Ga naar inhoud

Internet heel traag na verwijdering virus


brr01

Aanbevolen berichten

Een tijdje terug slachtoffer geweest van het 'politie-virus " , kon niets meer doen, ook niet in veilige modus opstarten. Vanalles geprobeerd om het virus te verwijderen , doch zonder resultaat. PC dan binnengebracht in comuterwinkel, deze hebben het dan verwijderd en er Panda virusscanner op geinstalleerd. Nu is het internet echter zeer traag, echt heeeel traag. Omdat ik uit ervaring weet dat je de HijackThis logfile nodig hebt plaats ik deze hier alsook de zoek.exe logfile. Hopelijk kunnen jullie hier iets mee om het probleem op te lossen. ( Heb ook malwarebytes laten lopen , doch deze heeft niets gevonden, CCcleaner heb ik ook al laten lopen...

HijackThis :

Hier is de logfile ( MalwareBytes ook laten lopen, alles 0, niets gevonden)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:14:51, on 9/10/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Panda Security\Panda Antivirus Pro 2013\TPSrv.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRAM FILES\PANDA SECURITY\PANDA ANTIVIRUS PRO 2013\WebProxy.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Panda Security\Panda Antivirus Pro 2013\PsCtrls.exe

C:\Program Files\Panda Security\Panda Antivirus Pro 2013\PavFnSvr.exe

C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe

C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Panda Security\Panda Antivirus Pro 2013\Firewall\PSHOST.EXE

C:\Program Files\Panda Security\Panda Antivirus Pro 2013\PsImSvc.exe

C:\Program Files\Panda Security\Panda Antivirus Pro 2013\PskSvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Panda Security\Panda Antivirus Pro 2013\pavsrvx86.exe

C:\Program Files\Panda Security\Panda Antivirus Pro 2013\AVENGINE.EXE

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Panda Security\Panda Antivirus Pro 2013\ApVxdWin.exe

C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe

C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: IMVU Inc Toolbar - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\tbIMVU.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: IMVU Inc Toolbar - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\tbIMVU.dll

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 4.exe

O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus Pro 2013\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Antivirus Pro 2013\Inicio.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/.../GAME_UNO1.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1341774063296

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn...Detection2.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01...l/MSNPUpld.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpda teService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2013\PsCtrls.exe

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2013\PavFnSvr.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe

O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2013\pavsrvx86.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: Panda Host Service (PSHost) - Panda Security International - C:\Program Files\Panda Security\Panda Antivirus Pro 2013\Firewall\PSHOST.EXE

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2013\PsImSvc.exe

O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2013\PskSvc.exe

O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2013\TPSrv.exe

--

End of file - 11699 bytes

ZOEK.EXE logfile :

Zoek.exe Version 3.0.0.3 Updated 13-10-2012

Tool run by Administrator on ma 15/10/2012 at 8:40:16,51.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://www.microsoft.com/isapi/redir...ie&ar=iesearch"

"Start Page"="HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Bing"

"Start Page"="MSN.com"

"Default_Page_URL"="MSN.com"

"Default_Search_URL"="Bing"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC176...t/srchasst.htm"

"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC176...t/srchcust.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]

"DisplayName"="Google"

"URL"="http://www.google.com/search?q={sear...I7ADSA_nlBE344"

"FaviconPath"="C:\\Documents and Settings\\Administrator\\Local Settings\\Application Data\\Microsoft\\Internet Explorer\\Services\\search_{6A1806CD-94D4-4689-BA73-E35EA1EA9990}.ico"

"SuggestionsURLFallback"="http://clients5.google.com/complete/...outputEncoding}"

"FaviconURLFallback"="http://www.google.com/favicon.ico"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Bing"

"Start Page"="MSN.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Bing"

"Start Page"="MSN.com"

"Default_Page_URL"="MSN.com"

"Default_Search_URL"="Bing"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC176...t/srchasst.htm"

"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC176...t/srchcust.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]

"SuggestionsURLFallback"="http://api.bing.com/qsml.aspx?query=...rket={language}"

"URL"="http://www.bing.com/search?q={search...ox&FORM=IE8SRC"

"FaviconPath"="C:\\Documents and Settings\\Administrator\\Local Settings\\Application Data\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico"

"DisplayName"="Bing"

==== Deleting CLSID Registry Keys ======================

HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

2012-10-09 19:16:38 6A0489D198D9ECC0C46A1E157D54D745 1374 ----a-w- C:\WINDOWS\imsins.BAK

2012-09-27 19:43:36 CEBF018D1FE60A1163879BC670EF9CCB 22 ----a-w- C:\WINDOWS\tpcsd

2012-09-26 14:08:48 7778D1326707205B9BCB3C0F8A630379 7690 ----a-w- C:\WINDOWS\_000004_.tmp.dll

====== C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp ====

2012-10-10 19:24:21 7EC6C8E88BECD3C40AE35AAD1DF6EB0A 90624 ----a-w- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\stubhelper.dll

2012-10-10 19:24:19 278E2096ADB08ACE30F1CD498D49BEBE 118936 ----a-w- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lowproc.exe

====== C:\WINDOWS\system32 =====

2012-10-10 19:26:25 53022EA6341241F1B86D7E6B738E48ED 198864 ----a-w- C:\WINDOWS\System32\rmoc3260.dll

2012-10-10 19:26:12 B74E422BC81236042529DC8A42A18423 5632 ----a-w- C:\WINDOWS\System32\pndx5032.dll

2012-10-10 19:26:12 33833B3EDA1B07EBD367FA9B38B23E60 6656 ----a-w- C:\WINDOWS\System32\pndx5016.dll

====== C:\WINDOWS\system32\drivers =====

2012-09-27 18:30:30 FB994B64188FFC4F25DAD6231ECE382C 1132 ----a-w- C:\WINDOWS\System32\drivers\APPFLTR.CFG.bck

2012-09-27 18:30:30 FB994B64188FFC4F25DAD6231ECE382C 1132 ----a-w- C:\WINDOWS\System32\drivers\APPFLTR.CFG

2012-09-27 18:30:30 A7E720C83CF741391CA41494661118A1 232148 ----a-w- C:\WINDOWS\System32\drivers\APPFCONT.DAT.bck

2012-09-27 18:30:30 A7E720C83CF741391CA41494661118A1 232148 ----a-w- C:\WINDOWS\System32\drivers\APPFCONT.DAT

2012-09-27 18:30:26 C4E887CF7BA2D3624233231AECD34C9D 193864 ----a-w- C:\WINDOWS\System32\drivers\idsflt.sys

2012-09-27 18:30:26 5BB0F91FFD84057D094D106D9FF53298 53256 ----a-w- C:\WINDOWS\System32\drivers\dsaflt.sys

2012-09-27 18:30:26 0411D0433E8C48AD24B2EF32D7C97AE0 46856 ----a-w- C:\WINDOWS\System32\drivers\wnmflt.sys

2012-09-27 18:30:19 A38B9BA7A4C17F7DCE9EC4E8F7870026 22024 ----a-w- C:\WINDOWS\System32\drivers\fnetmon.sys

2012-09-27 18:30:18 D8F44FC13DB193C9379297973EE42272 159112 ----a-w- C:\WINDOWS\System32\drivers\NETFLTDI.SYS

2012-09-27 18:30:18 6B467E791EC470D010BD50E5E98BF467 83528 ----a-w- C:\WINDOWS\System32\drivers\APPFLT.SYS

2012-09-26 17:14:19 55D654258A9C509B671310C314BD30B4 26696 ----a-w- C:\WINDOWS\System32\drivers\pavboot.sys

2012-09-26 17:13:56 9DEE136C4863D5065437D07262BB5C40 201032 ----a-w- C:\WINDOWS\System32\drivers\neti1644.sys

2012-09-26 17:13:55 AABEB007D994D269F98902FA212DE588 63240 ----a-w- C:\WINDOWS\System32\drivers\amm8651.sys

2012-09-26 17:13:45 EE07B2E6D4D4FBBD0BF9A5A0CB8B9B7C 164488 ----a-w- C:\WINDOWS\System32\drivers\PavProc.sys

2012-09-26 17:13:45 32D6F7632234F0354C79E915CA4613D4 37448 ----a-w- C:\WINDOWS\System32\drivers\ShlDrv51.sys

2012-09-26 16:27:57 B833B70FE639F01FB36CEDABE57EF031 14720 ----a-w- C:\WINDOWS\System32\drivers\kbdhid.sys

====== C:\WINDOWS\Tasks ======

2012-10-10 19:27:36 67FFDDD59497263AB70ED61B2D6B5CCB 302 ----a-w- C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-220523388-1177238915-500.job

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2012-10-10 19:26:36 -------- d-----w- C:\Program Files\Common Files\xing shared

2012-10-10 19:25:57 -------- d-----w- C:\Program Files\Real

2012-09-27 20:09:03 -------- d-----w- C:\Program Files\ESET

======= C: =====

2012-09-21 21:13:10 22A26C0B72DBECFAB9C8651E5F835E17 211 --sha-r- C:\boot.ini

====== C:\Documents and Settings\Administrator\Application Data ======

2012-10-10 19:25:49 -------- d-----w- C:\Documents and Settings\Administrator\Application Data\Real

2012-10-10 19:24:03 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Real

2012-10-06 14:10:46 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Panda Software

2012-09-27 20:10:04 -------- d-----w- C:\Documents and Settings\Administrator\Application Data\ESET

2012-09-26 15:09:07 -------- d-----w- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

====== C:\Documents and Settings\Administrator ======

2012-10-05 13:56:24 -------- d-sh--w- C:\Documents and Settings\NetworkService\IETldCache

2012-10-05 13:47:04 -------- d--h--r- C:\Documents and Settings\Administrator\Onlangs geopend

====== C: exe-files ==

2012-10-10 19:26:56 AE8E8A14FC4C8784713E163D1BA3782A 9728 ----a-w- C:\Program Files\Real\RealPlayer\fixrjb.exe

2012-10-10 19:26:45 F0D4E81C752109ED245167983698323B 349336 ----a-w- C:\Program Files\Real\RealPlayer\convert.exe

2012-10-10 19:26:45 8FBB078484FA84CB5C27ED176DDC9C26 375448 ----a-w- C:\Program Files\Real\RealPlayer\realconverter.exe

2012-10-10 19:26:35 D82E740EA1BE5EDABD33266BD041B97C 381080 ----a-w- C:\Program Files\Real\RealPlayer\realtrimmer.exe

2012-10-10 19:26:35 9ECA3B02ED2FF270309752B836DD86C9 129680 ----a-w- C:\Program Files\Real\RealPlayer\realshare.exe

2012-10-10 19:26:27 FE6DFF240F7A2CC06F859A55CDFC3695 27433440 ----a-w- C:\Program Files\Real\RealPlayer\Setup\setup.exe

2012-10-10 19:26:17 1A6464EDDBDB04F45EA3BCDEB1E27E93 29856 ----a-w- C:\Program Files\Real\RealPlayer\rndevicedbbuilder.exe

2012-10-10 19:26:12 AC6A11B0F0F208E7D2800FD06A4437C3 10240 ----a-w- C:\Program Files\Real\RealPlayer\realjbox.exe

2012-10-10 19:26:12 69EADE921041F987767772CC7E4BF709 18104 ----a-w- C:\Program Files\Real\RealPlayer\rphelperapp.exe

2012-10-10 19:26:11 B7CFA3F9DF5DF31E67B93C4AACBB9C97 499352 ----a-w- C:\Program Files\Real\RealPlayer\realplay.exe

2012-10-10 19:26:07 EC7D822996A453484C410D90E961DF64 63672 ----a-w- C:\Program Files\Real\RealPlayer\Update\rnxproc.exe

2012-10-10 19:26:07 3B9688041688ABC22E06D3D81F1B23F8 439504 ----a-w- C:\Program Files\Real\RealPlayer\recordingmanager.exe

2012-10-10 19:26:06 A73731A0B0A165907799E9AFB461F856 296096 ----a-w- C:\Program Files\Real\RealPlayer\Update\realsched.exe

2012-10-10 19:26:06 653EA8210C80E16296D2E15E43E8EC3B 79048 ----a-w- C:\Program Files\Real\RealPlayer\Update\realonemessagecenter. exe

2012-10-10 19:26:05 D28774BA03593A46EDD5745B179676FC 178360 ----a-w- C:\Program Files\Real\RealPlayer\Update\upgrdhlp.exe

2012-10-10 19:26:05 2576AB3BDB8EEE730A84B6FDF889E893 590024 ----a-w- C:\Program Files\Real\RealPlayer\Update\r1puninst.exe

2012-10-10 19:24:19 278E2096ADB08ACE30F1CD498D49BEBE 118936 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Temp\lowproc.exe

=== C: other files ==

2012-10-10 19:26:59 DBC78EF9DC1B8C389E0E8905D3DDB6AA 337408 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\pdwmdm.dll

2012-10-10 19:26:59 5A97CF5FC2B614F84F6A6F3A8A035F2A 16896 ----a-w- C:\Program Files\Real\RealPlayer\wmdmhelper.dll

2012-10-10 19:26:58 72CB3E0B5E9557C3E96EC39DB7ADD892 143872 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\pdctnomad.dll

2012-10-10 19:26:58 6BDD4099665E47995BF948270383CB29 608768 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\rndtdriver.dll

2012-10-10 19:26:58 5867A7D6E544A3FF6B4DF6CFF45415C9 70144 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\pdgenxferfsys.dll

2012-10-10 19:26:58 39FEF6CF3822CBC6DD36C3B3A74000CA 77824 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\pdgenxferplug.dll

2012-10-10 19:26:58 14D05FF1B7CB53CFFC56430BF464E555 1121280 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\pdge3260.dll

2012-10-10 19:26:57 F1327D68ABC3DA575777A3FB51D541F9 147456 ----a-w- C:\Program Files\Real\RealPlayer\CDBurning\cdrmmc32.dll

2012-10-10 19:26:57 ECE4F3F89BC2F144DCD5E0D91A3D2E88 139264 ----a-w- C:\Program Files\Real\RealPlayer\dunzip32.dll

2012-10-10 19:26:57 E8FD40D36346C1050CD29C338DCE5B18 656896 ----a-w- C:\Program Files\Real\RealPlayer\rjbres.dll

2012-10-10 19:26:57 DBAC8367FFBC50B4240BB7E635B9C82D 196608 ----a-w- C:\Program Files\Real\RealPlayer\CDBurning\data32.dll

2012-10-10 19:26:57 CA9EE3FA39B05D5B020799680C9B22DB 15360 ----a-w- C:\Program Files\Real\RealPlayer\CDBurning\pdno3210.dll

2012-10-10 19:26:57 A887CB2D9A4E33AD01C9F175BEBF6FE2 31232 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\mpazip.dll

2012-10-10 19:26:57 A887CB2D9A4E33AD01C9F175BEBF6FE2 31232 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\mpazip.dll

2012-10-10 19:26:57 9E5377483A97C6B5D16B8ED2F7C450E6 16896 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\pdbm3210.dll

2012-10-10 19:26:57 8B578DBB81241EC35A34862ACD29CEA0 49152 ----a-w- C:\Program Files\Real\RealPlayer\CDBurning\ntiaspi.dll

2012-10-10 19:26:57 882F54AC2751780589079C92B7FB035A 899584 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\pdbu3210.dll

2012-10-10 19:26:57 81D16829ABD68187719E442D2FBB0904 523776 ----a-w- C:\Program Files\Real\RealPlayer\rcaplugins\fftr3210.dll

2012-10-10 19:26:57 816758F6BF56C1A919E38921DB4E2D60 45056 ----a-w- C:\Program Files\Real\RealPlayer\ierjplug.dll

2012-10-10 19:26:57 6C4AB8EC10D0EB6543D5F63C3248626A 102400 ----a-w- C:\Program Files\Real\RealPlayer\CDBurning\dataex32.dll

2012-10-10 19:26:57 475A479A29156CFC2BD57EEEA54F5622 52736 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\rjrmxpln.dll

2012-10-10 19:26:57 3CCB84A4D2C96C6A6D339151E47DB788 139264 ----a-w- C:\Program Files\Real\RealPlayer\CDBurning\cdrwex32.dll

2012-10-10 19:26:57 14AF770FE4AB7BD9A952AC34EE803668 167936 ----a-w- C:\Program Files\Real\RealPlayer\CDBurning\cdrw32.dll

2012-10-10 19:26:57 131E25C8F3B9F082AD9768D923FB1FD1 361984 ----a-w- C:\Program Files\Real\RealPlayer\rjdlg.dll

2012-10-10 19:26:57 0570776E3B18CDF4171BDB14DD743B50 34304 ----a-w- C:\Program Files\Real\RealPlayer\rjprog.dll

2012-10-10 19:26:56 9C07A4D03B9C43E2AC73B9EDC8FA1E05 68096 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\tpdmgr.dll

2012-10-10 19:26:56 4275D8EE183691CC0DAA90B3F3B70C04 430592 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\tdwnmgr.dll

2012-10-10 19:26:56 2C43B0D4FECA3C21AA7856ACC660CC71 40960 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\rmxfpln.dll

2012-10-10 19:26:56 256C847CD03160C9088FB440DB929448 11776 ----a-w- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

2012-10-10 19:26:56 18C8E76B359CF903C061849AC6F58A87 1115376 ----a-w- C:\Program Files\Real\RealPlayer\cddbmusicid.dll

2012-10-10 19:26:56 03D237004CC50D66C6BFCB7F77EFE5F6 49152 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\tfilesys.dll

2012-10-10 19:26:55 99D77E0850200644F40B0209C079038B 943344 ----a-w- C:\Program Files\Real\RealPlayer\cddblink.dll

2012-10-10 19:26:54 89B10CC0DBD0ABEADCE43B92EA313F40 45056 ----a-w- C:\Program Files\Real\RealPlayer\mmcdda32.dll

2012-10-10 19:26:54 828055BC21CD54BA2D434607A3F10215 23552 ----a-w- C:\Program Files\Real\RealPlayer\tnetdtct.dll

2012-10-10 19:26:54 70AD7C098B51B8B501E4E6F27CFEFDFE 167424 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\tcdinfo.dll

2012-10-10 19:26:54 51F3C47288FE969275847DB7264090FA 74240 ----a-w- C:\Program Files\Real\RealPlayer\tsasdk.dll

2012-10-10 19:26:54 1CD498907E454C8524879B213E3BF9DF 48640 ----a-w- C:\Program Files\Real\RealPlayer\tpasdk.dll

2012-10-10 19:26:54 1986217CACE7076654124AB8446620BB 2041072 ----a-w- C:\Program Files\Real\RealPlayer\cddbcontrol.dll

2012-10-10 19:26:54 058DAB0717DFE76394ED7141E395BDFB 83456 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\rmxrend.dll

2012-10-10 19:26:51 E22CEE3694C03273633DD31A89319268 55296 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\teall.dll

2012-10-10 19:26:51 AF2ABB645D22BDA21399F28F08D77075 27648 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\teawave.dll

2012-10-10 19:26:51 A1C737F92CD289A55D940701870602A6 77824 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\teamp3.dll

2012-10-10 19:26:51 6033E9761711F82B44C791D80C620B13 56320 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\teasdk.dll

2012-10-10 19:26:51 13AF0DB32E55EA64A130A4413BE0225D 62464 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\team4a.dll

2012-10-10 19:26:50 F2F0CC2A553BA843F60346AE87A5EA9C 177664 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\vidplin.dll

2012-10-10 19:26:50 F25C4907CE44F3AC95B1A7A3589BB89F 129536 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\audplin.dll

2012-10-10 19:26:50 B7B0BDC5B096ACBA2D2D6DD89F7F8211 67584 ----a-w- C:\Program Files\Real\RealPlayer\rpwa3260.dll

2012-10-10 19:26:50 A2D652C7F23C3A6BEE7428CFB0F90111 68096 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\cont3260.dll

2012-10-10 19:26:50 9DBEE4A804753256D9595B7272F7E723 102400 ----a-w- C:\Program Files\Real\RealPlayer\rcaplugins\locd3210.dll

2012-10-10 19:26:50 60EFAD0D2619989D01FA7E21359B3512 60416 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\mpgfformat.dll

2012-10-10 19:26:50 42D767774DA85AE0153B221D42627645 854528 ----a-w- C:\Program Files\Real\RealPlayer\rcaplugins\sonr3210.dll

2012-10-10 19:26:50 3303C451949EA8EB7D8AB9D75454BDD1 173568 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\mpgrender.dll

2012-10-10 19:26:50 1431824A9F97AF8129898311BAC7D92A 25088 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\recf3260.dll

2012-10-10 19:26:45 6798BAB34F565DB130CF5C572E90763F 16896 ----a-w- C:\Program Files\Real\RealPlayer\rcaplugins\upgradeinstallerp lugin.dll

2012-10-10 19:26:45 38374077D7807646EE200B0DEDA634CA 587264 ----a-w- C:\Program Files\Real\RealPlayer\rcaplugins\converterapp.dll

2012-10-10 19:26:36 D9133DDB82765ECA62C95E57967B59D6 73728 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\rnaudiocodec. dll

2012-10-10 19:26:36 C315F1A38DC78542CD0F394C3A858BE3 269312 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\rmwrtr.dll

2012-10-10 19:26:36 A2D467D4F9E992C879EE473807C1EA42 148992 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\mp4wrtr.dll

2012-10-10 19:26:36 9489A7766046116BF6BF60C79783AECC 22016 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\videonullcode c.dll

2012-10-10 19:26:36 85C0B7874262962983B4D5160DF99F54 503808 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\colorcvt.dll

2012-10-10 19:26:36 6CB95973A718453D200161B188DDBEB7 29696 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\rgbvideoresiz er.dll

2012-10-10 19:26:36 69FEAE7BB9FF3DC7C8BFC60C9D6C2946 483328 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\erv4.dll

2012-10-10 19:26:36 635847F66EEA31FAA8B3178CD4C7DE48 390384 ----a-w- C:\Program Files\Real\RealPlayer\mc_enc_mp4v.dll

2012-10-10 19:26:36 580DC5F9FCAD4DC51B8B173C57B7565A 380928 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\erv2.dll

2012-10-10 19:26:36 56B984D29A2C308156014D78F419A9D6 49152 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\videocolorcon verter.dll

2012-10-10 19:26:36 46103192AA5E97ABA69A237E2FAC010B 352256 ----a-w- C:\Program Files\Common Files\xing shared\mpeg encode\xmencmp3.dll

2012-10-10 19:26:36 40F371DAD3EC3F8CEFE6CB2AD114C82D 38912 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\qth264encoder .dll

2012-10-10 19:26:36 38D5B29D3B16F1F6226C57CE50C2391C 30208 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\rnvideopacket izer.dll

2012-10-10 19:26:36 207CE9D0CF86FD9A321551DD6E37A88A 86016 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\rnaudiopacket izer.dll

2012-10-10 19:26:36 12A6935897F78234D044637D0AD66B4F 106496 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\rnvideocodec. dll

2012-10-10 19:26:35 FD99E6ADD8429159A5CE0348ED63E4D9 34304 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\audiolimiter. dll

2012-10-10 19:26:35 F52B636A2AC8E9E72F1F18BE331FCE6A 253952 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\rmwriter.dll

2012-10-10 19:26:35 EC8B3C440FD00323402286370F0A0791 31744 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\audiodelaycom p.dll

2012-10-10 19:26:35 C87FCCD14B2535F94CA71755E78D1E04 57344 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\packetsource. dll

2012-10-10 19:26:35 C10E13BA600296DA4851BE408103369D 80384 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\aviwrtr.dll

2012-10-10 19:26:35 B2DD645A1DFC28849E0158240C77575E 320000 ----a-w- C:\Program Files\Real\RealPlayer\rcaplugins\videoeditor.dll

2012-10-10 19:26:35 A5E384A22E9F9A2B57EAF5D3A4ACC987 856064 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\encsession.dl l

2012-10-10 19:26:35 9FA734161CD47CC4E86DC46E0298215F 65536 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\audiolossless codec.dll

2012-10-10 19:26:35 9EAA3981037088641062BB237618BE5C 448512 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\asfff.dll

2012-10-10 19:26:35 9792D58C996A554E4329E03D6790D887 61440 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\mp3wrtr.dll

2012-10-10 19:26:35 9306D7D9E55D3232052574755A707CC1 203776 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\wma9.dll

2012-10-10 19:26:35 8E0730F4A27E1CF062059BDE04EC4ED8 327680 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\audioresample r.dll

2012-10-10 19:26:35 725DD7EFEA2AB5C45AD49A3B83FC5B49 218624 ----a-w- C:\Program Files\Real\RealPlayer\rcaplugins\sharemedia.dll

2012-10-10 19:26:35 6E9BAC2136A77147671C5E04ACEA1D44 152064 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\wmv8.dll

2012-10-10 19:26:35 6447B41B06864BBD74FFAB9E548942E8 53248 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\h263enc.dll

2012-10-10 19:26:35 610390547B7BC09A07A721B8BF20C6F2 163840 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\dsreader.dll

2012-10-10 19:26:35 4FBBB498B2619D3EEB2BB3E16A6734BC 20992 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\wavwrtr.dll

2012-10-10 19:26:35 4E56A78EE19E56E18C3DB2CFB364B4B1 37376 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\audiofmtconve rter.dll

2012-10-10 19:26:35 400FF16A095575B5CC0583A8E5223EAB 61440 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\mpeg4audiopac ketizer.dll

2012-10-10 19:26:35 3C37F665DB7C4ED9395B43E51F2255E0 96256 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\wmvrender.dll

2012-10-10 19:26:35 2B65F95A1680EB2AA55451B816CF6E62 77824 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\aacwrtr.dll

2012-10-10 19:26:35 2480906EB075A12750C3252076748805 51712 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\wmarender.dll

2012-10-10 19:26:35 24289AD28EC146E2C22217C601BB7448 253952 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\hxfilewriter. dll

2012-10-10 19:26:35 23EAC56998FC0F2114A5F4B6B2408E22 20480 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\audionullcode c.dll

2012-10-10 19:26:35 203EA20753A925FEB359616E35FEFA2A 62976 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\flvwrtr.dll

2012-10-10 19:26:35 16F4B66381BA8AF003C5C1626BD4AD0F 57344 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\mediasink.dll

2012-10-10 19:26:35 1342EC78226F6A7EBE1FC62ECF811E26 77824 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\rmsessionform at.dll

2012-10-10 19:26:35 0CCE321DEF4A2B99AF0855E902322DFC 86016 ----a-w- C:\Program Files\Real\RealPlayer\Producer\Tools\qtreader.dll

2012-10-10 19:26:35 020D2E87A591A4DA85F431A76EAAAF43 128000 ----a-w- C:\Program Files\Real\RealPlayer\rcaplugins\rpflvframegrabber .dll

2012-10-10 19:26:34 BCFE4B88024F2B69E18C046348970767 69120 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\rndevicefsys.dll

2012-10-10 19:26:34 AB147A1EE940F2A1CF3A675E664DDD4F 123904 ----a-w- C:\Program Files\Real\RealPlayer\rcaplugins\rpshellextension. dll

2012-10-10 19:26:34 96E4C81E4ECB1E4E9E086ADD3D22A326 45568 ----a-w- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims \rpnpshimwmp.dll

2012-10-10 19:26:34 96E4C81E4ECB1E4E9E086ADD3D22A326 45568 ----a-w- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims \rpnpshimswf.dll

2012-10-10 19:26:34 96E4C81E4ECB1E4E9E086ADD3D22A326 45568 ----a-w- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims \rpnpshimrp.dll

2012-10-10 19:26:34 96E4C81E4ECB1E4E9E086ADD3D22A326 45568 ----a-w- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims \rpnpshimqt.dll

2012-10-10 19:26:34 96E4C81E4ECB1E4E9E086ADD3D22A326 45568 ----a-w- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims \rpnpshimhtml5.dll

2012-10-10 19:26:34 280F56517C00B04AC222E89F3F8D7563 198656 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rpflashplayer.dll

2012-10-10 19:26:34 1FEE70FAF63DD8D0034045420F5DFDFE 1185792 ----a-w- C:\Program Files\Real\RealPlayer\rcaplugins\rpsharedcomponent s.dll

2012-10-10 19:26:33 EADA87878D898AA6FD9DD67201CB6DA0 399064 ----a-w- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rp common150browserrecordplugin.dll

2012-10-10 19:26:33 E32771B0AE3F18CEFFC12D682025238A 19456 ----a-w- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPl ugins\nprphtml5videoshim.dll

2012-10-10 19:26:33 9C0DFA4BF8AA6C92C11CB331D35C7886 32256 ----a-w- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\E xt\Components\nprpffbrowserrecordlegacyext.dll

2012-10-10 19:26:33 8C7198064F9168F20F2A17DB6CECF2FF 35840 ----a-w- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\E xt\Components\nprpffbrowserrecordext.dll

2012-10-10 19:26:33 78693EFB803C77F731726E7FA65A6517 28160 ----a-w- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ho ok\rpchrome150browserrecordhelper.dll

2012-10-10 19:26:33 555E65306A5D3A5978BE74E1DD62CDD9 95744 ----a-w- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPl ugins\nprpchromebrowserrecordext.dll

2012-10-10 19:26:32 FA6F9DBEDAE5AA74E82D1CC53C388068 98304 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\wmaimprtpln.dll

2012-10-10 19:26:32 C828C331196D0D0A5D65D49F51A0F79A 256000 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rpwm3260.dll

2012-10-10 19:26:32 C61E4513204BCC4B330E7AD50C4C82C0 426736 ----a-w- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrow serrecordplugin.dll

2012-10-10 19:26:32 C51AE601AA0B3FD7DE704C81D57EED20 33280 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\teawma.dll

2012-10-10 19:26:32 B41E7326122D8CA363FAFC08BDAA6A45 17920 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\wm9writer.dll

2012-10-10 19:26:32 A712132C40B5E1C79589197C101DD7B9 25088 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\amrff.dll

2012-10-10 19:26:32 9CCBFA69AC67AED98E1C8A11FFA2A630 719360 ----a-w- C:\Program Files\Real\RealPlayer\dbghelp.dll

2012-10-10 19:26:32 82DF2E044331C496C6B0F99F2234C30D 72192 ----a-w- C:\Program Files\Real\RealPlayer\rjwmapln.dll

2012-10-10 19:26:32 570A59E1AE9BCCAF0BF9FEB0D9DC9D13 69632 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\flvff.dll

2012-10-10 19:26:32 556C55EAF81910BAB108F86910E98679 291840 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\flvrender.dll

2012-10-10 19:26:32 4BFCE60823AB331D786C7A0C5781A722 94720 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\qclp.dll

2012-10-10 19:26:32 4AA2BEA8BB0F366D7615956538CFD5C2 30720 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\3gppttrenderer.dll

2012-10-10 19:26:32 496D2DDDDB6C9DC1AD2CC6073BFDA27C 170496 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\wm9fformat.dll

2012-10-10 19:26:32 42811DF6CF1D0DB39A0BB68ACD9FC53A 199680 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\wmsechnd.dll

2012-10-10 19:26:32 1897140C02848985DF988CD29EEF1132 181760 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\amrn.dll

2012-10-10 19:26:32 01C7E1C5884DF65D3244227CB4355E74 71168 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\aacff.dll

2012-10-10 19:26:31 FF90F6C056218DADBB5FF312676E8014 365568 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\rjrmjpln.dll

2012-10-10 19:26:31 F5C720FD85C13D228F296012DC0369E1 57344 ----a-w- C:\Program Files\Real\RealPlayer\rcaplugins\xmlc3201.dll

2012-10-10 19:26:31 D678D6D0DB3C6FE2496CF0DDBC6E5954 202752 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\dmp4.dll

2012-10-10 19:26:31 D3F45D6D1AF51E93D1376FA643F50B32 53248 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\rjm4pln.dll

2012-10-10 19:26:31 D01CB6994F62EB6A08C46C76EB251CA1 461824 ----a-w- C:\Program Files\Real\RealPlayer\rcaplugins\uisy3201.dll

2012-10-10 19:26:31 BB7D840D45EC2D20F415A838A11878CC 44032 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\rjmp3pln.dll

2012-10-10 19:26:31 98F741E956D6BC33C5209BDBAF9B3598 171008 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\mp4fformat.dll

2012-10-10 19:26:31 7CC638AD27595E0AA44C749350E818C2 40960 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\rjcfspln.dll

2012-10-10 19:26:31 773B88405096010B24C5742600AFF908 134144 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\mp4arender.dll

2012-10-10 19:26:31 50D9909B200151CADD4608A5D729A18A 43008 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\avcq.dll

2012-10-10 19:26:31 4FFB9E31E9AFE6D00708CD2D38938D3A 59904 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\mp4v.dll

2012-10-10 19:26:31 4C679AAE1B5189520D889D61883AFAA2 2546688 ----a-w- C:\Program Files\Real\RealPlayer\rcaplugins\rpcontrols.dll

2012-10-10 19:26:31 29E97BC3D2004A9DF75A15E958051EC6 175616 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\mp4vrender.dll

2012-10-10 19:26:31 28EE433C0EC25130D051E576136C4B6E 85504 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\hxxml.dll

2012-10-10 19:26:31 24468CF77DB8830105C318ED2D447453 12288 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\rjrmapln.dll

2012-10-10 19:26:31 1B0B0512802FC5D54136C88F748AEB36 120832 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\h263render.dll

2012-10-10 19:26:30 F3B1EEEDAAB7FE81C55E567BA66C5404 52224 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\mp3metaff.dll

2012-10-10 19:26:30 DF142C8B250E453E370CE8AEF835B354 156672 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\mp3render.dll

2012-10-10 19:26:30 922F3E91EF5E6D5BAAD628673A69E634 532480 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\ravemgr.dll

2012-10-10 19:26:30 8D547B2B190358A911E9F37369A2473F 19968 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\stubdrm.dll

2012-10-10 19:26:30 7859A90B0430526C83360FE46C0F6624 41472 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\mp3fformat.dll

2012-10-10 19:26:30 5D4A39E4939E71248ED3A4181E6B8450 46592 ----a-w- C:\Program Files\Real\RealPlayer\rpau3260.dll

2012-10-10 19:26:30 385791B9DEEE96ACCCD54A8759CFDF74 151552 ----a-w- C:\Program Files\Real\RealPlayer\Common\rjbviz.dll

2012-10-10 19:26:30 2EF928B6C1ED32F86D71E7E38B8A6B31 49152 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rpho3260.dll

2012-10-10 19:26:29 70F906DA473AF4BC9E1C352C32A6ED6D 20992 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\sdpplin.dll

2012-10-10 19:26:26 8BBB577B77F336A89A4047DC25815AAA 506368 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\imgrender.dll

2012-10-10 19:26:26 762C8FB61FEC275FCC3FDA9DE10DD8F3 65024 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\evrc.dll

2012-10-10 19:26:26 444C7CC099383F72F038FB1A7F5A5517 95744 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\rtfformat.dll

2012-10-10 19:26:26 334CC7819213815104D1441D50A7C7BC 151552 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\ralf.dll

2012-10-10 19:26:26 280D33683843C3E01E0A8E5C33B3B23B 112128 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\rtrender.dll

2012-10-10 19:26:26 0FD17FC361E345D2BDAC8B3E1A6D0C54 24064 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\qcpfformat.dll

2012-10-10 19:26:25 E05595FCDD3035AC3786FBA3A9A323BA 57344 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\rv30.dll

2012-10-10 19:26:25 ABD684E3ACF2CFF52C000298E1B4D264 615424 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\swfrender.dll

2012-10-10 19:26:25 8FA8BC1217338259C702A567C2D809DA 96768 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\swfformat.dll

2012-10-10 19:26:25 8C4093C0C83795FB0B023CF9C33C6CA7 62976 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\rv20.dll

2012-10-10 19:26:25 53022EA6341241F1B86D7E6B738E48ED 198864 ----a-w- C:\WINDOWS\system32\rmoc3260.dll

2012-10-10 19:26:25 2DC6257A367A6182E40F748D0396AAF9 150736 ----a-w- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

2012-10-10 19:26:25 2CD1C24F65EA839F0CBEA87119327846 652800 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\embd3260.dll

2012-10-10 19:26:25 21A2AE2CC9A514F54E9E331A7A47ED2B 57344 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\rv40.dll

2012-10-10 19:26:24 FF1731A4F118D59EB1D1E727F4F7661E 143360 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\rarender.dll

2012-10-10 19:26:24 C159826ECBFBAB1ADF7967F336D1DC6B 94720 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\drv1.dll

2012-10-10 19:26:24 B380F7858B693069FB39CA9BA38C4E05 568320 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\raac.dll

2012-10-10 19:26:24 AAF2F4DEC2EB74CD4629D8975E2D8401 154112 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\sipr.dll

2012-10-10 19:26:24 92DB2969FDF6ED0734CD12E42B73D3A1 169472 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\drv2.dll

2012-10-10 19:26:24 73431B5B0D0D3E17BF05421AB57EAB72 279552 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\drvc.dll

2012-10-10 19:26:24 5E8F882B9EE6A40CE76170D65A456A64 84992 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\cook.dll

2012-10-10 19:26:24 476AFE94A8F120868D02C694DD0E97B8 58368 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\rv10.dll

2012-10-10 19:26:24 309755F2AE35D8B3CA9672A45CB742CB 102400 ----a-w- C:\Program Files\Real\RealPlayer\Codecs\atrc.dll

2012-10-10 19:26:24 1F8C198456B89143B5DC9E6125408695 47104 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\imaprender.dll

2012-10-10 19:26:24 1F2BF047B6875972DDBACE9EEBEC7E18 151040 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\rvrender.dll

2012-10-10 19:26:17 A150983A77B61D54FEBCAC7DA31D9CA7 902144 ----a-w- C:\Program Files\Real\RealPlayer\mpaplugins\mpamedia.dll

2012-10-10 19:26:16 F901CDEC75DAFEDDA437CB14A7BDC6F8 83456 ----a-w- C:\Program Files\Real\RealPlayer\Common\twebbrowse.dll

2012-10-10 19:26:16 A60B95DA77BF095E25571D8B997AE7F4 220160 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rpds3260.dll

2012-10-10 19:26:16 6321AA0591251AD7B47E7D14BB6AA73E 88064 ----a-w- C:\Program Files\Real\RealPlayer\hxaudiodevicehook.dll

2012-10-10 19:26:16 1E3AA02F2C91A2B25EFB4E355160CDCA 129176 ----a-w- C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll

2012-10-10 19:26:16 009397F46C0ED279F340732EA2E6355D 116920 ----a-w- C:\Program Files\Real\RealPlayer\rdsf3260.dll

2012-10-10 19:26:15 E9C5403EE75050867B6D4D7BB99EBA06 604160 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rpcl3260.dll

2012-10-10 19:26:15 DB58C507DD85AA7D8150BA88F8E448C3 86528 ----a-w- C:\Program Files\Real\RealPlayer\rpplugprot.dll

2012-10-10 19:26:15 87B84ED65DACFDEA7CDBA83D6D9364C9 694992 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\ierpplug.dll

2012-10-10 19:26:15 5D645D87D459667EC2282D96BAF64928 64696 ----a-w- C:\Program Files\Real\RealPlayer\rpshell.dll

2012-10-10 19:26:15 0F4666D94F4EA07078C096FD5B1A4DB9 251904 ----a-w- C:\Program Files\Real\RealPlayer\rcaplugins\mpacore.dll

2012-10-10 19:26:14 F2197F1A5CCE8DC5DDF3FF88324709A6 51712 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rpcomproxy.dll

2012-10-10 19:26:14 C0BD1783C91AF4C550F9A5E00C14409A 660480 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rpmn3260.dll

2012-10-10 19:26:14 9B09FBF52B9AA445D167D060D6AA0A0E 304128 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rppl3260.dll

2012-10-10 19:26:14 9957D2E5ED0955648936531D839396E7 160256 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rpqt3260.dll

2012-10-10 19:26:14 75EF3409160437143CED92CABEED4919 45568 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rpms3260.dll

2012-10-10 19:26:14 65E9F6077A652517E9409521D043B05F 793088 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rput3260.dll

2012-10-10 19:26:14 278288EDAC5DD2BC57CD5806343A7BEB 321536 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\tmde3210.dll

2012-10-10 19:26:14 264EF8F2D25C046792C97266B60AF974 265728 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rpme3260.dll

2012-10-10 19:26:14 2267408114D9ED7ABFAEA1BD37EDC506 736256 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rpwe3260.dll

2012-10-10 19:26:14 1D18C34B18F98AC5AC79001E43675FF8 176128 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rpgu3260.dll

2012-10-10 19:26:14 1C04D70DC56889023EB3CB2987C3277C 116736 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rpimageplayer.dll

2012-10-10 19:26:14 115BE5217C9293FF505DB5B0A0FADBC1 47104 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rpappdemon.dll

2012-10-10 19:26:14 0527E2DB5C02E8285747214F0CA41A90 68608 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rpthumbnail.dll

2012-10-10 19:26:13 F57EA37004C48840D03C180AC70CEC8E 2110464 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rjbdll.dll

2012-10-10 19:26:13 F29EDF33A2348CCA19354702398AF142 121856 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rjbe3260.dll

2012-10-10 19:26:13 E3865DBA342CABA694F482FA95FB64C0 109568 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rjbxfade.dll

2012-10-10 19:26:13 73724F71890AD39795C647C232CA40EA 141824 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rnconverter.dll

2012-10-10 19:26:13 7128111D8BDB025386A74918ED6310F2 497152 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\cdpl3210.dll

2012-10-10 19:26:13 6F5414C8FE5DFB2D1A4F66709CEBBA22 844800 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\myde3260.dll

2012-10-10 19:26:13 52F3F4229184022FDC57B93C77954ED0 1448960 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rpap3260.dll

2012-10-10 19:26:13 4EB2E2CC0D5256F810CDF7AB7DA3F0A5 1042432 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rjbc3260.dll

2012-10-10 19:26:13 2E40C5DD551F847FC80538AE6B988F01 15360 ----a-w- C:\Program Files\Real\RealPlayer\Common\rppr3260.dll

2012-10-10 19:26:13 027D1BA1E6B49A35080D4A6F02AA1612 574976 ----a-w- C:\Program Files\Real\RealPlayer\rpplugins\rjmisc.dll

2012-10-10 19:26:12 B90B7F29E2916C64DC5E191561F7575D 16384 ----a-w- C:\Program Files\Real\RealPlayer\Common\pnrs3260.dll

2012-10-10 19:26:12 B74E422BC81236042529DC8A42A18423 5632 ----a-w- C:\WINDOWS\system32\pndx5032.dll

2012-10-10 19:26:12 46B5E70BF0B6443C7D47D812E103CC99 430080 ----a-w- C:\Program Files\Real\RealPlayer\Common\pngu3267.dll

2012-10-10 19:26:12 33833B3EDA1B07EBD367FA9B38B23E60 6656 ----a-w- C:\WINDOWS\system32\pndx5016.dll

2012-10-10 19:26:10 B1269AE44770FC54222BCF351B0F4669 95232 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\vsrlocal.dll

2012-10-10 19:26:10 6E3DC55ACFA6DE13D215DDD368EC0C98 119808 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\vsrcplin.dll

2012-10-10 19:26:09 FEDC7ACB5D556C6D3417FA4F96F57A86 74240 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\smplfsys.dll

2012-10-10 19:26:09 CD791B7584F64DCDFB6601B140C8812E 165888 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\zipf3260.dll

2012-10-10 19:26:09 C7F57D668E08B838B3F07711907D5CB1 30208 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\clntxres.dll

2012-10-10 19:26:09 7F457EC2E39445D595C7EFE55DDA5585 39936 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\smmrender.dll

2012-10-10 19:26:09 3F994A6CF62AA8ED7B82CBE8AD7BE810 381440 ----a-w- C:\Program Files\Real\RealPlayer\Common\hxmedpltfm.dll

2012-10-10 19:26:09 2F484C8A639CFA726B6F571481370401 386048 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\vidsite.dll

2012-10-10 19:26:08 F7DF910604B03EF064F3F710AB62EE63 187392 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\httpfsys.dll

2012-10-10 19:26:08 DD3481AB1C5253EE4721A947974D8B7C 20992 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\clbascauth.dll

2012-10-10 19:26:08 CB38777708FC38A2046FD4C128D72FAB 40448 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\plusplin.dll

2012-10-10 19:26:08 C31D7D07DFC151872A4F41005290991C 30720 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\pxcb3210.dll

2012-10-10 19:26:08 ADE6F71C7DBEF8B9460A66B40881EC72 37376 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\rn5auth.dll

2012-10-10 19:26:08 A95BD59EF95AF30931BA81FF36BE3267 38912 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\hxsdp.dll

2012-10-10 19:26:08 A871CD96EEDFF275A1B15AB3AB220D7E 25600 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\ntlmauth.dll

2012-10-10 19:26:08 A71D813D04670970552137364D2094F7 183296 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\rmfformat.dll

2012-10-10 19:26:08 A12B9FBCD0D01D648E3065941A659474 58880 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\memfsys.dll

2012-10-10 19:26:08 98EB0B370E6C8BBEE9F6A2FF4D8F96E3 24064 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\cdda3260.dll

2012-10-10 19:26:08 9598C1A94EE3E9BFC47C468029D1FA33 43008 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\ramrender.dll

2012-10-10 19:26:08 92E40DC7F93C8103628FD5C2DA993F43 26624 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\ramfformat.dll

2012-10-10 19:26:08 847789F28D244FDA720928EA064D47E4 1151488 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\hxmedplyeng.dll

2012-10-10 19:26:08 75861A40F011E517E85D411D5C9FB37B 352768 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\rtspclnt.dll

2012-10-10 19:26:08 699C39D60B3672D2E0D76B02FE112ED9 574464 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\smlrender.dll

2012-10-10 19:26:08 6149E379CCE03A3D466E25755A95C361 43520 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\smlfformat.dll

2012-10-10 19:26:08 55ED213143332D30EFC8F978F6A363B2 321536 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\pacplin.dll

2012-10-10 19:26:08 54F65B7255BA702290E3EBDDA6CACD02 171520 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\hxnetwksvc.dll

2012-10-10 19:26:08 43C62DA390C357711FB86F939FE1F2B5 27136 ----a-w- C:\Program Files\Real\RealPlayer\Plugins\authmgr.dll

2012-10-10 19:26:07 95C34C5196B3569383F3CE061EC051CA 30720 ----a-w- C:\Program Files\Real\RealPlayer\Common\rpun3260.dll

2012-10-10 19:26:07 263BD9764D41C600386EE29D99927FEB 387584 ----a-w- C:\Program Files\Real\RealPlayer\Update\rnms3270.dll

2012-10-10 19:26:06 E800EA4F0B14514BEDBD7AC7E8A93813 75448 ----a-w- C:\Program Files\Real\RealPlayer\Update\rpelevation.dll

2012-10-10 19:26:06 C744E824ABAE9A7C24627E087F682137 363520 ----a-w- C:\Program Files\Real\RealPlayer\Update\setu3270.dll

2012-10-10 19:26:06 BAB7EA34266BC28C957412B4CAAAC409 99840 ----a-w- C:\Program Files\Real\RealPlayer\Update\rnad3201.dll

2012-10-10 19:26:06 2C0CE21B7B42CCF4171DA0E3E1C6214C 31744 ----a-w- C:\Program Files\Real\RealPlayer\Update\pnmi3270.dll

2012-10-10 19:26:06 251B9FBE23ACBB796257C7F937F7280F 415744 ----a-w- C:\Program Files\Real\RealPlayer\Update\faus3270.dll

2012-10-10 19:26:05 87279C0C6343D5B46863EEDBF61980F0 349184 ----a-w- C:\Program Files\Real\RealPlayer\Update\upgr3270.dll

2012-10-10 19:26:05 52663E2B11194575C3A7F7E9F8EFB5ED 311808 ----a-w- C:\Program Files\Real\RealPlayer\Update\rnqu3270.dll

2012-10-10 19:26:05 19D7A86BBB209CECE9263BBF00E7D0B7 192000 ----a-w- C:\Program Files\Real\RealPlayer\Update\rnup3270.dll

2012-10-10 19:25:25 B90B7F29E2916C64DC5E191561F7575D 16384 ------w- C:\Documents and Settings\Administrator\Local Settings\Temp\~rnsetup\GEMSETUP\pnrs3260.dll

2012-10-10 19:24:21 7EC6C8E88BECD3C40AE35AAD1DF6EB0A 90624 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Temp\stubhelper.dll

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-1757981266-220523388-1177238915-500\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]

"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86 \3\hpztsb04.exe"

"CXMon"="C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"

"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"

"hpqSRMon"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe"

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"APVXDWIN"="C:\Program Files\Panda Security\Panda Antivirus Pro 2013\APVXDWIN.EXE /s"

"SCANINICIO"="C:\Program Files\Panda Security\Panda Antivirus Pro 2013\Inicio.exe"

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"

"TkBellExe"="C:\Program Files\Real\RealPlayer\update\realsched.exe -osboot"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="AdobeARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="Reader_sl"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AlcoholAutomount]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="AxAutoMntSrv"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Alcohol Soft\\Alcohol 52\\AxAutoMntSrv.exe\" -automount"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="NMBgMonitor"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Eraser RiskMonitor]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="etRiskmon"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\East-Tec Eraser 2010\\Launch.exe\" \"C:\\Program Files\\East-Tec Eraser 2010\\etRiskmon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ftweak_RAMRush]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="RAMRush"

"hkey"="HKCU"

"command"="C:\\Program Files\\RAMRush\\RAMRush.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesHelper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="KiesHelper"

"hkey"="HKCU"

"command"="C:\\Program Files\\Samsung\\Kies\\KiesHelper.exe /s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPDLR]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="KiesPDLR"

"hkey"="HKCU"

"command"="C:\\Program Files\\Samsung\\Kies\\External\\FirmwareUpdate\\Ki esPDLR.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="KiesTrayAgent"

"hkey"="HKCU"

"command"="C:\\Program Files\\Samsung\\Kies\\KiesTrayAgent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Malwarebytes' Anti-Malware]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="mbamgui"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbamgui.exe\" /starttray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="msnmsgr"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="NeroCheck"

"hkey"="HKLM"

"command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="qttask"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="jusched"

"hkey"="HKLM"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]

"key"="Software\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="swg"

"hkey"="HKCU"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ThrustTSR]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="TMTMTSR"

"hkey"="HKLM"

"command"="C:\\Program Files\\ThrustMaster\\ThrustMapper\\TMTMTSR.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"

"item"="TomTomHOMERunner"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Administrator^Menu Start^Programma's^Opstarten^Adobe Gamma.lnk]

"backup"="C:\\WINDOWS\\pss\\Adobe Gamma.lnkStartup"

"command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1 \\ADOBEG~1.EXE "

"item"="Adobe Gamma"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk]

"item"="Windows Search"

"backup"="C:\\WINDOWS\\pss\\Windows Search.lnkCommon Startup"

"command"="C:\\PROGRA~1\\WI459E~1\\WINDOW~1.EX E"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk]

"backup"="C:\\WINDOWS\\pss\\WinZip Quick Pick.lnkCommon Startup"

"command"="C:\\PROGRA~1\\WinZip\\WZQKPICK.EXE "

"item"="WinZip Quick Pick"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

==== Startup Folders ======================

2012-10-05 19:46:01 1889 ----a-w- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpda teService.exe [09/10/2012 20:24]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [02/06/2011 21:29]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [02/06/2011 21:29]

C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1757981266-220523388-1177238915-500.job --a------ C:\Program Files\Real\RealUpgrade\realupgrade.exe [27/07/2012 14:27]

C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-220523388-1177238915-500.job --a------ C:\Program Files\Real\RealUpgrade\realupgrade.exe [27/07/2012 14:27]

C:\WINDOWS\tasks\RegistryBooster.job --a------ C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe []

C:\WINDOWS\tasks\SmartDefrag_Startup.job --a------ C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe [04/01/2012 15:26]

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat" deleted

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" deleted

"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

Link naar reactie
Delen op andere sites

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.

2. Dubbelklik op ComboFix.exe en volg de meldingen op het scherm.

3. ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.

**Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.

4. Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.

cf-rc-auto.jpg

Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:

rc-auto-done.jpg

Klik op Ja om verder te gaan met het scannen naar malware.

5. Wanneer ComboFix klaar is, zal het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

Heb ComboFix laten lopen maar als hij Windows wil restarten gbeurt er niets, drie kwartier gewacht maar er blijft steeds het volgende staan : windows wordt herstart...gelieve even te wachten. Ook kan ik de ComboFix.txt file niet vinden op de C-schijf...

Link naar reactie
Delen op andere sites

Verwijder de huidige versie van Combofix via de opdracht Combofix /Uninstall in het zoekvak naast Start. Download dan een nieuwe versie en laat deze eerst scannen in normale modus. Lukt het dan weer niet om een logje te produceren, herhaal deze bewerking dan in "veilige modus".

Link naar reactie
Delen op andere sites

Hier is de ComboFix log :

ComboFix 12-10-18.03 - Administrator 18/10/2012 18:45:56.3.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2047.1304 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Administrator\Bureaublad\ComboFix.exe

AV: Panda Antivirus Pro 2013 *Disabled/Updated* {EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A}

FW: Panda Personal Firewall 2013 *Disabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\Version.dll . . . is geïnfecteerd!!

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-09-18 to 2012-10-18 ))))))))))))))))))))))))))))))

.

.

2012-10-15 19:11 . 2008-04-14 20:32 116736 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll

2012-10-15 19:10 . 2001-09-06 19:27 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll

2012-10-15 19:10 . 2008-04-14 20:32 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll

2012-10-15 19:10 . 2001-09-06 19:27 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe

2012-10-15 19:10 . 2001-09-06 19:27 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe

2012-10-15 19:10 . 2001-09-06 19:27 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe

2012-10-15 19:10 . 2001-08-17 18:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys

2012-10-15 19:10 . 2008-04-13 20:04 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys

2012-10-15 19:10 . 2008-04-13 22:16 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys

2012-10-15 19:10 . 2008-04-13 20:04 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys

2012-10-15 19:10 . 2008-04-14 20:32 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll

2012-10-15 19:10 . 2008-04-13 22:06 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys

2012-10-15 19:10 . 2008-04-13 20:05 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys

2012-10-15 19:08 . 2001-08-17 18:13 16925 -c--a-w- c:\windows\system32\dllcache\w940nd.sys

2012-10-15 19:07 . 2001-08-17 19:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys

2012-10-15 19:06 . 2001-08-17 19:58 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys

2012-10-15 19:06 . 2001-09-06 19:27 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll

2012-10-15 19:06 . 2001-09-06 19:27 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll

2012-10-15 19:06 . 2001-09-06 19:27 212480 -c--a-w- c:\windows\system32\dllcache\um54scan.dll

2012-10-15 19:06 . 2001-09-06 19:27 216576 -c--a-w- c:\windows\system32\dllcache\um34scan.dll

2012-10-15 19:06 . 2001-08-17 19:52 36736 -c--a-w- c:\windows\system32\dllcache\ultra.sys

2012-10-15 19:06 . 2008-04-13 22:06 44672 -c--a-w- c:\windows\system32\dllcache\uagp35.sys

2012-10-15 19:06 . 2001-08-17 19:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys

2012-10-15 19:06 . 2001-08-17 18:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys

2012-10-15 19:06 . 2001-09-06 19:27 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll

2012-10-15 19:06 . 2001-08-17 18:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys

2012-10-15 19:05 . 2001-09-06 19:26 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll

2012-10-15 19:05 . 2001-08-17 18:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys

2012-10-15 19:05 . 2001-09-06 19:26 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll

2012-10-15 19:05 . 2001-08-17 18:12 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys

2012-10-15 19:05 . 2001-09-06 19:26 43008 -c--a-w- c:\windows\system32\dllcache\tp4res.dll

2012-10-15 19:05 . 2008-04-14 20:33 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe

2012-10-15 19:05 . 2001-09-06 19:27 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll

2012-10-15 19:05 . 2001-09-06 16:37 4992 -c--a-w- c:\windows\system32\dllcache\toside.sys

2012-10-15 19:05 . 2001-08-17 20:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys

2012-10-15 19:05 . 2001-08-17 20:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys

2012-10-15 19:05 . 2001-08-17 18:10 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys

2012-10-15 19:05 . 2001-08-17 18:14 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys

2012-10-15 19:04 . 2001-08-17 18:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys

2012-10-15 19:04 . 2001-09-06 19:26 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll

2012-10-15 19:04 . 2008-04-13 22:10 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys

2012-10-15 19:04 . 2001-08-17 18:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys

2012-10-15 19:04 . 2001-08-17 18:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys

2012-10-15 19:04 . 2001-08-17 19:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys

2012-10-15 19:04 . 2001-08-17 19:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys

2012-10-15 19:04 . 2001-08-17 18:50 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys

2012-10-15 19:04 . 2001-09-06 19:26 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll

2012-10-15 19:04 . 2001-08-17 20:07 32640 -c--a-w- c:\windows\system32\dllcache\symc8xx.sys

2012-10-15 19:04 . 2001-08-17 20:07 16256 -c--a-w- c:\windows\system32\dllcache\symc810.sys

2012-10-15 19:02 . 2001-08-17 18:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys

2012-10-15 19:02 . 2001-09-06 19:27 99840 -c--a-w- c:\windows\system32\dllcache\srusd.dll

2012-10-15 19:02 . 2001-09-06 19:27 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll

2012-10-15 19:02 . 2001-08-17 19:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys

2012-10-15 19:02 . 2001-09-06 19:27 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll

2012-10-15 19:02 . 2001-08-17 20:07 19072 -c--a-w- c:\windows\system32\dllcache\sparrow.sys

2012-10-15 19:02 . 2001-08-17 19:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys

2012-10-15 19:02 . 2001-08-17 18:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys

2012-10-15 19:02 . 2001-09-06 19:27 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll

2012-10-15 19:02 . 2001-08-17 18:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys

2012-10-15 19:00 . 2001-09-06 19:27 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll

2012-10-15 18:59 . 2001-09-06 18:49 161760 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys

2012-10-15 18:58 . 2001-08-17 18:50 75392 -c--a-w- c:\windows\system32\dllcache\s3savmxm.sys

2012-10-15 18:57 . 2001-08-17 18:19 30720 -c--a-w- c:\windows\system32\dllcache\rthwcls.sys

2012-10-15 18:56 . 2001-08-17 19:52 49024 -c--a-w- c:\windows\system32\dllcache\ql1280.sys

2012-10-15 18:55 . 2001-09-06 19:27 121344 -c--a-w- c:\windows\system32\dllcache\phvfwext.dll

2012-10-15 18:54 . 2008-04-13 20:05 29502 -c--a-w- c:\windows\system32\dllcache\pca200e.sys

2012-10-15 18:54 . 2001-08-17 18:12 30495 -c--a-w- c:\windows\system32\dllcache\pc100nds.sys

2012-10-15 18:54 . 2001-09-06 19:27 42496 -c--a-w- c:\windows\system32\dllcache\ovui2rc.dll

2012-10-15 18:54 . 2001-09-06 19:27 44544 -c--a-w- c:\windows\system32\dllcache\ovui2.dll

2012-10-15 18:54 . 2001-08-17 20:05 25216 -c--a-w- c:\windows\system32\dllcache\ovsound2.sys

2012-10-15 18:54 . 2001-09-06 19:27 39424 -c--a-w- c:\windows\system32\dllcache\ovcoms.exe

2012-10-15 18:54 . 2001-09-06 19:27 20480 -c--a-w- c:\windows\system32\dllcache\ovcomc.dll

2012-10-15 18:54 . 2001-08-17 20:05 351616 -c--a-w- c:\windows\system32\dllcache\ovcodek2.sys

2012-10-15 18:54 . 2001-09-06 19:27 116736 -c--a-w- c:\windows\system32\dllcache\ovcodec2.dll

2012-10-15 18:54 . 2001-08-17 20:05 31872 -c--a-w- c:\windows\system32\dllcache\ovce.sys

2012-10-15 18:54 . 2001-08-17 20:05 28032 -c--a-w- c:\windows\system32\dllcache\ovcd.sys

2012-10-15 18:54 . 2001-08-17 20:05 48000 -c--a-w- c:\windows\system32\dllcache\ovcam2.sys

2012-10-15 18:54 . 2001-08-17 20:05 25088 -c--a-w- c:\windows\system32\dllcache\ovca.sys

2012-10-15 18:52 . 2001-08-17 18:20 126080 -c--a-w- c:\windows\system32\dllcache\nm5a2wdm.sys

2012-10-15 18:51 . 2001-09-06 17:31 131072 -c--a-w- c:\windows\system32\dllcache\n100325.sys

2012-10-15 18:50 . 2001-08-17 20:00 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys

2012-10-15 18:50 . 2008-04-13 22:24 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys

2012-10-15 18:50 . 2001-08-17 20:02 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys

2012-10-15 18:50 . 2001-08-17 19:48 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys

2012-10-15 18:50 . 2008-04-13 22:16 51200 -c--a-w- c:\windows\system32\dllcache\msdv.sys

2012-10-15 18:50 . 2001-08-17 19:52 17280 -c--a-w- c:\windows\system32\dllcache\mraid35x.sys

2012-10-15 18:50 . 2008-04-13 22:16 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys

2012-10-15 18:50 . 2001-08-17 19:57 16128 -c--a-w- c:\windows\system32\dllcache\modemcsa.sys

2012-10-15 18:48 . 2001-08-17 19:28 802683 -c--a-w- c:\windows\system32\dllcache\ltsm.sys

2012-10-15 18:47 . 2001-09-06 19:26 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll

2012-10-15 18:47 . 2001-09-06 19:26 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll

2012-10-15 18:47 . 2008-04-14 20:31 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll

2012-10-15 18:47 . 2001-08-17 20:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll

2012-10-15 18:47 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll

2012-10-15 18:47 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll

2012-10-15 18:47 . 2001-08-17 19:49 26624 -c--a-w- c:\windows\system32\dllcache\irstusb.sys

2012-10-15 18:47 . 2001-08-17 19:51 18688 -c--a-w- c:\windows\system32\dllcache\irsir.sys

2012-10-15 18:47 . 2008-04-14 20:32 29184 -c--a-w- c:\windows\system32\dllcache\irmon.dll

2012-10-15 18:47 . 2001-08-17 19:49 23552 -c--a-w- c:\windows\system32\dllcache\irmk7.sys

2012-10-15 18:47 . 2008-04-14 20:33 153088 -c--a-w- c:\windows\system32\dllcache\irftp.exe

2012-10-15 18:47 . 2008-04-13 22:24 88192 -c--a-w- c:\windows\system32\dllcache\irda.sys

2012-10-15 18:47 . 2008-04-13 22:15 46592 -c--a-w- c:\windows\system32\dllcache\irbus.sys

2012-10-15 18:46 . 2001-08-17 18:12 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys

2012-10-15 18:46 . 2001-09-06 19:26 90200 -c--a-w- c:\windows\system32\dllcache\io8ports.dll

2012-10-15 18:46 . 2001-08-17 19:50 38784 -c--a-w- c:\windows\system32\dllcache\io8.sys

2012-10-15 18:46 . 2001-09-06 16:16 13568 -c--a-w- c:\windows\system32\dllcache\inport.sys

2012-10-15 18:46 . 2001-08-17 19:52 16000 -c--a-w- c:\windows\system32\dllcache\ini910u.sys

2012-10-15 18:46 . 2001-09-06 19:26 372824 -c--a-w- c:\windows\system32\dllcache\iconf32.dll

2012-10-15 18:46 . 2001-08-17 20:06 100992 -c--a-w- c:\windows\system32\dllcache\icam5usb.sys

2012-10-15 18:46 . 2001-09-06 19:26 20992 -c--a-w- c:\windows\system32\dllcache\icam5ext.dll

2012-10-15 18:46 . 2001-09-06 19:26 45056 -c--a-w- c:\windows\system32\dllcache\icam5com.dll

2012-10-15 18:46 . 2001-08-17 20:06 154496 -c--a-w- c:\windows\system32\dllcache\icam4usb.sys

2012-10-15 18:46 . 2001-09-06 19:26 62976 -c--a-w- c:\windows\system32\dllcache\icam4ext.dll

2012-10-15 18:44 . 2001-08-17 19:28 57471 -c--a-w- c:\windows\system32\dllcache\hsf_samp.sys

2012-10-15 18:43 . 2001-08-17 20:02 2688 -c--a-w- c:\windows\system32\dllcache\hidswvd.sys

2012-10-15 18:42 . 2001-08-17 18:15 455680 -c--a-w- c:\windows\system32\dllcache\fus2base.sys

2012-10-15 18:41 . 2001-08-17 18:19 63360 -c--a-w- c:\windows\system32\dllcache\ess.sys

2012-10-15 18:40 . 2001-08-17 18:12 19594 -c--a-w- c:\windows\system32\dllcache\e100isa4.sys

2012-10-15 18:39 . 2001-08-17 18:13 91305 -c--a-w- c:\windows\system32\dllcache\dimaint.sys

2012-10-15 18:38 . 2001-09-06 17:27 14848 -c--a-w- c:\windows\system32\dllcache\cyclom-y.sys

2012-10-15 18:37 . 2008-04-13 22:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys

2012-10-15 18:36 . 2001-09-06 16:47 13952 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys

2012-10-15 18:35 . 2008-04-13 20:04 73216 -c--a-w- c:\windows\system32\dllcache\atintuxx.sys

2012-10-15 18:34 . 2008-04-13 20:06 84480 -c--a-w- c:\windows\system32\dllcache\ac97via.sys

2012-10-15 06:45 . 2012-09-19 19:38 167424 ----a-w- c:\windows\zoek-delete.exe

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-09 18:24 . 2012-07-01 14:09 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-10-09 18:24 . 2012-07-01 14:09 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-08-28 15:17 . 2008-04-15 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-08-28 15:17 . 2008-04-15 12:00 43520 ------w- c:\windows\system32\licmgr10.dll

2012-08-28 15:17 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-08-28 12:07 . 2008-04-15 12:00 385024 ------w- c:\windows\system32\html.iec

2012-08-24 13:53 . 2008-04-15 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-08-23 06:27 . 2008-04-15 12:00 2153472 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-23 06:27 . 2008-04-14 22:11 2032128 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-07-23 15:40 . 2012-07-23 15:40 1060864 ----a-w- c:\windows\system32\mfc71.dll

2011-06-09 10:03 . 2011-08-09 10:34 3486088 -c--a-w- c:\program files\Common Files\ApnToolbarInstaller.exe

2011-06-09 10:03 . 2011-08-09 10:34 143240 -c--a-w- c:\program files\Common Files\ApnStub.exe

2010-01-26 09:11 . 2011-08-09 10:34 444283 -c--a-w- c:\program files\Common Files\WinPcapNmap.exe

2011-04-14 16:57 . 2011-06-18 13:02 142296 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2008-04-15 12:00 94784 -csh--w- c:\windows\twain.dll

2008-04-15 12:00 50688 --sh--w- c:\windows\twain_32.dll

2008-04-15 12:00 57344 -csh--w- c:\windows\system32\msvcirt.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{90b49673-5506-483e-b92b-ca0265bd9ca8}]

2010-12-09 11:51 3911776 ----a-w- c:\program files\IMVU_Inc\tbIMVU.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{90b49673-5506-483e-b92b-ca0265bd9ca8}"= "c:\program files\IMVU_Inc\tbIMVU.dll" [2010-12-09 3911776]

.

[HKEY_CLASSES_ROOT\clsid\{90b49673-5506-483e-b92b-ca0265bd9ca8}]

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{90B49673-5506-483E-B92B-CA0265BD9CA8}"= "c:\program files\IMVU_Inc\tbIMVU.dll" [2010-12-09 3911776]

.

[HKEY_CLASSES_ROOT\clsid\{90b49673-5506-483e-b92b-ca0265bd9ca8}]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-08-04 196608]

"CXMon"="c:\program files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe" [2001-08-09 45056]

"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"hpqSRMon"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 98304]

"APVXDWIN"="c:\program files\Panda Security\Panda Antivirus Pro 2013\APVXDWIN.EXE" [2012-06-21 1053984]

"SCANINICIO"="c:\program files\Panda Security\Panda Antivirus Pro 2013\Inicio.exe" [2012-06-08 70432]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]

"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-10-10 296096]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLinkedConnections"= 1 (0x1)

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]

2010-03-24 10:55 55552 ----a-w- c:\windows\system32\avldr.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]

@="Service"

.

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Start^Programma's^Opstarten^Adobe Gamma.lnk]

backup=c:\windows\pss\Adobe Gamma.lnkStartup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk]

backup=c:\windows\pss\Windows Search.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk]

backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-07-11 19:00 919008 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2012-07-31 11:20 38872 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]

2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

2007-06-01 08:21 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]

2011-04-28 23:24 934800 ----a-w- c:\program files\Samsung\Kies\KiesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]

2011-04-28 23:24 19856 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]

2011-04-28 23:24 3373968 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ThrustTSR]

2000-10-11 22:15 151552 ----a-w- c:\program files\ThrustMaster\ThrustMapper\TMTMTSR.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]

2010-06-24 14:41 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"TomTomHOMEService"=2 (0x2)

"StarWindServiceAE"=2 (0x2)

"ose"=3 (0x3)

"odserv"=3 (0x3)

"NMIndexingService"=3 (0x3)

"Microsoft Office Groove Audit Service"=3 (0x3)

"MDM"=2 (0x2)

"idsvc"=3 (0x3)

"IDriverT"=3 (0x3)

"gupdatem"=3 (0x3)

"gupdate"=2 (0x2)

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"d:\\Games\\GP4\\GP4.exe"=

"c:\\Program Files\\FrostWire\\FrostWire.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\{722B4A13-F24D-43AE-8813-5DB82C0B23C2}\\setup\\hpznui01.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpfcCopy.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpiscnapp.exe"=

"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqsudi.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqpsapp.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqpse.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqgplgtupl.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqgpc01.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqusgm.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqusgh.exe"=

"c:\\Program Files\\Hewlett-Packard\\HP Software Update\\hpwucli.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=

"c:\\Program Files\\eBay\\Turbo Lister2\\Tl.exe"=

"d:\\Games\\f1 2010\\F1_2010_game.exe"=

"c:\\WINDOWS\\system32\\ftp.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

.

R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [26/09/2012 19:14 26696]

R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [10/01/2012 15:57 14776]

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24/09/2010 15:18 436792]

R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [27/09/2012 20:30 83528]

R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [27/09/2012 20:30 53256]

R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [27/09/2012 20:30 22024]

R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [27/09/2012 20:30 193864]

R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [27/09/2012 20:30 159112]

R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [26/09/2012 19:13 37448]

R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [27/09/2012 20:30 46856]

R2 AmFSM;AmFSM;c:\windows\system32\drivers\amm8651.sys [26/09/2012 19:13 63240]

R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27/01/2010 4:09 50704]

R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [26/09/2012 19:13 164488]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [8/07/2012 21:41 793048]

R2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Antivirus Pro 2013\psksvc.exe [26/09/2012 19:14 28992]

R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]

R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [15/02/2006 17:51 1301568]

R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;c:\windows\system32\drivers\neti1644.sys [26/09/2012 19:13 201032]

R3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys --> c:\windows\system32\PavSRK.sys [?]

R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?]

R3 Pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [12/08/2009 20:25 47360]

S1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys --> c:\windows\system32\drivers\SBREDrv.sys [?]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [1/07/2012 16:09 250808]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [9/05/2011 17:01 121192]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [9/05/2011 17:01 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [9/05/2011 17:01 136680]

S4 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/06/2011 21:29 135664]

S4 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/06/2011 21:29 135664]

S4 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [24/06/2010 16:41 92008]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HPService REG_MULTI_SZ HPSLPSVC

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Inhoud van de 'Gedeelde Taken' map

.

2012-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-01 18:24]

.

2012-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-02 19:29]

.

2012-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-02 19:29]

.

2012-10-18 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1757981266-220523388-1177238915-500.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-07-27 12:27]

.

2012-10-18 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-220523388-1177238915-500.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-07-27 12:27]

.

2012-10-18 c:\windows\Tasks\SmartDefrag_Startup.job

- c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2011-10-28 13:26]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.hln.be/

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949}

Trusted Zone: imes.be\citrix

Trusted Zone: localhost

TCP: DhcpNameServer = 195.130.131.3 195.130.130.131

FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\yc5h7gs5.default\

FF - prefs.js: browser.search.selectedEngine - Web Search

FF - prefs.js: browser.startup.homepage - hxxp://startsear.ch/?aff=1&cf=80fb3fac-60b3-11e1-abf4-0011092bd3d1

FF - prefs.js: keyword.URL - hxxp://startsear.ch/?aff=1&src=sp&cf=80fb3fac-60b3-11e1-abf4-0011092bd3d1&q=

FF - ExtSQL: 2012-10-10 21:26; {0153E448-190B-4987-BDE1-F256CADA672F}; c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF - ExtSQL: !HIDDEN! 2010-09-03 00:17; smartwebprinting@hp.com; c:\program files\Hewlett-Packard\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

- - - - ORPHANS VERWIJDERD - - - -

.

HKLM-Run-Cmaudio - cmicnfg.cpl

MSConfigStartUp-Eraser RiskMonitor - c:\program files\East-Tec Eraser 2010\Launch.exe

MSConfigStartUp-ftweak_RAMRush - c:\program files\RAMRush\RAMRush.exe

MSConfigStartUp-Malwarebytes' Anti-Malware - c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-10-18 18:52

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-1757981266-220523388-1177238915-500\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (Administrator)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ae,01,4b,2b,3c,d8,b0,4a,aa,20,0f,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,0c,bc,f7,96,22,4d,88,40,be,e0,ca,\

"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ae,01,4b,2b,3c,d8,b0,4a,aa,20,0f,\

.

[HKEY_USERS\S-1-5-21-1757981266-220523388-1177238915-500\Software\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(1100)

c:\windows\system32\Ati2evxx.dll

c:\windows\system32\atiadlxx.dll

c:\windows\system32\avldr.dll

.

- - - - - - - > 'explorer.exe'(5444)

c:\windows\system32\msi.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

c:\program files\Panda Security\Panda Antivirus Pro 2013\PavTrc.dll

.

Voltooingstijd: 2012-10-18 18:55:23

ComboFix-quarantined-files.txt 2012-10-18 16:55

.

Pre-Run: 16.521.834.496 bytes beschikbaar

Post-Run: 16.542.109.696 bytes beschikbaar

.

- - End Of File - - BAF06A1779673E6805469F93C8C21F34

Link naar reactie
Delen op andere sites

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Registry::

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{90b49673-5506-483e-b92b-ca0265bd9ca8}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

[-HKEY_CLASSES_ROOT\clsid\{90b49673-5506-483e-b92b-ca0265bd9ca8}]

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

[-HKEY_CLASSES_ROOT\clsid\{90b49673-5506-483e-b92b-ca0265bd9ca8}]

Firefox::

FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\yc5h7gs5.default\

FF - prefs.js: browser.search.selectedEngine -

FF - prefs.js: browser.startup.homepage -

FF - prefs.js: keyword.URL -

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites

Ziehier de nieuwe ComboFix log :

ComboFix 12-10-18.03 - Administrator 18/10/2012 20:50:56.4.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2047.1353 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Administrator\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Administrator\Bureaublad\CFScript.txt

AV: Panda Antivirus Pro 2013 *Disabled/Updated* {EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A}

FW: Panda Personal Firewall 2013 *Disabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-09-18 to 2012-10-18 ))))))))))))))))))))))))))))))

.

.

2012-10-15 19:11 . 2008-04-14 20:32 116736 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll

2012-10-15 19:10 . 2001-09-06 19:27 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll

2012-10-15 19:10 . 2008-04-14 20:32 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll

2012-10-15 19:10 . 2001-09-06 19:27 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe

2012-10-15 19:10 . 2001-09-06 19:27 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe

2012-10-15 19:10 . 2001-09-06 19:27 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe

2012-10-15 19:10 . 2001-08-17 18:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys

2012-10-15 19:10 . 2008-04-13 20:04 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys

2012-10-15 19:10 . 2008-04-13 22:16 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys

2012-10-15 19:10 . 2008-04-13 20:04 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys

2012-10-15 19:10 . 2008-04-14 20:32 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll

2012-10-15 19:10 . 2008-04-13 22:06 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys

2012-10-15 19:10 . 2008-04-13 20:05 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys

2012-10-15 19:08 . 2001-08-17 18:13 16925 -c--a-w- c:\windows\system32\dllcache\w940nd.sys

2012-10-15 19:07 . 2001-08-17 19:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys

2012-10-15 19:06 . 2001-08-17 19:58 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys

2012-10-15 19:06 . 2001-09-06 19:27 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll

2012-10-15 19:06 . 2001-09-06 19:27 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll

2012-10-15 19:06 . 2001-09-06 19:27 212480 -c--a-w- c:\windows\system32\dllcache\um54scan.dll

2012-10-15 19:06 . 2001-09-06 19:27 216576 -c--a-w- c:\windows\system32\dllcache\um34scan.dll

2012-10-15 19:06 . 2001-08-17 19:52 36736 -c--a-w- c:\windows\system32\dllcache\ultra.sys

2012-10-15 19:06 . 2008-04-13 22:06 44672 -c--a-w- c:\windows\system32\dllcache\uagp35.sys

2012-10-15 19:06 . 2001-08-17 19:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys

2012-10-15 19:06 . 2001-08-17 18:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys

2012-10-15 19:06 . 2001-09-06 19:27 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll

2012-10-15 19:06 . 2001-08-17 18:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys

2012-10-15 19:05 . 2001-09-06 19:26 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll

2012-10-15 19:05 . 2001-08-17 18:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys

2012-10-15 19:05 . 2001-09-06 19:26 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll

2012-10-15 19:05 . 2001-08-17 18:12 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys

2012-10-15 19:05 . 2001-09-06 19:26 43008 -c--a-w- c:\windows\system32\dllcache\tp4res.dll

2012-10-15 19:05 . 2008-04-14 20:33 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe

2012-10-15 19:05 . 2001-09-06 19:27 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll

2012-10-15 19:05 . 2001-09-06 16:37 4992 -c--a-w- c:\windows\system32\dllcache\toside.sys

2012-10-15 19:05 . 2001-08-17 20:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys

2012-10-15 19:05 . 2001-08-17 20:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys

2012-10-15 19:05 . 2001-08-17 18:10 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys

2012-10-15 19:05 . 2001-08-17 18:14 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys

2012-10-15 19:04 . 2001-08-17 18:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys

2012-10-15 19:04 . 2001-09-06 19:26 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll

2012-10-15 19:04 . 2008-04-13 22:10 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys

2012-10-15 19:04 . 2001-08-17 18:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys

2012-10-15 19:04 . 2001-08-17 18:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys

2012-10-15 19:04 . 2001-08-17 19:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys

2012-10-15 19:04 . 2001-08-17 19:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys

2012-10-15 19:04 . 2001-08-17 18:50 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys

2012-10-15 19:04 . 2001-09-06 19:26 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll

2012-10-15 19:04 . 2001-08-17 20:07 32640 -c--a-w- c:\windows\system32\dllcache\symc8xx.sys

2012-10-15 19:04 . 2001-08-17 20:07 16256 -c--a-w- c:\windows\system32\dllcache\symc810.sys

2012-10-15 19:02 . 2001-08-17 18:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys

2012-10-15 19:02 . 2001-09-06 19:27 99840 -c--a-w- c:\windows\system32\dllcache\srusd.dll

2012-10-15 19:02 . 2001-09-06 19:27 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll

2012-10-15 19:02 . 2001-08-17 19:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys

2012-10-15 19:02 . 2001-09-06 19:27 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll

2012-10-15 19:02 . 2001-08-17 20:07 19072 -c--a-w- c:\windows\system32\dllcache\sparrow.sys

2012-10-15 19:02 . 2001-08-17 19:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys

2012-10-15 19:02 . 2001-08-17 18:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys

2012-10-15 19:02 . 2001-09-06 19:27 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll

2012-10-15 19:02 . 2001-08-17 18:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys

2012-10-15 19:00 . 2001-09-06 19:27 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll

2012-10-15 18:59 . 2001-09-06 18:49 161760 -c--a-w- c:\windows\system32\dllcache\sgsmusb.sys

2012-10-15 18:58 . 2001-08-17 18:50 75392 -c--a-w- c:\windows\system32\dllcache\s3savmxm.sys

2012-10-15 18:57 . 2001-08-17 18:19 30720 -c--a-w- c:\windows\system32\dllcache\rthwcls.sys

2012-10-15 18:56 . 2001-08-17 19:52 49024 -c--a-w- c:\windows\system32\dllcache\ql1280.sys

2012-10-15 18:55 . 2001-09-06 19:27 121344 -c--a-w- c:\windows\system32\dllcache\phvfwext.dll

2012-10-15 18:54 . 2008-04-13 20:05 29502 -c--a-w- c:\windows\system32\dllcache\pca200e.sys

2012-10-15 18:54 . 2001-08-17 18:12 30495 -c--a-w- c:\windows\system32\dllcache\pc100nds.sys

2012-10-15 18:54 . 2001-09-06 19:27 42496 -c--a-w- c:\windows\system32\dllcache\ovui2rc.dll

2012-10-15 18:54 . 2001-09-06 19:27 44544 -c--a-w- c:\windows\system32\dllcache\ovui2.dll

2012-10-15 18:54 . 2001-08-17 20:05 25216 -c--a-w- c:\windows\system32\dllcache\ovsound2.sys

2012-10-15 18:54 . 2001-09-06 19:27 39424 -c--a-w- c:\windows\system32\dllcache\ovcoms.exe

2012-10-15 18:54 . 2001-09-06 19:27 20480 -c--a-w- c:\windows\system32\dllcache\ovcomc.dll

2012-10-15 18:54 . 2001-08-17 20:05 351616 -c--a-w- c:\windows\system32\dllcache\ovcodek2.sys

2012-10-15 18:54 . 2001-09-06 19:27 116736 -c--a-w- c:\windows\system32\dllcache\ovcodec2.dll

2012-10-15 18:54 . 2001-08-17 20:05 31872 -c--a-w- c:\windows\system32\dllcache\ovce.sys

2012-10-15 18:54 . 2001-08-17 20:05 28032 -c--a-w- c:\windows\system32\dllcache\ovcd.sys

2012-10-15 18:54 . 2001-08-17 20:05 48000 -c--a-w- c:\windows\system32\dllcache\ovcam2.sys

2012-10-15 18:54 . 2001-08-17 20:05 25088 -c--a-w- c:\windows\system32\dllcache\ovca.sys

2012-10-15 18:52 . 2001-08-17 18:20 126080 -c--a-w- c:\windows\system32\dllcache\nm5a2wdm.sys

2012-10-15 18:51 . 2001-09-06 17:31 131072 -c--a-w- c:\windows\system32\dllcache\n100325.sys

2012-10-15 18:50 . 2001-08-17 20:00 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys

2012-10-15 18:50 . 2008-04-13 22:24 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys

2012-10-15 18:50 . 2001-08-17 20:02 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys

2012-10-15 18:50 . 2001-08-17 19:48 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys

2012-10-15 18:50 . 2008-04-13 22:16 51200 -c--a-w- c:\windows\system32\dllcache\msdv.sys

2012-10-15 18:50 . 2001-08-17 19:52 17280 -c--a-w- c:\windows\system32\dllcache\mraid35x.sys

2012-10-15 18:50 . 2008-04-13 22:16 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys

2012-10-15 18:50 . 2001-08-17 19:57 16128 -c--a-w- c:\windows\system32\dllcache\modemcsa.sys

2012-10-15 18:48 . 2001-08-17 19:28 802683 -c--a-w- c:\windows\system32\dllcache\ltsm.sys

2012-10-15 18:47 . 2001-09-06 19:26 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll

2012-10-15 18:47 . 2001-09-06 19:26 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll

2012-10-15 18:47 . 2008-04-14 20:31 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll

2012-10-15 18:47 . 2001-08-17 20:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll

2012-10-15 18:47 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll

2012-10-15 18:47 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll

2012-10-15 18:47 . 2001-08-17 19:49 26624 -c--a-w- c:\windows\system32\dllcache\irstusb.sys

2012-10-15 18:47 . 2001-08-17 19:51 18688 -c--a-w- c:\windows\system32\dllcache\irsir.sys

2012-10-15 18:47 . 2008-04-14 20:32 29184 -c--a-w- c:\windows\system32\dllcache\irmon.dll

2012-10-15 18:47 . 2001-08-17 19:49 23552 -c--a-w- c:\windows\system32\dllcache\irmk7.sys

2012-10-15 18:47 . 2008-04-14 20:33 153088 -c--a-w- c:\windows\system32\dllcache\irftp.exe

2012-10-15 18:47 . 2008-04-13 22:24 88192 -c--a-w- c:\windows\system32\dllcache\irda.sys

2012-10-15 18:47 . 2008-04-13 22:15 46592 -c--a-w- c:\windows\system32\dllcache\irbus.sys

2012-10-15 18:46 . 2001-08-17 18:12 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys

2012-10-15 18:46 . 2001-09-06 19:26 90200 -c--a-w- c:\windows\system32\dllcache\io8ports.dll

2012-10-15 18:46 . 2001-08-17 19:50 38784 -c--a-w- c:\windows\system32\dllcache\io8.sys

2012-10-15 18:46 . 2001-09-06 16:16 13568 -c--a-w- c:\windows\system32\dllcache\inport.sys

2012-10-15 18:46 . 2001-08-17 19:52 16000 -c--a-w- c:\windows\system32\dllcache\ini910u.sys

2012-10-15 18:46 . 2001-09-06 19:26 372824 -c--a-w- c:\windows\system32\dllcache\iconf32.dll

2012-10-15 18:46 . 2001-08-17 20:06 100992 -c--a-w- c:\windows\system32\dllcache\icam5usb.sys

2012-10-15 18:46 . 2001-09-06 19:26 20992 -c--a-w- c:\windows\system32\dllcache\icam5ext.dll

2012-10-15 18:46 . 2001-09-06 19:26 45056 -c--a-w- c:\windows\system32\dllcache\icam5com.dll

2012-10-15 18:46 . 2001-08-17 20:06 154496 -c--a-w- c:\windows\system32\dllcache\icam4usb.sys

2012-10-15 18:46 . 2001-09-06 19:26 62976 -c--a-w- c:\windows\system32\dllcache\icam4ext.dll

2012-10-15 18:44 . 2001-08-17 19:28 57471 -c--a-w- c:\windows\system32\dllcache\hsf_samp.sys

2012-10-15 18:43 . 2001-08-17 20:02 2688 -c--a-w- c:\windows\system32\dllcache\hidswvd.sys

2012-10-15 18:42 . 2001-08-17 18:15 455680 -c--a-w- c:\windows\system32\dllcache\fus2base.sys

2012-10-15 18:41 . 2001-08-17 18:19 63360 -c--a-w- c:\windows\system32\dllcache\ess.sys

2012-10-15 18:40 . 2001-08-17 18:12 19594 -c--a-w- c:\windows\system32\dllcache\e100isa4.sys

2012-10-15 18:39 . 2001-08-17 18:13 91305 -c--a-w- c:\windows\system32\dllcache\dimaint.sys

2012-10-15 18:38 . 2001-09-06 17:27 14848 -c--a-w- c:\windows\system32\dllcache\cyclom-y.sys

2012-10-15 18:37 . 2008-04-13 22:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys

2012-10-15 18:36 . 2001-09-06 16:47 13952 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys

2012-10-15 18:35 . 2008-04-13 20:04 73216 -c--a-w- c:\windows\system32\dllcache\atintuxx.sys

2012-10-15 18:34 . 2008-04-13 20:06 84480 -c--a-w- c:\windows\system32\dllcache\ac97via.sys

2012-10-15 06:45 . 2012-09-19 19:38 167424 ----a-w- c:\windows\zoek-delete.exe

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-09 18:24 . 2012-07-01 14:09 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-10-09 18:24 . 2012-07-01 14:09 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-08-28 15:17 . 2008-04-15 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-08-28 15:17 . 2008-04-15 12:00 43520 ------w- c:\windows\system32\licmgr10.dll

2012-08-28 15:17 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-08-28 12:07 . 2008-04-15 12:00 385024 ------w- c:\windows\system32\html.iec

2012-08-24 13:53 . 2008-04-15 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-08-23 06:27 . 2008-04-15 12:00 2153472 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-23 06:27 . 2008-04-14 22:11 2032128 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-07-23 15:40 . 2012-07-23 15:40 1060864 ----a-w- c:\windows\system32\mfc71.dll

2011-06-09 10:03 . 2011-08-09 10:34 3486088 -c--a-w- c:\program files\Common Files\ApnToolbarInstaller.exe

2011-06-09 10:03 . 2011-08-09 10:34 143240 -c--a-w- c:\program files\Common Files\ApnStub.exe

2010-01-26 09:11 . 2011-08-09 10:34 444283 -c--a-w- c:\program files\Common Files\WinPcapNmap.exe

2011-04-14 16:57 . 2011-06-18 13:02 142296 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2008-04-15 12:00 94784 -csh--w- c:\windows\twain.dll

2008-04-15 12:00 50688 --sh--w- c:\windows\twain_32.dll

2008-04-15 12:00 57344 -csh--w- c:\windows\system32\msvcirt.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-08-04 196608]

"CXMon"="c:\program files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe" [2001-08-09 45056]

"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"hpqSRMon"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 98304]

"APVXDWIN"="c:\program files\Panda Security\Panda Antivirus Pro 2013\APVXDWIN.EXE" [2012-06-21 1053984]

"SCANINICIO"="c:\program files\Panda Security\Panda Antivirus Pro 2013\Inicio.exe" [2012-06-08 70432]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]

"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-10-10 296096]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLinkedConnections"= 1 (0x1)

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]

2010-03-24 10:55 55552 ----a-w- c:\windows\system32\avldr.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0SmartDefragBootTime.exe

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]

@="Service"

.

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Start^Programma's^Opstarten^Adobe Gamma.lnk]

backup=c:\windows\pss\Adobe Gamma.lnkStartup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk]

backup=c:\windows\pss\Windows Search.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk]

backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-07-11 19:00 919008 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2012-07-31 11:20 38872 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]

2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

2007-06-01 08:21 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]

2011-04-28 23:24 934800 ----a-w- c:\program files\Samsung\Kies\KiesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]

2011-04-28 23:24 19856 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]

2011-04-28 23:24 3373968 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ThrustTSR]

2000-10-11 22:15 151552 ----a-w- c:\program files\ThrustMaster\ThrustMapper\TMTMTSR.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]

2010-06-24 14:41 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"TomTomHOMEService"=2 (0x2)

"StarWindServiceAE"=2 (0x2)

"ose"=3 (0x3)

"odserv"=3 (0x3)

"NMIndexingService"=3 (0x3)

"Microsoft Office Groove Audit Service"=3 (0x3)

"MDM"=2 (0x2)

"idsvc"=3 (0x3)

"IDriverT"=3 (0x3)

"gupdatem"=3 (0x3)

"gupdate"=2 (0x2)

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"d:\\Games\\GP4\\GP4.exe"=

"c:\\Program Files\\FrostWire\\FrostWire.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\{722B4A13-F24D-43AE-8813-5DB82C0B23C2}\\setup\\hpznui01.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpfcCopy.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpiscnapp.exe"=

"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqsudi.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqpsapp.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqpse.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqgplgtupl.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqgpc01.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqusgm.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqusgh.exe"=

"c:\\Program Files\\Hewlett-Packard\\HP Software Update\\hpwucli.exe"=

"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=

"c:\\Program Files\\eBay\\Turbo Lister2\\Tl.exe"=

"d:\\Games\\f1 2010\\F1_2010_game.exe"=

"c:\\WINDOWS\\system32\\ftp.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

.

R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [26/09/2012 19:14 26696]

R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [10/01/2012 15:57 14776]

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24/09/2010 15:18 436792]

R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [27/09/2012 20:30 83528]

R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [27/09/2012 20:30 53256]

R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [27/09/2012 20:30 22024]

R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [27/09/2012 20:30 193864]

R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [27/09/2012 20:30 159112]

R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [26/09/2012 19:13 37448]

R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [27/09/2012 20:30 46856]

R2 AmFSM;AmFSM;c:\windows\system32\drivers\amm8651.sys [26/09/2012 19:13 63240]

R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27/01/2010 4:09 50704]

R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [26/09/2012 19:13 164488]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [8/07/2012 21:41 793048]

R2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Antivirus Pro 2013\psksvc.exe [26/09/2012 19:14 28992]

R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]

R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [15/02/2006 17:51 1301568]

R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;c:\windows\system32\drivers\neti1644.sys [26/09/2012 19:13 201032]

R3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavSRK.sys --> c:\windows\system32\PavSRK.sys [?]

R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?]

R3 Pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [12/08/2009 20:25 47360]

S1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys --> c:\windows\system32\drivers\SBREDrv.sys [?]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [1/07/2012 16:09 250808]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [9/05/2011 17:01 121192]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [9/05/2011 17:01 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [9/05/2011 17:01 136680]

S4 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/06/2011 21:29 135664]

S4 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/06/2011 21:29 135664]

S4 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [24/06/2010 16:41 92008]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HPService REG_MULTI_SZ HPSLPSVC

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Inhoud van de 'Gedeelde Taken' map

.

2012-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-01 18:24]

.

2012-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-02 19:29]

.

2012-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-02 19:29]

.

2012-10-18 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1757981266-220523388-1177238915-500.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-07-27 12:27]

.

2012-10-18 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-220523388-1177238915-500.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-07-27 12:27]

.

2012-10-18 c:\windows\Tasks\SmartDefrag_Startup.job

- c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2011-10-28 13:26]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.hln.be/

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949}

Trusted Zone: imes.be\citrix

Trusted Zone: localhost

TCP: DhcpNameServer = 195.130.131.3 195.130.130.131

FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\yc5h7gs5.default\

FF - ExtSQL: 2012-10-10 21:26; {0153E448-190B-4987-BDE1-F256CADA672F}; c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF - ExtSQL: !HIDDEN! 2010-09-03 00:17; smartwebprinting@hp.com; c:\program files\Hewlett-Packard\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-10-18 20:58

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-1757981266-220523388-1177238915-500\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (Administrator)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ae,01,4b,2b,3c,d8,b0,4a,aa,20,0f,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,0c,bc,f7,96,22,4d,88,40,be,e0,ca,\

"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ae,01,4b,2b,3c,d8,b0,4a,aa,20,0f,\

.

[HKEY_USERS\S-1-5-21-1757981266-220523388-1177238915-500\Software\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(1100)

c:\windows\system32\Ati2evxx.dll

c:\windows\system32\atiadlxx.dll

c:\windows\system32\avldr.dll

.

- - - - - - - > 'explorer.exe'(7084)

c:\windows\system32\msi.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

c:\program files\Panda Security\Panda Antivirus Pro 2013\PavTrc.dll

.

Voltooingstijd: 2012-10-18 21:00:32

ComboFix-quarantined-files.txt 2012-10-18 19:00

ComboFix2.txt 2012-10-18 16:55

.

Pre-Run: 16.430.223.360 bytes beschikbaar

Post-Run: 16.480.571.392 bytes beschikbaar

.

- - End Of File - - 9EC7B1EDC588A2848B9A18DCF360C1DD

Link naar reactie
Delen op andere sites

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht/Programma’s en bestanden zoeken en typ daar: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.