traag, trager, traagst

amosa · 27 februari 2010

Hallo, ja ik heb een tijdje mijn plan kunnen trekken, nu is opeens alles heel traag, de muis reageert traag, of zelfs helemaal niet, afsluiten gaat moeilijk, kortom het gaat allemaal niet meer hoe het zou moeten.

heb al een logje bijgevoegd.

Logfile of Trend Micro HijackThis v2.0.3 (BETA)

Scan saved at 15:40:49, on 27/02/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16981)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Microsoft Security Essentials\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\brsvc01a.exe

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Microsoft Security Essentials\msseces.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [AzMixerSel] "C:\Program Files\Realtek\InstallShield\AzMixerSel.exe"

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\RunOnce: [KB976002-v5] C:\WINDOWS\system32\browserchoice.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://belgacom.extrafilm.be/ImageUploader5.cab

O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://download.autodesk.com/esd/mapguide/SP1/ENG/mgaxctrl.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1254927666234

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {DAF94F73-2AA6-44D8-A562-A28831820D34} (Pixum EasyUploadX Control) - http://nl.pixum.be/apps/EasyUploadX.cab

O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - https://asp.photoprintit.de/microsite/1386/defaults/activex/ImageUploader3.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--

End of file - 9345 bytes

stegisoft · 27 februari 2010

Ik heb in de juiste rubriek geplaatst.

kape · 27 februari 2010

Download Combofix naar je Bureaublad.

Lees hier meer over correct gebruik van Combofix.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.

Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

Dubbelklik op Combofix.exe om het te starten.
Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
Volg de instructies, aanvaard de disclaimer door op Ja te klikken.
Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster (enkel voor XP, niet voor VISTA).
Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
Klik na afloop terug op Ja om het scannen op malware te starten.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Post dit logje in je volgende antwoord.

amosa · 28 februari 2010

ComboFix 10-02-27.04 - Paula 28/02/2010 18:03:43.2.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.502.278 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Paula\Bureaublad\ComboFix.exe

AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\Internet Explorer\SET8D.tmp

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-01-28 to 2010-02-28 ))))))))))))))))))))))))))))))

.

2010-02-26 17:52 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe

2010-02-20 18:19 . 2010-02-20 18:19 -------- d-----w- c:\documents and settings\Paula\Local Settings\Application Data\kompozer.net

2010-02-20 18:19 . 2010-02-20 18:19 -------- d-----w- c:\documents and settings\Paula\Application Data\kompozer.net

2010-02-20 18:11 . 2010-02-20 18:11 -------- d-----w- c:\documents and settings\Paula\Application Data\KompoZer

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-02-24 08:16 . 2009-10-07 14:37 181632 ------w- c:\windows\system32\MpSigStub.exe

2010-02-21 15:20 . 2009-04-17 14:38 -------- d-----w- c:\program files\ZooEasy v8

2010-02-13 15:49 . 2008-04-13 14:52 664 ----a-w- c:\windows\system32\d3d9caps.dat

2010-02-09 19:52 . 2008-02-22 13:09 -------- d-----w- c:\program files\Google

2010-02-01 17:57 . 2009-07-29 19:16 -------- d-----w- c:\documents and settings\All Users\Application Data\CanonIJPLM

2010-02-01 06:48 . 2008-01-17 18:56 54576 ----a-w- c:\documents and settings\Paula\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2010-01-26 14:56 . 2008-01-21 18:22 -------- d-----w- c:\program files\Common Files\Adobe

2010-01-20 17:32 . 2009-01-30 18:28 -------- d-----w- c:\program files\Microsoft Silverlight

2010-01-17 13:37 . 2008-03-17 19:37 -------- d-----w- c:\documents and settings\Paula\Application Data\CyberLink

2010-01-17 13:37 . 2010-01-17 13:37 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink

2010-01-17 13:33 . 2008-03-17 19:29 -------- d-----w- c:\program files\CyberLink

2010-01-17 13:32 . 2008-01-15 20:19 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-01-15 19:07 . 2010-01-15 19:06 -------- d-----w- c:\program files\Microsoft Security Essentials

2010-01-15 13:26 . 2010-01-15 13:26 -------- d-----w- c:\program files\CCleaner

2010-01-15 13:24 . 2009-11-18 14:44 -------- d-----w- c:\program files\LimeWire

2010-01-15 13:24 . 2010-01-10 18:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-01-15 12:21 . 2006-03-02 12:00 542400 ----a-w- c:\windows\system32\perfh013.dat

2010-01-15 12:21 . 2006-03-02 12:00 103678 ----a-w- c:\windows\system32\perfc013.dat

2010-01-12 21:36 . 2010-01-12 21:36 388096 ----a-r- c:\documents and settings\Paula\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe

2010-01-10 18:39 . 2010-01-10 18:39 -------- d-----w- c:\program files\TrendMicro

2010-01-07 15:07 . 2009-12-26 21:38 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-01-07 15:07 . 2009-12-26 21:38 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-01-05 09:59 . 2006-03-02 12:00 832512 ----a-w- c:\windows\system32\wininet.dll

2010-01-05 09:59 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll

2010-01-05 09:59 . 2006-03-02 12:00 17408 ------w- c:\windows\system32\corpol.dll

2010-01-01 14:38 . 2008-03-08 20:54 -------- d-----w- c:\documents and settings\Paula\Application Data\LimeWire

2009-12-31 16:50 . 2006-03-02 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys

2009-12-17 07:42 . 2008-01-15 20:06 345600 ----a-w- c:\windows\system32\mspaint.exe

2009-12-14 07:10 . 2006-03-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll

2009-12-09 10:11 . 2006-03-02 12:00 2149888 ------w- c:\windows\system32\ntoskrnl.exe

2009-12-09 10:11 . 2004-08-04 00:58 2028544 ------w- c:\windows\system32\ntkrnlpa.exe

2009-12-04 18:22 . 2006-03-02 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2009-11-11 15:40 . 2009-11-11 15:40 14290 ----a-w- c:\program files\settings.dat

.

((((((((((((((((((((((((((((( SnapShot@2010-01-15_18.51.16 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-02-28 16:37 . 2010-02-28 16:37 16384 c:\windows\Temp\Perflib_Perfdata_760.dat

+ 2007-11-13 11:31 . 2010-01-23 08:11 46080 c:\windows\system32\tzchange.exe

- 2007-11-13 11:31 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe

+ 2006-03-02 12:00 . 2010-01-05 09:59 44544 c:\windows\system32\pngfilt.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 44544 c:\windows\system32\pngfilt.dll

+ 2004-08-04 01:03 . 2009-11-27 17:14 17920 c:\windows\system32\msyuv.dll

+ 2006-03-02 12:00 . 2009-11-27 16:10 28672 c:\windows\system32\msvidc32.dll

+ 2006-03-02 12:00 . 2009-11-27 16:10 11264 c:\windows\system32\msrle32.dll

- 2006-03-02 12:00 . 2008-04-14 17:02 11264 c:\windows\system32\msrle32.dll

+ 2007-08-13 17:54 . 2010-01-05 09:59 52224 c:\windows\system32\msfeedsbs.dll

- 2007-08-13 17:54 . 2009-10-29 07:46 52224 c:\windows\system32\msfeedsbs.dll

- 2008-01-15 20:57 . 2009-12-17 16:47 84507 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe

+ 2008-01-15 20:57 . 2010-02-16 21:44 84507 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe

- 2006-03-02 12:00 . 2009-10-29 07:46 27648 c:\windows\system32\jsproxy.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 27648 c:\windows\system32\jsproxy.dll

+ 2004-08-04 01:03 . 2009-11-27 16:10 48128 c:\windows\system32\iyuv_32.dll

+ 2007-08-13 17:39 . 2009-12-31 15:34 13824 c:\windows\system32\ieudinit.exe

- 2007-08-13 17:39 . 2009-10-28 14:38 13824 c:\windows\system32\ieudinit.exe

- 2006-03-02 12:00 . 2009-10-29 07:46 44544 c:\windows\system32\iernonce.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 44544 c:\windows\system32\iernonce.dll

- 2006-03-02 12:00 . 2009-10-28 14:38 70656 c:\windows\system32\ie4uinit.exe

+ 2006-03-02 12:00 . 2009-12-31 15:34 70656 c:\windows\system32\ie4uinit.exe

+ 2007-08-13 17:36 . 2010-01-05 09:59 63488 c:\windows\system32\icardie.dll

- 2007-08-13 17:36 . 2009-10-29 07:46 63488 c:\windows\system32\icardie.dll

+ 2008-01-15 20:09 . 2008-04-14 17:02 58434 c:\windows\system32\dllcache\srchctls.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 44544 c:\windows\system32\dllcache\pngfilt.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 44544 c:\windows\system32\dllcache\pngfilt.dll

+ 2009-11-27 17:14 . 2009-11-27 17:14 17920 c:\windows\system32\dllcache\msyuv.dll

+ 2006-03-02 12:00 . 2009-11-27 16:10 28672 c:\windows\system32\dllcache\msvidc32.dll

+ 2009-11-27 16:10 . 2009-11-27 16:10 11264 c:\windows\system32\dllcache\msrle32.dll

+ 2008-01-16 16:49 . 2010-01-05 09:59 52224 c:\windows\system32\dllcache\msfeedsbs.dll

- 2008-01-16 16:49 . 2009-10-29 07:46 52224 c:\windows\system32\dllcache\msfeedsbs.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 27648 c:\windows\system32\dllcache\jsproxy.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 27648 c:\windows\system32\dllcache\jsproxy.dll

+ 2009-11-27 16:10 . 2009-11-27 16:10 48128 c:\windows\system32\dllcache\iyuv_32.dll

+ 2008-01-16 16:49 . 2009-12-31 15:34 13824 c:\windows\system32\dllcache\ieudinit.exe

- 2008-01-16 16:49 . 2009-10-28 14:38 13824 c:\windows\system32\dllcache\ieudinit.exe

+ 2006-03-02 12:00 . 2010-01-05 09:59 44544 c:\windows\system32\dllcache\iernonce.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 44544 c:\windows\system32\dllcache\iernonce.dll

+ 2009-02-20 17:18 . 2010-01-05 09:59 78336 c:\windows\system32\dllcache\ieencode.dll

- 2009-02-20 17:18 . 2009-10-29 07:46 78336 c:\windows\system32\dllcache\ieencode.dll

+ 2006-03-02 12:00 . 2009-12-31 15:34 70656 c:\windows\system32\dllcache\ie4uinit.exe

- 2006-03-02 12:00 . 2009-10-28 14:38 70656 c:\windows\system32\dllcache\ie4uinit.exe

- 2008-01-16 16:49 . 2009-10-29 07:46 63488 c:\windows\system32\dllcache\icardie.dll

+ 2008-01-16 16:49 . 2010-01-05 09:59 63488 c:\windows\system32\dllcache\icardie.dll

+ 2009-12-14 07:10 . 2009-12-14 07:10 33280 c:\windows\system32\dllcache\csrsrv.dll

+ 2009-06-29 16:01 . 2010-01-05 09:59 17408 c:\windows\system32\dllcache\corpol.dll

- 2009-06-29 16:01 . 2009-10-29 07:46 17408 c:\windows\system32\dllcache\corpol.dll

- 2009-06-10 14:16 . 2009-06-10 14:16 85504 c:\windows\system32\dllcache\avifil32.dll

+ 2009-06-10 14:16 . 2009-11-27 16:10 85504 c:\windows\system32\dllcache\avifil32.dll

- 2006-03-02 12:00 . 2009-06-10 14:16 85504 c:\windows\system32\avifil32.dll

+ 2006-03-02 12:00 . 2009-11-27 16:10 85504 c:\windows\system32\avifil32.dll

+ 2010-02-26 20:38 . 2010-02-26 20:38 22528 c:\windows\Installer\339e50.msi

+ 2010-01-15 19:07 . 2010-01-15 19:07 47104 c:\windows\Installer\2e21cc.msi

- 2008-01-16 11:22 . 2010-01-15 13:59 23040 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\unbndico.exe

+ 2008-01-16 11:22 . 2010-02-10 19:46 23040 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\unbndico.exe

+ 2008-01-16 11:22 . 2010-02-10 19:46 61440 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pubs.exe

- 2008-01-16 11:22 . 2010-01-15 13:59 61440 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pubs.exe

+ 2008-01-16 11:22 . 2010-02-10 19:46 27136 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\oisicon.exe

- 2008-01-16 11:22 . 2010-01-15 13:59 27136 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\oisicon.exe

- 2008-01-16 11:22 . 2010-01-15 13:59 11264 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\mspicons.exe

+ 2008-01-16 11:22 . 2010-02-10 19:46 11264 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\mspicons.exe

+ 2008-01-16 11:22 . 2010-02-10 19:46 86016 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\inficon.exe

- 2008-01-16 11:22 . 2010-01-15 13:59 86016 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\inficon.exe

+ 2008-01-16 11:22 . 2010-02-10 19:46 12288 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\cagicon.exe

- 2008-01-16 11:22 . 2010-01-15 13:59 12288 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\cagicon.exe

+ 2010-01-17 13:34 . 2010-01-17 13:34 10134 c:\windows\Installer\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\ARPPRODUCTICON.exe

+ 2010-02-09 19:51 . 2010-02-09 19:51 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe

+ 2010-02-09 19:51 . 2010-02-09 19:51 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe

+ 2010-02-09 19:51 . 2010-02-09 19:51 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe

+ 2010-02-09 19:51 . 2010-02-09 19:51 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe

+ 2010-02-09 19:51 . 2010-02-09 19:51 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe

+ 2010-02-09 19:51 . 2010-02-09 19:51 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe

+ 2010-02-09 19:51 . 2010-02-09 19:51 25214 c:\windows\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\ARPPRODUCTICON.exe

+ 2010-01-27 18:47 . 2009-10-29 07:46 44544 c:\windows\ie7updates\KB978207-IE7\pngfilt.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 52224 c:\windows\ie7updates\KB978207-IE7\msfeedsbs.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 27648 c:\windows\ie7updates\KB978207-IE7\jsproxy.dll

+ 2010-01-27 18:47 . 2009-10-28 14:38 13824 c:\windows\ie7updates\KB978207-IE7\ieudinit.exe

+ 2010-01-27 18:47 . 2009-10-29 07:46 44544 c:\windows\ie7updates\KB978207-IE7\iernonce.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 78336 c:\windows\ie7updates\KB978207-IE7\ieencode.dll

+ 2010-01-27 18:47 . 2009-10-28 14:38 70656 c:\windows\ie7updates\KB978207-IE7\ie4uinit.exe

+ 2010-01-27 18:47 . 2009-10-29 07:46 63488 c:\windows\ie7updates\KB978207-IE7\icardie.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 17408 c:\windows\ie7updates\KB978207-IE7\corpol.dll

+ 2009-11-27 17:14 . 2009-11-27 17:14 17920 c:\windows\Driver Cache\i386\msyuv.dll

+ 2009-11-27 16:10 . 2009-11-27 16:10 48128 c:\windows\Driver Cache\i386\iyuv_32.dll

+ 2010-01-27 18:47 . 2009-05-26 11:41 26488 c:\windows\$hf_mig$\KB978207-IE7\update\spcustom.dll

+ 2010-01-27 18:47 . 2009-05-26 11:41 18808 c:\windows\$hf_mig$\KB978207-IE7\spmsg.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 44544 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\pngfilt.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 52224 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\msfeedsbs.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 27648 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\jsproxy.dll

+ 2010-01-01 06:58 . 2010-01-01 06:58 13824 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieudinit.exe

+ 2010-01-05 09:49 . 2010-01-05 09:49 44544 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iernonce.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 78336 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieencode.dll

+ 2010-01-01 06:58 . 2010-01-01 06:58 70656 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ie4uinit.exe

+ 2010-01-05 09:49 . 2010-01-05 09:49 63488 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\icardie.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 17408 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\corpol.dll

+ 2001-09-06 21:27 . 2009-11-27 16:10 8704 c:\windows\system32\tsbyuv.dll

+ 2009-11-27 16:10 . 2009-11-27 16:10 8704 c:\windows\system32\dllcache\tsbyuv.dll

+ 2008-01-16 11:22 . 2010-02-10 19:46 4096 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\opwicon.exe

- 2008-01-16 11:22 . 2010-01-15 13:59 4096 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\opwicon.exe

+ 2009-11-27 16:10 . 2009-11-27 16:10 8704 c:\windows\Driver Cache\i386\tsbyuv.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 233472 c:\windows\system32\webcheck.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 233472 c:\windows\system32\webcheck.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 105984 c:\windows\system32\url.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 105984 c:\windows\system32\url.dll

+ 2006-03-02 12:00 . 2009-12-08 09:25 474624 c:\windows\system32\shlwapi.dll

- 2006-03-02 12:00 . 2008-04-14 17:02 474624 c:\windows\system32\shlwapi.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 102912 c:\windows\system32\occache.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 102912 c:\windows\system32\occache.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 671232 c:\windows\system32\mstime.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 671232 c:\windows\system32\mstime.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 193024 c:\windows\system32\msrating.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 193024 c:\windows\system32\msrating.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 477696 c:\windows\system32\mshtmled.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 477696 c:\windows\system32\mshtmled.dll

+ 2007-08-13 17:54 . 2010-01-05 09:59 459264 c:\windows\system32\msfeeds.dll

- 2007-08-13 17:54 . 2009-10-29 07:46 459264 c:\windows\system32\msfeeds.dll

+ 2010-01-27 00:58 . 2010-01-27 00:58 256280 c:\windows\system32\Macromed\Flash\FlashUtil10e.exe

+ 2007-08-13 17:34 . 2010-01-05 09:59 268288 c:\windows\system32\iertutil.dll

- 2007-08-13 17:34 . 2009-10-29 07:46 268288 c:\windows\system32\iertutil.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 192512 c:\windows\system32\iepeers.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 385024 c:\windows\system32\iedkcs32.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 385024 c:\windows\system32\iedkcs32.dll

- 2007-07-11 11:27 . 2009-10-29 07:46 380928 c:\windows\system32\ieapfltr.dll

+ 2007-07-11 11:27 . 2010-01-05 09:59 380928 c:\windows\system32\ieapfltr.dll

+ 2006-03-02 12:00 . 2009-12-18 13:04 161792 c:\windows\system32\ieakui.dll

- 2006-03-02 12:00 . 2009-10-28 06:52 161792 c:\windows\system32\ieakui.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 230400 c:\windows\system32\ieaksie.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 230400 c:\windows\system32\ieaksie.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 153088 c:\windows\system32\ieakeng.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 153088 c:\windows\system32\ieakeng.dll

+ 2008-01-15 20:57 . 2010-02-01 06:45 221632 c:\windows\system32\FNTCACHE.DAT

- 2008-01-15 20:57 . 2009-11-26 18:30 221632 c:\windows\system32\FNTCACHE.DAT

+ 2006-03-02 12:00 . 2010-01-05 09:59 133120 c:\windows\system32\extmgr.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 133120 c:\windows\system32\extmgr.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 214528 c:\windows\system32\dxtrans.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 214528 c:\windows\system32\dxtrans.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 347136 c:\windows\system32\dxtmsft.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 347136 c:\windows\system32\dxtmsft.dll

+ 2009-06-18 17:48 . 2009-06-18 17:48 142832 c:\windows\system32\drivers\MpFilter.sys

+ 2006-03-02 12:00 . 2010-01-05 09:59 832512 c:\windows\system32\dllcache\wininet.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 832512 c:\windows\system32\dllcache\wininet.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 233472 c:\windows\system32\dllcache\webcheck.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 233472 c:\windows\system32\dllcache\webcheck.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 105984 c:\windows\system32\dllcache\url.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 105984 c:\windows\system32\dllcache\url.dll

+ 2008-10-15 20:15 . 2009-12-31 16:50 353792 c:\windows\system32\dllcache\srv.sys

+ 2009-12-08 09:25 . 2009-12-08 09:25 474624 c:\windows\system32\dllcache\shlwapi.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 102912 c:\windows\system32\dllcache\occache.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 102912 c:\windows\system32\dllcache\occache.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 671232 c:\windows\system32\dllcache\mstime.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 671232 c:\windows\system32\dllcache\mstime.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 193024 c:\windows\system32\dllcache\msrating.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 193024 c:\windows\system32\dllcache\msrating.dll

+ 2009-12-17 07:42 . 2009-12-17 07:42 345600 c:\windows\system32\dllcache\mspaint.exe

+ 2006-03-02 12:00 . 2010-01-05 09:59 477696 c:\windows\system32\dllcache\mshtmled.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 477696 c:\windows\system32\dllcache\mshtmled.dll

- 2008-01-16 16:49 . 2009-10-29 07:46 459264 c:\windows\system32\dllcache\msfeeds.dll

+ 2008-01-16 16:49 . 2010-01-05 09:59 459264 c:\windows\system32\dllcache\msfeeds.dll

+ 2008-11-12 21:56 . 2009-12-04 18:22 455424 c:\windows\system32\dllcache\mrxsmb.sys

+ 2008-01-15 20:08 . 2009-12-18 13:05 634648 c:\windows\system32\dllcache\iexplore.exe

- 2008-01-16 16:49 . 2009-10-29 07:46 268288 c:\windows\system32\dllcache\iertutil.dll

+ 2008-01-16 16:49 . 2010-01-05 09:59 268288 c:\windows\system32\dllcache\iertutil.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 192512 c:\windows\system32\dllcache\iepeers.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 385024 c:\windows\system32\dllcache\iedkcs32.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 385024 c:\windows\system32\dllcache\iedkcs32.dll

+ 2008-01-16 16:49 . 2010-01-05 09:59 380928 c:\windows\system32\dllcache\ieapfltr.dll

- 2008-01-16 16:49 . 2009-10-29 07:46 380928 c:\windows\system32\dllcache\ieapfltr.dll

+ 2006-03-02 12:00 . 2009-12-18 13:04 161792 c:\windows\system32\dllcache\ieakui.dll

- 2006-03-02 12:00 . 2009-10-28 06:52 161792 c:\windows\system32\dllcache\ieakui.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 230400 c:\windows\system32\dllcache\ieaksie.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 230400 c:\windows\system32\dllcache\ieaksie.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 153088 c:\windows\system32\dllcache\ieakeng.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 153088 c:\windows\system32\dllcache\ieakeng.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 133120 c:\windows\system32\dllcache\extmgr.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 133120 c:\windows\system32\dllcache\extmgr.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 214528 c:\windows\system32\dllcache\dxtrans.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 214528 c:\windows\system32\dllcache\dxtrans.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 347136 c:\windows\system32\dllcache\dxtmsft.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 347136 c:\windows\system32\dllcache\dxtmsft.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 124928 c:\windows\system32\dllcache\advpack.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 124928 c:\windows\system32\dllcache\advpack.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 124928 c:\windows\system32\advpack.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 124928 c:\windows\system32\advpack.dll

+ 2010-01-26 14:58 . 2010-01-26 14:58 802304 c:\windows\Installer\642d7.msi

+ 2010-01-15 19:07 . 2010-01-15 19:07 259072 c:\windows\Installer\2e21c3.msi

+ 2010-01-15 19:06 . 2010-01-15 19:06 211968 c:\windows\Installer\2e21bd.msi

+ 2010-01-15 19:06 . 2010-01-15 19:06 301056 c:\windows\Installer\2e21b7.msi

+ 2010-01-26 14:58 . 2010-01-26 14:58 295606 c:\windows\Installer\{AC76BA86-7AD7-5464-3428-900000000004}\ARPPRODUCTICON.exe

+ 2008-01-16 11:22 . 2010-02-10 19:46 409600 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\xlicons.exe

- 2008-01-16 11:22 . 2010-01-15 13:59 409600 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\xlicons.exe

- 2008-01-16 11:22 . 2010-01-15 13:59 286720 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\wordicon.exe

+ 2008-01-16 11:22 . 2010-02-10 19:46 286720 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\wordicon.exe

- 2008-01-16 11:22 . 2010-01-15 13:59 249856 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pptico.exe

+ 2008-01-16 11:22 . 2010-02-10 19:46 249856 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pptico.exe

+ 2008-01-16 11:22 . 2010-02-10 19:46 794624 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\outicon.exe

- 2008-01-16 11:22 . 2010-01-15 13:59 794624 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\outicon.exe

+ 2008-01-16 11:22 . 2010-02-10 19:46 135168 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\misc.exe

- 2008-01-16 11:22 . 2010-01-15 13:59 135168 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\misc.exe

- 2008-01-16 11:22 . 2010-01-15 13:59 593920 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\accicons.exe

+ 2008-01-16 11:22 . 2010-02-10 19:46 593920 c:\windows\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\accicons.exe

+ 2010-01-27 18:47 . 2009-10-29 07:46 832512 c:\windows\ie7updates\KB978207-IE7\wininet.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 233472 c:\windows\ie7updates\KB978207-IE7\webcheck.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 105984 c:\windows\ie7updates\KB978207-IE7\url.dll

+ 2010-01-27 18:47 . 2009-05-26 11:41 401272 c:\windows\ie7updates\KB978207-IE7\spuninst\updspapi.dll

+ 2010-01-27 18:47 . 2009-05-26 11:41 234872 c:\windows\ie7updates\KB978207-IE7\spuninst\spuninst.exe

+ 2010-01-27 18:47 . 2009-10-29 07:46 102912 c:\windows\ie7updates\KB978207-IE7\occache.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 671232 c:\windows\ie7updates\KB978207-IE7\mstime.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 193024 c:\windows\ie7updates\KB978207-IE7\msrating.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 477696 c:\windows\ie7updates\KB978207-IE7\mshtmled.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 459264 c:\windows\ie7updates\KB978207-IE7\msfeeds.dll

+ 2010-01-27 18:47 . 2009-10-28 06:54 634632 c:\windows\ie7updates\KB978207-IE7\iexplore.exe

+ 2010-01-27 18:47 . 2009-10-29 07:46 268288 c:\windows\ie7updates\KB978207-IE7\iertutil.dll

+ 2010-01-27 18:47 . 2007-08-13 17:54 191488 c:\windows\ie7updates\KB978207-IE7\iepeers.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 385024 c:\windows\ie7updates\KB978207-IE7\iedkcs32.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 380928 c:\windows\ie7updates\KB978207-IE7\ieapfltr.dll

+ 2010-01-27 18:47 . 2009-10-28 06:52 161792 c:\windows\ie7updates\KB978207-IE7\ieakui.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 230400 c:\windows\ie7updates\KB978207-IE7\ieaksie.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 153088 c:\windows\ie7updates\KB978207-IE7\ieakeng.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 133120 c:\windows\ie7updates\KB978207-IE7\extmgr.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 214528 c:\windows\ie7updates\KB978207-IE7\dxtrans.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 347136 c:\windows\ie7updates\KB978207-IE7\dxtmsft.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 124928 c:\windows\ie7updates\KB978207-IE7\advpack.dll

+ 2008-11-12 21:56 . 2009-12-04 18:22 455424 c:\windows\Driver Cache\i386\mrxsmb.sys

+ 2010-01-27 18:47 . 2009-05-26 11:41 401272 c:\windows\$hf_mig$\KB978207-IE7\update\updspapi.dll

+ 2010-01-27 18:47 . 2009-05-26 11:41 765304 c:\windows\$hf_mig$\KB978207-IE7\update\update.exe

+ 2010-01-27 18:47 . 2009-05-26 11:41 234872 c:\windows\$hf_mig$\KB978207-IE7\spuninst.exe

+ 2010-01-05 09:49 . 2010-01-05 09:49 841216 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\wininet.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 233472 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\webcheck.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 105984 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\url.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 102912 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\occache.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 671232 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mstime.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 193024 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\msrating.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 477696 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtmled.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 459264 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\msfeeds.dll

+ 2009-12-18 07:00 . 2009-12-18 07:00 634632 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iexplore.exe

+ 2010-01-05 09:49 . 2010-01-05 09:49 268288 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iertutil.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 193024 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iepeers.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 388608 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\iedkcs32.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 380928 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieapfltr.dll

+ 2009-12-18 06:58 . 2009-12-18 06:58 161792 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieakui.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 230400 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieaksie.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 153088 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieakeng.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 132608 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\extmgr.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 214528 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\dxtrans.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 347136 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\dxtmsft.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 124928 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\advpack.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 1168384 c:\windows\system32\urlmon.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 1168384 c:\windows\system32\urlmon.dll

+ 2006-03-02 12:00 . 2009-11-27 17:14 1295872 c:\windows\system32\quartz.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 3599360 c:\windows\system32\mshtml.dll

- 2007-08-13 17:54 . 2009-10-29 07:46 6067200 c:\windows\system32\ieframe.dll

+ 2007-08-13 17:54 . 2010-01-05 09:59 6067200 c:\windows\system32\ieframe.dll

+ 2006-03-02 12:00 . 2010-01-05 09:59 1168384 c:\windows\system32\dllcache\urlmon.dll

- 2006-03-02 12:00 . 2009-10-29 07:46 1168384 c:\windows\system32\dllcache\urlmon.dll

+ 2008-05-07 05:12 . 2009-11-27 17:14 1295872 c:\windows\system32\dllcache\quartz.dll

- 2008-10-15 20:12 . 2009-08-04 20:59 2193536 c:\windows\system32\dllcache\ntoskrnl.exe

+ 2008-10-15 20:12 . 2009-12-09 10:11 2193536 c:\windows\system32\dllcache\ntoskrnl.exe

- 2008-10-15 20:12 . 2009-08-04 17:29 2028544 c:\windows\system32\dllcache\ntkrpamp.exe

+ 2008-10-15 20:12 . 2009-12-09 10:11 2028544 c:\windows\system32\dllcache\ntkrpamp.exe

+ 2008-10-15 20:12 . 2009-12-09 10:11 2070400 c:\windows\system32\dllcache\ntkrnlpa.exe

- 2008-10-15 20:12 . 2009-08-04 17:29 2070400 c:\windows\system32\dllcache\ntkrnlpa.exe

- 2008-10-15 20:12 . 2009-08-04 17:29 2149888 c:\windows\system32\dllcache\ntkrnlmp.exe

+ 2008-10-15 20:12 . 2009-12-09 10:11 2149888 c:\windows\system32\dllcache\ntkrnlmp.exe

+ 2006-03-02 12:00 . 2010-01-05 09:59 3599360 c:\windows\system32\dllcache\mshtml.dll

+ 2008-01-16 16:49 . 2010-01-05 09:59 6067200 c:\windows\system32\dllcache\ieframe.dll

- 2008-01-16 16:49 . 2009-10-29 07:46 6067200 c:\windows\system32\dllcache\ieframe.dll

+ 2010-01-19 16:51 . 2010-01-19 16:51 5524480 c:\windows\Installer\7b119.msp

+ 2010-01-19 17:29 . 2010-01-19 17:29 5050368 c:\windows\Installer\7b103.msp

+ 2010-01-26 14:58 . 2010-01-26 14:58 3963392 c:\windows\Installer\642d1.msi

+ 2010-02-09 19:51 . 2010-02-09 19:51 1262080 c:\windows\Installer\49c9fa.msi

+ 2010-01-17 13:34 . 2010-01-17 13:34 8393728 c:\windows\Installer\420f45.msi

+ 2007-04-19 11:49 . 2007-04-19 11:49 1661280 c:\windows\Installer\$PatchCache$\Managed\3140110900063D11C8EF10054038389C\11.0.8173\PPTVIEW.EXE

+ 2010-01-27 18:47 . 2009-10-29 07:46 1168384 c:\windows\ie7updates\KB978207-IE7\urlmon.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 3598336 c:\windows\ie7updates\KB978207-IE7\mshtml.dll

+ 2010-01-27 18:47 . 2009-10-29 07:46 6067200 c:\windows\ie7updates\KB978207-IE7\ieframe.dll

- 2008-10-15 20:12 . 2009-08-04 20:59 2193536 c:\windows\Driver Cache\i386\ntoskrnl.exe

+ 2008-10-15 20:12 . 2009-12-09 10:11 2193536 c:\windows\Driver Cache\i386\ntoskrnl.exe

- 2008-10-15 20:12 . 2009-08-04 17:29 2028544 c:\windows\Driver Cache\i386\ntkrpamp.exe

+ 2008-10-15 20:12 . 2009-12-09 10:11 2028544 c:\windows\Driver Cache\i386\ntkrpamp.exe

+ 2008-10-15 20:12 . 2009-12-09 10:11 2070400 c:\windows\Driver Cache\i386\ntkrnlpa.exe

- 2008-10-15 20:12 . 2009-08-04 17:29 2070400 c:\windows\Driver Cache\i386\ntkrnlpa.exe

- 2008-10-15 20:12 . 2009-08-04 17:29 2149888 c:\windows\Driver Cache\i386\ntkrnlmp.exe

+ 2008-10-15 20:12 . 2009-12-09 10:11 2149888 c:\windows\Driver Cache\i386\ntkrnlmp.exe

+ 2010-01-05 09:49 . 2010-01-05 09:49 1170944 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\urlmon.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 3602944 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtml.dll

+ 2010-01-05 09:49 . 2010-01-05 09:49 6071296 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieframe.dll

+ 2010-01-25 21:26 . 2009-06-29 08:33 2452872 c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\ieapfltr.dat

+ 2008-01-16 16:45 . 2010-02-01 19:26 30364104 c:\windows\system32\MRT.exe

+ 2010-01-20 15:22 . 2010-01-20 15:22 15710720 c:\windows\Installer\9299b.msp

.

-- Snapshot teruggezet naar huidige datum --

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-19 39408]

"BrowserChoice"="c:\windows\system32\browserchoice.exe" [2010-02-12 293376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-08-25 53248]

"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 16143872]

"AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 88204]

"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-05 667718]

"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-11-28 602182]

"EOUApp"="c:\program files\Intel\Wireless\Bin\EOUWiz.exe" [2005-11-28 569413]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-19 198160]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-04 417792]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2009-09-13 1048392]

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-01-08 68640]

"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

S1 ctredrv.sys;ctredrv.sys;\??\c:\windows\system32\drivers\ctredrv.sys --> c:\windows\system32\drivers\ctredrv.sys [?]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [19/10/2009 21:27 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

getPlusHelper REG_MULTI_SZ getPlusHelper

.

Inhoud van de 'Gedeelde Taken' map

2010-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-19 20:27]

2010-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-19 20:27]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/webhp?rls=ig

uInternet Settings,ProxyOverride = *.local

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

Trusted Zone: dexia.be\directnet

DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB

DPF: {DAF94F73-2AA6-44D8-A562-A28831820D34} - hxxp://nl.pixum.be/apps/EasyUploadX.cab

DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} - hxxps://asp.photoprintit.de/microsite/1386/defaults/activex/ImageUploader3.cab

.

- - - - ORPHANS VERWIJDERD - - - -

AddRemove-FindyKill - c:\program files\FindyKill\Uninstal.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-02-28 18:12

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

Voltooingstijd: 2010-02-28 18:16:40

ComboFix-quarantined-files.txt 2010-02-28 17:16

ComboFix2.txt 2010-01-15 18:54

Pre-Run: 17.788.309.504 bytes beschikbaar

Post-Run: 18.076.762.112 bytes beschikbaar

- - End Of File - - B29D2842AFF15A8DF8517B47D3C02D48

kape · 1 maart 2010

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\system32\browserchoice.exe

Registry::

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BrowserChoice"=-

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.

En laat dan even weten of dit een positieve invloed heeft op de snelheid ?

amosa · 1 maart 2010

is het de bedoeling dat ik na die HIJack scan check fixed doe?

kape · 1 maart 2010

is het de bedoeling dat ik na die HIJack scan check fixed doe?

Eerst de CFScript uitvoeren en dan gewoon een nieuw log van HijackThis maken. Niets fixen in HJT

amosa · 1 maart 2010

heb de CFSript uitgevoerd maar de HIJack scan stopt op fix checked, krijg dus geen logje.

heb wel de combifix laten updaten toen die daar om vroeg, na opstarten met de cfscipt.

kape · 1 maart 2010

Laat ons dan eerst even het nieuwe logje na Combofix zien : combofix.txt dus.

amosa · 2 maart 2010

ComboFix 10-03-01.01 - Paula 01/03/2010 19:52:01.3.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.502.318 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Paula\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Paula\Bureaublad\CFScript.txt

AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

FILE ::

"c:\windows\system32\browserchoice.exe"

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\browserchoice.exe

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-02-01 to 2010-03-01 ))))))))))))))))))))))))))))))