8updates\KB982381-IE8\iertutil.dll + 2009-10-03 04:41 . 2011-09-14 11:29 46249416 c:\windows\system32\MRT.exe + 2009-03-08 02:39 . 2010-05-06 10:36 11076096 c:\windows\system32\ieframe.dll + 2011-09-12 19:54 . 2011-09-12 19:54 20333056 c:\windows\Installer\6501e3c.msp + 2011-04-27 17:21 . 2011-04-27 17:21 17515520 c:\windows\Installer\45275.msp + 2011-01-31 10:45 . 2011-01-31 10:45 11135488 c:\windows\Installer\2c8e1.msp + 2011-06-08 04:39 . 2011-06-08 04:39 19798016 c:\windows\Installer\2c8e0.msp + 2010-09-23 02:03 . 2010-09-23 02:03 20460984 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73401B7449A0400000010\9.4.0\AcroRd32.dll + 2009-08-17 15:39 . 2009-08-17 15:39 15119720 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\XL12CNV.EXE + 2009-08-17 14:40 . 2009-08-17 14:40 17309040 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\MSO.DLL + 2011-06-07 00:09 . 2009-03-08 02:39 11063808 c:\windows\ie8updates\KB982381-IE8\ieframe.dll . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2010-04-16 3872080] "NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-07-21 966712] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Logitech BT Wizard"="LBTWiz.exe -silent" [X] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-12-20 28160] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-18 57393] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-18 40960] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-02-07 71216] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 54832] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-09-02 110592] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2006-09-11 229952] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624] "SetDefPrt"="c:\program files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 49152] "ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2005-07-19 933888] "ISUSPM Startup"="c:\progra~1\common~1\instal~1\update~1\isuspm.exe" [2004-07-27 221184] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-09-10 2338656] "SigmatelSysTrayApp"="stsystra.exe" [2006-03-20 282624] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-09-02 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] Statusvenster.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [2010-2-6 802816] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2006-04-27 09:30 53248 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWlgn.DLL . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"= "c:\\Program Files\\DrayTek Router Tools V3.7\\SyslogRd.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Spotify\\spotify.exe"= "c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"= "c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\AVG\\AVG10\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "110:TCP"= 110:TCP:svchost . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22-02-2011 7:13 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16-03-2011 15:03 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [07-01-2011 5:41 248656] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [04-04-2011 23:59 297168] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [08-02-2011 4:33 269520] R2 NetProbe;NetProbe Packet Driver;c:\windows\system32\drivers\NetProbe.sys [06-03-2008 13:10 5365] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14-04-2011 20:28 134480] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10-02-2011 6:53 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10-02-2011 6:53 27216] R3 AVMNgBasM779;AVerMedia M779 Base Driver;c:\windows\system32\drivers\AVerBas.sys [22-06-2007 11:28 49152] R3 AVMNgCapM779;AVerMedia M779 Audio/Video Capture Driver;c:\windows\system32\drivers\AVerCap.sys [22-06-2007 11:28 219392] R3 AVMNgTunM779;AVerMedia M779 TVTuner Driver;c:\windows\system32\drivers\AVerTun.sys [22-06-2007 11:28 147456] R3 xcpip;Stuurprogramma voor TCP/IP-protocol;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?] R3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [18-08-2011 0:33 7390560] S3 arusb(TP-LINK);Atheros Wireless Network Adapter Service(TP-LINK);c:\windows\system32\drivers\arusb.sys [30-10-2010 11:40 458240] S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MBAMSWISSARMY . Inhoud van de 'Gedeelde Taken' map . 2011-11-09 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 12:21] . 2011-11-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2046336143-3254812235-588441659-1008Core.job - c:\documents and settings\Ernestine tijdelijk\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-09-01 19:16] . 2011-11-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2046336143-3254812235-588441659-1008UA.job - c:\documents and settings\Ernestine tijdelijk\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-09-01 19:16] . . ------- Bijkomende Scan ------- . IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000 IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm Trusted Zone: ing.nl TCP: DhcpNameServer = 10.2.1.70 FF - ProfilePath - c:\documents and settings\Igor Franken\Application Data\Mozilla\Firefox\Profiles\erg9tg3o.default\ . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-SetDefaultMIDI - MIDIDef.exe AddRemove-Aangifte inkomstenbelasting 2010 - g:\belastingdienst\Aangifte inkomstenbelasting\2010\ib2010u.exe AddRemove-Aangifte vennootschapsbelasting 2010 - c:\documents and settings\Ernest\Bureaublad\3 Stukken Belasting\2010\vb2010u.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-11-12 12:06 Windows 5.1.2600 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(908) c:\program files\common files\logitech\bluetooth\LBTWlgn.dll c:\program files\common files\logitech\bluetooth\LBTServ.dll . Voltooingstijd: 2011-11-12 12:09:14 ComboFix-quarantined-files.txt 2011-11-12 11:09 ComboFix2.txt 2011-05-28 08:06 . Pre-Run: 203.105.329.152 bytes beschikbaar Post-Run: 203.998.605.312 bytes beschikbaar . - - End Of File - - 33773CAE96D69AE87810737D93CA133C
-
Ik kreeg geen mail dat er een nieuwe post was, dus zie ik nu pas dit bericht, excuses! Dit kwam er uit Malwarebytes: Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Databaseversie: 8144 Windows 5.1.2600 Service Pack 2 Internet Explorer 8.0.6001.18702 12-11-2011 7:38:59 mbam-log-2011-11-12 (07-38-59).txt Scantype: Snelle scan Objecten gescand: 235791 Verstreken tijd: 15 minuut/minuten, 35 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 3 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) en dit daarna uit Hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 07:40:33, on 12-11-2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG10\avgchsvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG10\avgwdsvc.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Program Files\AVG\AVG10\avgnsx.exe C:\Program Files\AVG\AVG10\avgemcx.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\WINDOWS\system32\dllhost.exe C:\PROGRA~1\AVG\AVG10\avgrsx.exe C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\SetPoint\LBTWiz.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Brother\ControlCenter2\brctrcen.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\WINDOWS\stsystra.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\bsplmf01.exe C:\WINDOWS\system32\bsplmf01.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.nl/ig/dell?hl=nl&client=dell-row&channel=nl&ibd=6070622 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [setDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun O4 - HKLM\..\Run: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil11c_Plugin.exe -update plugin O4 - HKUS\S-1-5-21-2046336143-3254812235-588441659-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Ernestine tijdelijk') O4 - HKUS\S-1-5-21-2046336143-3254812235-588441659-1008\..\Run: [setDefaultMIDI] MIDIDef.exe (User 'Ernestine tijdelijk') O4 - HKUS\S-1-5-21-2046336143-3254812235-588441659-1008\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe" /SCB (User 'Ernestine tijdelijk') O4 - HKUS\S-1-5-21-2046336143-3254812235-588441659-1008\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Ernestine tijdelijk') O4 - HKUS\S-1-5-21-2046336143-3254812235-588441659-1008\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (User 'Ernestine tijdelijk') O4 - HKUS\S-1-5-21-2046336143-3254812235-588441659-1008\..\Run: [Google Update] "C:\Documents and Settings\Ernestine tijdelijk\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (User 'Ernestine tijdelijk') O4 - HKUS\S-1-5-21-2046336143-3254812235-588441659-1008\..\Run: [ChromeFrameHelper] "C:\Documents and Settings\Ernestine tijdelijk\Local Settings\Application Data\Google\Chrome\Application\15.0.874.120\chrome_frame_helper.exe" --startup (User 'Ernestine tijdelijk') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Statusvenster.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 12114 bytes Ik hoor graag wat er aan de hand is...
-
Het logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:59:21, on 05-11-2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG10\avgchsvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG10\avgwdsvc.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG10\avgnsx.exe C:\Program Files\AVG\AVG10\avgemcx.exe C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\dllhost.exe C:\PROGRA~1\AVG\AVG10\avgrsx.exe C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\SetPoint\LBTWiz.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Brother\ControlCenter2\brctrcen.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\WINDOWS\stsystra.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Microsoft Office\Office10\EXCEL.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.nl/ig/dell?hl=nl&client=dell-row&channel=nl&ibd=6070622 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [setDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun O4 - HKLM\..\Run: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Statusvenster.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 10787 bytes
-
Ik krijg bij de verschillende (3) gebruikers van deze PC een zee aan tracking cookies bij bijna elke pagina die ik open. Voorbeelden: atdmt, zedo, weborama, serving-sys, adbrite, 2o7, revsci, en ga zo maar door... Wie kan me helpen dit allemaal weg te krijgen?? Daarnaast ben ik door mn provider afgesloten met de melding dat ik last heb van Netbot mebroot/torpig. Weet iemand of ik in de router dit kan tegenhouden?? Bij voorbaat dank voor de hulp!!
-
Generic Host Process for Win32 Services probleem!!
igorfranken reageerde op igorfranken's topic in Archief Windows Algemeen
Ok, dus niet gerelateerd aan dit probleem, maar trad toevallig op net toen ik met DrWeb bezig was? Ik moet nog grondiger testen, maar hij werkte al een half uur zonder melding! Is die Backdoor.Tdss een bekende met deze verschijnselen? -
Generic Host Process for Win32 Services probleem!!
igorfranken reageerde op igorfranken's topic in Archief Windows Algemeen
Ik heb die DrWeb toch aan de praat gekregen (oudere versie?). Na de snelle scan kwam hij met twee infecties van BackDoor.Tdss (565 en 4005) in Svchost en in de MBR. Beide zijn verwijderd. Een log kon ik niet vinden. Moet ik nu nog een andere scan uitvoeren? ---------- Post toegevoegd om 11:53 ---------- Vorige post was om 11:48 ---------- Waarden van de blue screen: bug check string: KERNEL_MODE_EXCEPTION_NOT_HANDLED bug check code: 0x1000008e caused by driver: iaStor.sys Zie ook mn andere reactie dat in tweede instantie DrWeb wel werkte: als ik een niveau hoger kijk zie ik de Launch.exe staan in dezelfde directory als DrWebCureIt.exe gedateerd op de dag van vandaag? is hier niet iets raars gaande? geinfecteerde link ofzo? -
Generic Host Process for Win32 Services probleem!!
igorfranken reageerde op igorfranken's topic in Archief Windows Algemeen
Als ik de launch.exe opstart dan krijg ik blauwe schermen en ik ben nu pas weer terug na systeemherstel... hoe kan dat ineens? -
Generic Host Process for Win32 Services probleem!!
igorfranken reageerde op igorfranken's topic in Archief Windows Algemeen
Ik houd het in de gaten! Mag ik AVG wel weer terug installeren? anders ben ik zo onbeschermd... Dank alvast! ---------- Post toegevoegd om 12:20 ---------- Vorige post was om 12:16 ---------- He shit, net vijf minuten later... weer de melding! En nu? Hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:20:31, on 28-05-2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\stsystra.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\SetPoint\LBTWiz.exe C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Creative\VoiceCenter\AndreaVC.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\DOCUME~1\IGORFR~1\LOCALS~1\Temp\clclean.0001 C:\Program Files\QuickTime\qttask.exe C:\Program Files\Brother\ControlCenter2\brctrcen.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\system32\cmd.exe C:\Documents and Settings\Igor Franken\Local Settings\Temporary Internet Files\Content.IE5\KRU09J9B\avg_free_stb_eu_2011_1375_free[1].exe C:\DOCUME~1\IGORFR~1\LOCALS~1\Temp\7zS51.tmp\avgmfapx.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\system32\MsiExec.exe C:\WINDOWS\system32\dwwin.exe C:\Documents and Settings\Igor Franken\Bureaublad\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.nl/ig/dell?hl=nl&client=dell-row&channel=nl&ibd=6070622 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [setDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun O4 - HKLM\..\Run: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Statusvenster.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 9889 bytes
