Volledige versie bekijken : check dit even!!
Timon22 28 September 2008, 09:27 er komt hier nu een raar rood schild langs onderen rechts, en het is niet dat hij niet beveiligd is want als ik erop klik stuurt hij mij naar een site dat ik niet wil!!
naar deze site:
http://nl.virusremover2008.com/2009/1/?cmpname=swpzloyiq&gai=swpzlig&gli=7230&gff=pp_539665060&va=swpzlig&vl=7230&vf=pp_539665060&mt_info=6314_9719_26403&rdr=1
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:25:40, on 28/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\arservice.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\a.exe
C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\f.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_BE&c=64&bd=PAVILION&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\WINDOWS\system32\msxml71.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ANTIVIRUS] C:\Program Files\SAV\sav.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ANTIVIRUS] C:\Program Files\SAV\sav.exe
O4 - HKCU\..\Run: [Somefox] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\a.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picassa\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picassa\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://liefmaske1.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://liefmaske1.spaces.live.com/PhotoUpload/MsnPUpld.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 11445 bytes
heb ook een malwarebytes log:
Malwarebytes' Anti-Malware 1.28
Database versie: 1217
Windows 5.1.2600 Service Pack 2
28/09/2008 12:48:49
mbam-log-2008-09-28 (12-48-44).txt
Scan type: Volledige Scan (C:\|D:\|)
Objecten gescand: 159809
Verstreken tijd: 47 minute(s), 38 second(s)
Geheugenprocessen geïnfecteerd: 1
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 5
Registerwaarden geïnfecteerd: 3
Registerdata bestanden geïnfecteerd: 2
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 7
Geheugenprocessen geïnfecteerd:
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\f.exe (Trojan.FakeAlert) -> No action taken.
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registersleutels geïnfecteerd:
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> No action taken.
Registerwaarden geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\antivirus (Rogue.SystemAntivirus) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\antivirus (Rogue.SystemAntivirus) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\Somefox (Trojan.FakeAlert) -> No action taken.
Registerdata bestanden geïnfecteerd:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SecurityProviders\SecurityProviders (Broken.SecurityProviders) -> Bad: (msapsspc.dll schannel.dll digest.dll msnsspc.dll) Good: (msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll) -> No action taken.
HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("%1" %*) Good: ("%1" /S) -> No action taken.
Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Bestanden geïnfecteerd:
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\f.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> No action taken.
C:\Program Files\SAV\SAV.exe (Rogue.SystemAntivirus) -> No action taken.
C:\Program Files\SAV\sav0.dat (Rogue.SystemAntivirus) -> No action taken.
C:\Program Files\SAV\sav1.dat (Rogue.SystemAntivirus) -> No action taken.
C:\Program Files\SAV\sav.ooo (Rogue.SystemAntivirus) -> No action taken.
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\a.exe (Trojan.FakeAlert) -> No action taken.
dit is de foto van het schild:
http://img215.imageshack.us/img215/9034/naamloosnp9.jpg (http://imageshack.us)
http://img215.imageshack.us/img215/9034/naamloosnp9.9cfe9e303c.jpg (http://g.imageshack.us/g.php?h=215&i=naamloosnp9.jpg)
Rosty 28 September 2008, 19:36 Doe nog eens de scan met MBAM en doe volgende:
Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".
Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.
Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder)
De log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in MBAM.
Kopieer en plak de inhoud van het logje in je volgend antwoord, samen met een nieuw HijackThis log.
Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken.
Daarna zal het vragen om de Computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.[/list]
Timon22 29 September 2008, 17:36 malware log:
Malwarebytes' Anti-Malware 1.28
Database versie: 1217
Windows 5.1.2600 Service Pack 2
29/09/2008 17:27:17
mbam-log-2008-09-29 (17-27-17).txt
Scan type: Snelle Scan
Objecten gescand: 69303
Verstreken tijd: 12 minute(s), 0 second(s)
Geheugenprocessen geïnfecteerd: 1
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 5
Registerwaarden geïnfecteerd: 3
Registerdata bestanden geïnfecteerd: 2
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 3
Geheugenprocessen geïnfecteerd:
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\f.exe (Trojan.FakeAlert) -> Unloaded process successfully.
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registersleutels geïnfecteerd:
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registerwaarden geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\antivirus (Rogue.SystemAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\antivirus (Rogue.SystemAntivirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\Somefox (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registerdata bestanden geïnfecteerd:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SecurityProviders\SecurityProviders (Broken.SecurityProviders) -> Bad: (msapsspc.dll schannel.dll digest.dll msnsspc.dll) Good: (msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("%1" %*) Good: ("%1" /S) -> Quarantined and deleted successfully.
Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Bestanden geïnfecteerd:
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\f.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\a.exe (Trojan.FakeAlert) -> Delete on reboot.
hijackthis logje:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:34:46, on 29/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\PSIService.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\WINDOWS\System32\PAStiSvc.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_BE&c=64&bd=PAVILION&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picassa\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picassa\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://liefmaske1.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://liefmaske1.spaces.live.com/PhotoUpload/MsnPUpld.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 11154 bytes
dat rood schild langs onderen rechts is al weg.
wat nu ook wel opvalt is dat sommige pictogrammen op mijn bureaublad lang niet het fotootje tonen, duurt lang tegen dat ze gelaad zijn.
dit is het resultaat van een anti virus scan:
http://img515.imageshack.us/img515/1739/naamloosde0.jpg (http://imageshack.us)
http://img515.imageshack.us/img515/naamloosde0.jpg/1/w1440.png (http://g.imageshack.us/img515/naamloosde0.jpg/1/)
groeten timon
Rosty 29 September 2008, 21:10 Hoi,
Lees alvast deze Preventie pagina (http://users.telenet.be/bluepatchy/miekiemoes/preventie.html) met info en tips hoe dit in de toekomst te voorkomen.
En lees deze pagina (http://users.telenet.be/bluepatchy/miekiemoes/tragecomputer.html) om je computer terug te optimaliseren na het verwijderen van malware.
Extra nota: Zorg ervoor dat je programma's up to date zijn - want oudere versies kunnen Security Leaks bevatten. Om na te gaan welke programma's je moet updaten, voer de Secunia Software Inspector (http://secunia.com/software_inspector/) Scan uit.
Timon22 30 September 2008, 16:03 anders alles goed met pc?
Rosty 30 September 2008, 20:28 anders alles goed met pc?
Zie geen malware meer hoor.
Timon22 1 October 2008, 17:44 geen andere brol niet meer?
want er is iets op mijn pc
er staat ms office 2007 entreprise en ms office 2007 professional op.
die staan beiden in mijn software lijst. Vroeger stond er entreprise in en nu enkel nog professional, maar krijg die entreprise niet uit mijn software lijst.
Rosty 1 October 2008, 18:10 geen andere brol niet meer?
want er is iets op mijn pc
er staat ms office 2007 entreprise en ms office 2007 professional op.
die staan beiden in mijn software lijst. Vroeger stond er entreprise in en nu enkel nog professional, maar krijg die entreprise niet uit mijn software lijst.
Leg dat nu eens verstaanbaar uit, aub? Ze staan beiden in je softwarelijst zeg je entreprise en professional! Entreprise staat er niet meer in, in je lijst, en krijg je toch niet verwijderd uit je lijst?
Timon22 1 October 2008, 18:24 eerst stond er entreprise op mijn pc. ik wou dat verwijderen, maar dat lukte niet.
ondertussen heb ik professional op mijn pc staan.
maar nu wil ik entreprise uit de lijst van software krijgen, zodanig dat het volledig van mijn pc is.
mvg
timon
Rosty 1 October 2008, 18:27 probeer eens via de zoekfunctie: start -- zoeken -- alle bestanden en mappen aanvinken en entreprise intikken. verwijder alles wat je vind van entreprise.
sykke 2 October 2008, 07:38 revo uninstaller staat in de downloads,en klooi eens minder met je pc!!!
peenif 2 October 2008, 08:35 Ik zou toch maar opletten hoor, entreprise en professionel hebben nogal veel gedeelde bestanden, als men alles van entreprise gaat verwijderen zou het wel eens kunnen dat professionel het niet meer doet.
Revo Uninstaller gaat dan ook nog eens het register bekijken zowel in de veilige, gemiddelde als gevorderde modus - als er daar dan nog eens sleutels verkeerdelijk verwijderd worden zit de boel helemaal in de knoei.
In het voorjaar heb ik er een format aan overgehouden en weet dus wat de gevolgen voor mij waren, zelf zou ik het zeker zo laten.
Timon22 2 October 2008, 15:14 dat is nog niet zo noodzakelijk die ms office.
dit is de pc van mijn vriendin eh
maar wat mij nog steeds opvalt is dat die pc nog niet opstart zoals hij moet, het duurt nog iets te lang. pictogrammen laden traag, msn slaat laat aan.
dit was voor dat ik die problemen kreeg veel sneller.
mvg
timon
Rosty 2 October 2008, 20:49 Hoi,
* Bezoek volgende pagina met de instructies voor het downloaden en gebruiken van Combofix.
http://www.bleepingcomputer.com/combofix/n...ruikt-te-worden (http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden)
Voer dus de instructies op die pagina uit, dus inclusief het installeren van de XP Recovery Console.
(Indien je geen XP hebt, mag je deze stap ivm de Recovery Console overslaan)
Daarna post je de log van Combofix in je volgende post samen met een nieuw HijackThislog.
Timon22 3 October 2008, 17:54 combofix:
ComboFix 08-10-02.04 - HP_Administrator 2008-10-03 17:44:30.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.523 [GMT 2:00]
Gestart vanuit: C:\Documents and Settings\HP_Administrator\Bureaublad\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt
.
(((((((((((((((((((( Bestanden Gemaakt van 2008-09-03 to 2008-10-03 ))))))))))))))))))))))))))))))
.
2008-10-01 18:20 . 2008-10-01 18:20 <DIR> d-------- C:\Fifa 09
2008-09-28 12:53 . 2008-09-28 12:53 <DIR> d-------- C:\Program Files\YouTube Downloader
2008-09-03 13:08 . 2008-09-03 13:08 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-09-30 17:25 --------- d-----w C:\Program Files\a-squared Free
2008-09-29 17:42 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-09-28 10:51 --------- d-----w C:\Program Files\Rapidown
2008-09-28 10:51 --------- d-----w C:\Program Files\LimeWireTurbo
2008-09-28 09:38 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-09-11 18:21 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\LimeWireTurbo
2008-09-10 13:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-09 22:04 38,528 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-09 22:03 17,200 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-08-20 14:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\services
2008-08-20 14:00 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\Malwarebytes
2008-08-20 14:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-19 18:11 2,279,936 ----a-w C:\WINDOWS\system32\TUKernel.exe
2008-08-19 15:58 --------- d-----w C:\Program Files\Kruidvat - Fotoservice
2008-08-19 15:01 --------- d-----w C:\Program Files\Trend Micro
2008-08-18 07:14 --------- d-----w C:\Program Files\MSXML 6.0
2008-08-17 14:24 --------- d-----w C:\Program Files\P2P_Energy
2008-08-17 13:40 97,928 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys
2008-08-17 13:40 76,040 ----a-w C:\WINDOWS\system32\drivers\avgtdix.sys
2008-08-17 13:40 12,936 ----a-w C:\WINDOWS\system32\drivers\avgrkx86.sys
2008-08-17 13:40 10,520 ----a-w C:\WINDOWS\system32\avgrsstx.dll
2008-08-17 13:39 45,568 ----a-w C:\WINDOWS\system32\avgfwdx.dll
2008-08-17 13:39 23,296 ----a-w C:\WINDOWS\system32\drivers\avgfwdx.sys
2008-08-17 13:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8
2008-08-17 09:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET
2008-08-17 09:30 --------- d-----w C:\Program Files\Common Files\G DATA
2008-08-17 09:05 46,536 ----a-w C:\WINDOWS\system32\drivers\MiniIcpt.sys
2008-08-17 09:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-17 08:46 --------- d-----w C:\Program Files\AVG
2008-08-11 11:09 230,432 ----a-w C:\StiImg.dat
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-15 18:42 4,490,397 ----a-w C:\WINDOWS\AGButterflyScrn.SCR
2008-07-09 11:27 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\dllcache\es.dll
2007-06-27 13:44 47,360 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\pcouffin.sys
2007-09-09 09:03 22 --sha-w C:\WINDOWS\SMINST\HPCD.sys
.
((((((((((((((((((((((((((((( snapshot@2008-08-19_17.53.35.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-26 11:50:02 297,984 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 01:58:22 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 01:58:28 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 01:58:21 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 01:58:46 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 01:59:37 389,856 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2007-07-12 23:28:55 765,952 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\SP2QFE\vgx.dll
+ 2007-03-06 01:58:22 15,584 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\spmsg.dll
+ 2007-03-06 01:58:28 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\spuninst.exe
+ 2007-03-06 01:58:21 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\spcustom.dll
+ 2007-03-06 01:58:46 725,728 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update.exe
+ 2007-03-06 01:59:37 389,856 ----a-w C:\WINDOWS\$hf_mig$\KB938127-IE7\update\updspapi.dll
+ 2004-09-02 04:00:00 294,400 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\msctf.dll
+ 2007-03-06 01:58:28 216,800 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe
+ 2007-03-06 01:59:37 389,856 -c----w C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\updspapi.dll
- 2007-06-17 11:25:51 781,104 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.W ord\12.0.0.0__71e9bce111e9429c\Microsoft.Office.In terop.Word.dll
+ 2008-08-29 18:42:40 783,744 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.W ord\12.0.0.0__71e9bce111e9429c\Microsoft.Office.In terop.Word.dll
+ 2007-03-06 01:58:28 216,800 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:59:37 389,856 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\updspapi.dll
+ 2007-08-13 16:54:10 765,952 -c----w C:\WINDOWS\ie7updates\KB938127-IE7\vgx.dll
+ 2006-10-26 16:49:48 1,011,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 010090400000000000F01FEC\12.0.4518\MSDAIPP.DLL
+ 2006-10-26 16:49:46 970,528 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 010090400000000000F01FEC\12.0.4518\MSONSEXT.DLL
+ 2006-10-27 13:00:10 576,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACACEDAO.DLL
+ 2006-10-26 19:18:12 162,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACCWIZ.DLL
+ 2006-10-27 13:00:12 1,751,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACECORE.DLL
+ 2006-10-27 13:00:10 576,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACEDAO.DLL
+ 2006-10-27 13:00:06 47,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACEERR.DLL
+ 2006-10-27 13:00:08 191,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACEES.DLL
+ 2006-10-26 18:13:34 338,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACEEXCH.DLL
+ 2006-10-26 18:13:44 629,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACEEXCL.DLL
+ 2006-10-26 18:13:28 207,736 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACELTS.DLL
+ 2006-10-26 18:13:32 279,352 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACEODBC.DLL
+ 2006-10-26 18:13:08 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACEODDBS.DLL
+ 2006-10-26 18:13:08 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACEODEXL.DLL
+ 2006-10-26 18:13:08 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACEODPDX.DLL
+ 2006-10-26 18:13:12 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACEODTXT.DLL
+ 2006-10-27 13:00:06 387,960 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACEOLEDB.DLL
+ 2006-10-26 18:13:38 392,048 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACEPDE.DLL
+ 2006-10-26 18:13:30 260,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACER2X.DLL
+ 2006-10-26 18:13:32 289,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACER3X.DLL
+ 2006-10-26 18:13:20 56,120 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACERCLR.DLL
+ 2006-10-26 18:13:38 551,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACEREP.DLL
+ 2006-10-26 18:13:30 224,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACETXT.DLL
+ 2006-10-27 13:40:34 208,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACEWSS.DLL
+ 2006-10-26 18:13:34 371,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ACEXBE.DLL
+ 2006-10-27 13:41:04 399,640 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\CDLMSO.DLL
+ 2006-10-26 17:59:24 205,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\CLVIEW.EXE
+ 2006-10-26 19:30:42 65,312 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\COLLIMP.DLL
+ 2006-10-26 18:12:52 189,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\CONTACTPICKER.D LL
+ 2006-10-26 22:48:08 234,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\DRAT.EXE
+ 2006-10-26 17:48:14 439,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\DWDCW20.DLL
+ 2006-10-26 12:10:08 1,190,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\FM20.DLL
+ 2006-10-26 12:04:58 75,576 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\FORM.DLL
+ 2006-10-26 17:21:24 1,682,232 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\FPSRVUTL.DLL
+ 2006-10-27 13:09:36 983,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\FPWEC.DLL
+ 2006-10-26 18:02:12 2,526,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GRAPH.EXE
+ 2006-10-27 13:37:44 338,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVE.EXE
+ 2006-10-27 13:38:02 6,191,400 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEACCOUNTMG R.DLL
+ 2006-10-27 13:37:44 284,448 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEAUDIO.DLL
+ 2006-10-26 22:47:54 65,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEAUDITSERV ICE.EXE
+ 2006-10-27 13:37:40 34,088 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEAUTOPROXY .DLL
+ 2006-10-27 13:37:44 300,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVECALENDART OOL.DLL
+ 2006-10-26 22:47:44 33,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVECLEAN.EXE
+ 2006-10-27 13:37:56 2,689,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVECOMMONCOM PONENTS.DLL
+ 2006-10-27 13:38:00 3,508,544 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVECOMMUNICA TIONSSERVICES.DLL
+ 2006-10-27 13:37:40 117,584 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVECOMMUNICA TIONSSTATUSANDCONTROL.DLL
+ 2006-10-27 13:37:50 768,304 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVECOMPONENT MGR.DLL
+ 2006-10-27 13:37:52 1,359,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVECRYPTO.DL L
+ 2006-10-26 22:48:24 377,136 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEDATAVIEWE RTOOL.DLL
+ 2006-10-27 13:37:58 3,071,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEDOCUMENTS HARETOOL.DLL
+ 2006-10-27 13:37:44 284,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEFETCHSERV ICES.DLL
+ 2006-10-26 22:48:00 197,920 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEGAMES.DLL
+ 2006-10-26 22:48:18 317,736 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEMIGRATOR. EXE
+ 2006-10-26 22:48:40 1,555,232 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEMISC.DLL
+ 2006-10-26 22:47:42 31,016 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEMONITOR.E XE
+ 2006-10-26 22:47:40 22,808 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVENEW.DLL
+ 2006-10-26 22:48:02 224,048 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEPROJECTTO OLSET.DLL
+ 2006-10-27 13:38:04 7,053,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVERESOURCE. DLL
+ 2006-10-26 22:48:42 2,210,608 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVESHELLEXTE NSIONS.DLL
+ 2006-10-26 22:48:18 363,304 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVESKETCHTOO L.DLL
+ 2006-10-26 22:47:40 16,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVESTDURLLAU NCHER.EXE
+ 2006-10-27 13:37:56 2,738,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVESTORAGEMG R.DLL
+ 2006-10-27 13:37:38 35,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVESYSTEMMOD E.DLL
+ 2006-10-26 22:48:02 222,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVESYSTEMSER VICES.DLL
+ 2006-10-27 13:37:50 1,163,048 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVETEXTTOOLS .DLL
+ 2006-10-27 13:38:00 4,746,536 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVETRANSCEIV ER.DLL
+ 2006-10-27 13:37:54 1,396,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEUIFRAMEWO RK.DLL
+ 2006-10-26 22:48:34 955,680 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEUTIL.DLL
+ 2006-10-27 13:37:40 268,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEWEBBROWSE RTOOL2.DLL
+ 2006-10-26 22:48:26 572,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEWEBPLATFO RMSERVICES.DLL
+ 2006-10-27 13:37:48 631,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\GROOVEWEBSERVIC ES.DLL
+ 2006-10-26 18:12:52 173,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\IEAWSDC.DLL
+ 2006-10-27 13:10:08 1,439,032 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\INFOPATH.EXE
+ 2006-10-27 13:10:10 5,456,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\IPDESIGN.DLL
+ 2006-10-27 13:10:10 5,281,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\IPEDITOR.DLL
+ 2006-10-26 19:42:00 176,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\IPOLK.DLL
+ 2006-10-26 17:55:10 828,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\MEDCAT.DLL
+ 2006-10-27 13:01:34 10,371,880 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\MSACCESS.EXE
+ 2006-10-26 19:18:06 66,880 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\MSAEXP30.DLL
+ 2006-10-26 11:58:14 117,552 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\MSCONV97.DLL
+ 2006-10-27 12:59:06 161,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\MSOCF.DLL
+ 2006-10-26 17:48:12 14,664 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\MSOCFU.DLL
+ 2006-10-26 18:12:58 428,816 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\MSODCW.DLL
+ 2006-10-26 19:13:36 26,936 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\MSOEURO.DLL
+ 2006-10-26 18:00:08 6,635,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\MSORES.DLL
+ 2006-10-26 11:56:36 436,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\MSORUN.DLL
+ 2006-10-26 17:50:04 672,024 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\MSQRY32.EXE
+ 2006-10-26 11:56:40 505,136 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\MSSOAP30.DLL
+ 2006-10-26 17:55:12 832,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\MSTORDB.EXE
+ 2006-10-26 17:55:06 538,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\MSTORES.DLL
+ 2006-10-26 18:12:30 65,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\NAME.DLL
+ 2006-10-27 13:14:34 14,151,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\OART.DLL
+ 2006-10-26 18:06:54 232,816 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ODEPLOY.EXE
+ 2006-10-26 18:14:06 7,033,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\OFFOWC.DLL
+ 2006-10-27 13:18:36 1,658,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\OGL.DLL
+ 2006-10-26 18:00:08 274,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\OIS.EXE
+ 2006-10-26 18:00:12 998,208 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\OISAPP.DLL
+ 2006-10-26 18:00:10 285,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\OISGRAPH.DLL
+ 2006-10-26 18:32:42 604,000 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ONBTTNIE.DLL
+ 2006-10-27 13:39:36 687,432 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ONBTTNOL.DLL
+ 2006-10-27 13:03:04 1,018,664 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ONENOTE.EXE
+ 2006-10-26 18:24:54 98,632 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ONENOTEM.EXE
+ 2006-10-26 18:24:50 72,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ONFILTER.DLL
+ 2006-10-26 18:24:58 1,165,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ONLIBS.DLL
+ 2006-10-27 13:03:06 6,579,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ONMAIN.DLL
+ 2006-10-26 18:23:00 782,720 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\ONSYNCPC.DLL
+ 2006-10-26 18:07:04 6,536,992 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\OSETUP.DLL
+ 2006-07-26 16:53:56 459,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\OUTLFLTR.DLL
+ 2006-10-26 19:30:44 482,088 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\PORTCONN.DLL
+ 2006-10-26 17:52:10 2,012,480 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\PPTVIEW.EXE
+ 2006-10-26 12:05:00 77,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\PSOM.DLL
+ 2006-10-26 19:13:38 38,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\REFEDIT.DLL
+ 2006-10-26 19:42:12 744,808 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\REGFORM.EXE
+ 2006-10-26 12:04:44 19,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\REVERSE.DLL
+ 2006-10-26 18:13:00 503,624 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\SELFCERT.EXE
+ 2006-10-26 18:06:58 439,600 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\SETUP.EXE
+ 2006-10-26 19:18:16 502,608 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\SOA.DLL
+ 2006-07-28 13:21:58 277,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\SSGEN.DLL
+ 2006-10-27 12:57:08 2,330,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\STSLIST.DLL
+ 2006-10-26 12:04:48 29,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\THOCRAPI.DLL
+ 2006-10-26 12:05:04 126,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\TWCUTCHR.DLL
+ 2006-10-26 12:05:02 86,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\TWCUTLIN.DLL
+ 2006-10-26 12:04:56 58,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\TWLAY32.DLL
+ 2006-10-26 12:04:48 27,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\TWORIENT.DLL
+ 2006-10-26 12:04:54 51,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\TWRECE.DLL
+ 2006-10-26 12:04:44 19,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\TWRECS.DLL
+ 2006-10-26 12:04:58 76,624 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\TWSTRUCT.DLL
+ 2006-09-29 22:42:56 2,583,344 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\VBE6.DLL
+ 2006-10-26 20:58:38 3,732,792 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\VVIEWER.DLL
+ 2007-06-17 11:25:51 781,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\WORDPIA.DLL
+ 2006-10-26 12:05:08 1,181,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\XIMAGE3B.DLL
+ 2006-10-26 12:05:08 530,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.4518\XPAGE3C.DLL
+ 2007-09-14 19:45:58 16,901,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.6215\MSO.DLL
+ 2007-08-28 22:19:24 1,654,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.6215\OGL.DLL
+ 2007-08-28 22:49:28 606,120 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.6215\ONBTTNIE.DLL
+ 2007-08-28 21:43:30 1,022,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.6215\ONENOTE.EXE
+ 2007-08-24 02:45:42 101,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.6215\ONENOTEM.EXE
+ 2007-08-24 02:45:42 75,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.6215\ONFILTER.DLL
+ 2007-08-24 02:45:46 1,167,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.6215\ONLIBS.DLL
+ 2007-10-12 19:08:52 6,588,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109 030000000000000000F01FEC\12.0.6215\ONMAIN.DLL
+ 2007-08-28 21:22:36 579,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACACEDAO.DLL
+ 2007-08-24 03:17:04 165,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACCWIZ.DLL
+ 2007-08-28 21:22:30 1,754,536 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACECORE.DLL
+ 2007-08-28 21:22:36 579,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACEDAO.DLL
+ 2007-08-28 21:22:38 50,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACEERR.DLL
+ 2007-08-28 21:22:40 193,992 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACEES.DLL
+ 2007-08-24 01:46:10 341,440 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACEEXCH.DLL
+ 2007-08-24 01:46:14 632,248 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACEEXCL.DLL
+ 2007-08-24 01:46:16 210,368 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACELTS.DLL
+ 2007-08-24 01:46:18 281,992 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACEODBC.DLL
+ 2007-08-24 01:46:20 17,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACEODDBS.DLL
+ 2007-08-24 01:46:22 17,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACEODEXL.DLL
+ 2007-08-24 01:46:22 17,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACEODPDX.DLL
+ 2007-08-24 01:46:22 17,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACEODTXT.DLL
+ 2007-08-28 21:22:44 390,600 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACEOLEDB.DLL
+ 2007-08-24 01:46:28 394,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACEPDE.DLL
+ 2007-08-24 01:46:30 263,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACER2X.DLL
+ 2007-08-24 01:46:32 292,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACER3X.DLL
+ 2007-08-24 01:46:34 58,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACERCLR.DLL
+ 2007-08-24 01:46:38 554,440 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACEREP.DLL
+ 2007-08-24 01:46:40 226,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACETXT.DLL
+ 2007-08-28 22:52:12 201,664 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACEWSS.DLL
+ 2007-08-24 01:46:44 374,200 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ACEXBE.DLL
+ 2007-08-28 22:53:12 402,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\CDLMSO.DLL
+ 2007-08-24 01:45:50 208,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\CLVIEW.EXE
+ 2007-08-24 03:38:36 67,952 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\COLLIMP.DLL
+ 2007-08-24 01:36:26 192,400 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\CONTACTPICKER.D LL
+ 2007-08-24 01:18:14 442,208 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\DWDCW20.DLL
+ 2007-08-24 01:18:18 437,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\DWTRIG20.EXE
+ 2007-08-22 23:03:38 1,195,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\FM20.DLL
+ 2007-08-25 17:11:44 1,685,896 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\FPSRVUTL.DLL
+ 2007-08-28 21:45:00 985,496 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\FPWEC.DLL
+ 2007-10-02 17:45:34 2,530,864 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\GRAPH.EXE
+ 2007-08-24 01:36:58 175,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\IEAWSDC.DLL
+ 2007-10-05 18:31:06 5,287,984 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\IPEDITOR.DLL
+ 2007-08-28 22:45:54 831,856 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\MEDCAT.DLL
+ 2007-08-28 21:13:52 10,367,352 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\MSACCESS.EXE
+ 2007-08-24 03:17:48 69,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\MSAEXP30.DLL
+ 2007-08-28 22:52:02 120,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\MSCONV97.DLL
+ 2007-09-14 19:45:58 16,901,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\MSO.DLL
+ 2007-08-28 21:20:06 163,712 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\MSOCF.DLL
+ 2007-08-28 21:20:12 17,304 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\MSOCFU.DLL
+ 2007-09-06 15:55:08 431,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\MSODCW.DLL
+ 2007-08-24 03:50:10 29,576 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\MSOEURO.DLL
+ 2007-08-27 18:20:14 6,637,960 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\MSORES.DLL
+ 2007-08-28 22:18:20 439,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\MSORUN.DLL
+ 2007-08-24 01:40:16 674,664 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\MSQRY32.EXE
+ 2007-08-22 23:12:20 507,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\MSSOAP30.DLL
+ 2007-08-28 22:45:58 835,952 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\MSTORDB.EXE
+ 2007-08-28 22:46:06 542,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\MSTORES.DLL
+ 2007-08-24 01:37:50 68,464 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\NAME.DLL
+ 2007-10-05 18:44:24 14,168,600 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\OART.DLL
+ 2007-10-02 17:51:22 8,436,776 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\OARTCONV.DLL
+ 2007-09-01 23:55:16 235,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\ODEPLOY.EXE
+ 2007-08-28 22:37:40 7,039,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\OFFOWC.DLL
+ 2007-08-28 22:19:24 1,654,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\OGL.DLL
+ 2007-08-24 02:06:28 277,384 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\OIS.EXE
+ 2007-08-24 02:06:32 1,000,848 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\OISAPP.DLL
+ 2007-08-24 02:06:38 288,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\OISGRAPH.DLL
+ 2007-09-01 23:55:54 6,540,656 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\OSETUP.DLL
+ 2007-06-07 17:51:00 465,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\OUTLFLTR.DLL
+ 2007-09-06 15:50:34 485,232 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\PORTCONN.DLL
+ 2007-08-28 22:38:22 2,016,656 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\PPTVIEW.EXE
+ 2007-08-24 03:50:10 41,832 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\REFEDIT.DLL
+ 2007-09-06 15:55:22 505,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\SELFCERT.EXE
+ 2007-09-01 23:55:34 442,240 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\SETUP.EXE
+ 2007-08-24 03:17:54 505,240 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\SOA.DLL
+ 2007-06-07 17:51:00 125,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\SSGEN.DLL
+ 2007-08-28 21:28:26 2,330,024 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\STSLIST.DLL
+ 2007-06-27 18:58:12 2,585,936 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\VBE6.DLL
+ 2007-08-24 05:10:28 3,735,424 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119 410000000000000000F01FEC\12.0.6215\VVIEWER.DLL
- 2008-08-13 19:09:20 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-09-10 13:01:33 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2008-08-13 19:09:20 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-09-10 13:01:34 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-08-13 19:09:20 159,504 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-09-10 13:01:33 159,504 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2008-08-13 19:09:20 184,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-09-10 13:01:33 184,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-08-13 19:09:20 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-09-10 13:01:34 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-08-13 19:09:20 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-09-10 13:01:34 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-08-13 19:09:20 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-09-10 13:01:34 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-08-13 19:09:20 845,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-09-10 13:01:34 845,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-08-13 19:09:20 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-09-10 13:01:34 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-08-13 19:09:20 272,648 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-09-10 13:01:34 272,648 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2008-08-13 19:09:20 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-09-10 13:01:34 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-08-13 19:09:20 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-09-10 13:01:33 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2007-06-17 11:23:04 217,864 ----a-r C:\WINDOWS\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2008-08-29 18:45:40 217,864 ----a-r C:\WINDOWS\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2008-08-13 19:09:28 1,165,584 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-09-10 13:01:47 1,165,584 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe
- 2008-08-13 19:09:28 20,240 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-09-10 13:01:48 20,240 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-08-13 19:09:28 217,864 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe
+ 2008-09-10 13:01:48 217,864 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe
- 2008-08-13 19:09:28 18,704 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-09-10 13:01:48 18,704 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-08-13 19:09:28 35,088 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-09-10 13:01:48 35,088 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-08-13 19:09:28 845,584 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-09-10 13:01:48 845,584 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe
- 2008-08-13 19:09:28 922,384 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-09-10 13:01:48 922,384 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe
- 2008-08-13 19:09:28 272,648 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-09-10 13:01:48 272,648 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe
- 2008-08-13 19:09:28 888,080 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-09-10 13:01:48 888,080 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-08-13 19:09:28 1,172,240 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-09-10 13:01:48 1,172,240 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe
- 2004-09-02 04:00:00 294,400 ----a-w C:\WINDOWS\system32\dllcache\msctf.dll
+ 2008-02-26 12:01:52 294,912 ----a-w C:\WINDOWS\system32\dllcache\msctf.dll
- 2007-08-13 16:54:10 765,952 ----a-w C:\WINDOWS\system32\dllcache\VGX.dll
+ 2007-07-12 23:32:14 765,952 ----a-w C:\WINDOWS\system32\dllcache\vgx.dll
- 2006-10-26 12:10:08 1,190,688 ----a-w C:\WINDOWS\system32\FM20.DLL
+ 2007-08-22 23:03:38 1,195,888 ----a-w C:\WINDOWS\system32\FM20.DLL
+ 2008-03-20 16:06:36 1,480,232 ------w C:\WINDOWS\system32\LegitCheckControl.dll
- 2008-08-05 18:11:01 15,888,504 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-08-26 20:28:12 16,208,504 ----a-w C:\WINDOWS\system32\MRT.exe
- 2004-09-02 04:00:00 294,400 ----a-w C:\WINDOWS\system32\MSCTF.dll
+ 2008-02-26 12:01:52 294,912 ----a-w C:\WINDOWS\system32\msctf.dll
+ 2008-07-18 20:10:20 36,552 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\Ser viceStartup\wups.dll\7.2.6001.784\wups.dll
+ 2008-07-18 20:10:40 45,768 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\Ser viceStartup\wups2.dll\7.2.6001.784\wups2.dll
- 2006-10-18 19:47:20 295,936 ----a-w C:\WINDOWS\system32\wmpeffects.dll
+ 2008-06-24 16:12:58 295,936 ----a-w C:\WINDOWS\system32\wmpeffects.dll
+ 2008-04-15 18:01:43 1,724,416 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_65 95b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
.
-- Snapshot teruggezet naar huidige datum --
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
2008-04-03 10:40 1523736 --a------ C:\Program Files\P2P_Energy\tbP2P0.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2bae58c2-79f9-45d1-a286-81f911301c3a}"= "C:\Program Files\P2P_Energy\tbP2P0.dll" [2008-04-03 1523736]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{2BAE58C2-79F9-45D1-A286-81F911301C3A}"= "C:\Program Files\P2P_Energy\tbP2P0.dll" [2008-04-03 1523736]
[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-07-16 68856]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-02 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-17 64512]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-31 7634944]
"DMAScheduler"="c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe" [2006-04-13 90112]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [2005-02-17 49152]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-18 57393]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-18 40960]
"SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 49152]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 933888]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-01-03 180269]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-17 1235736]
"ftutil2"="ftutil2.dll" [2004-06-07 C:\WINDOWS\system32\ftutil2.dll]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 C:\WINDOWS\RTHDCPL.EXE]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-02 C:\WINDOWS\arpwrmsg.exe]
"nwiz"="nwiz.exe" [2006-10-31 C:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"Picasa Media Detector"="C:\Program Files\Picassa\Picasa2\PicasaMediaDetector.exe" [2007-09-28 443968]
C:\Documents and Settings\HP_Administrator\Menu Start\Programma's\Opstarten\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\WINDOWS\\system32\\logonui.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
"msacm.ac3filter"= ac3filter.acm
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath]
-ra------ 2002-08-22 05:51 45056 C:\WINDOWS\VM_STI.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Utorrent\\utorrent.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Java\\jre1.6.0_07\\bin\\javaw.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"%windir%\\explorer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\ avgrkx86.sys [2008-08-17 12936]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-08-17 97928]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-17 875288]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-17 231704]
R2 avgfws8;AVG8 Firewall;C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-08-17 1220888]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-08-17 76040]
R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-04-11 2829696]
R3 Avgfwdx;Avgfwdx;C:\WINDOWS\system32\DRIVERS\avgfwd x.sys [2008-08-17 23296]
R3 PAC207;Trust WB-1400T Webcam;C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 162176]
R3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 WN5301;LIteon Wireless PCI Network Adapter Service;C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 468768]
S3 Avgfwfd;AVG network filter service;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-08-17 23296]
.
Inhoud van de 'Gedeelde Taken' map
.
.
------- Bijkomende Scan -------
.
FireFox -: Profile - C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\udrg8x5t.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.be/
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npadjdet.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
.
************************************************** ************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-03 17:47:16
Windows 5.1.2600 Service Pack 2 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\RGI12.tmp
************************************************** ************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\O MSCAN]
"ImagePath"="\Sys"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
PROCES: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\system32\nview.dll
.
Voltooingstijd: 2008-10-03 17:49:23
ComboFix-quarantined-files.txt 2008-10-03 15:48:20
Pre-Run: 288.742.989.824 bytes beschikbaar
Post-Run: 288,729,665,536 bytes beschikbaar
483 --- E O F --- 2008-09-10 13:03:20
hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:54:15, on 3/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_BE&c=64&bd=PAVILION&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picassa\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picassa\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://liefmaske1.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://liefmaske1.spaces.live.com/PhotoUpload/MsnPUpld.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 10647 bytes
Timon22 13 October 2008, 17:09 hoi
ik vind dat die pc nog steeds traag opstart:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:08:22, on 13/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\arservice.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\ehome\ehtray.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_BE&c=64&bd=PAVILION&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picassa\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picassa\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://liefmaske1.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://liefmaske1.spaces.live.com/PhotoUpload/MsnPUpld.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 10702 bytes
please check dit even, het duurt echt veel te lang!!
Rosty 14 October 2008, 21:29 Malware is het niet hoor.
Timon22 15 October 2008, 09:10 maar door wat kan het dan zijn?
ik heb al gekeken hier op de site van traag opstarten wat je al kan doen, maar dat helpt niet.
mss mijn lijst van opstarten, maar ik weet niet wat er weg mag en wat niet?
Rosty 15 October 2008, 16:27 maar door wat kan het dan zijn?
mss mijn lijst van opstarten, maar ik weet niet wat er weg mag en wat niet?
Post die lijst eens.
Timon22 20 October 2008, 19:07 http://img530.imageshack.us/img530/1358/naamloosyf2.jpg (http://imageshack.us)
http://img530.imageshack.us/img530/naamloosyf2.jpg/1/w577.png (http://g.imageshack.us/img530/naamloosyf2.jpg/1/)
http://img386.imageshack.us/img386/8351/naamloos1bs0.jpg (http://imageshack.us)
http://img386.imageshack.us/img386/naamloos1bs0.jpg/1/w574.png (http://g.imageshack.us/img386/naamloos1bs0.jpg/1/)
http://img363.imageshack.us/img363/5133/naamloos2in4.jpg (http://imageshack.us)
http://img363.imageshack.us/img363/naamloos2in4.jpg/1/w574.png (http://g.imageshack.us/img363/naamloos2in4.jpg/1/)
Rosty 21 October 2008, 17:07 Doe eens volgende:
open Hijackthis, klik op "Config" en dan op "Misc Tools" en dan op "open uninstall manager" en post deze lijst hier voor mij.
Timon22 23 October 2008, 19:28 dit is de lijst:
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
ADJ Video Decoder
Adobe Flash Player ActiveX
Adobe Reader 7.0.5 - Nederlands
Adobe Shockwave Player
AVG 8.0
Beveiligingsupdate for Windows Media Player 10 (KB911565)
Beveiligingsupdate for Windows XP (KB941569)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB953838)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390)
Beveiligingsupdate voor Windows Media Player 11 (KB936782)
Beveiligingsupdate voor Windows Media Player 11 (KB954154)
Beveiligingsupdate voor Windows Media Player 6.4 (KB925398)
Beveiligingsupdate voor Windows XP (KB890046)
Beveiligingsupdate voor Windows XP (KB893756)
Beveiligingsupdate voor Windows XP (KB896358)
Beveiligingsupdate voor Windows XP (KB896422)
Beveiligingsupdate voor Windows XP (KB896423)
Beveiligingsupdate voor Windows XP (KB896424)
Beveiligingsupdate voor Windows XP (KB896428)
Beveiligingsupdate voor Windows XP (KB899587)
Beveiligingsupdate voor Windows XP (KB899591)
Beveiligingsupdate voor Windows XP (KB900725)
Beveiligingsupdate voor Windows XP (KB901017)
Beveiligingsupdate voor Windows XP (KB901214)
Beveiligingsupdate voor Windows XP (KB902400)
Beveiligingsupdate voor Windows XP (KB904706)
Beveiligingsupdate voor Windows XP (KB905414)
Beveiligingsupdate voor Windows XP (KB905749)
Beveiligingsupdate voor Windows XP (KB908519)
Beveiligingsupdate voor Windows XP (KB908531)
Beveiligingsupdate voor Windows XP (KB911562)
Beveiligingsupdate voor Windows XP (KB911927)
Beveiligingsupdate voor Windows XP (KB912812)
Beveiligingsupdate voor Windows XP (KB912919)
Beveiligingsupdate voor Windows XP (KB913580)
Beveiligingsupdate voor Windows XP (KB914388)
Beveiligingsupdate voor Windows XP (KB914389)
Beveiligingsupdate voor Windows XP (KB917344)
Beveiligingsupdate voor Windows XP (KB917422)
Beveiligingsupdate voor Windows XP (KB917953)
Beveiligingsupdate voor Windows XP (KB918118)
Beveiligingsupdate voor Windows XP (KB918439)
Beveiligingsupdate voor Windows XP (KB919007)
Beveiligingsupdate voor Windows XP (KB920213)
Beveiligingsupdate voor Windows XP (KB920670)
Beveiligingsupdate voor Windows XP (KB920683)
Beveiligingsupdate voor Windows XP (KB920685)
Beveiligingsupdate voor Windows XP (KB921503)
Beveiligingsupdate voor Windows XP (KB922819)
Beveiligingsupdate voor Windows XP (KB923191)
Beveiligingsupdate voor Windows XP (KB923414)
Beveiligingsupdate voor Windows XP (KB923694)
Beveiligingsupdate voor Windows XP (KB923980)
Beveiligingsupdate voor Windows XP (KB924191)
Beveiligingsupdate voor Windows XP (KB924270)
Beveiligingsupdate voor Windows XP (KB924496)
Beveiligingsupdate voor Windows XP (KB924667)
Beveiligingsupdate voor Windows XP (KB925902)
Beveiligingsupdate voor Windows XP (KB926255)
Beveiligingsupdate voor Windows XP (KB926436)
Beveiligingsupdate voor Windows XP (KB927779)
Beveiligingsupdate voor Windows XP (KB927802)
Beveiligingsupdate voor Windows XP (KB928255)
Beveiligingsupdate voor Windows XP (KB928843)
Beveiligingsupdate voor Windows XP (KB929123)
Beveiligingsupdate voor Windows XP (KB929969)
Beveiligingsupdate voor Windows XP (KB930178)
Beveiligingsupdate voor Windows XP (KB931261)
Beveiligingsupdate voor Windows XP (KB931768)
Beveiligingsupdate voor Windows XP (KB931784)
Beveiligingsupdate voor Windows XP (KB932168)
Beveiligingsupdate voor Windows XP (KB933566)
Beveiligingsupdate voor Windows XP (KB933729)
Beveiligingsupdate voor Windows XP (KB935839)
Beveiligingsupdate voor Windows XP (KB935840)
Beveiligingsupdate voor Windows XP (KB936021)
Beveiligingsupdate voor Windows XP (KB937143)
Beveiligingsupdate voor Windows XP (KB937894)
Beveiligingsupdate voor Windows XP (KB938127)
Beveiligingsupdate voor Windows XP (KB938464)
Beveiligingsupdate voor Windows XP (KB938829)
Beveiligingsupdate voor Windows XP (KB939653)
Beveiligingsupdate voor Windows XP (KB941202)
Beveiligingsupdate voor Windows XP (KB941568)
Beveiligingsupdate voor Windows XP (KB941644)
Beveiligingsupdate voor Windows XP (KB941693)
Beveiligingsupdate voor Windows XP (KB942615)
Beveiligingsupdate voor Windows XP (KB943055)
Beveiligingsupdate voor Windows XP (KB943460)
Beveiligingsupdate voor Windows XP (KB943485)
Beveiligingsupdate voor Windows XP (KB944338)
Beveiligingsupdate voor Windows XP (KB944533)
Beveiligingsupdate voor Windows XP (KB944653)
Beveiligingsupdate voor Windows XP (KB945553)
Beveiligingsupdate voor Windows XP (KB946026)
Beveiligingsupdate voor Windows XP (KB946648)
Beveiligingsupdate voor Windows XP (KB947864)
Beveiligingsupdate voor Windows XP (KB948590)
Beveiligingsupdate voor Windows XP (KB948881)
Beveiligingsupdate voor Windows XP (KB950749)
Beveiligingsupdate voor Windows XP (KB950759)
Beveiligingsupdate voor Windows XP (KB950760)
Beveiligingsupdate voor Windows XP (KB950762)
Beveiligingsupdate voor Windows XP (KB950974)
Beveiligingsupdate voor Windows XP (KB951066)
Beveiligingsupdate voor Windows XP (KB951376)
Beveiligingsupdate voor Windows XP (KB951376-v2)
Beveiligingsupdate voor Windows XP (KB951698)
Beveiligingsupdate voor Windows XP (KB951748)
Beveiligingsupdate voor Windows XP (KB952954)
Beveiligingsupdate voor Windows XP (KB953838)
Beveiligingsupdate voor Windows XP (KB953839)
Beveiligingsupdate voor Windows XP (KB954211)
Beveiligingsupdate voor Windows XP (KB956391)
Beveiligingsupdate voor Windows XP (KB956803)
Beveiligingsupdate voor Windows XP (KB956841)
Beveiligingsupdate voor Windows XP (KB957095)
Brother MFL-Pro Suite
Camera Plus
ConvertXtoDVD 2.2.3.258
De klantenbelevenis verbeteren
Eenvoudige Internetaanmelding
Enhanced Multimedia Keyboard Solution
GEAR 32bit Driver Installer
Google Toolbar for Internet Explorer
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix voor Windows Media Player 11 (KB939683)
Hotfix voor Windows XP (KB893357)
Hotfix voor Windows XP (KB906569)
Hotfix voor Windows XP (KB912024)
Hotfix voor Windows XP (KB914440)
Hotfix voor Windows XP (KB918997)
Hotfix voor Windows XP (KB935448)
Hotfix voor Windows XP (KB952287)
HP Boot Optimizer
HP DigitalMedia Archive
HP DVD Play 2.1
HP Imaging Device Functions 7.0
HP Photosmart for Media Center PC
HP Photosmart Premier Software 6.5
HP Update
Imikimi Plugin
Java DB 10.2.2.0
Java(TM) 6 Update 7
Java(TM) SE Development Kit 6 Update 2
KB888111: High Definition Audio
K-Lite Codec Pack 3.2.5 Full
LimeWireTurbo
MainConcept for Software Encoder
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Dutch Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.0.3)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
Nero 7
neroxml
NVIDIA Drivers
P2P Energy Toolbar
PaperPort
Picasa 2
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
RealPlayer
Realtek High Definition Audio Driver
SAMSUNG CDMA Modem Driver Set
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio
Samsung PC Studio 3 USB Driver Installer
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB955936)
Security Update for 2007 Microsoft Office System (KB955936)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB955470)
Security Update for Microsoft Office Excel 2007 (KB955470)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Visio 2007 (KB947590)
Security Update for Visio 2007 (KB947590)
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Spybot - Search & Destroy 1.4
SubSync
Trust WB-1400T Webcam
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb957258)
Update for Outlook 2007 Junk Email Filter (kb957258)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB953356)
Update voor Windows XP (KB898461)
Update voor Windows XP (KB900485)
Update voor Windows XP (KB904942)
Update voor Windows XP (KB910437)
Update voor Windows XP (KB911280)
Update voor Windows XP (KB912945)
Update voor Windows XP (KB916595)
Update voor Windows XP (KB920872)
Update voor Windows XP (KB922582)
Update voor Windows XP (KB927891)
Update voor Windows XP (KB930916)
Update voor Windows XP (KB931836)
Update voor Windows XP (KB932823-v3)
Update voor Windows XP (KB933360)
Update voor Windows XP (KB938828)
Update voor Windows XP (KB942763)
Update voor Windows XP (KB942840)
Update voor Windows XP (KB946627)
Update voor Windows XP (KB951072-v2)
Vodafone 804SS USB driver Software
WinAVI Video Converter
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live aanmeldhulp
Windows Live installer
Windows Live Mail
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892050
Windows XP Hotfix - KB893066
Windows XP Media Center Edition 2005 KB925766
WinRAR archiver
Rosty 24 October 2008, 18:17 Hier ook niets verdachts op te merken hoor.
Timon22 25 October 2008, 18:00 raar. start nochtans traag op
Rosty 26 October 2008, 11:49 Je kan het best de progjes die niet hoeven op te starten met windows uitschakelen.
Timon22 26 October 2008, 13:50 ja maar het probleem is weet ik niet wat er nodig is om op te starten en wat niet.
kan je eens kijken naar die 3 afbeeldingen met wat er allemaal opstart en zegt wat er uitgeschakeld mag worden.
Rosty 27 October 2008, 20:08 Volgende mag je gerust uitvinken met MSconfig:
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picassa\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picassa\Picasa2\PicasaMediaDetector.exe (User 'Default user')
Timon22 29 October 2008, 11:17 http://img356.imageshack.us/img356/3130/naamloosno9.jpg (http://imageshack.us)
http://img356.imageshack.us/img356/naamloosno9.jpg/1/w1440.png (http://g.imageshack.us/img356/naamloosno9.jpg/1/)
dit is nog een lijst van wat er opstart
Rosty 29 October 2008, 21:46 En gaat het beter nu?
Timon22 30 October 2008, 11:19 de iconen op het bureaublad die tragen laden en dat lang wegzit.
zou bootvis helpen?
Rosty 30 October 2008, 17:25 de iconen op het bureaublad die tragen laden en dat lang wegzit.
zou bootvis helpen?
Kun je proberen.
|
|