Mededeling

**smeenk** · 08-03-08, 13:26

Download: RVAXO.exe

Sla het bestand op je bureaublad op, dubbelklik het en kies voor "Unzip" om het uit te pakken.
Open nu de map RVAXO op je bureaublad en dubbeklik RunMe.cmd
Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze gewoon zijn werk doen.
Daarna zal je PC herstarten, na de herstart opent het cmd-venster van RVAXO opnieuw.
Laat deze lopen en wacht tot er een logfile opent: C:\RVAXO-results.log
Herstart je computer niet vanzelf, of start de tool niet na de reboot, doe dit dan handmatig.
Post de inhoud van de logfile in je volgende bericht.

Download Deckard's System Scanner naar je Bureaublad.

Sluit alle toepassingen en vensters.
Dubbelklik op dss.exe om het te activeren, en volg de aanwijzingen.
Wanneer de scan volledig is, zal een tekstbestand - main.txt - openen.
Kopiëer (Ctrl+A gevolgd door Ctrl+C) en plak (Ctrl+V) de inhoud van main.txt in je volgende antwoord.

Opmerking: Sommige firewalls kunnen waarschuwen dat sigcheck.exe probeert verbinding te maken met het internet
- zorg dat sigcheck.exe toestemming krijgt om dit te doen !
Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)

**NOEL** · 08-03-08, 14:25

log file van rvaxo

VAXO.exe Updated: 2008-03-08---first run---
Uninstallers:

Files found:
C:\WINDOWS\btrklfr.dll
C:\WINDOWS\rs.txt
C:\WINDOWS\fqspogw.exe
C:\WINDOWS\system32\drivers\spools.exe
C:\WINDOWS\17PHolmes572.exe
C:\WINDOWS\apdqnxp.dll

Folders Found:

Hosts-file was reset, If you use a custom hosts file please replace it...

--------------RVAXO.exe last run---------------
Not deleted items:

--------------RVAXO.exe finished------

**NOEL** · 08-03-08, 14:46

Deckard's

kan deze file niet kopieren is te groot 5900 waar max 5000 mag

**smeenk** · 08-03-08, 14:48

Post hem verdeeld over meerdere reacties

**NOEL** · 08-03-08, 14:56

1 deel

Run by Noel on 2008-03-08 13:30:34
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
69: 2008-03-08 12:30:42 UTC - RP69 - Deckard's System Scanner Restore Point
68: 2008-03-07 21:17:02 UTC - RP68 - Software Distribution Service 3.0
67: 2008-03-07 17:41:35 UTC - RP67 - Installed Iomega Automatic Backup
66: 2008-03-07 15:57:42 UTC - RP66 - Before uninstall Registry Mechanic 7.0
65: 2008-03-07 15:56:44 UTC - RP65 - Before uninstall Huishoudboekje

-- First Restore Point --
1: 2008-02-28 19:57:58 UTC - RP1 - Controlepunt van systeem

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as Noel.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:31:25, on 8/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe
C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Portrait Displays\Pivot Software\floater.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\HP\Digital Imaging\HP Print Screen\PrnSys.exe
C:\Documents and Settings\LocalService\Local Settings\Application Data\cftmon.exe
C:\WINDOWS\system32\drivers\spools.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\WINDOWS\system32\drivers\spools.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Noel\Bureaublad\dss.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Noel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"
O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [PrnSys Executable] C:\Program Files\HP\Digital Imaging\HP Print Screen\PrnSys.exe
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [Iomega Automatic Backup 1.0.1] C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe
O4 - HKLM\..\Run: [autoload] C:\Documents and Settings\Noel\Local Settings\Application Data\cftmon.exe
O4 - HKLM\..\Run: [ntuser] C:\WINDOWS\system32\drivers\spools.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKCU\..\Run: [autoload] C:\Documents and Settings\Noel\Local Settings\Application Data\cftmon.exe
O4 - HKCU\..\Run: [ntuser] C:\WINDOWS\system32\drivers\spools.exe
O4 - HKCU\..\Run: [Iomega Automatic Backup] C:\Program Files\Iomega\Iomega Automatic Backup\iBackup.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Firewall auto setup] C:\WINDOWS\TEMP\winlogon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
O21 - SSODL: DriveWin - {383d5ea0-1709-4b28-bee5-1c39e782ba3a} - (no file)
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: CcEvtSvc - Unknown owner - C:\WINDOWS\System32\CcEvtSvc.exe (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe

--
End of file - 10076 bytes

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 iomdisk (Iomega Devices Disk Filter Services) - c:\windows\system32\drivers\iomdisk.sys <Not Verified; Iomega Corporation; Microsoft(R) Windows NT(R) Operating System>
R0 sisidex - c:\windows\system32\drivers\sisidex.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R0 sisperf (Add Performance Filter Driver) - c:\windows\system32\drivers\sisperf.sys <Not Verified; Silicon Integrated Systems Corp.; SiS Filer Driver>
R1 asuskbnt (Enhanced Display Driver Helper Service) - c:\windows\system32\drivers\atkkbnt.sys <Not Verified; ASUSTeK COMPUTER INC.; ASUS Help driver For Keyboard Service.>
R1 EIO - c:\windows\system32\drivers\eio.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Kernel Mode Driver for NT>
R2 DLPortIO (DriverLINX Port I/O Driver) - c:\windows\system32\drivers\dlportio.sys
R3 Video3D (ASUS Video3D Service) - c:\windows\system32\drivers\video3d32.sys <Not Verified; ASUSTeK COMPUTER INC.; ASUS Video3D driver>

S1 asusgsb (ASUS Virtual Video Capture Device Driver) - c:\windows\system32\drivers\asusgsb32.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Virtual Video Capture Device Driver>
S3 EverestDriver (Lavalys EVEREST Kernel Driver) - c:\docume~1\noel\locals~1\temp\rar$ex05.735\kerneld.wnt (file missing)
S3 Mach2 (Mach2 Pulseing Service) - c:\windows\system32\drivers\mach2.sys <Not Verified; Your Corporation; Your Product Name>

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 _IOMEGA_ACTIVE_DISK_SERVICE_ (Iomega Active Disk) - "c:\program files\iomega\autodisk\adservice.exe" <Not Verified; Iomega Corporation; Iomega Active Disk>
R2 ATKKeyboardService (ATK Keyboard Service) - c:\windows\atkkbservice.exe <Not Verified; ASUSTeK COMPUTER INC.; ASUS Keyboard Service>
R2 CLCapSvc (CyberLink Background Capture Service (CBCS)) - "c:\program files\cyberlink\powercinema\kernel\tv\clcapsvc.exe" <Not Verified; ; CLCapSvc Module>
R2 Iomega App Services - "c:\progra~1\iomega\system32\appservices.exe" <Not Verified; Iomega Corporation; Iomega App Services>
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module>
R2 x10nets (X10 Device Network Service) - c:\progra~1\common~1\x10\common\x10nets.exe <Not Verified; X10; x10 Module>

S2 CcEvtSvc - c:\windows\system32\ccevtsvc.exe -k netsvcs (file missing)
S2 CLSched (CyberLink Task Scheduler (CTS)) - "c:\program files\cyberlink\powercinema\kernel\tv\clsched.exe" <Not Verified; ; CLSched Module>
S4 Iomega Activity Disk2 - ""

-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.

**NOEL** · 08-03-08, 14:57

2deel

-- Files created between 2008-02-08 and 2008-03-08 -----------------------------

2008-03-08 12:55:24 0 d-------- C:\Program Files\Trend Micro
2008-03-08 09:13:53 276 --a------ C:\WINDOWS\system32\drivers\spools.exe
2008-03-07 22:18:01 0 d-------- C:\Program Files\MSXML 4.0
2008-03-07 18:42:54 0 d-------- C:\Documents and Settings\Noel\Application Data\Iomega Automatic Backup
2008-03-07 18:41:28 0 d-------- C:\WINDOWS\Downloaded Installations
2008-03-07 16:21:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Logishrd
2008-03-07 16:21:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2008-03-07 16:21:03 0 d-------- C:\Program Files\Logitech
2008-03-07 16:17:39 0 d-------- C:\Program Files\Common Files\logishrd
2008-03-07 16:04:28 0 d-------- C:\Documents and Settings\Noel\Application Data\Active Disk
2008-03-07 15:16:06 86016 --a------ C:\WINDOWS\unvise32.exe <Not Verified; MindVision Software; Installer VISE>
2008-03-07 15:15:17 0 d-------- C:\Program Files\Iomega
2008-03-07 14:15:54 99968 --a------ C:\WINDOWS\system32\drivers\Mach2.sys <Not Verified; Your Corporation; Your Product Name>
2008-03-07 14:15:54 0 d-------- C:\Mach2
2008-03-07 13:15:46 0 d-------- C:\Documents and Settings\LocalService\Menu Start
2008-03-06 18:44:57 0 d-------- C:\Documents and Settings\Noel\DoctorWeb
2008-03-06 18:04:12 0 d-------- C:\WINDOWS\peernet
2008-03-06 17:44:14 0 d-------- C:\WINDOWS\EHome
2008-03-06 17:37:37 0 d-------- C:\774e232afda420ba0fafc358cbca0e95
2008-03-06 17:19:24 0 d-------- C:\40bd92bf713a73aeff
2008-03-06 16:19:38 81920 --a------ C:\WINDOWS\fqspogw.exe
2008-03-06 16:19:38 217088 --a------ C:\WINDOWS\btrklfr.dll
2008-03-06 16:19:38 307200 --a------ C:\WINDOWS\apdqnxp.dll <Not Verified; ; apdqnxp>
2008-03-06 16:01:13 3584 --a------ C:\WINDOWS\system32\drivers\DLPortIO.SYS
2008-03-06 16:01:13 34816 --a------ C:\WINDOWS\system32\DLPortIO.DLL <Not Verified; Scientific Software Tools, Inc.; DriverLINX Port I/O Driver>
2008-03-06 16:01:08 0 d-------- C:\WINDOWS\KCam4
2008-03-06 16:01:08 0 d-------- C:\Program Files\KCam4
2008-03-06 14:46:39 0 --a------ C:\WINDOWS\system32\drivers\nStandard.bin
2008-03-06 14:25:33 15360 --a------ C:\Documents and Settings\Noel\nax.exe
2008-03-06 13:29:01 98 --a------ C:\WINDOWS\SPR5375.DAT
2008-03-06 13:28:40 0 d-------- C:\Program Files\Layout50
2008-03-06 13:25:50 592 --a------ C:\WINDOWS\chgkey.vbs
2008-03-06 13:16:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-03-06 13:09:24 0 d-------- C:\Program Files\SpywareBlaster
2008-03-05 19:50:29 0 d-------- C:\Program Files\USB Safely Remove
2008-03-05 19:49:56 32764 --a------ C:\WINDOWS\17PHolmes572.exe
2008-03-05 19:36:20 0 d-------- C:\Documents and Settings\Noel\Application Data\USBSafelyRemove
2008-03-05 19:32:15 0 d-------- C:\Documents and Settings\Noel\Application Data\URSoft
2008-03-05 19:32:09 0 d-------- C:\Program Files\Your Uninstaller 2008
2008-03-05 18:08:33 26112 --a------ C:\WINDOWS\system32\xpsp1hfm.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-05 17:56:55 0 d-------- C:\Program Files\Windows Doctor
2008-03-04 21:25:51 0 d-------- C:\Documents and Settings\All Users\Application Data\IM
2008-03-04 21:24:50 0 d-------- C:\Documents and Settings\All Users\Application Data\IncrediMail
2008-03-04 18:20:11 0 d-------- C:\Program Files\InsideCAT4
2008-03-03 20:19:01 1024 --a------ C:\WINDOWS\system32\e-pdfcreator.dat
2008-03-03 19:46:06 0 d-------- C:\Program Files\WinSnap
2008-03-03 19:40:15 12288 --a------ C:\WINDOWS\system32\unpdf.exe
2008-03-03 19:40:15 27648 --a------ C:\WINDOWS\system32\_pdfxp.dll
2008-03-03 19:40:11 0 d-------- C:\Program Files\e-PDF Converter and Creator v2.1
2008-03-03 18:35:26 626960 -ra------ C:\WINDOWS\system32\hpvaut32.dll <Not Verified; Microsoft Corporation; >
2008-03-03 18:35:10 0 d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-03-03 18:32:43 0 d-------- C:\Program Files\Common Files\HP
2008-03-03 18:30:21 0 d-------- C:\WINDOWS\system32\URTTemp
2008-03-03 18:26:26 0 d-------- C:\Program Files\HP
2008-03-03 18:26:00 38771 -----n--- C:\WINDOWS\hpomdl03.dat
2008-03-03 18:26:00 29409 --a------ C:\WINDOWS\hpoins03.dat
2008-03-03 18:21:26 0 d-------- C:\Temp
2008-03-03 15:52:28 0 d-------- C:\Documents and Settings\Noel\Contacts
2008-03-03 15:51:38 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-03-02 20:54:33 0 d-------- C:\Documents and Settings\Noel\Application Data\Nero
2008-03-02 20:51:20 0 d-------- C:\Program Files\Nero
2008-03-02 20:51:20 0 d-------- C:\Program Files\Common Files\Nero
2008-03-02 20:51:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-03-02 19:35:28 0 d--h----- C:\WINDOWS\PIF
2008-03-02 18:52:38 0 d-------- C:\WINDOWS\system32\bits
2008-03-02 18:50:44 0 d-------- C:\WINDOWS\system32\PreInstall
2008-03-02 18:44:07 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-03-02 16:47:50 0 d-------- C:\WINDOWS\system32\NtmsData
2008-03-02 10:58:15 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-03-01 21:58:47 0 d-------- C:\Program Files\Pmcc
2008-03-01 21:49:08 0 d-------- C:\Program Files\Smart CD Catalog PRO
2008-03-01 20:10:36 0 d-------- C:\Program Files\CD Storage Master
2008-03-01 19:41:29 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-01 19:25:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-01 19:13:54 0 d-------- C:\Program Files\WhereIsIt
2008-03-01 18:55:08 0 d-------- C:\Documents and Settings\Noel\Application Data\PC Tools
2008-03-01 18:45:57 0 d-------- C:\WINDOWS\system32\appmgmt
2008-03-01 18:25:05 0 d-------- C:\466661045a7c260c5278fcd72d0068
2008-03-01 18:24:28 0 d-------- C:\MCM30
2008-03-01 18:23:37 0 d-------- C:\Program Files\My Company Name
2008-03-01 16:34:30 0 d-------- C:\Program Files\Spyware Doctor
2008-03-01 16:08:28 0 d-------- C:\WINDOWS\$hf_mig$
2008-03-01 14:11:05 0 d-------- C:\Program Files\CD Catalog Expert
2008-03-01 12:16:11 0 d-------- C:\WINDOWS\provisioning
2008-03-01 12:13:58 0 d-------- C:\WINDOWS\ServicePackFiles
2008-03-01 11:45:19 0 d-------- C:\Program Files\MSN Messenger
2008-03-01 11:38:39 0 d-------- C:\Documents and Settings\Noel\Application Data\Smart PC Solutions
2008-03-01 09:18:50 663516 --a------ C:\Program Files\everest.dat
2008-02-29 21:08:01 0 d-------- C:\WINDOWS\SHELLNEW
2008-02-29 21:07:38 3407872 --a------ C:\Documents and Settings\Noel\ntuser.dat
2008-02-29 20:21:05 73216 --a------ C:\WINDOWS\system32\Odbctl32.dll <Not Verified; Microsoft Corporation; Microsoft Open Database Connectivity>
2008-02-29 20:21:05 287504 --a------ C:\WINDOWS\system32\msxbse35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-02-29 20:21:05 165648 --a------ C:\WINDOWS\system32\mstext35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-02-29 20:21:05 118784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL <Not Verified; Microsoft Corporation; MSSTDFMT Object Library>
2008-02-29 20:21:05 252176 --a------ C:\WINDOWS\system32\msrd2x35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-02-29 20:21:05 250128 --a------ C:\WINDOWS\system32\mspdox35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-02-29 20:21:05 166160 --a------ C:\WINDOWS\system32\msltus35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-02-29 20:21:05 1045776 --a------ C:\WINDOWS\system32\msjet35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-02-29 20:21:05 250128 --a------ C:\WINDOWS\system32\msexcl35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-02-29 20:21:04 368912 --a------ C:\WINDOWS\system32\vbar332.dll <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Applications>
2008-02-29 20:21:04 407312 --a------ C:\WINDOWS\system32\msrepl35.dll <Not Verified; Microsoft Corporation; Microsoft® Access>
2008-02-29 20:21:04 24848 --a------ C:\WINDOWS\system32\msjter35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-02-29 20:21:04 123664 --a------ C:\WINDOWS\system32\Msjint35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-02-29 20:21:04 0 d-------- C:\Program Files\DATA BECKER
2008-02-29 20:11:38 24990 --a------ C:\WINDOWS\system32\VFP6RUN.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual FoxPro®>
2008-02-29 20:11:38 876032 --a------ C:\WINDOWS\system32\VFP6RENU.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual FoxPro®>
2008-02-29 20:11:38 3373328 --a------ C:\WINDOWS\system32\VFP6R.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual FoxPro®>
2008-02-29 20:11:35 700416 --a------ C:\WINDOWS\system32\CDDBUI.DLL <Not Verified; Gracenote; CDDBUIControl Module>
2008-02-29 20:11:35 569344 --a------ C:\WINDOWS\system32\CDDBCONTROL.DLL <Not Verified; Gracenote (formerly CDDB, Inc.); CDDBControl Core Module>
2008-02-29 20:04:12 0 d-------- C:\Program Files\Collectorz.com
2008-02-29 18:44:15 53248 --a------ C:\WINDOWS\system32\zlib.dll <Not Verified; ; ZLib.DLL>
2008-02-29 18:44:15 156160 --a------ C:\WINDOWS\system32\unrar.dll
2008-02-29 18:44:15 254464 --a------ C:\WINDOWS\system32\unlha32.dll <Not Verified; MicSoft; UNLHA32.DLL for Win32>
2008-02-29 18:44:15 127488 --a------ C:\WINDOWS\system32\unarj32j.dll <Not Verified; MicSoft; UNARJ32.DLL for Win32(s)>
2008-02-29 18:44:15 75264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-02-29 18:44:15 348160 --a------ C:\WINDOWS\system32\tar32.dll <Not Verified; ; tar32>
2008-02-29 18:44:15 40960 --a------ C:\WINDOWS\system32\SSubTmr6.dll <Not Verified; vbAccelerator; SSubTmr6>
2008-02-29 18:44:15 106496 --a------ C:\WINDOWS\system32\GDIPlusWrapper.dll <Not Verified; vbAccelerator; vbAccelerator VB6 GDIPlus Wrapper Library>
2008-02-29 18:44:15 1700352 --a------ C:\WINDOWS\system32\GDIPlus.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-29 18:44:15 40448 --a------ C:\WINDOWS\system32\dsofile.dll <Not Verified; Microsoft Corporation; dsofile>
2008-02-29 18:44:15 159744 --a------ C:\WINDOWS\system32\cNewMenu6.dll <Not Verified; vbAccelerator; vbAccelerator PopupMenu Active X DLL>
2008-02-29 18:44:15 221184 --a------ C:\WINDOWS\system32\cab32.dll <Not Verified; LightShip Software; Common Archiver Project - CAB32>
2008-02-29 17:58:48 0 d-------- C:\Program Files\IncrediMail
2008-02-29 00:47:50 0 d-------- C:\Documents and Settings\LocalService\Application Data\CyberLink
2008-02-29 00:41:02 0 d-------- C:\Documents and Settings\All Users\Application Data\X10 Settings
2008-02-29 00:07:14 0 d-------- C:\Documents and Settings\LocalService\Application Data\X10 Commander
2008-02-29 00:01:35 127184 --a------ C:\WINDOWS\Unwise.exe
2008-02-29 00:01:33 0 d-------- C:\Program Files\X10 Hardware
2008-02-29 00:01:33 0 d-------- C:\Program Files\Common Files\X10
2008-02-28 23:50:47 0 d-------- C:\Program Files\Silicon Integrated Systems
2008-02-28 23:49:29 0 d-------- C:\Program Files\SiSLan
2008-02-28 23:49:00 139264 -ra------ C:\WINDOWS\system32\IDEproperty.dll <Not Verified; ; IDEproperty Dynamic Link Library>
2008-02-28 23:49:00 49024 -ra------ C:\WINDOWS\system32\drivers\sisidex.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
2008-02-28 23:48:57 9472 -ra------ C:\WINDOWS\system32\drivers\sisperf.sys <Not Verified; Silicon Integrated Systems Corp.; SiS Filer Driver>
2008-02-28 23:48:42 0 d-------- C:\Documents and Settings\Noel\WINDOWS
2008-02-28 22:30:52 0 d-------- C:\Documents and Settings\Noel\Application Data\CyberLink
2008-02-28 22:29:10 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-02-28 22:28:52 82432 --a------ C:\WINDOWS\system32\msxml4r.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP1>
2008-02-28 22:28:52 44544 --a------ C:\WINDOWS\system32\msxml4a.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP1>
2008-02-28 22:28:12 0 d-------- C:\Program Files\Cyberlink
2008-02-28 22:17:09 0 d-------- C:\WINDOWS\SxsCaPendDel
2008-02-28 21:57:54 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-02-28 21:49:27 0 d-------- C:\Documents and Settings\Noel\Application Data\Macromedia
2008-02-28 21:44:01 0 d-------- C:\Program Files\Common Files\ODBC
2008-02-28 21:43:59 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-02-28 21:43:58 0 dr------- C:\Program Files
2008-02-28 21:43:58 0 d-------- C:\Program Files\Common Files
2008-02-28 21:43:38 0 d--h----- C:\Documents and Settings\Default User\Sjablonen
2008-02-28 21:43:38 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-02-28 21:43:38 0 d--h----- C:\Documents and Settings\Default User\Onlangs geopend
2008-02-28 21:43:38 0 d--h----- C:\Documents and Settings\Default User\Netwerkprinteromgeving
2008-02-28 21:43:38 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-02-28 21:43:38 0 d-------- C:\Documents and Settings\Default User\Mijn documenten
2008-02-28 21:43:38 0 dr------- C:\Documents and Settings\Default User\Menu Start
2008-02-28 21:43:38 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-02-28 21:43:38 0 d-------- C:\Documents and Settings\Default User\Favorieten
2008-02-28 21:43:38 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-02-28 21:43:38 0 d-------- C:\Documents and Settings\Default User\Bureaublad
2008-02-28 21:43:38 0 d--h----- C:\Documents and Settings\All Users\Sjablonen
2008-02-28 21:43:38 0 dr------- C:\Documents and Settings\All Users\Menu Start
2008-02-28 21:43:38 0 d-------- C:\Documents and Settings\All Users\Favorieten
2008-02-28 21:43:38 0 dr------- C:\Documents and Settings\All Users\Documenten
2008-02-28 21:43:38 0 d-------- C:\Documents and Settings\All Users\Bureaublad
2008-02-28 21:43:26 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-02-28 21:43:26 0 d-------- C:\WINDOWS\system32\CatRoot
2008-02-28 21:43:21 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-02-28 21:43:21 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-02-28 21:43:21 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-02-28 21:43:21 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-02-28 21:43:01 0 d-------- C:\Documents and Settings
2008-02-28 21:40:58 0 d-------- C:\Program Files\everest
2008-02-28 21:39:10 0 d-------- C:\WINDOWS
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\WinSxS
2008-02-28 21:39:10 0 dr------- C:\WINDOWS\Web
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\twain_32
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\wins
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\wbem
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\usmt
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\spool
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\ShellExt
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\Setup
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\ras
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\oobe
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\npp
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\mui
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\inetsrv
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\IME
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\icsxml
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\ias
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\export
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\drivers
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-02-28 21:39:10 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\dhcp
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\config
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\3076
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\2052
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\1054
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\1043
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\1042
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\1041
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\1037
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\1033
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\1031
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\1028
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system32\1025
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\system
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\security
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\Resources
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\repair
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\mui
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\msapps
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\msagent
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\Media
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\java
2008-02-28 21:39:10 0 d--h----- C:\WINDOWS\inf
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\ime
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\Help
2008-02-28 21:39:10 0 dr--s---- C:\WINDOWS\Fonts
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\Driver Cache
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\Debug
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\Cursors
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\Connection Wizard
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\Config
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\AppPatch
2008-02-28 21:39:10 0 d-------- C:\WINDOWS\addins
2008-02-28 21:26:42 0 d---s---- C:\Documents and Settings\Noel\UserData
2008-02-28 21:23:26 266240 --a------ C:\WINDOWS\CMIUninstall.exe <Not Verified; ; GeneralUninstall Application>
2008-02-28 21:23:26 225280 --a------ C:\WINDOWS\CmiRmRedundDir.exe <Not Verified; ; CmiRmRedundDir Application>
2008-02-28 21:23:26 28672 --a------ C:\WINDOWS\CMIRmDriver.dll
2008-02-28 21:23:26 0 d-------- C:\Program Files\C-Media 3D Audio
2008-02-28 21:23:09 327168 --a------ C:\WINDOWS\IsUn0413.exe <Not Verified; InstallShield Software Corporation; InstallShield(r) unInstaller>
2008-02-28 21:22:57 5824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2008-02-28 21:20:33 0 d-------- C:\Documents and Settings\Noel\Application Data\Adobe
2008-02-28 21:20:29 0 d-------- C:\Documents and Settings\Noel\Application Data\DisplayTune
2008-02-28 21:16:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-02-28 21:16:26 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-28 21:14:13 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-02-28 21:13:48 11776 --a------ C:\WINDOWS\system32\drivers\pdiddcci.sys <Not Verified; Portrait Displays, Inc.; Portrait Displays DDC/CI Monitor Device Driver>
2008-02-28 21:13:35 62009 --a------ C:\WINDOWS\system32\wpfb_atkdisp.dll <Not Verified; Portrait Displays, Inc.; Pivot Sofware>
2008-02-28 21:13:34 62009 --a------ C:\WINDOWS\system32\WPFB.DLL <Not Verified; Portrait Displays, Inc.; Pivot Sofware>
2008-02-28 21:13:34 2304 --a------ C:\WINDOWS\system32\Machnm32.sys
2008-02-28 21:13:34 11323 --a------ C:\WINDOWS\system32\drivers\pivotmou.sys <Not Verified; Portrait Displays, Inc.; Pivot (R) Software (R)>
2008-02-28 21:13:34 17465 --a------ C:\WINDOWS\system32\drivers\pivot.sys <Not Verified; Portrait Displays, Inc.; Windows (R) 2000 DDK driver>
2008-02-28 21:13:19 372736 --a------ C:\WINDOWS\ijl15.dll <Not Verified; Intel Corporation; Intel® JPEG Library>
2008-02-28 21:13:17 0 d-------- C:\Program Files\Common Files\Portrait Displays
2008-02-28 21:13:09 0 d-------- C:\Program Files\Portrait Displays
2008-02-28 21:11:38 12288 --a------ C:\WINDOWS\system32\drivers\EIO.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Kernel Mode Driver for NT>
2008-02-28 21:08:06 0 d-------- C:\WINDOWS\RegisteredPackages
2008-02-28 21:07:22 1703936 --a------ C:\WINDOWS\system32\d3d9(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-28 21:06:11 258560 --a------ C:\WINDOWS\ATKKBService.exe <Not Verified; ASUSTeK COMPUTER INC.; ASUS Keyboard Service>
2008-02-28 21:06:11 163840 --a------ C:\WINDOWS\atistclk.dll <Not Verified; ATI Technologies Inc.; ATI WinClk DLL>
2008-02-28 21:06:10 10752 --a------ C:\WINDOWS\system32\drivers\Video3D32.sys <Not Verified; ASUSTeK COMPUTER INC.; ASUS Video3D driver>
2008-02-28 21:06:10 8704 --a------ C:\WINDOWS\system32\drivers\Bravo.sys <Not Verified; ASMT; Microsoft(R) Windows NT(R) Operating System>
2008-02-28 21:06:10 11136 --a------ C:\WINDOWS\system32\drivers\atkkbnt.sys <Not Verified; ASUSTeK COMPUTER INC.; ASUS Help driver For Keyboard Service.>
2008-02-28 21:06:10 11264 --a------ C:\WINDOWS\system32\ATKOSDMini.DLL <Not Verified; ASUSTeK Computer Inc.; >
2008-02-28 21:06:10 2093056 --a------ C:\WINDOWS\system32\ATKDispCPL.dll <Not Verified; ASUSTeK COMPUTER INC.; ASUS Display Property Page>
2008-02-28 21:06:10 110592 --a------ C:\WINDOWS\R5ClkLib.dll <Not Verified; ; Overclocker>
2008-02-28 21:06:10 122880 --a------ C:\WINDOWS\OneTouchVga.dll <Not Verified; ASUSTek; ASUS OneTouchVga>
2008-02-28 21:06:10 20480 --a------ C:\WINDOWS\HyperDrive.exe <Not Verified; ; HyperDrive Application>
2008-02-28 21:06:10 15360 --a------ C:\WINDOWS\EIO64.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Kernel Mode Driver for NT>
2008-02-28 21:06:10 12288 --a------ C:\WINDOWS\EIO.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Kernel Mode Driver for NT>
2008-02-28 21:06:10 94208 --a------ C:\WINDOWS\EIO.dll <Not Verified; ASUSTek Computer Inc.,; ASUS EIO.DLL>
2008-02-28 21:06:10 188416 --a------ C:\WINDOWS\atipdlxx.dll <Not Verified; ATI Technologies, Inc.; ATI Desktop Component>
2008-02-28 21:06:10 7680 --a------ C:\WINDOWS\atillk64.sys <Not Verified; Overclocking Tool; Overclocking Tool>
2008-02-28 21:06:10 15872 --a------ C:\WINDOWS\atikia64.sys <Not Verified; Overclocking Tool; Overclocking Tool>
2008-02-28 21:06:10 5376 --a------ C:\WINDOWS\atidgllk.sys <Not Verified; Overclocking Tool; Overclocking Tool>
2008-02-28 21:06:10 643142 --a------ C:\WINDOWS\aticlocklib.dll
2008-02-28 21:06:10 73728 --a------ C:\WINDOWS\ASUSRC.dll <Not Verified; ASUS; ASUSRC>
2008-02-28 21:06:09 12416 --a------ C:\WINDOWS\system32\drivers\asusgsb32.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Virtual Video Capture Device Driver>
2008-02-28 21:06:09 5421568 --a------ C:\WINDOWS\system32\ATKOSDX32.dll <Not Verified; ASUSTeK COMPUTER INC.; ASUS On-Screen Display For 3D Game>
2008-02-28 21:06:09 39936 --a------ C:\WINDOWS\system32\ATKOGL32.dll <Not Verified; ASUSTeK COMPUTER INC.; ASUSTeK Computer Inc. AsusOGL>
2008-02-28 21:06:09 250624 --a------ C:\WINDOWS\system32\ATKDISP.dll <Not Verified; ASUSTeK Computer Inc.; ASUS Windows 2000/XP Display Driver>
2008-02-28 21:06:09 46080 --a------ C:\WINDOWS\system32\asrussian.dll
2008-02-28 21:06:09 45568 --a------ C:\WINDOWS\system32\askorean.dll
2008-02-28 21:06:09 45568 --a------ C:\WINDOWS\system32\asjapan.dll
2008-02-28 21:06:09 46080 --a------ C:\WINDOWS\system32\asgerman.dll
2008-02-28 21:06:09 46592 --a------ C:\WINDOWS\system32\asfrench.dll
2008-02-28 21:06:09 46080 --a------ C:\WINDOWS\system32\aseng.dll
2008-02-28 21:06:09 45568 --a------ C:\WINDOWS\system32\ASCHT.dll
2008-02-28 21:06:09 45568 --a------ C:\WINDOWS\system32\aschs.dll
2008-02-28 21:06:08 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-28 21:05:28 0 d-------- C:\WINDOWS\nview
2008-02-28 21:04:10 0 d-------- C:\Program Files\Common Files\InstallShield
2008-02-28 20:59:57 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-02-28 20:59:44 298104 --a------ C:\WINDOWS\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System>
2008-02-28 20:59:08 0 d-------- C:\Documents and Settings\Noel\Application Data\WinRAR
2008-02-28 20:57:50 0 d--hs---- C:\WINDOWS\Installer
2008-02-28 20:57:48 0 d-------- C:\Documents and Settings\Noel\Application Data\Identities
2008-02-28 20:57:38 0 d--h----- C:\Documents and Settings\Noel\Sjablonen
2008-02-28 20:57:38 0 dr-h----- C:\Documents and Settings\Noel\SendTo
2008-02-28 20:57:38 0 dr-h----- C:\Documents and Settings\Noel\Onlangs geopend
2008-02-28 20:57:38 0 d--h----- C:\Documents and Settings\Noel\Netwerkprinteromgeving
2008-02-28 20:57:38 0 d--h----- C:\Documents and Settings\Noel\NetHood
2008-02-28 20:57:38 0 dr------- C:\Documents and Settings\Noel\Mijn documenten
2008-02-28 20:57:38 0 dr------- C:\Documents and Settings\Noel\Menu Start
2008-02-28 20:57:38 0 d--h----- C:\Documents and Settings\Noel\Local Settings
2008-02-28 20:57:38 0 dr------- C:\Documents and Settings\Noel\Favorieten
2008-02-28 20:57:38 0 d---s---- C:\Documents and Settings\Noel\Cookies
2008-02-28 20:57:38 0 d-------- C:\Documents and Settings\Noel\Bureaublad
2008-02-28 20:57:38 0 dr-h----- C:\Documents and Settings\Noel\Application Data
2008-02-28 20:56:54 0 d--hs---- C:\System Volume Information
2008-02-28 20:56:45 233472 --a------ C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-02-28 20:56:45 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-02-28 20:56:45 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2008-02-28 20:56:45 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-02-28 20:56:45 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-02-28 20:56:45 233472 --a------ C:\Documents and Settings\LocalService\NTUSER.DAT
2008-02-28 20:56:45 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-02-28 20:56:45 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2008-02-28 20:56:45 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-02-28 20:56:45 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-02-28 20:53:44 0 d-------- C:\WINDOWS\system32\xircom
2008-02-28 20:53:44 0 d-------- C:\Program Files\microsoft frontpage
2008-02-28 20:53:33 262144 --ah----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-02-28 20:53:31 0 -rahs---- C:\MSDOS.SYS
2008-02-28 20:53:31 0 -rahs---- C:\IO.SYS
2008-02-28 20:53:31 0 --a------ C:\CONFIG.SYS
2008-02-28 20:53:31 0 --a------ C:\AUTOEXEC.BAT
2008-02-28 20:52:54 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-02-28 20:52:47 0 dr------- C:\WINDOWS\Offline Web Pages
2008-02-28 20:52:47 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-02-28 20:52:24 0 d-------- C:\WINDOWS\system32\DirectX
2008-02-28 20:51:44 49664 --a------ C:\WINDOWS\system32\inetres(2).dll <Not Verified; Microsoft Corporation; Besturingssysteem Microsoft® Windows®>
2008-02-28 20:51:40 0 d---s---- C:\WINDOWS\Tasks
2008-02-28 20:51:37 0 d-------- C:\Program Files\Common Files\MSSoap
2008-02-28 20:51:33 0 d-------- C:\WINDOWS\srchasst
2008-02-28 20:51:32 0 d-------- C:\WINDOWS\system32\Macromed
2008-02-28 20:51:31 223232 --a------ C:\WINDOWS\system32\qmgr(3).dll <Not Verified; Microsoft Corporation; Besturingssysteem Microsoft® Windows®>
2008-02-28 20:51:31 0 d-------- C:\Program Files\Movie Maker
2008-02-28 20:51:27 158720 --a------ C:\WINDOWS\system32\srsvc(3).dll <Not Verified; Microsoft Corporation; Besturingssysteem Microsoft® Windows®>
2008-02-28 20:51:27 0 d-------- C:\WINDOWS\system32\Restore
2008-02-28 20:51:27 0 d-------- C:\WINDOWS\PCHealth
2008-02-28 20:51:23 81408 --a------ C:\WINDOWS\system32\msoert2(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-28 20:51:22 160256 --a------ C:\WINDOWS\system32\schedsvc(3).dll <Not Verified; Microsoft Corporation; Besturingssysteem Microsoft® Windows®>
2008-02-28 20:51:22 587776 --a------ C:\WINDOWS\system32\inetcomm(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-28 20:50:54 21748 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-02-28 20:50:50 0 d-------- C:\WINDOWS\Registration
2008-02-28 20:50:47 0 d--h----- C:\Program Files\WindowsUpdate
2008-02-28 20:50:47 0 d-------- C:\Program Files\Online Services
2008-02-28 20:50:38 0 d-------- C:\Program Files\MSN Gaming Zone
2008-02-28 20:50:15 83968 --a------ C:\WINDOWS\system32\mtxoci(2).dll <Not Verified; Microsoft Corporation; COM Services>
2008-02-28 20:50:13 56832 --a------ C:\WINDOWS\system32\colbact(3).dll <Not Verified; Microsoft Corporation; COM Services>
2008-02-28 20:50:12 468480 --a------ C:\WINDOWS\system32\clbcatq(3).dll <Not Verified; Microsoft Corporation; COM Services>
2008-02-28 20:50:12 215040 --a------ C:\WINDOWS\system32\catsrv(3).dll <Not Verified; Microsoft Corporation; COM Services>
2008-02-28 20:49:58 0 d-------- C:\Program Files\Windows NT
2008-02-28 20:49:57 9216 --a------ C:\WINDOWS\system32\wuauserv(3).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-28 20:49:55 202240 --a------ C:\WINDOWS\system32\termsrv(3).dll <Not Verified; Microsoft Corporation; Besturingssysteem Microsoft® Windows®>
2008-02-28 20:49:55 0 d-------- C:\WINDOWS\system32\MsDtc
2008-02-28 20:49:55 9216 --a------ C:\WINDOWS\system32\icaapi(3).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-28 20:49:54 0 d-------- C:\WINDOWS\system32\Com
2008-02-28 20:49:54 582656 --a------ C:\WINDOWS\system32\catsrvut(3).dll <Not Verified; Microsoft Corporation; COM Services>
2008-02-28 20:49:52 1172992 --a------ C:\WINDOWS\system32\comsvcs(3).dll <Not Verified; Microsoft Corporation; COM Services>

-- Find3M Report ---------------------------------------------------------------

2008-03-08 08:37:54 446702 --a------ C:\WINDOWS\system32\perfh013.dat
2008-03-08 08:37:54 71962 --a------ C:\WINDOWS\system32\perfc013.dat
2008-03-01 16:22:34 4466 --a------ C:\Program Files\pkey.txt
2008-02-28 21:43:38 62 --ahs---- C:\Documents and Settings\Noel\Application Data\desktop.ini
2008-02-06 00:28:26 1623313 --a------ C:\Program Files\everest.chm
2008-01-20 23:24:56 113030 --a------ C:\Program Files\lang_nl.txt
2008-01-07 01:47:16 57468 --a------ C:\Program Files\everest_vsb.vsb
2007-12-14 02:09:16 17980 --a------ C:\Program Files\kerneld.w9x

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [28/02/2008 20:59]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [19/04/2007 06:26]
"nwiz"="nwiz.exe" [19/04/2007 06:26 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [19/04/2007 06:26]
"PivotSoftware"="C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe" [09/02/2007 12:17]
"DT HPW"="C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe" [25/04/2007 12:36]
"Cmaudio"="cmicnfg.cpl"

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 22:16]
"PCMService"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe" [02/03/2007 17:55]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [02/11/2007 17:24]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [01/03/2007 14:57]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [03/12/2007 14:21]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd.exe" [04/08/2003 17:28]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [22/12/2003 08:38]
"PrnSys Executable"="C:\Program Files\HP\Digital Imaging\HP Print Screen\PrnSys.exe" [16/09/2003 05:47]
"ADUserMon"="C:\Program Files\Iomega\AutoDisk\ADUserMon.exe" [24/09/2002 16:39]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [08/02/2007 01:12]
"LVCOMSX"="C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe" [06/02/2007 17:43]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [08/02/2007 01:13]
"Iomega Drive Icons"="C:\Program Files\Iomega\DriveIcons\ImgIcon.exe" [13/08/2002 14:30]
"Deskup"="C:\Program Files\Iomega\DriveIcons\deskup.exe" [16/07/2002 10:55]
"Iomega Automatic Backup 1.0.1"="C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe" [10/10/2002 16:25]
"autoload"="C:\Documents and Settings\Noel\Local Settings\Application Data\cftmon.exe" [08/03/2008 09:14]
"ntuser"="C:\WINDOWS\system32\drivers\spools.exe" [08/03/2008 09:13]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 01:03]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [02/03/2008 11:46]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [31/08/2007 16:46]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [13/12/2007 19:10]
"USB Safely Remove"="C:\Program Files\USB Safely Remove\USBSafelyRemove.exe" [18/12/2007 16:20]
"autoload"="C:\Documents and Settings\Noel\Local Settings\Application Data\cftmon.exe" [08/03/2008 09:14]
"ntuser"="C:\WINDOWS\system32\drivers\spools.exe" [08/03/2008 09:13]
"Iomega Automatic Backup"="C:\Program Files\Iomega\Iomega Automatic Backup\iBackup.exe" [10/10/2002 16:25]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"autoload"=C:\Documents and Settings\LocalService\Local Settings\Application Data\cftmon.exe
"ntuser"=C:\WINDOWS\system32\drivers\spools.exe
"Firewall auto setup"=C:\WINDOWS\TEMP\winlogon.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [16/09/2003 5:19:24]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

*Newly Created Service* - HIDSERV

-- End of Deckard's System Scanner: finished at 2008-03-08 13:33:21 ------------

**smeenk** · 08-03-08, 15:01

Download ATF cleaner (mirror)(gemaakt door Atribune)

Belangrijk: Sluit al je browservensters(IE en/of Firefox en/of Opera) om de tool goed te kunnen laten werken.

Dubbelklik op ATF cleaner om het programma te starten.
Op het tabblad "Main", plaats je een vinkje bij Select All.
Klik op de knop Empty Selected.

Het volgende doen als je ook FireFox als browser hebt:
Klik op tabblad "Firefox", plaats een vinkje bij Select All.
Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
(dit haalt het vinkje weer weg bij "Firefox saved passwords")
Klik op de knop Empty Selected.

Het volgende doen als je ook Opera als browser hebt:
Klik op tabblad "Opera", plaats een vinkje bij Select All.
Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
Klik op de knop Empty Selected.
Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

Download Malwarebytes' Anti-Malware op je bureaublad.
Dubbelklik mbam-setup.exe en kies voor "Next" om de tool te installeren.
Als de installatie voltooid is zet je vinkjes bij "Update MalwareBytes' Anti-Malware" en bij "Launch MalwareBytes' Anti-Malware".
Druk daarna op "Finish".
Kies in het hoofdscherm voor de tab "Scanner" en selecteer het keuzerondje "Perform full scan".
Druk op de knop "Scan" en zorg dat al je harde schijven/partities aangevinkt staan.
Druk dan op de knop "Start Scan".
Wanneer de scan voltooid is klik je op OK, daarna op "Show Results" om de resultaten te zien.
Zorg ervoor dat alles aangevinkt is, klik daarna op "Remove Selected".
Als het programma je computer wil laten herstarten, sta je dit toe.
Daarna opent een logje(mbam-log-XX-XX-XXXX(xx-xx-xx).txt)
Post deze log in je volgende bericht

**NOEL** · 08-03-08, 15:57

mbam log

Malwarebytes' Anti-Malware 1.07
Database versie: 468

Scan type: Volledige Scan (A:\|C:\|D:\|E:\|F:\|G:\|H:\|I:\|L:\|)
Objecten gescand: 162824
Verstreken tijd: 31 minute(s), 26 second(s)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 1
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 1
Bestanden geïnfecteerd: 8

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CcEvtSvc (Trojan.MyDoom) -> No action taken.

Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:
C:\WINDOWS\Installer\{383d5ea0-1709-4b28-bee5-1c39e782ba3a} (Trojan.Alphabet) -> No action taken.

Bestanden geïnfecteerd:
C:\WINDOWS\Installer\{383d5ea0-1709-4b28-bee5-1c39e782ba3a}\DriveWin.Vdll (Trojan.Alphabet) -> No action taken.
C:\System Volume Information\_restore{3714F774-E0A5-45DA-9E0F-40413845E76C}\RP51\A0031967.dll (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{3714F774-E0A5-45DA-9E0F-40413845E76C}\RP51\A0031968.dll (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{3714F774-E0A5-45DA-9E0F-40413845E76C}\RP69\A0042846.dll (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{3714F774-E0A5-45DA-9E0F-40413845E76C}\RP69\A0042847.dll (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{3714F774-E0A5-45DA-9E0F-40413845E76C}\RP69\A0042848.exe (Trojan.FakeAlert) -> No action taken.
H:\AUTOCAD\SETUP-FILES\BugdoctorSetup.exe (Rogue.BugDoctor) -> No action taken.
C:\Documents and Settings\Noel\Local Settings\Application Data\cftmon.exe (Trojan.Downloader) -> No action taken.

**smeenk** · 08-03-08, 16:11

No action taken

Je mag alles dat gevonden werd door MalwareByte's laten verwijderen.

Post daarna even een nieuw log van Deckard's System Scanner ter controle

**NOEL** · 08-03-08, 19:12

laaste is ondertussen ook verwijderd

Malwarebytes' Anti-Malware 1.07
Database versie: 468

Scan type: Volledige Scan (A:\|C:\|D:\|E:\|F:\|G:\|H:\|I:\|L:\|)
Objecten gescand: 162842
Verstreken tijd: 35 minute(s), 44 second(s)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 1

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Bestanden geïnfecteerd:
C:\System Volume Information\_restore{3714F774-E0A5-45DA-9E0F-40413845E76C}\RP51\A0031967.dll (Trojan.FakeAlert) -> No action taken.

**smeenk** · 08-03-08, 19:17

Doe dit nog:

Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
Kijk hier hoe je je systeemherstel moet uitschakelen.
Hiermee verwijder je eventuele restanten van de infecties uit je systeemherstel.

Post eventueel nog een logje van Hijackthis ter controle

**NOEL** · 09-03-08, 11:08

Laaste Scan

alwarebytes' Anti-Malware 1.07
Database versie: 468

Scan type: Volledige Scan (A:\|C:\|D:\|E:\|F:\|G:\|H:\|I:\|L:\|)
Objecten gescand: 143722
Verstreken tijd: 25 minute(s), 43 second(s)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)

**NOEL** · 09-03-08, 11:10

Opgelost

Alles Is Weer Normaal Dank Zij Nucia
Vriedelijk Bedankt
Goede Service

**smeenk** · 09-03-08, 12:06

Graag gedaan hoor

Mededeling

pc doet eigenzinnig help mij aub

pc doet eigenzinnig help mij aub

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment