Mededeling

Collapse
No announcement yet.

Essa voce precisa VER

Collapse
X
  •  
  • Tijd
  • Show
Clear All
new posts

  • Essa voce precisa VER

    Hallo,

    Ik ben pareltje_6 en doe veel op de computer.
    Nu heb ik plotseling een virus opgelopen die ik niet kan handelen.
    Ben er al dagen mee bezig. Ik krijg constant berichten in mijn postvak van mensen die mail van mij hebben ontvangen en geweigert hebben.
    Ik hoop dat ik het zo goed heb uitgelegd.
    Nu heb ik jullie site gevonden en de vereiste handelingen gedaan en stuur dus hierbij mijn hijackyhis log tekst.
    Hopelijk heb ik alles goed begrepen.

    Groetjes pareltje_6

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 18:07:03, on 23-12-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Eset\nod32kui.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Keyboard Driver\OEMDriver.exe
    C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\System32\GEARSec.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\XstreamRadio 3.02\XstreamRadio.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Documents and Settings\pareltje\Bureaublad\HiJackThis_v2.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = members.ams.chello.nl:8080
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKCU\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
    O4 - HKCU\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    O4 - HKCU\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKCU\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKCU\..\Run: [KBDriver] C:\Program Files\Keyboard Driver\OEMDriver.exe
    O4 - HKCU\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
    O4 - HKCU\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Klant openen op monitor &1 - C:\WINDOWS\web\AOpenClient.htm
    O8 - Extra context menu item: Klant openen op monitor &2 - C:\WINDOWS\web\AOpenClient.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll
    O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1198006939312
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1198007000031
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
    O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/nl/TSEasyInstallX.CAB
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
    O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

    --
    End of file - 10579 bytes
    Bijgevoegde Bestanden
    Last edited by pareltje_6; 23-12-07, 18:03.

  • #2
    Download combofix.exe: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Plaats het op je bureaublad.
    Dubbelklik er op om het programma te starten.
    In het scherm dat verschijnt tik je een 1 in om het cleaning- en analysesproces te laten uitvoeren.
    Volg de instructies op het scherm.
    Als het tooltje klaar is, opent er een logfile (combofix.txt).

    Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.
    (gebruik wel deze versie van hijackthis: http://www.trendsecure.com/portal/en...HJTInstall.exe )

    Comment


    • #3
      Essa voce precisa VER

      Hallo,

      Hier is mijn 2e scan met combofix


      ComboFix 07-12-21.4 - pareltje 2007-12-24 15:08:12.3 - NTFSx86
      Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.1410 [GMT 1:00]
      Gestart vanuit: C:\Documents and Settings\pareltje\Bureaublad\ComboFix.exe
      .

      (((((((((((((((((((( Bestanden Gemaakt van 2007-11-24 to 2007-12-24 ))))))))))))))))))))))))))))))
      .

      2007-12-24 14:56 . 2007-12-24 14:56 <DIR> d-------- C:\Program Files\Trend Micro
      2007-12-24 11:07 . 2007-12-24 11:07 <DIR> d-------- C:\Program Files\Lavasoft
      2007-12-24 11:07 . 2007-12-24 11:07 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
      2007-12-24 11:07 . 2007-12-24 11:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
      2007-12-24 10:49 . 2007-12-24 10:49 <DIR> d-------- C:\Program Files\MSXML 4.0
      2007-12-19 14:45 . 2007-12-19 14:45 <DIR> d-------- C:\Documents and Settings\pareltje\Application Data\IsolatedStorage
      2007-12-19 14:35 . 2007-12-19 14:35 <DIR> d--h----- C:\WINDOWS\PIF
      2007-12-19 12:34 . 2007-12-19 12:34 <DIR> d-------- C:\Program Files\Microsoft.NET
      2007-12-19 12:32 . 2007-12-19 12:46 <DIR> d-------- C:\WINDOWS\SHELLNEW
      2007-12-19 12:32 . 2007-12-24 10:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
      2007-12-19 12:13 . 2002-03-05 10:34 32,768 --a------ C:\WINDOWS\system32\Remove4006.exe
      2007-12-19 12:13 . 2001-06-07 17:56 18,120 --a------ C:\WINDOWS\system32\drivers\TR12388.sys
      2007-12-19 12:13 . 2002-01-16 14:36 11,540 --a------ C:\WINDOWS\TR12388.ini
      2007-12-19 12:13 . 2002-02-26 10:55 8,192 --a------ C:\WINDOWS\system32\drivers\Artec48.usb
      2007-12-19 12:13 . 2002-02-25 09:43 2,650 --a------ C:\WINDOWS\Ausba4.ini
      2007-12-19 12:13 . 2007-12-24 15:04 1,134 --a------ C:\WINDOWS\ScnPanel.ini
      2007-12-19 12:13 . 2001-06-22 15:57 766 --a------ C:\WINDOWS\Uninstall.ico
      2007-12-19 12:12 . 2007-12-19 12:12 <DIR> d-------- C:\Program Files\Trust
      2007-12-19 12:12 . 2002-03-04 21:41 167,936 --------- C:\WINDOWS\Ausba4.dll
      2007-12-19 12:12 . 2002-03-04 21:43 167,936 --------- C:\WINDOWS\A4.dll
      2007-12-19 12:12 . 2001-10-18 05:01 45,056 --------- C:\WINDOWS\Getkey.dll
      2007-12-19 12:12 . 2002-01-05 22:57 7,168 --------- C:\WINDOWS\system32\48UMicro.dll
      2007-12-19 12:12 . 2002-06-27 21:42 1,739 --------- C:\WINDOWS\TRUST151.ini
      2007-12-19 11:56 . 2007-12-19 11:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP
      2007-12-19 11:54 . 2007-12-19 11:54 <DIR> d-------- C:\Program Files\Common Files\Sonic Shared
      2007-12-19 11:54 . 2007-12-19 11:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sonic
      2007-12-19 11:53 . 2007-12-19 11:54 <DIR> d-------- C:\Program Files\Common Files\HP
      2007-12-19 11:52 . 2007-12-19 11:52 <DIR> d-------- C:\Program Files\Hewlett-Packard
      2007-12-19 11:50 . 2007-12-19 11:50 <DIR> d-------- C:\WINDOWS\system32\URTTemp
      2007-12-19 11:49 . 2005-06-01 17:01 77,824 -ra------ C:\WINDOWS\system32\hpzids01.dll
      2007-12-19 11:49 . 2004-09-29 06:11 51,120 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
      2007-12-19 11:49 . 2005-05-05 08:51 37,376 --a------ C:\WINDOWS\system32\hpz3l3xu.dll
      2007-12-19 11:49 . 2004-09-29 06:11 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
      2007-12-19 11:47 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
      2007-12-19 11:47 . 2004-09-29 12:12 278,584 --a------ C:\WINDOWS\system32\HPZidr12.dll
      2007-12-19 11:47 . 2004-09-29 12:15 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
      2007-12-19 11:47 . 2004-09-29 12:09 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
      2007-12-19 11:47 . 2004-09-29 12:14 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe
      2007-12-19 11:47 . 2004-09-29 12:08 61,440 --a------ C:\WINDOWS\system32\HPZinw12.exe
      2007-12-19 11:47 . 2004-09-29 12:09 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
      2007-12-19 11:45 . 2007-12-19 11:52 <DIR> d-------- C:\Program Files\HP
      2007-12-19 11:43 . 2007-12-19 11:58 81,013 --a------ C:\WINDOWS\HPHins08.dat
      2007-12-19 11:43 . 2005-06-01 17:23 4,011 --------- C:\WINDOWS\hphmdl08.dat
      2007-12-19 11:42 . 2007-12-19 11:42 <DIR> d-------- C:\Documents and Settings\pareltje\Application Data\HP
      2007-12-19 01:14 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
      2007-12-19 01:14 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
      2007-12-19 00:26 . 2007-12-19 00:27 16 --a------ C:\WINDOWS\system32\coh.cache
      2007-12-19 00:09 . 2007-12-19 09:59 <DIR> d-------- C:\Program Files\Norton Internet Security
      2007-12-19 00:09 . 2007-12-19 00:21 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
      2007-12-19 00:09 . 2007-12-19 00:21 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
      2007-12-19 00:09 . 2007-12-19 00:21 10,740 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
      2007-12-19 00:09 . 2007-12-19 00:21 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
      2007-12-19 00:08 . 2007-12-19 14:34 <DIR> d-------- C:\Program Files\Symantec
      2007-12-19 00:08 . 2007-12-24 14:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Symantec
      2007-12-19 00:07 . 2007-12-24 15:06 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
      2007-12-19 00:03 . 2007-12-19 00:03 395 --a------ C:\WINDOWS\ODBC.INI
      2007-12-19 00:01 . 2007-12-19 00:01 <DIR> dr-h----- C:\MSOCache
      2007-12-18 23:58 . 2007-12-18 23:58 <DIR> d-------- C:\Program Files\byLight
      2007-12-18 23:58 . 2007-12-18 23:58 33 --a------ C:\WINDOWS\iltwain.ini
      2007-12-18 23:56 . 2007-12-19 00:20 <DIR> d-------- C:\Program Files\ColorPic 4.1
      2007-12-18 23:56 . 2007-12-18 23:56 134,146 --a------ C:\WINDOWS\ColorPic Uninstaller.exe
      2007-12-18 23:53 . 2007-12-18 23:53 <DIR> d-------- C:\Program Files\TigerColor
      2007-12-18 23:53 . 2007-12-18 23:55 <DIR> d-------- C:\Documents and Settings\pareltje\Application Data\ColorImpact3
      2007-12-18 23:53 . 2007-12-18 23:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
      2007-12-18 23:50 . 2007-12-18 23:50 <DIR> d-------- C:\Documents and Settings\pareltje\Application Data\Ulead Systems
      2007-12-18 23:45 . 2007-12-18 23:45 <DIR> d-------- C:\Program Files\Ulead Systems
      2007-12-18 23:45 . 2007-12-18 23:45 <DIR> d-------- C:\Program Files\Common Files\Ulead Systems
      2007-12-18 23:45 . 2007-12-18 23:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
      2007-12-18 23:45 . 1999-10-15 12:50 1,056,768 --------- C:\WINDOWS\system32\ROBOEX32.DLL
      2007-12-18 23:45 . 2006-07-22 19:37 49,152 --------- C:\WINDOWS\system32\INETWH32.dll
      2007-12-18 23:39 . 2007-12-18 23:39 <DIR> d-------- C:\Program Files\iColorFolder
      2007-12-18 23:36 . 2007-12-18 23:36 <DIR> d-------- C:\Program Files\WoLoSoft
      2007-12-18 23:35 . 2007-12-24 10:49 113 --a------ C:\WINDOWS\mgutil_reg.ini
      2007-12-18 23:35 . 2007-12-18 23:35 44 --a------ C:\WINDOWS\mgutil_win.ini
      2007-12-18 23:34 . 2007-12-18 23:34 <DIR> d-------- C:\Program Files\Mgutil
      2007-12-18 23:34 . 2007-12-18 23:34 51,355 --a------ C:\WINDOWS\system32\muzika.xm
      2007-12-18 23:25 . 2007-12-19 00:14 <DIR> d-------- C:\Program Files\XstreamRadio 3.02
      2007-12-18 23:19 . 2006-05-26 13:21 32,768 --a------ C:\WINDOWS\system32\plugin.dll
      2007-12-18 23:19 . 2007-12-19 12:46 5,120 --ahs---- C:\WINDOWS\system32\Thumbs.db
      2007-12-18 23:18 . 2007-12-18 23:18 <DIR> d-------- C:\Program Files\filter
      2007-12-18 23:18 . 1999-07-27 17:03 481,552 --a------ C:\WINDOWS\system\dxtmsft3.dll
      2007-12-18 23:18 . 2001-08-18 06:36 337,920 --a------ C:\WINDOWS\system\dxtmsft.dll
      2007-12-18 23:18 . 2000-08-20 02:29 268,048 --a------ C:\WINDOWS\system\Dxtmeta2.dll
      2007-12-18 23:07 . 2007-12-18 23:14 <DIR> d-------- C:\Documents and Settings\pareltje\Contacts
      2007-12-18 23:04 . 2007-12-18 23:06 <DIR> d-------- C:\Program Files\MSN Messenger
      2007-12-18 22:24 . 2007-11-01 21:05 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
      2007-12-18 22:13 . 2007-12-18 22:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logishrd
      2007-12-18 22:12 . 2004-08-04 01:03 16,384 --a------ C:\WINDOWS\system32\ipsink.ax
      2007-12-18 22:12 . 2004-08-04 01:03 16,384 --a--c--- C:\WINDOWS\system32\dllcache\ipsink.ax
      2007-12-18 22:12 . 2004-08-03 23:10 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
      2007-12-18 22:12 . 2004-08-03 23:10 15,360 --a--c--- C:\WINDOWS\system32\dllcache\streamip.sys
      2007-12-18 22:12 . 2004-08-03 23:10 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
      2007-12-18 22:12 . 2004-08-03 23:10 10,880 --a--c--- C:\WINDOWS\system32\dllcache\ndisip.sys
      2007-12-18 22:12 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
      2007-12-18 22:12 . 2004-08-03 22:58 5,504 --a--c--- C:\WINDOWS\system32\dllcache\mstee.sys
      2007-12-18 22:11 . 2007-12-18 22:13 <DIR> d-------- C:\Program Files\Common Files\logishrd
      2007-12-18 21:19 . 2007-12-18 22:25 <DIR> d-------- C:\Program Files\ATI Technologies
      2007-12-18 20:51 . 2007-12-18 21:02 <DIR> d-------- C:\WINDOWS\system32\NtmsData
      2007-12-18 20:48 . 2007-12-24 15:00 45,056 --ahs---- C:\WINDOWS\Thumbs.db
      2007-12-18 20:42 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll

      .
      ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2007-12-24 14:03 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs
      2007-12-18 17:55 --------- d-----w C:\Program Files\microsoft frontpage
      2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
      2007-11-02 05:52 2,644,480 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
      2007-11-02 04:57 9,314,304 ----a-w C:\WINDOWS\system32\atioglx2.dll
      2007-11-02 04:24 176,128 ----a-w C:\WINDOWS\system32\atiok3x2.dll
      2007-11-02 04:10 364,544 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
      2007-11-02 04:09 268,288 ----a-w C:\WINDOWS\system32\ati2dvag.dll
      2007-11-02 04:01 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
      2007-11-02 04:01 143,360 ----a-w C:\WINDOWS\system32\atipdlxx.dll
      2007-11-02 04:01 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll
      2007-11-02 04:00 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
      2007-11-02 04:00 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll
      2007-11-02 03:59 495,616 ----a-w C:\WINDOWS\system32\ati2evxx.exe
      2007-11-02 03:58 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
      2007-11-02 03:50 3,133,728 ----a-w C:\WINDOWS\system32\ati3duag.dll
      2007-11-02 03:39 1,602,176 ----a-w C:\WINDOWS\system32\ativvaxx.dll
      2007-11-02 03:35 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
      2007-11-02 03:26 5,435,392 ----a-w C:\WINDOWS\system32\atioglxx.dll
      2007-11-02 03:24 376,832 ----a-w C:\WINDOWS\system32\atikvmag.dll
      2007-11-02 03:22 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
      2007-11-02 03:22 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
      2007-11-02 03:16 499,712 ----a-w C:\WINDOWS\system32\ati2cqag.dll
      2007-10-30 18:55 625,032 ----a-w C:\WINDOWS\system32\SymNeti.dll
      2007-10-30 18:55 39,856 ----a-w C:\WINDOWS\system32\drivers\symids.sys
      2007-10-30 18:55 37,936 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
      2007-10-30 18:55 35,120 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
      2007-10-30 18:55 27,696 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
      2007-10-30 18:55 242,056 ----a-w C:\WINDOWS\system32\SymRedir.dll
      2007-10-30 18:55 191,536 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
      2007-10-30 18:55 145,968 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
      2007-10-30 18:55 12,848 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
      2007-10-30 18:24 12,963 ----a-w C:\WINDOWS\system32\drivers\SymRedir.cat
      2007-10-30 18:24 1,358 ----a-w C:\WINDOWS\system32\drivers\SymRedir.inf
      2007-10-29 22:45 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll
      2007-10-25 09:00 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll
      2005-05-11 22:36 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
      .

      ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00]
      "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Snelkoppeling naar eigenschappenvenster voor High Definition Audio"="HDAShCut.exe" [2005-01-07 17:07 C:\WINDOWS\system32\HdAShCut.exe]
      "RTHDCPL"="RTHDCPL.EXE" [2005-06-29 13:25 C:\WINDOWS\RTHDCPL.EXE]
      "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 15:44 C:\WINDOWS\KHALMNPR.Exe]
      "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 15:44 C:\WINDOWS\KHALMNPR.Exe]
      "KBDriver"="C:\Program Files\Keyboard Driver\OEMDriver.exe" [2004-08-25 22:27]
      "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 16:02]
      "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 16:06]
      "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
      "Ulead AutoDetector v2"="C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 11:43]
      "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 22:59]
      "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-01-14 00:11]
      "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 10:22]
      "HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe" [2002-11-14 12:34]
      "HPHUPD08"="C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-01 17:35]
      "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12]
      "Norton Ghost 9.0"="C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe" [2004-07-29 04:41]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2006-03-02 13:00]

      C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
      HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26]
      Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-12-18 20:32:38]
      Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-12-18 20:31:27]
      ScanPanel.lnk - C:\Program Files\Trust\Easy Webscan 19200\ScanPanel\ScnPanel.exe [2007-12-19 12:12:59]
      Snelstart HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-12 00:49:24]
      WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-12-18 23:32:57]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
      @=""

      R0 PQV2i;PQV2i;C:\WINDOWS\system32\drivers\PQV2i.sys [2004-07-29 03:33]
      R1 PQIMount;PQIMount;C:\WINDOWS\system32\drivers\PQIMount.sys [2004-07-29 04:13]

      *Newly Created Service* - COMHOST
      .
      Inhoud van de 'Gedeelde Taken' map
      "2007-12-18 23:14:08 C:\WINDOWS\Tasks\Norton Internet Security - Volledige systeemscan - pareltje.job"
      - C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe
      .
      **************************************************************************

      catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2007-12-24 15:10:04
      Windows 5.1.2600 Service Pack 2 NTFS

      scannen van verborgen processen ...

      scannen van verborgen autostart items ...

      scannen van verborgen bestanden ...

      Scan succesvol afgerond
      verborgen bestanden: 0

      **************************************************************************
      .
      Voltooingstijd: 2007-12-24 15:10:35
      .
      2007-12-24 09:53:23 --- E O F ---

      En dit is de nieuwe HijackThis scan

      ComboFix 07-12-21.4 - pareltje 2007-12-24 15:08:12.3 - NTFSx86
      Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.1410 [GMT 1:00]
      Gestart vanuit: C:\Documents and Settings\pareltje\Bureaublad\ComboFix.exe
      .

      (((((((((((((((((((( Bestanden Gemaakt van 2007-11-24 to 2007-12-24 ))))))))))))))))))))))))))))))
      .

      2007-12-24 14:56 . 2007-12-24 14:56 <DIR> d-------- C:\Program Files\Trend Micro
      2007-12-24 11:07 . 2007-12-24 11:07 <DIR> d-------- C:\Program Files\Lavasoft
      2007-12-24 11:07 . 2007-12-24 11:07 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
      2007-12-24 11:07 . 2007-12-24 11:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
      2007-12-24 10:49 . 2007-12-24 10:49 <DIR> d-------- C:\Program Files\MSXML 4.0
      2007-12-19 14:45 . 2007-12-19 14:45 <DIR> d-------- C:\Documents and Settings\pareltje\Application Data\IsolatedStorage
      2007-12-19 14:35 . 2007-12-19 14:35 <DIR> d--h----- C:\WINDOWS\PIF
      2007-12-19 12:34 . 2007-12-19 12:34 <DIR> d-------- C:\Program Files\Microsoft.NET
      2007-12-19 12:32 . 2007-12-19 12:46 <DIR> d-------- C:\WINDOWS\SHELLNEW
      2007-12-19 12:32 . 2007-12-24 10:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
      2007-12-19 12:13 . 2002-03-05 10:34 32,768 --a------ C:\WINDOWS\system32\Remove4006.exe
      2007-12-19 12:13 . 2001-06-07 17:56 18,120 --a------ C:\WINDOWS\system32\drivers\TR12388.sys
      2007-12-19 12:13 . 2002-01-16 14:36 11,540 --a------ C:\WINDOWS\TR12388.ini
      2007-12-19 12:13 . 2002-02-26 10:55 8,192 --a------ C:\WINDOWS\system32\drivers\Artec48.usb
      2007-12-19 12:13 . 2002-02-25 09:43 2,650 --a------ C:\WINDOWS\Ausba4.ini
      2007-12-19 12:13 . 2007-12-24 15:04 1,134 --a------ C:\WINDOWS\ScnPanel.ini
      2007-12-19 12:13 . 2001-06-22 15:57 766 --a------ C:\WINDOWS\Uninstall.ico
      2007-12-19 12:12 . 2007-12-19 12:12 <DIR> d-------- C:\Program Files\Trust
      2007-12-19 12:12 . 2002-03-04 21:41 167,936 --------- C:\WINDOWS\Ausba4.dll
      2007-12-19 12:12 . 2002-03-04 21:43 167,936 --------- C:\WINDOWS\A4.dll
      2007-12-19 12:12 . 2001-10-18 05:01 45,056 --------- C:\WINDOWS\Getkey.dll
      2007-12-19 12:12 . 2002-01-05 22:57 7,168 --------- C:\WINDOWS\system32\48UMicro.dll
      2007-12-19 12:12 . 2002-06-27 21:42 1,739 --------- C:\WINDOWS\TRUST151.ini
      2007-12-19 11:56 . 2007-12-19 11:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP
      2007-12-19 11:54 . 2007-12-19 11:54 <DIR> d-------- C:\Program Files\Common Files\Sonic Shared
      2007-12-19 11:54 . 2007-12-19 11:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sonic
      2007-12-19 11:53 . 2007-12-19 11:54 <DIR> d-------- C:\Program Files\Common Files\HP
      2007-12-19 11:52 . 2007-12-19 11:52 <DIR> d-------- C:\Program Files\Hewlett-Packard
      2007-12-19 11:50 . 2007-12-19 11:50 <DIR> d-------- C:\WINDOWS\system32\URTTemp
      2007-12-19 11:49 . 2005-06-01 17:01 77,824 -ra------ C:\WINDOWS\system32\hpzids01.dll
      2007-12-19 11:49 . 2004-09-29 06:11 51,120 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
      2007-12-19 11:49 . 2005-05-05 08:51 37,376 --a------ C:\WINDOWS\system32\hpz3l3xu.dll
      2007-12-19 11:49 . 2004-09-29 06:11 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
      2007-12-19 11:47 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
      2007-12-19 11:47 . 2004-09-29 12:12 278,584 --a------ C:\WINDOWS\system32\HPZidr12.dll
      2007-12-19 11:47 . 2004-09-29 12:15 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
      2007-12-19 11:47 . 2004-09-29 12:09 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
      2007-12-19 11:47 . 2004-09-29 12:14 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe
      2007-12-19 11:47 . 2004-09-29 12:08 61,440 --a------ C:\WINDOWS\system32\HPZinw12.exe
      2007-12-19 11:47 . 2004-09-29 12:09 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
      2007-12-19 11:45 . 2007-12-19 11:52 <DIR> d-------- C:\Program Files\HP
      2007-12-19 11:43 . 2007-12-19 11:58 81,013 --a------ C:\WINDOWS\HPHins08.dat
      2007-12-19 11:43 . 2005-06-01 17:23 4,011 --------- C:\WINDOWS\hphmdl08.dat
      2007-12-19 11:42 . 2007-12-19 11:42 <DIR> d-------- C:\Documents and Settings\pareltje\Application Data\HP
      2007-12-19 01:14 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
      2007-12-19 01:14 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
      2007-12-19 00:26 . 2007-12-19 00:27 16 --a------ C:\WINDOWS\system32\coh.cache
      2007-12-19 00:09 . 2007-12-19 09:59 <DIR> d-------- C:\Program Files\Norton Internet Security
      2007-12-19 00:09 . 2007-12-19 00:21 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
      2007-12-19 00:09 . 2007-12-19 00:21 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
      2007-12-19 00:09 . 2007-12-19 00:21 10,740 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
      2007-12-19 00:09 . 2007-12-19 00:21 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
      2007-12-19 00:08 . 2007-12-19 14:34 <DIR> d-------- C:\Program Files\Symantec
      2007-12-19 00:08 . 2007-12-24 14:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Symantec
      2007-12-19 00:07 . 2007-12-24 15:06 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
      2007-12-19 00:03 . 2007-12-19 00:03 395 --a------ C:\WINDOWS\ODBC.INI
      2007-12-19 00:01 . 2007-12-19 00:01 <DIR> dr-h----- C:\MSOCache
      2007-12-18 23:58 . 2007-12-18 23:58 <DIR> d-------- C:\Program Files\byLight
      2007-12-18 23:58 . 2007-12-18 23:58 33 --a------ C:\WINDOWS\iltwain.ini
      2007-12-18 23:56 . 2007-12-19 00:20 <DIR> d-------- C:\Program Files\ColorPic 4.1
      2007-12-18 23:56 . 2007-12-18 23:56 134,146 --a------ C:\WINDOWS\ColorPic Uninstaller.exe
      2007-12-18 23:53 . 2007-12-18 23:53 <DIR> d-------- C:\Program Files\TigerColor
      2007-12-18 23:53 . 2007-12-18 23:55 <DIR> d-------- C:\Documents and Settings\pareltje\Application Data\ColorImpact3
      2007-12-18 23:53 . 2007-12-18 23:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
      2007-12-18 23:50 . 2007-12-18 23:50 <DIR> d-------- C:\Documents and Settings\pareltje\Application Data\Ulead Systems
      2007-12-18 23:45 . 2007-12-18 23:45 <DIR> d-------- C:\Program Files\Ulead Systems
      2007-12-18 23:45 . 2007-12-18 23:45 <DIR> d-------- C:\Program Files\Common Files\Ulead Systems
      2007-12-18 23:45 . 2007-12-18 23:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
      2007-12-18 23:45 . 1999-10-15 12:50 1,056,768 --------- C:\WINDOWS\system32\ROBOEX32.DLL
      2007-12-18 23:45 . 2006-07-22 19:37 49,152 --------- C:\WINDOWS\system32\INETWH32.dll
      2007-12-18 23:39 . 2007-12-18 23:39 <DIR> d-------- C:\Program Files\iColorFolder
      2007-12-18 23:36 . 2007-12-18 23:36 <DIR> d-------- C:\Program Files\WoLoSoft
      2007-12-18 23:35 . 2007-12-24 10:49 113 --a------ C:\WINDOWS\mgutil_reg.ini
      2007-12-18 23:35 . 2007-12-18 23:35 44 --a------ C:\WINDOWS\mgutil_win.ini
      2007-12-18 23:34 . 2007-12-18 23:34 <DIR> d-------- C:\Program Files\Mgutil
      2007-12-18 23:34 . 2007-12-18 23:34 51,355 --a------ C:\WINDOWS\system32\muzika.xm
      2007-12-18 23:25 . 2007-12-19 00:14 <DIR> d-------- C:\Program Files\XstreamRadio 3.02
      2007-12-18 23:19 . 2006-05-26 13:21 32,768 --a------ C:\WINDOWS\system32\plugin.dll
      2007-12-18 23:19 . 2007-12-19 12:46 5,120 --ahs---- C:\WINDOWS\system32\Thumbs.db
      2007-12-18 23:18 . 2007-12-18 23:18 <DIR> d-------- C:\Program Files\filter
      2007-12-18 23:18 . 1999-07-27 17:03 481,552 --a------ C:\WINDOWS\system\dxtmsft3.dll
      2007-12-18 23:18 . 2001-08-18 06:36 337,920 --a------ C:\WINDOWS\system\dxtmsft.dll
      2007-12-18 23:18 . 2000-08-20 02:29 268,048 --a------ C:\WINDOWS\system\Dxtmeta2.dll
      2007-12-18 23:07 . 2007-12-18 23:14 <DIR> d-------- C:\Documents and Settings\pareltje\Contacts
      2007-12-18 23:04 . 2007-12-18 23:06 <DIR> d-------- C:\Program Files\MSN Messenger
      2007-12-18 22:24 . 2007-11-01 21:05 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
      2007-12-18 22:13 . 2007-12-18 22:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logishrd
      2007-12-18 22:12 . 2004-08-04 01:03 16,384 --a------ C:\WINDOWS\system32\ipsink.ax
      2007-12-18 22:12 . 2004-08-04 01:03 16,384 --a--c--- C:\WINDOWS\system32\dllcache\ipsink.ax
      2007-12-18 22:12 . 2004-08-03 23:10 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
      2007-12-18 22:12 . 2004-08-03 23:10 15,360 --a--c--- C:\WINDOWS\system32\dllcache\streamip.sys
      2007-12-18 22:12 . 2004-08-03 23:10 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
      2007-12-18 22:12 . 2004-08-03 23:10 10,880 --a--c--- C:\WINDOWS\system32\dllcache\ndisip.sys
      2007-12-18 22:12 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
      2007-12-18 22:12 . 2004-08-03 22:58 5,504 --a--c--- C:\WINDOWS\system32\dllcache\mstee.sys
      2007-12-18 22:11 . 2007-12-18 22:13 <DIR> d-------- C:\Program Files\Common Files\logishrd
      2007-12-18 21:19 . 2007-12-18 22:25 <DIR> d-------- C:\Program Files\ATI Technologies
      2007-12-18 20:51 . 2007-12-18 21:02 <DIR> d-------- C:\WINDOWS\system32\NtmsData
      2007-12-18 20:48 . 2007-12-24 15:00 45,056 --ahs---- C:\WINDOWS\Thumbs.db
      2007-12-18 20:42 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll

      .
      ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2007-12-24 14:03 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs
      2007-12-18 17:55 --------- d-----w C:\Program Files\microsoft frontpage
      2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
      2007-11-02 05:52 2,644,480 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
      2007-11-02 04:57 9,314,304 ----a-w C:\WINDOWS\system32\atioglx2.dll
      2007-11-02 04:24 176,128 ----a-w C:\WINDOWS\system32\atiok3x2.dll
      2007-11-02 04:10 364,544 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
      2007-11-02 04:09 268,288 ----a-w C:\WINDOWS\system32\ati2dvag.dll
      2007-11-02 04:01 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
      2007-11-02 04:01 143,360 ----a-w C:\WINDOWS\system32\atipdlxx.dll
      2007-11-02 04:01 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll
      2007-11-02 04:00 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
      2007-11-02 04:00 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll
      2007-11-02 03:59 495,616 ----a-w C:\WINDOWS\system32\ati2evxx.exe
      2007-11-02 03:58 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
      2007-11-02 03:50 3,133,728 ----a-w C:\WINDOWS\system32\ati3duag.dll
      2007-11-02 03:39 1,602,176 ----a-w C:\WINDOWS\system32\ativvaxx.dll
      2007-11-02 03:35 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
      2007-11-02 03:26 5,435,392 ----a-w C:\WINDOWS\system32\atioglxx.dll
      2007-11-02 03:24 376,832 ----a-w C:\WINDOWS\system32\atikvmag.dll
      2007-11-02 03:22 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
      2007-11-02 03:22 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
      2007-11-02 03:16 499,712 ----a-w C:\WINDOWS\system32\ati2cqag.dll
      2007-10-30 18:55 625,032 ----a-w C:\WINDOWS\system32\SymNeti.dll
      2007-10-30 18:55 39,856 ----a-w C:\WINDOWS\system32\drivers\symids.sys
      2007-10-30 18:55 37,936 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
      2007-10-30 18:55 35,120 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
      2007-10-30 18:55 27,696 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
      2007-10-30 18:55 242,056 ----a-w C:\WINDOWS\system32\SymRedir.dll
      2007-10-30 18:55 191,536 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
      2007-10-30 18:55 145,968 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
      2007-10-30 18:55 12,848 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
      2007-10-30 18:24 12,963 ----a-w C:\WINDOWS\system32\drivers\SymRedir.cat
      2007-10-30 18:24 1,358 ----a-w C:\WINDOWS\system32\drivers\SymRedir.inf
      2007-10-29 22:45 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll
      2007-10-25 09:00 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll
      2005-05-11 22:36 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
      .

      ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00]
      "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Snelkoppeling naar eigenschappenvenster voor High Definition Audio"="HDAShCut.exe" [2005-01-07 17:07 C:\WINDOWS\system32\HdAShCut.exe]
      "RTHDCPL"="RTHDCPL.EXE" [2005-06-29 13:25 C:\WINDOWS\RTHDCPL.EXE]
      "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 15:44 C:\WINDOWS\KHALMNPR.Exe]
      "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 15:44 C:\WINDOWS\KHALMNPR.Exe]
      "KBDriver"="C:\Program Files\Keyboard Driver\OEMDriver.exe" [2004-08-25 22:27]
      "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 16:02]
      "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 16:06]
      "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
      "Ulead AutoDetector v2"="C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 11:43]
      "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 22:59]
      "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-01-14 00:11]
      "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 10:22]
      "HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe" [2002-11-14 12:34]
      "HPHUPD08"="C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-01 17:35]
      "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12]
      "Norton Ghost 9.0"="C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe" [2004-07-29 04:41]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2006-03-02 13:00]

      C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
      HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26]
      Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-12-18 20:32:38]
      Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-12-18 20:31:27]
      ScanPanel.lnk - C:\Program Files\Trust\Easy Webscan 19200\ScanPanel\ScnPanel.exe [2007-12-19 12:12:59]
      Snelstart HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-12 00:49:24]
      WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-12-18 23:32:57]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
      @=""

      R0 PQV2i;PQV2i;C:\WINDOWS\system32\drivers\PQV2i.sys [2004-07-29 03:33]
      R1 PQIMount;PQIMount;C:\WINDOWS\system32\drivers\PQIMount.sys [2004-07-29 04:13]

      *Newly Created Service* - COMHOST
      .
      Inhoud van de 'Gedeelde Taken' map
      "2007-12-18 23:14:08 C:\WINDOWS\Tasks\Norton Internet Security - Volledige systeemscan - pareltje.job"
      - C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe
      .
      **************************************************************************

      catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2007-12-24 15:10:04
      Windows 5.1.2600 Service Pack 2 NTFS

      scannen van verborgen processen ...

      scannen van verborgen autostart items ...

      scannen van verborgen bestanden ...

      Scan succesvol afgerond
      verborgen bestanden: 0

      **************************************************************************
      .
      Voltooingstijd: 2007-12-24 15:10:35
      .
      2007-12-24 09:53:23 --- E O F ---

      Met vriendelijke groet
      pareltje_6

      Comment


      • #4
        Bedankt voor de snelle hulp.
        Ik denk dat het is opgelost. Ik heb geen rare emailberichten meer ontvangen.
        vriendelijke groet,
        pareltje_6

        Comment


        • #5
          Twee topic's samengevoegd.
          Grtz Lex.

          Kijk ook even naar ==> de huisregels <==, dit kan zeer verhelderend werken.
          Moederbord / Processor; Gigabyte GA-X58 Extreme / Core i7 920 2,66GHz @3,67GHz.
          Koeler; Thermal right 120 Ultra Extreme met Sharkoon 120x120x25mm fan.
          Geheugen / Harddisks; Dominator GT 6GB 1600MHz in Triple-channel / OCZ Agility 2 60GB (SSD), OCZ Agility 2 120GB (SSD).
          Videokaarten / Monitoren; 2x Club3d GTX460 Overclocked Edition in SLI / 2x Samsung 2253BW (22 inch).
          Branders; Plextor 820SA.
          Speakers; Logitech z5500.
          Toetsenbord / Muis; Logitech G15 / G5.

          Comment


          • #6
            Mooi zo.

            De status van deze thread zet ik op opgelost.
            Indien er niet meer gereageerd wordt, zal binnen een 3-tal dagen deze thread automatisch verplaatst worden naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk. Dit om het forum netjes en overzichtelijk te houden.
            Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.

            Comment

            Sorry, you are not authorized to view this page
            Working...
            X
            😀
            🥰
            🤢
            😎
            😡
            👍
            👎