Mededeling

**Dribs** · 17-03-08, 09:45

Jullie zijn mij toch niet vergeten hoop ik ?

**Pimmerd** · 17-03-08, 22:24

Download Hijackthis-setup naar je Bureaublad.

Open HJTInstall en bepaal de locatie waar je Hijackthis wilt installeren.
Druk vervolgens op Install, na enkele seconde zal Hijackthis automatisch openen.
Kies nu voor 'Do a system scan and save a logfile'.
Er opent een kladblok bestand met een logfile. Selecteer deze tekst helemaal (ctrl-A), kopieer (ctrl C) en plak deze tekst in je volgende bericht.

**Dribs** · 17-03-08, 23:04

Zoals ik eerder al zei krijg ik een foutmelding bij het openen van HiJackThis.

Ik heb HiJackThis.exe en HiJackThisInstall.exe geprobeerd.. 2 keer dezelfde foutmeldingen.

Ik zal eens in veilige modus proberen.

EDIT:
Ook in veilige modus geen effect.

Op de website van TrendSecure vond ik iets terug over een dergelijke foutmelding.
"Why do I receive an 'Unexpected error' about a missing DLL when running HijackThis?

HijackThis requires the Visual Basic Runtime Libraries in order to run. Some older versions of Windows may require you to install these libraries. These can be downloaded from Microsoft at the following URL: http://download.microsoft.com/download/vb60pro/Redist/sp5/WIN98Me/EN-US/vbrun60sp5.exe"

Ik heb dit gedownload maar nog steeds dezelfde fout.

**Pimmerd** · 17-03-08, 23:29

Helemaal over heen gelezen

Ik vrees dat door het gebruik van Registry Cleaners het register ernstig beschadigd is geraakt. Meestal veroorzaken deze meer problemen dan dat ze nuttig zijn namelijk.

Download Deckard's System Scanner naar je Bureaublad

Sluit alle toepassingen en vensters.
Dubbelklik op dss.exe om het te activeren, en volg de aanwijzingen.
Wanneer de scan volledig is, zal een tekstbestand - main.txt - openen.
Kopiëer Ctrl+A gevolgd door Ctrl+C) en plak (Ctrl+V) de inhoud van main.txt in je volgende antwoord.

Opmerking: Sommige firewalls kunnen waarschuwen dat sigcheck.exe probeert verbinding te maken met het internet
- zorg dat sigcheck.exe toestemming krijgt om dit te doen !
Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)

**Dribs** · 17-03-08, 23:52

Deckard's System Scanner v20071014.68
Run by Gebruiker on 2007-03-18 22:41:25
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Unable to create WMI object; De bewerking is voltooid.

Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 384 MiB (512 MiB recommended).

-- HijackThis (run as Gebruiker.exe) -------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:44:48, on 18/03/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\windows\explorer.exe
C:\WINDOWS\thwumhxij.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\??crosoft.NET\?canregw.exe
C:\DOCUME~1\GEBRUI~1\APPLIC~1\ASEMBL~1\taskmgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\THDetect.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Gebruiker\Bureaublad\dss.exe
C:\DOCUME~1\GEBRUI~1\BUREAU~1\Gebruiker.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\13.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxyserver
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {106FDA5E-0EDC-1A20-E67F-1F2AA097CFFD} - (no file)
O2 - BHO: (no name) - {1B75A53F-72E6-3641-DFD9-35F8BD1198A8} - (no file)
O2 - BHO: (no name) - {2CFF1B3B-9BB4-D445-8D79-DF066DA7F3AC} - (no file)
O2 - BHO: (no name) - {4B23A8E5-CC9C-4A15-81F3-9B902C00AF4B} - C:\Program Files\Internet Explorer\PLUGINS\NvSys_55.Sys
O2 - BHO: (no name) - {4DA2834E-5390-413D-FAFE-178A3B6ACCFA} - (no file)
O2 - BHO: (no name) - {55CE9E32-1FB6-0511-8E79-5FCE0ED9D4AE} - (no file)
O2 - BHO: (no name) - {6611B70A-E4CA-4856-9781-1D956AD1653C} - C:\WINDOWS\System32\adapi3.dll
O2 - BHO: (no name) - {75147C85-FE5C-B2AE-6622-BAA08814AEFA} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {86257D12-F8CD-ED3E-A73E-BB80EAD10CA7} - (no file)
O2 - BHO: (no name) - {97ABF81A-62A9-6E5F-DB2E-39E671815C95} - (no file)
O2 - BHO: (no name) - {9F65FB44-7BC5-386E-A57E-6FBDA9E117F9} - (no file)
O2 - BHO: (no name) - {A286C81A-4F9A-5B6B-F61E-09CB41B171A5} - (no file)
O2 - BHO: (no name) - {A51B4230-93BA-8713-DCEC-86F38D8327F5} - (no file)
O2 - BHO: (no name) - {A9BDC921-4DFB-0B0E-936D-0E5B270D78A6} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: (no name) - {AD5C1210-C19A-D06F-A4EB-D6869A4228F7} - (no file)
O2 - BHO: (no name) - {B27F6BB7-BE6F-FCCA-0374-AFC1EED163F4} - (no file)
O2 - BHO: (no name) - {D167D287-590D-17FE-39C4-44CFAF405BF7} - (no file)
O2 - BHO: (no name) - {DF88F2EE-206C-3BC9-5EC1-346844480AA3} - (no file)
O2 - BHO: (no name) - {E5F1E07D-32A0-2804-9FB8-234937BA36A1} - (no file)
O2 - BHO: (no name) - {F85713B0-9039-D599-56D4-85B3C85529FF} - (no file)
O2 - BHO: (no name) - {FEBFCE2A-1CFE-0F08-C16D-0E5B280C2BF1} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WSockDrv32] C:\WINDOWS\WSockDrv32.exe
O4 - HKLM\..\Run: [bqrqefar] C:\WINDOWS\qqfrgjoj.exe
O4 - HKLM\..\Run: [load] C:\WINDOWS\uninstall\rundl132.exe
O4 - HKLM\..\Run: [AVPSrv] C:\WINDOWS\AVPSrv.exE
O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\upxdnd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Pmb] C:\WINDOWS\system32\??crosoft.NET\?canregw.exe
O4 - HKCU\..\Run: [Racb] "C:\DOCUME~1\GEBRUI~1\APPLIC~1\ASEMBL~1\taskmgr.exe" -vt ndrv
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKLM\..\Policies\Explorer\Run: [thwumhxij] thwumhxij.exe
O4 - HKUS\S-1-5-21-839522115-1580818891-1957994488-1003\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (User '?')
O4 - HKUS\S-1-5-21-839522115-1580818891-1957994488-1003\..\Run: [Pmb] C:\WINDOWS\system32\??crosoft.NET\?canregw.exe (User '?')
O4 - HKUS\S-1-5-21-839522115-1580818891-1957994488-1003\..\Run: [Racb] "C:\DOCUME~1\GEBRUI~1\APPLIC~1\ASEMBL~1\taskmgr.exe" -vt ndrv (User '?')
O4 - HKUS\S-1-5-21-839522115-1580818891-1957994488-1003\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')
O4 - HKUS\S-1-5-21-839522115-1580818891-1957994488-1003\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User '?')
O4 - Global Startup: THDetect.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\msrav.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\isapir.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\isapir.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\msrav.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/0946bd764efae25efc05/netzip/RdxIE601.cab
O16 - DPF: {737D14F8-4090-11D4-AE0E-0010830243BD} - file://C:\Program Files\AutoCAD 2002\SysVerChk.ocx
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file://C:\Program Files\AutoCAD 2002\AcPreview.ocx
O20 - AppInit_DLLs: dhdpri.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Remote Help Session Manager (Rasautol) - Unknown owner - C:\WINDOWS\System32\ntsokele.exe

--
End of file - 7581 bytes

-- File Associations -----------------------------------------------------------

.reg - regfile - DefaultIcon - unable to read value
.reg - regfile - shell\open\command - unable to read value
.reg - regfile - shell\edit\command - unable to read value
.scr - AutoCADScriptFile - shell\open\command - C:\WINDOWS\NOTEPAD.EXE "%1"
.txt - txtfile - DefaultIcon - unable to read value
.txt - txtfile - shell\open\command - notepad.exe %1
.vbs - VBSFile - DefaultIcon - unable to read value
.vbs - VBSFile - shell\open\command - unable to read value
.vbs - VBSFile - shell\edit\command - unable to read value

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

3 AmeAtmPc - c:\windows\system32\drivers\ameatmpc.sys <Not Verified; Alcatel Microelectronics; Alcatel Microelectronics ADSL USB MODEM>
1 as6eio - c:\windows\system32\drivers\as6eio.sys (file missing)
3 ATI2HDDSRV - c:\windows\system32\drivers\ati32srv.sys (file missing)
2 fpids32 - c:\windows\system32\drivers\msosfpids32.sys
0 gkclngua - c:\windows\system32\drivers\yfifjlsx.dat
2 mhfp - c:\docume~1\gebrui~1\locals~1\temp\tmp12b.tmp (file missing)
2 msertk - c:\windows\system32\drivers\msyecp.sys
2 msskye - c:\windows\system32\drivers\msaclue.sys
3 NPF (Netgroup Packet Filter) - c:\windows\system32\drivers\npf.sys <Not Verified; CACE Technologies; WinPcap Netgroup Packet Filter Driver>
3 phy - c:\windows\system32\drivers\phy.sys
3 pop - c:\windows\system32\drivers\pop.sys
1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
1 SASKUTIL - c:\program files\superantispyware\saskutil.sys

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

2 Rasautol (Remote Help Session Manager) - c:\windows\system32\ntsokele.exe
2 uploadmgr (Uploadbeheer) - c:\windows\system32\svchost.exe

-- Device Manager: Disabled ----------------------------------------------------

Unable to create WMI object.

-- Scheduled Tasks -------------------------------------------------------------

2007-03-16 01:13:03 366 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job

-- Files created between 2007-02-18 and 2007-03-18 -----------------------------

2008-02-11 21:08:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Storm
2008-02-11 21:07:59 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\Application Data
2008-02-11 21:07:19 0 d-------- C:\Program Files\StormII
2008-02-11 21:04:10 0 d-------- C:\Program Files\Megajoy
2008-02-11 20:54:55 4651 --a------ C:\WINDOWS\System32\drivers\EKTDXUNRNK.DAT
2008-02-11 20:53:25 0 d-------- C:\Documents and Settings\Gebruiker\Favorites
2008-02-11 20:52:11 148480 --a------ C:\WINDOWS\tempaq
2008-01-05 01:24:08 16384 --a------ C:\WINDOWS\litmuj.exe
2008-01-05 00:58:08 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\?ymantec
2007-10-14 00:17:15 17664 --a------ C:\WINDOWS\System32\drivers\yfifjlsx.dat
2007-10-14 00:17:14 37888 --a------ C:\WINDOWS\System32\61b.dll
2007-10-14 00:17:14 37888 --a------ C:\WINDOWS\System32\3sak.dll
2007-10-14 00:17:13 5120 --a------ C:\WINDOWS\System32\drivers\jealqfso.dat
2007-10-14 00:16:42 92672 --a------ C:\WINDOWS\System32\adapi3.dll
2007-09-30 12:54:59 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\??sks
2007-09-30 12:54:35 9405 ---hs---- C:\WINDOWS\System32\ravztmon.dll
2007-09-30 12:54:20 9306 --ah----- C:\WINDOWS\System32\msrav.dll
2007-09-29 17:28:53 0 d-------- C:\Documents and Settings\Gebruiker\Contacts
2007-09-29 17:27:19 0 d------c- C:\WINDOWS\System32\DRVSTORE
2007-09-28 17:04:17 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\??crosoft.NET
2007-09-28 17:04:13 5440 ---hs---- C:\WINDOWS\System32\avpcq.dll
2007-09-28 17:03:42 9279 --ah----- C:\WINDOWS\System32\msavp.dll
2007-09-28 17:03:27 55 --a------ C:\WINDOWS\System32\kvdxacf.dll
2007-09-28 17:03:14 52 --a------ C:\WINDOWS\System32\avwgain.dll
2007-09-28 17:03:12 136 --a------ C:\WINDOWS\System32\avzxain.dll
2007-09-28 17:02:55 43389 --a------ C:\WINDOWS\RUNDLL32.exe
2007-08-17 12:36:25 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\??mbols
2007-08-17 12:36:09 10871 --a------ C:\WINDOWS\System32\wddins.exe
2007-08-17 12:36:09 56 --a------ C:\WINDOWS\System32\wdcini.dll
2007-08-17 12:36:06 11240 --a------ C:\WINDOWS\System32\dhdins.exe
2007-08-17 12:36:06 55 --a------ C:\WINDOWS\System32\dhdini.dll
2007-08-17 12:36:00 12481 --a------ C:\WINDOWS\System32\myeins.exe
2007-08-11 23:13:10 27764 --ahs---- C:\WINDOWS\System32\nslkupi.exe
2007-08-11 23:12:56 52 --a------ C:\WINDOWS\System32\jzfini.dll
2007-08-11 23:12:52 3685 --a------ C:\WINDOWS\System32\isapir.dll
2007-08-11 23:12:47 11083 --a------ C:\WINDOWS\System32\dhcins.exe
2007-08-11 23:12:47 55 --a------ C:\WINDOWS\System32\dhcini.dll
2007-08-11 23:12:43 12354 --a------ C:\WINDOWS\System32\mydins.exe
2007-08-11 23:12:43 111 --a------ C:\WINDOWS\System32\mydini.dll
2007-08-11 23:12:41 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\?icrosoft.NET
2007-08-11 23:12:38 11863 --a------ C:\WINDOWS\System32\zxgins.exe
2007-08-11 23:12:38 97 --a------ C:\WINDOWS\System32\zxgini.dll
2007-08-10 21:48:24 532480 --a------ C:\a.exe
2007-07-21 22:41:53 1808 --a------ C:\WINDOWS\System32\mvdbc.exe
2007-07-21 22:27:20 10 --a------ C:\WINDOWS\System32\mshtmll.dll
2007-07-21 22:10:39 214 --a------ C:\WINDOWS\System32\winerc47.bin
2007-07-21 21:58:59 7680 --a------ C:\WINDOWS\System32\ax1o0.dll
2007-07-21 21:57:17 24064 --a------ C:\WINDOWS\System32\zqnerc47.dll <Not Verified; ; SoduiLoader Dynamic Link Library>
2007-07-21 21:57:16 36352 --a------ C:\WINDOWS\System32\winerc47.dll
2007-07-21 21:57:16 12800 --a------ C:\WINDOWS\System32\drivers\zqnerc47.sys
2007-07-21 21:56:41 134144 --a------ C:\WINDOWS\System32\serverhelp.dll
2007-07-21 21:55:36 119275 --a------ C:\WINDOWS\d082.exe
2007-07-21 21:55:09 0 d-------- C:\Documents and Settings\LocalService\Application Data\Google
2007-07-21 21:55:08 2984 --a------ C:\WINDOWS\System32\drivers\XENUAFNTCIN.DAT
2007-07-21 21:55:08 285 --a------ C:\WINDOWS\System32\drivers\KQVBIPUAHNUAGL.DLL
2007-07-21 21:55:08 0 dr------- C:\Documents and Settings\LocalService\Favorieten
2007-07-21 21:51:31 27817 --a------ C:\WINDOWS\System32\dgd4bs.exe
2007-07-21 00:03:37 0 d-------- C:\WINDOWS\System32\pahxcq17
2007-07-21 00:03:23 91648 --a------ C:\WINDOWS\sys43.exe
2007-07-21 00:03:12 12 --a------ C:\WINDOWS\System32\winxcq17.bin
2007-07-21 00:01:35 1088512 --a------ C:\WINDOWS\System32\INTAJOTAJPUAFMT.EXE
2007-07-21 00:01:19 1050624 --a------ C:\WINDOWS\System32\GOWFNSAHOUZEL.DLL
2007-07-20 23:59:51 172857 --a------ C:\WINDOWS\dd.exe
2007-07-20 23:59:29 390144 --a------ C:\WINDOWS\c1c.exe <Not Verified; ??????????; >
2007-07-20 23:59:16 20480 --a------ C:\WINDOWS\b1b.exe
2007-07-20 23:59:03 12672 --a------ C:\WINDOWS\System32\drivers\clandt.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-07-20 23:58:45 14 --a------ C:\WINDOWS\system\LVL
2007-07-20 23:58:44 5632 --a------ C:\WINDOWS\System32\msv1_1.dll <Not Verified; Microsoft Corporation; >
2007-07-20 23:58:44 17408 --a------ C:\WINDOWS\System32\DocProp1.dll <Not Verified; Microsoft Corporation; >
2007-07-20 23:58:42 0 d-------- C:\Documents and Settings\All Users\Application Data\{CC75D4E4-0DB5-4A0D-8B26-354A29757405}
2007-07-20 23:58:39 20480 --a------ C:\WINDOWS\102.exe <Not Verified; ; my_70136>
2007-07-20 23:58:36 130 --a------ C:\WINDOWS\netcom.dll
2007-07-20 23:58:36 0 d-------- C:\Program Files\¹¤¾ßÌõ(T)
2007-07-20 23:58:20 52224 ---h----- C:\WINDOWS\9.exe
2007-07-20 23:58:10 1 --a------ C:\WINDOWS\concmd.dll
2007-07-20 23:57:49 4565 --a------ C:\WINDOWS\System32\rundll02.exe
2007-07-20 23:57:11 40941 --a------ C:\WINDOWS\System32\kusn433sd3.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-07-20 23:57:09 47200 --a------ C:\WINDOWS\System32\kusn33sd.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-07-20 23:56:46 277984 --a------ C:\20540.exe
2007-07-20 23:56:39 5602020 --a------ C:\WINDOWS\System32\StormII-ppgou.exe
2007-07-20 23:56:39 1068032 --a------ C:\WINDOWS\System32\BIQWCIOXEJOV.DLL
2007-07-20 23:56:38 97 --a------ C:\WINDOWS\System32\SZFLUDIOUBINSYE.DLL
2007-07-20 23:56:38 67 --a------ C:\WINDOWS\System32\IPYELQXGMSYFMVA.DLL
2007-07-20 23:56:38 34304 --a------ C:\WINDOWS\System32\HHHCompress.dll
2007-07-20 23:56:38 6418 --a------ C:\WINDOWS\System32\drivers\QVDMSXC.DAT
2007-07-20 23:56:32 1050624 --a------ C:\WINDOWS\System32\IPVEMRYENSYDLS.DLL
2007-07-20 23:55:23 0 --a------ C:\WINDOWS\alewerl.dll
2007-07-20 23:55:15 329066 --a------ C:\WINDOWS\1902.exe
2007-07-20 23:52:11 91648 --a------ C:\WINDOWS\sys49.exe
2007-07-20 23:51:15 570880 --a------ C:\WINDOWS\System32\kgrttueii.dll
2007-07-20 23:50:25 32768 --a------ C:\WINDOWS\System32\wuclmi.exe
2007-07-20 23:50:25 86528 --a------ C:\WINDOWS\System32\wpcap1.dll <Not Verified; CACE Technologies; WinPcap high level library>
2007-07-20 23:50:25 25600 --a------ C:\WINDOWS\System32\WanPacket1.dll <Not Verified; CACE Technologies; WinPcap low level NetMon wrapper library>
2007-07-20 23:50:25 31232 --a------ C:\WINDOWS\System32\Packet1.dll <Not Verified; CACE Technologies; WinPcap low level packet library>
2007-07-20 23:50:25 1808 --a------ C:\WINDOWS\System32\msfeed.exe
2007-07-20 23:50:25 32512 --a------ C:\WINDOWS\System32\drivers\sfdisk.sys <Not Verified; CACE Technologies; WinPcap Netgroup Packet Filter Driver>
2007-07-20 23:43:27 5610 --a------ C:\WINDOWS\System32\winrih66.bin
2007-07-20 23:31:24 262144 --a------ C:\WINDOWS\mgoogle.exe
2007-07-20 23:31:23 232267 --a------ C:\WINDOWS\System32\ad_2234.exe
2007-07-20 23:29:47 29 --a------ C:\WINDOWS\System32\Msf3sf.sys
2007-07-20 23:29:15 0 d-------- C:\WINDOWS\System32\winup
2007-07-20 23:29:13 32256 --a------ C:\WINDOWS\System32\oterih66.dll <Not Verified; ; Dynamic Link Library>
2007-07-20 23:29:12 12800 --a------ C:\WINDOWS\System32\drivers\oterih66.sys
2007-07-20 23:27:25 242176 --a------ C:\WINDOWS\ad_2234.exe
2007-07-20 23:27:20 277984 --a------ C:\20363.exe
2007-07-20 23:26:56 202240 --a------ C:\WINDOWS\20363.exe
2007-07-20 23:26:55 0 d-------- C:\WINDOWS\System32\herolist
2007-07-20 23:26:49 0 --a------ C:\WINDOWS\alkjdhl.dll
2007-07-20 23:26:40 384765 --a------ C:\WINDOWS\li03.exe
2007-07-20 23:26:36 20480 --a------ C:\WINDOWS\my_70204.exe
2007-07-20 23:23:06 27764 --ahs---- C:\WINDOWS\System32\nslookupi.exe
2007-07-20 23:17:59 205931 --a------ C:\WINDOWS\9d003.exe
2007-07-20 23:17:49 173181 --a------ C:\WINDOWS\dodolook408.exe
2007-07-20 23:17:45 35328 --a------ C:\WINDOWS\System32\P2P_API.dll
2007-07-20 23:17:43 0 --a------ C:\WINDOWS\mma.dll
2007-07-20 23:17:40 135687 --a------ C:\WINDOWS\a.exe
2007-07-20 23:17:38 1776 --a------ C:\WINDOWS\System32\cdnprh.dll
2007-07-20 23:17:30 390144 --a------ C:\WINDOWS\System32\setup247.exe <Not Verified; ??????????; >
2007-07-20 23:17:22 167776 --a------ C:\WINDOWS\System32\dodolook388.exe
2007-07-20 23:17:21 390144 --a------ C:\WINDOWS\setup256.exe <Not Verified; ??????????; >
2007-07-20 23:17:18 189952 --a------ C:\WINDOWS\QQIEHelper.dll
2007-07-20 23:17:10 242176 --a------ C:\WINDOWS\ad_28.exe
2007-07-20 23:17:04 0 --a------ C:\WINDOWS\rssadoer.dll
2007-07-20 22:57:47 42604 --a------ C:\WINDOWS\System32\web.exe
2007-07-20 22:57:26 237624 --a------ C:\eiwnpuo.exe
2007-07-20 22:57:13 20480 --a------ C:\WINDOWS\System32\my_70160.exe
2007-07-20 22:57:07 116104 --a------ C:\Hide.exe
2007-07-20 22:57:05 24456 --a------ C:\WINDOWS\System32\wnipsvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-20 22:57:00 24456 --a------ C:\WINDOWS\System32\abc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-20 22:57:00 0 d-------- C:\Program Files\winp
2007-07-20 22:56:51 0 --a------ C:\WINDOWS\erttersbar.dll
2007-07-20 22:56:42 586240 --a------ C:\WINDOWS\System32\dupxuxvvdfgwj.dll
2007-07-20 22:56:37 232276 --a------ C:\WINDOWS\System32\ad_2276.exe
2007-07-20 22:56:26 91648 --a------ C:\WINDOWS\System32\mircis.exe
2007-07-20 22:56:23 117048 --a------ C:\WINDOWS\System32\k9641300432.exe
2007-07-20 22:56:23 173152 --a------ C:\WINDOWS\System32\k9641300421.exe
2007-07-20 22:56:15 29 --a------ C:\WINDOWS\System32\2610195-87
2007-07-20 22:25:56 0 --a------ C:\WINDOWS\144.exe
2007-07-18 19:26:10 221184 --a------ C:\WINDOWS\System32\Dfssvr.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-07-18 16:45:18 73728 --a------ C:\WINDOWS\cluster.exe <Not Verified; ; Microsoft(R) Windows(R) Operating System>
2007-07-12 02:35:48 119263 --a------ C:\WINDOWS\System32\d03.exe
2007-07-08 16:04:36 299008 --a------ C:\WINDOWS\dc.dll <Not Verified; ; dataacess Dynamic Link Library>
2007-06-22 20:59:16 0 d-------- C:\WINDOWS\?dobe
2007-06-22 20:57:49 74752 --a------ C:\WINDOWS\2209.exe
2007-06-02 12:50:00 0 --a------ C:\WINDOWS\update.exe
2007-05-27 09:00:48 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\s?curity
2007-05-27 09:00:25 75776 --a------ C:\WINDOWS\installer.exe
2007-04-17 16:26:20 8064 --a------ C:\WINDOWS\System32\drivers\msnc.sys
2007-04-08 12:13:28 0 --a----c- C:\WINDOWS\winhp32.exe
2007-03-29 22:20:26 0 d-------- C:\WINDOWS\System32\??crosoft.NET
2007-03-25 13:47:45 0 d-------- C:\Program Files\Common Files\?racle
2007-03-23 20:32:12 0 d-------- C:\WINDOWS\?icrosoft
2007-03-18 22:45:01 19779 --a------ C:\WINDOWS\System32\fpvbntywm.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-03-18 22:44:53 18992 --a------ C:\WINDOWS\DbgHlp32.exe
2007-03-18 22:44:46 19969 --a------ C:\WINDOWS\PTSShell.exe
2007-03-18 22:44:19 18071 --a------ C:\WINDOWS\System32\12.exe
2007-03-18 22:44:18 19711 --a------ C:\WINDOWS\Kvsc3.exE
2007-03-18 22:44:02 17992 --a------ C:\WINDOWS\System32\10.exe
2007-03-18 22:43:59 19895 --a------ C:\WINDOWS\upxdnd.exe
2007-03-18 22:43:42 20300 --a------ C:\WINDOWS\WSockDrv32.exe
2007-03-18 22:43:42 138240 --a------ C:\WINDOWS\System32\qmjkdk.dll
2007-03-18 22:43:40 19560 --a------ C:\WINDOWS\AVPSrv.exE
2007-03-18 22:19:09 20300 --a------ C:\WINDOWS\ovkojl.exe
2007-03-18 22:13:38 138240 --a------ C:\WINDOWS\System32\WSockDrv32.dll
2007-03-18 21:52:38 20300 --a------ C:\WINDOWS\chuvag.exe
2007-03-17 12:39:08 0 d-------- C:\WINDOWS\?ppPatch
2007-03-16 02:42:56 20300 --a------ C:\WINDOWS\rifbhm.exe
2007-03-16 02:13:17 0 d-------- C:\WINDOWS\System32\appmgmt
2007-03-16 02:00:10 0 d-------- C:\Program Files\Trend Micro
2007-03-16 01:27:05 91648 --a------ C:\WINDOWS\Logo1_.exe
2007-03-15 17:20:55 0 dr-h----- C:\Documents and Settings\Administrator\Onlangs geopend
2007-03-15 17:19:47 0 d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2007-03-15 17:17:11 0 d-------- C:\Documents and Settings\Administrator\Favorieten
2007-03-15 17:17:11 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2007-03-15 17:17:11 0 d-------- C:\Documents and Settings\Administrator\Bureaublad
2007-03-15 17:17:11 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2007-03-15 17:17:11 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2007-03-15 17:17:10 0 d--h----- C:\Documents and Settings\Administrator\Sjablonen
2007-03-15 17:17:10 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2007-03-15 17:17:10 786432 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-03-15 17:17:10 0 d--h----- C:\Documents and Settings\Administrator\Netwerkprinteromgeving
2007-03-15 17:17:10 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2007-03-15 17:17:10 0 d-------- C:\Documents and Settings\Administrator\Mijn documenten
2007-03-15 17:17:10 0 dr------- C:\Documents and Settings\Administrator\Menu Start
2007-03-15 17:17:10 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2007-03-15 17:01:26 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-03-15 17:00:43 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-03-15 17:00:43 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\SUPERAntiSpyware.com
2007-03-15 16:59:40 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-03-15 16:54:22 34816 --a------ C:\WINDOWS\System32\lrifnddj.dll
2007-03-15 16:54:22 20318 --a------ C:\WINDOWS\qqfrgjoj.exe
2007-03-15 16:46:50 0 d-------- C:\Program Files\XP Repair Pro 2007
2007-03-15 16:26:17 0 dr-h----- C:\Documents and Settings\Gebruiker\Onlangs geopend
2007-03-15 16:15:03 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\WinRAR
2007-03-12 21:47:00 20300 --a------ C:\WINDOWS\ijgopp.exe
2007-03-12 18:43:31 15128 ---hs---- C:\WINDOWS\System32\tsqc.dll
2007-03-12 18:43:29 32256 --a------ C:\WINDOWS\System32\mswmgog32.dll
2007-03-12 18:43:26 8396 ---hs---- C:\WINDOWS\System32\qlihzouhgnfe.dll
2007-03-12 18:43:22 31744 --a------ C:\WINDOWS\System32\qimxoc.dll
2007-03-12 18:43:18 9934 ---hs---- C:\WINDOWS\System32\taijoad.dll
2007-03-12 18:43:04 154814 --a------ C:\WINDOWS\System32\hfrdzx.dll
2007-03-12 18:43:03 34304 --a------ C:\WINDOWS\System32\Kvsc3.dll
2007-03-12 18:42:56 162437 --a------ C:\WINDOWS\System32\zjydcx.dll
2007-03-12 18:42:53 9938 ---hs---- C:\WINDOWS\System32\laixuhz.dll
2007-03-12 18:42:52 34304 --a------ C:\WINDOWS\System32\upxdnd.dll
2007-03-12 18:42:47 9259 ---hs---- C:\WINDOWS\System32\kiluw.dll
2007-03-12 18:42:39 34304 --a------ C:\WINDOWS\System32\AVPSrv.dll
2007-03-12 18:42:35 15118 ---hs---- C:\WINDOWS\System32\cuhad.dll
2007-03-12 18:40:39 87304 ---hs---- C:\WINDOWS\System32\wininat.dll
2007-03-11 19:38:52 7602176 --a------ C:\Documents and Settings\Gebruiker\ntuser.dat
2007-02-23 22:01:54 28672 --a------ C:\WINDOWS\System32\qwnqws.dll
2007-02-23 21:37:49 19546 --a------ C:\WINDOWS\soxwrj.exe
2007-02-23 21:32:27 153021 --a------ C:\WINDOWS\System32\sgrefg.dll
2007-02-23 21:32:16 13602 ---hs---- C:\WINDOWS\System32\oaijihzeuyouhz.dll
2007-02-23 21:31:36 24064 --a------ C:\WINDOWS\System32\qerakg.dll
2007-02-23 21:29:47 48945 --ahs---- C:\WINDOWS\914847MM.DLL
2007-02-23 21:29:45 29617 ---hs---- C:\WINDOWS\914847M.exe
2007-02-23 21:29:17 9778 ---hs---- C:\WINDOWS\System32\zadnew.dll
2007-02-23 20:44:34 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-02-23 20:05:36 0 d-------- C:\WINDOWS\System32\W?nSxS
2007-02-23 00:04:31 29696 --a------ C:\WINDOWS\System32\npspup.dll
2007-02-23 00:04:07 28672 --a------ C:\WINDOWS\System32\pkiyec.dll
2007-02-22 23:30:13 29696 --a------ C:\WINDOWS\System32\tlsezb.dll
2007-02-22 23:30:01 28672 --a------ C:\WINDOWS\System32\wvxmem.dll
2007-02-22 23:09:15 18033 --a------ C:\WINDOWS\ubxalx.exe
2007-02-22 12:07:01 31744 --a------ C:\WINDOWS\System32\DbgHlp32.dlL
2007-02-22 12:06:40 29696 --a------ C:\WINDOWS\System32\fhwbfk.dll
2007-02-22 12:04:53 29696 --a------ C:\WINDOWS\System32\wdqhjb.dll
2007-02-22 12:04:48 28672 --a------ C:\WINDOWS\System32\mitqmt.dll
2007-02-22 11:49:34 155 --a------ C:\DFD4545085.bat
2007-02-22 10:35:09 155 --a------ C:\DFD79564.bat
2007-02-22 10:35:04 155 --a------ C:\DFD75488.bat
2007-02-22 10:33:21 155 --a------ C:\DFD6819786.bat
2007-02-22 10:33:00 31744 --a------ C:\WINDOWS\System32\NVDispDrv.dll
2007-02-22 10:32:23 29696 --a------ C:\WINDOWS\System32\hhviym.dll
2007-02-22 10:32:08 28672 --a------ C:\WINDOWS\System32\cyexew.dll
2007-02-21 00:43:30 29696 --a------ C:\WINDOWS\System32\tqjrfu.dll
2007-02-21 00:43:22 28672 --a------ C:\WINDOWS\System32\psaeyd.dll
2007-02-21 00:28:18 29696 --a------ C:\WINDOWS\System32\ebzxpp.dll
2007-02-21 00:14:44 155 --a------ C:\DFD69920.bat
2007-02-21 00:13:10 155 --a------ C:\DFD1792116.bat
2007-02-19 14:30:54 25600 --a------ C:\WINDOWS\System32\lwizysys16_080131.dll
2007-02-19 14:30:53 201728 --a------ C:\WINDOWS\System32\mwiszyys32_080131.dll
2007-02-19 14:30:51 108484 --a------ C:\WINDOWS\system\zyxpRes080131.exe
2007-02-19 14:30:48 0 d-------- C:\WINDOWS\System32\inf
2007-02-19 14:29:48 32768 --a------ C:\WINDOWS\System32\PTSShell.dll
2007-02-19 14:28:36 29696 --a------ C:\WINDOWS\System32\eeesjz.dll
2007-02-19 14:26:33 12278 ---hs---- C:\WINDOWS\System32\eohsom.dll
2007-02-19 14:25:46 1536 --a------ C:\WINDOWS\System32\drivers\phy.sys
2007-02-19 14:21:52 0 d-------- C:\WINDOWS\??curity
2007-02-19 09:56:13 1792 --a------ C:\WINDOWS\System32\drivers\pop.sys
2007-02-19 09:53:44 7487 --a------ C:\WINDOWS\System32\QABQAB1013.dll
2007-02-19 09:53:43 12371 --a------ C:\WINDOWS\System32\QABQAB1013.exe
2007-02-19 09:53:18 7387 --a------ C:\WINDOWS\System32\HACHAC1035.dll
2007-02-19 09:53:17 12263 --a------ C:\WINDOWS\System32\HACHAC1035.exe
2007-02-19 09:53:14 28672 --a------ C:\WINDOWS\System32\LotusHlp.dll
2007-02-19 09:52:55 30208 --a------ C:\WINDOWS\System32\sgwwdp.dll
2007-02-19 09:52:09 30720 --a------ C:\WINDOWS\System32\mstfhncn32.dll
2007-02-19 09:51:07 7139 --a------ C:\WINDOWS\System32\KABKAB1032.dll
2007-02-19 09:50:55 12019 --a------ C:\WINDOWS\System32\KABKAB1032.exe
2007-02-19 09:50:41 15700 ---hs---- C:\WINDOWS\System32\xjxr.dll
2007-02-19 09:49:29 32256 --a------ C:\WINDOWS\System32\mswmkkk32.dll

-- Find3M Report ---------------------------------------------------------------

2008-02-11 20:52:42 246 --a------ C:\WINDOWS\System32\7B027864.dat
2008-01-05 00:58:08 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\?ymantec
2007-09-30 12:54:59 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\??sks
2007-09-29 17:38:25 61440 --ahs---- C:\WINDOWS\System32\WanPacket.dll <Not Verified; CACE Technologies; WinPcap low level NetMon wrapper library>
2007-09-29 17:38:23 233472 --ahs---- C:\WINDOWS\System32\wpcap.dll <Not Verified; CACE Technologies; WinPcap high level library>
2007-09-29 17:38:23 12288 --a------ C:\WINDOWS\System32\ntsokele.exe
2007-09-29 17:38:21 81920 --ahs---- C:\WINDOWS\System32\Packet.dll <Not Verified; CACE Technologies; WinPcap low level packet library>
2007-09-28 17:04:17 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\??crosoft.NET
2007-08-17 12:36:25 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\??mbols
2007-08-11 23:12:54 18944 --a------ C:\WINDOWS\System32\msipfilter.dll
2007-08-11 23:12:41 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\?icrosoft.NET
2007-07-21 23:02:29 2461 --a------ C:\WINDOWS\System32\gkek80wg7.dll
2007-07-21 22:59:40 11776 --a------ C:\WINDOWS\System32\nwizhx2.dll
2007-07-21 22:59:39 6024 --a------ C:\WINDOWS\System32\RAV0142.DAT
2007-07-21 22:59:38 6993 --a------ C:\WINDOWS\System32\RAV012F.DAT
2007-07-21 22:59:24 14619 --a------ C:\WINDOWS\System32\F66B73E6.DLL <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-07-21 22:59:22 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\Cuckoo
2007-07-21 22:59:21 14845 --a------ C:\WINDOWS\System32\8915DB80.DLL <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-07-21 22:59:20 13793 --a------ C:\WINDOWS\System32\80847DC8.DLL <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-07-21 21:55:39 69276 --a------ C:\WINDOWS\003.exe
2007-07-21 00:02:34 20843 --a------ C:\WINDOWS\System32\8393D61C.EXE <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-07-20 23:59:12 20139 --a------ C:\WINDOWS\System32\F66B73E6.EXE <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-07-20 23:58:57 21098 --a------ C:\WINDOWS\System32\F5CEC8A2.EXE <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-07-20 23:57:36 33 --a------ C:\WINDOWS\System32\1kJ8Pgw1g.dll
2007-07-20 23:25:06 56 --a------ C:\WINDOWS\System32\winzqf44.bin
2007-07-20 22:57:13 232268 --a------ C:\WINDOWS\System32\ad_2236.exe
2007-07-20 22:56:57 205931 --a------ C:\WINDOWS\System32\9d022.exe
2007-07-20 22:50:43 117760 --a------ C:\lcg.exe
2007-07-11 10:45:46 45056 --a------ C:\WINDOWS\System32\klrezk59.dll
2007-05-29 20:17:54 251392 ---h----- C:\WINDOWS\System32\NTDETECT.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-05-27 09:00:48 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\s?curity
2007-03-25 13:47:45 0 d-------- C:\Program Files\Common Files\?racle
2007-03-18 22:26:36 5120 --a------ C:\WINDOWS\System32\HDDGuard.dll
2007-03-18 22:19:12 12497 --a------ C:\WINDOWS\RichDll.dll
2007-03-18 22:19:08 6723 --ahs---- C:\WINDOWS\rgdzkfnr.dll
2007-03-18 22:19:08 76 --a------ C:\WINDOWS\mhjisghu.dat
2007-03-18 22:19:08 6723 --ahs---- C:\WINDOWS\dhosesmh.dll
2007-03-18 22:19:07 35328 --a------ C:\WINDOWS\fxjrlzdz.dat
2007-03-18 22:09:57 0 d-------- C:\Program Files\Ahead
2007-03-18 21:59:27 0 d-------- C:\Program Files\Soulseek
2007-03-18 21:59:11 0 d-------- C:\Program Files\Last.fm Player
2007-03-18 21:58:54 0 d-------- C:\Program Files\ewido anti-spyware 4.0
2007-03-18 21:56:26 0 d-------- C:\Program Files\CCleaner
2007-03-18 21:54:16 0 d-------- C:\Program Files\Graphmatica
2007-03-16 02:56:44 0 d-------- C:\Program Files\Common Files\InstallShield
2007-03-16 02:53:04 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-03-16 02:53:04 0 d-------- C:\Program Files\Google
2007-03-16 02:24:34 0 d-------- C:\Program Files\Common Files\Autodesk Shared
2007-03-16 02:23:50 0 d-------- C:\Program Files\Help
2007-03-16 02:23:45 0 d-------- C:\Program Files\Sample
2007-03-16 02:16:32 0 d-a------ C:\Program Files\Common Files
2007-03-16 02:11:01 0 d-------- C:\Program Files\AutoCAD 2002
2007-03-16 01:40:43 0 d-------- C:\Program Files\QuickTime
2007-03-15 17:33:19 0 d-------- C:\Program Files\proe2001
2007-03-15 16:37:27 393872 --a----c- C:\WINDOWS\System32\perfh013.dat
2007-03-15 16:37:27 67990 --a----c- C:\WINDOWS\System32\perfc013.dat
2007-02-23 23:10:34 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\a?sembly
2007-02-23 22:01:32 10179 ---hs---- C:\WINDOWS\gzfrdxlz.exe
2007-02-23 21:37:49 30208 --a------ C:\WINDOWS\System32\SHAProc.dll
2007-02-23 21:29:12 10179 ---hs---- C:\WINDOWS\thwumhxij.exe
2007-02-21 00:44:41 19446 ---hs---- C:\WINDOWS\System32\sauhad.dll
2007-02-19 10:27:43 13043 ---hs---- C:\WINDOWS\System32\naijihzeuyouhz.dll
2007-02-19 10:26:29 19817 ---hs---- C:\WINDOWS\System32\auhad.dll
2007-02-15 16:00:23 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\Lavasoft
2007-02-15 16:00:03 0 d-------- C:\Program Files\Lavasoft
2007-02-15 15:55:11 31232 --a------ C:\WINDOWS\System32\ykvaot.dll
2007-02-15 15:53:46 19716 ---hs---- C:\WINDOWS\System32\hjxr.dll
2007-02-15 15:11:45 12470 --a------ C:\WINDOWS\System32\BAABAA1025.exe
2007-02-15 15:11:45 7586 --a------ C:\WINDOWS\System32\BAABAA1025.dll
2007-02-14 20:16:52 155 --a------ C:\DFD649433.bat
2007-02-14 20:16:47 19144 ---hs---- C:\WINDOWS\System32\3auhad.dll
2007-02-14 19:47:00 0 d-------- C:\Program Files\MSN Messenger
2007-02-14 18:49:15 68 --a------ C:\WINDOWS\System32\1fd629
2007-02-14 18:19:15 68 --a------ C:\WINDOWS\System32\01fd
2007-02-14 18:13:32 128 --a------ C:\WINDOWS\iwvfdvkv.dat

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{106FDA5E-0EDC-1A20-E67F-1F2AA097CFFD}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1B75A53F-72E6-3641-DFD9-35F8BD1198A8}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2CFF1B3B-9BB4-D445-8D79-DF066DA7F3AC}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4B23A8E5-CC9C-4A15-81F3-9B902C00AF4B}]
22/02/2007 12:07 44664 --ahs---- C:\Program Files\Internet Explorer\PLUGINS\NvSys_55.Sys

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4DA2834E-5390-413D-FAFE-178A3B6ACCFA}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{55CE9E32-1FB6-0511-8E79-5FCE0ED9D4AE}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6611B70A-E4CA-4856-9781-1D956AD1653C}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{75147C85-FE5C-B2AE-6622-BAA08814AEFA}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{86257D12-F8CD-ED3E-A73E-BB80EAD10CA7}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{97ABF81A-62A9-6E5F-DB2E-39E671815C95}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9F65FB44-7BC5-386E-A57E-6FBDA9E117F9}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A286C81A-4F9A-5B6B-F61E-09CB41B171A5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A51B4230-93BA-8713-DCEC-86F38D8327F5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A9BDC921-4DFB-0B0E-936D-0E5B270D78A6}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AD5C1210-C19A-D06F-A4EB-D6869A4228F7}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B27F6BB7-BE6F-FCCA-0374-AFC1EED163F4}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D167D287-590D-17FE-39C4-44CFAF405BF7}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DF88F2EE-206C-3BC9-5EC1-346844480AA3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E5F1E07D-32A0-2804-9FB8-234937BA36A1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F85713B0-9039-D599-56D4-85B3C85529FF}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FEBFCE2A-1CFE-0F08-C16D-0E5B280C2BF1}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Tweak UI"="TWEAKUI.CPL" [17/06/2000 23:00 C:\WINDOWS\system32\TWEAKUI.CPL]
"AME_CSA"="amecsa.cpl" [03/10/2002 09:25 C:\WINDOWS\system32\AmeCSA.cpl]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [04/04/2004 09:05]
"WSockDrv32"="C:\WINDOWS\WSockDrv32.exe" [18/03/2007 22:43]
"bqrqefar"="C:\WINDOWS\qqfrgjoj.exe" [18/03/2007 22:45]
"load"="C:\WINDOWS\uninstall\rundl132.exe" [15/03/2007 17:29]
"AVPSrv"="C:\WINDOWS\AVPSrv.exE" [18/03/2007 22:43]
"upxdnd"="C:\WINDOWS\upxdnd.exe" [18/03/2007 22:43]
"Kvsc3"="C:\WINDOWS\Kvsc3.exE" [18/03/2007 22:44]
"PTSShell"="C:\WINDOWS\PTSShell.exe" [18/03/2007 22:44]
"DbgHlp32"="C:\WINDOWS\DbgHlp32.exe" [18/03/2007 22:44]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [19/01/2007 11:54]
"Pmb"="C:\WINDOWS\system32\??crosoft.NET\?canregw.exe" [28/01/2008 17:29]
"Racb"="C:\DOCUME~1\GEBRUI~1\APPLIC~1\ASEMBL~1\taskmgr.exe" [23/02/2007 22:22]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [29/02/2008 16:03]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [04/02/2007 00:38]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"thwumhxij"=thwumhxij.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{7A65498A-7653-9801-1647-987114AB7F47}"= C:\WINDOWS\System32\zxgpri.dll [04/08/2004 23:12 19498]
"{759AFD5B-159F-ACD8-954C-ACD545FA6587}"= C:\WINDOWS\System32\jzgpri.dll [04/08/2004 23:12 16425]
"{5562452F-FA36-BA4F-892A-FF5FBBAC5315}"= C:\WINDOWS\System32\myepri.dll [04/08/2004 12:36 20019]
"{42311A42-AC1B-158F-FD32-5674345F23A4}"= C:\WINDOWS\System32\dhdpri.dll [04/08/2004 12:36 16428]
"{4F12545B-1212-1314-5679-4512ACEF8904}"= C:\WINDOWS\System32\wddpri.dll [04/08/2004 12:36 16429]
"{4859245F-345D-BC13-AC4F-145D47DA34F4}"= C:\WINDOWS\System32\avzxdmn.dll [04/08/2004 17:03 24668]
"{3A1247C1-53DA-FF43-ABD3-345F323A48D3}"= C:\WINDOWS\System32\avwgcmn.dll [04/08/2004 17:03 22608]
"{3C87A354-ABC3-DEDE-FF33-3213FD7447C3}"= C:\WINDOWS\System32\kvdxcma.dll [04/08/2004 17:03 17494]
"{b024bc32-ad86-4169-b2f8-0bb1e64dc3fd}"= C:\WINDOWS\System32\BAABAA1025.dll [15/02/2007 15:11 7586]
"{4B23A8E5-CC9C-4A15-81F3-9B902C00AF4B}"= C:\Program Files\Internet Explorer\PLUGINS\NvSys_55.Sys [22/02/2007 12:07 44664]
"{8C41B7F7-3168-400D-A702-0E7EFE0BA304}"= C:\WINDOWS\System32\sgrefg.dll [23/02/2007 22:03 153021]
"{45AADFAA-DD36-42AB-83AD-0521BBF58C24}"= C:\WINDOWS\System32\zjydcx.dll [18/03/2007 22:44 162437]
"{1DB3C525-5271-46F7-887A-D4E1ADAA7632}"= C:\WINDOWS\System32\hfrdzx.dll [18/03/2007 22:44 154814]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 19/04/2007 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avzxdmn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^THDetect.exe]
path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\THDetect.exe
backup=C:\WINDOWS\pss\THDetect.exeCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloseDNF]
C:\WINDOWS\System32\Utility.exe \1008

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DbgHlp32]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
?????

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVDispDrv]
C:\WINDOWS\soxwrj.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTSShell]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SHAProc]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
Auto\command- C:\auto.exe
AutoRun\command- RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command- RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AutoRun.exe
´ò¿ª(&O)\command- E:\AutoRun.exe

-- End of Deckard's System Scanner: finished at 2007-03-18 22:49:31 ------------

**Pimmerd** · 18-03-08, 10:02

Wat een zooi

Eerst, download een virusscanner vanaf onderstaande website:

Jawwi.nl - Jawwi Startpagina

http://www.jawwi.nl/software/antivirus.html

Jawwi.nl is een startpagina. Wij bieden een overzicht van alle handige links, en dat op 1 startpagina.

Daarna, installeer deze, laat deze volledig updaten en laat deze de hele harde schijf scannen. Wanneer je de mogelijkheid krijgt om een rapport op te slaan doe dit. Indien je een rapport krijgt, post deze. Maak zoiezo een nieuwe log met Deckard System Scanner.

Succes!

**Dribs** · 18-03-08, 11:17

Idd !! Kheb dit logje ook door een vriend laten lezen en die vertelde mij dat de gebruiker nogal een pornositebezoeker is.
Voor alle zekerheid, dit is niet mijn PC

(van de vader van een vriend)
Straks als ik thuis ben zal ik de virusscanner installeren.
Alvast bedankt om me te helpen.

**Pimmerd** · 18-03-08, 12:32

Ik zie je reactie wel verschijnen

**Dribs** · 19-03-08, 11:21

Hier ben ik weer.

Ik heb BitDefender Free Edition v10 gebruikt.
Ik heb wel niet kunnen updaten omdat de PC niet aangesloten is op het internet.
Omdat de eigenaar gebruikt maakt van een inbel ADSL modem ivm een ethernetmodem die ik hier thuis gebruik. De PC beschikt ook niet over een netwerkkaart.

Het logje van BitDefender lijkt te lang te zijn om te posten
55232 lijnen

Moet ik het txtbestand ergens uploaden (4.43MB) of heb je aan onderstaande lijnen genoeg?

//-----------------------------------------------------------------
//
// Product BitDefender Free Edition v10
// Product 10.2
//
// Created on: 19/03/2007 17:21:09
//
//-----------------------------------------------------------------

Virus Statistics

Scan path : C:\
D:\
E:\
Folders : 3528
Files : 99857
Memory processes scanned : 32
Archives : 15
Runtime packers : 2141
Identified viruses : 151
Infected files : 18456
Memory processes infected : 3
Suspect files : 5
Warnings : 0
Disinfected files : 0
Deleted files : 313
Moved files : 18155
I/O errors : 28
Scan time : 02:05:42
Scan speed (files/sec) : 13

Spyware Statistics

Registry keys scanned : 294
Registry keys infected : 16
Cookies scanned : 0
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 5

Virus definitions : 33479
Scan plugins : 16
Archive plugins : 41
Unpack plugins : 7
Mail plugins : 6
System plugins : 5

Virus scan options

Detection
[X] Scan boot sectors
[X] Memory Processes
[ ] Scan archives
[X] Scan runtime packers
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[X] Move to quarantine
[ ] Prompt user

Virus scan options
[X] Enable warnings
[ ] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\full_scan\1174321269.log

Spyware scan options

[X] Scan for riskware
[ ] Skip dial and applications from scan
[X] Registry keys
[X] Cookies

Summary:

<System>=>C:\WINDOWS\system32\userinit.exe (memory dump) Infected: Generic.Malware.P!dldPk!.A8AAF32C
<System>=>C:\WINDOWS\system32\userinit.exe (memory dump) Disinfection failed
<System>=>C:\WINDOWS\system32\userinit.exe (memory dump) Move failed
<System>=>C:\WINDOWS\system32\userinit.exe (disk) Infected: Generic.Malware.P!dldPk!.9EA655FD
<System>=>C:\WINDOWS\system32\userinit.exe (disk) Disinfection failed
<System>=>C:\WINDOWS\system32\userinit.exe (disk) Move failed

.......... de rest van de duizende lijnen.

##############################
dss.exe
##############################

Deckard's System Scanner v20071014.68
Run by Gebruiker on 2007-03-20 09:39:58
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 384 MiB (512 MiB recommended).

-- HijackThis (run as Gebruiker.exe) -------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:40:09, on 20/03/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\??crosoft.NET\?canregw.exe
C:\DOCUME~1\GEBRUI~1\APPLIC~1\ASEMBL~1\taskmgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\THDetect.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Gebruiker\Bureaublad\dss.exe
C:\DOCUME~1\GEBRUI~1\BUREAU~1\GEBRUI~1.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxyserver
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - Default URLSearchHook is missing
O1 - Hosts: 127.0.0.2 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {106FDA5E-0EDC-1A20-E67F-1F2AA097CFFD} - (no file)
O2 - BHO: (no name) - {1B75A53F-72E6-3641-DFD9-35F8BD1198A8} - (no file)
O2 - BHO: (no name) - {2CFF1B3B-9BB4-D445-8D79-DF066DA7F3AC} - (no file)
O2 - BHO: (no name) - {4B23A8E5-CC9C-4A15-81F3-9B902C00AF4B} - C:\Program Files\Internet Explorer\PLUGINS\NvSys_55.Sys (file missing)
O2 - BHO: (no name) - {4DA2834E-5390-413D-FAFE-178A3B6ACCFA} - (no file)
O2 - BHO: (no name) - {55CE9E32-1FB6-0511-8E79-5FCE0ED9D4AE} - (no file)
O2 - BHO: (no name) - {6611B70A-E4CA-4856-9781-1D956AD1653C} - C:\WINDOWS\System32\adapi3.dll
O2 - BHO: (no name) - {75147C85-FE5C-B2AE-6622-BAA08814AEFA} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {86257D12-F8CD-ED3E-A73E-BB80EAD10CA7} - (no file)
O2 - BHO: (no name) - {97ABF81A-62A9-6E5F-DB2E-39E671815C95} - (no file)
O2 - BHO: (no name) - {9F65FB44-7BC5-386E-A57E-6FBDA9E117F9} - (no file)
O2 - BHO: (no name) - {A286C81A-4F9A-5B6B-F61E-09CB41B171A5} - (no file)
O2 - BHO: (no name) - {A51B4230-93BA-8713-DCEC-86F38D8327F5} - (no file)
O2 - BHO: (no name) - {A9BDC921-4DFB-0B0E-936D-0E5B270D78A6} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: (no name) - {AD5C1210-C19A-D06F-A4EB-D6869A4228F7} - (no file)
O2 - BHO: (no name) - {B27F6BB7-BE6F-FCCA-0374-AFC1EED163F4} - (no file)
O2 - BHO: (no name) - {D167D287-590D-17FE-39C4-44CFAF405BF7} - (no file)
O2 - BHO: (no name) - {DF88F2EE-206C-3BC9-5EC1-346844480AA3} - (no file)
O2 - BHO: (no name) - {E5F1E07D-32A0-2804-9FB8-234937BA36A1} - (no file)
O2 - BHO: (no name) - {F85713B0-9039-D599-56D4-85B3C85529FF} - (no file)
O2 - BHO: (no name) - {FEBFCE2A-1CFE-0F08-C16D-0E5B280C2BF1} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WSockDrv32] C:\WINDOWS\WSockDrv32.exe
O4 - HKLM\..\Run: [bqrqefar] C:\WINDOWS\qqfrgjoj.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [AVPSrv] C:\WINDOWS\AVPSrv.exE
O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\upxdnd.exe
O4 - HKLM\..\Run: [Kvsc3] C:\WINDOWS\Kvsc3.exE
O4 - HKLM\..\Run: [PTSShell] C:\WINDOWS\PTSShell.exe
O4 - HKLM\..\Run: [DbgHlp32] C:\WINDOWS\DbgHlp32.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Pmb] C:\WINDOWS\system32\??crosoft.NET\?canregw.exe
O4 - HKCU\..\Run: [Racb] "C:\DOCUME~1\GEBRUI~1\APPLIC~1\ASEMBL~1\taskmgr.exe" -vt ndrv
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKLM\..\Policies\Explorer\Run: [thwumhxij] thwumhxij.exe
O4 - HKUS\S-1-5-21-839522115-1580818891-1957994488-1003\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (User '?')
O4 - HKUS\S-1-5-21-839522115-1580818891-1957994488-1003\..\Run: [Pmb] C:\WINDOWS\system32\??crosoft.NET\?canregw.exe (User '?')
O4 - HKUS\S-1-5-21-839522115-1580818891-1957994488-1003\..\Run: [Racb] "C:\DOCUME~1\GEBRUI~1\APPLIC~1\ASEMBL~1\taskmgr.exe" -vt ndrv (User '?')
O4 - HKUS\S-1-5-21-839522115-1580818891-1957994488-1003\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')
O4 - HKUS\S-1-5-21-839522115-1580818891-1957994488-1003\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User '?')
O4 - Global Startup: THDetect.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\msrav.dll' missing
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/0946bd764efae25efc05/netzip/RdxIE601.cab
O16 - DPF: {737D14F8-4090-11D4-AE0E-0010830243BD} - file://C:\Program Files\AutoCAD 2002\SysVerChk.ocx
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file://C:\Program Files\AutoCAD 2002\AcPreview.ocx
O20 - AppInit_DLLs: avwgcmn.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Remote Help Session Manager (Rasautol) - Unknown owner - C:\WINDOWS\System32\ntsokele.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

--
End of file - 8430 bytes

-- Files created between 2007-02-20 and 2007-03-20 -----------------------------

2008-02-11 21:08:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Storm
2008-02-11 21:07:59 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\Application Data
2008-02-11 21:07:19 0 d-------- C:\Program Files\StormII
2008-02-11 21:04:10 0 d-------- C:\Program Files\Megajoy
2008-02-11 20:54:55 4651 --a------ C:\WINDOWS\System32\drivers\EKTDXUNRNK.DAT
2008-02-11 20:53:25 0 d-------- C:\Documents and Settings\Gebruiker\Favorites
2008-01-05 00:58:08 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\?ymantec
2007-10-14 00:17:15 17664 --a------ C:\WINDOWS\System32\drivers\yfifjlsx.dat
2007-10-14 00:17:14 37888 --a------ C:\WINDOWS\System32\61b.dll
2007-10-14 00:17:14 37888 --a------ C:\WINDOWS\System32\3sak.dll
2007-10-14 00:17:13 5120 --a------ C:\WINDOWS\System32\drivers\jealqfso.dat
2007-10-14 00:16:42 92672 --a------ C:\WINDOWS\System32\adapi3.dll
2007-09-30 12:54:59 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\??sks
2007-09-29 17:28:53 0 d-------- C:\Documents and Settings\Gebruiker\Contacts
2007-09-29 17:27:19 0 d------c- C:\WINDOWS\System32\DRVSTORE
2007-09-28 17:04:17 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\??crosoft.NET
2007-09-28 17:03:27 55 --a------ C:\WINDOWS\System32\kvdxacf.dll
2007-09-28 17:03:14 52 --a------ C:\WINDOWS\System32\avwgain.dll
2007-09-28 17:03:12 136 --a------ C:\WINDOWS\System32\avzxain.dll
2007-08-17 12:36:25 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\??mbols
2007-08-17 12:36:09 56 --a------ C:\WINDOWS\System32\wdcini.dll
2007-08-17 12:36:06 55 --a------ C:\WINDOWS\System32\dhdini.dll
2007-08-11 23:12:56 52 --a------ C:\WINDOWS\System32\jzfini.dll
2007-08-11 23:12:47 55 --a------ C:\WINDOWS\System32\dhcini.dll
2007-08-11 23:12:43 111 --a------ C:\WINDOWS\System32\mydini.dll
2007-08-11 23:12:41 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\?icrosoft.NET
2007-08-11 23:12:38 97 --a------ C:\WINDOWS\System32\zxgini.dll
2007-07-21 22:27:20 10 --a------ C:\WINDOWS\System32\mshtmll.dll
2007-07-21 22:10:39 214 --a------ C:\WINDOWS\System32\winerc47.bin
2007-07-21 21:57:17 24064 --a------ C:\WINDOWS\System32\zqnerc47.dll <Not Verified; ; SoduiLoader Dynamic Link Library>
2007-07-21 21:57:16 12800 --a------ C:\WINDOWS\System32\drivers\zqnerc47.sys
2007-07-21 21:55:09 0 d-------- C:\Documents and Settings\LocalService\Application Data\Google
2007-07-21 21:55:08 2984 --a------ C:\WINDOWS\System32\drivers\XENUAFNTCIN.DAT
2007-07-21 21:55:08 285 --a------ C:\WINDOWS\System32\drivers\KQVBIPUAHNUAGL.DLL
2007-07-21 21:55:08 0 dr------- C:\Documents and Settings\LocalService\Favorieten
2007-07-21 00:03:37 0 d-------- C:\WINDOWS\System32\pahxcq17
2007-07-21 00:03:12 12 --a------ C:\WINDOWS\System32\winxcq17.bin
2007-07-20 23:58:45 14 --a------ C:\WINDOWS\system\LVL
2007-07-20 23:58:42 0 d-------- C:\Documents and Settings\All Users\Application Data\{CC75D4E4-0DB5-4A0D-8B26-354A29757405}
2007-07-20 23:58:36 130 --a------ C:\WINDOWS\netcom.dll
2007-07-20 23:58:36 0 d-------- C:\Program Files\¹¤¾ßÌõ(T)
2007-07-20 23:58:10 1 --a------ C:\WINDOWS\concmd.dll
2007-07-20 23:56:39 5602020 --a------ C:\WINDOWS\System32\StormII-ppgou.exe
2007-07-20 23:56:38 97 --a------ C:\WINDOWS\System32\SZFLUDIOUBINSYE.DLL
2007-07-20 23:56:38 67 --a------ C:\WINDOWS\System32\IPYELQXGMSYFMVA.DLL
2007-07-20 23:56:38 6418 --a------ C:\WINDOWS\System32\drivers\QVDMSXC.DAT
2007-07-20 23:55:23 0 --a------ C:\WINDOWS\alewerl.dll
2007-07-20 23:50:25 32512 --a------ C:\WINDOWS\System32\drivers\sfdisk.sys <Not Verified; CACE Technologies; WinPcap Netgroup Packet Filter Driver>
2007-07-20 23:43:27 5610 --a------ C:\WINDOWS\System32\winrih66.bin
2007-07-20 23:29:47 29 --a------ C:\WINDOWS\System32\Msf3sf.sys
2007-07-20 23:29:15 0 d-------- C:\WINDOWS\System32\winup
2007-07-20 23:29:12 12800 --a------ C:\WINDOWS\System32\drivers\oterih66.sys
2007-07-20 23:26:55 0 d-------- C:\WINDOWS\System32\herolist
2007-07-20 23:26:49 0 --a------ C:\WINDOWS\alkjdhl.dll
2007-07-20 23:17:49 173181 --a------ C:\WINDOWS\dodolook408.exe
2007-07-20 23:17:43 0 --a------ C:\WINDOWS\mma.dll
2007-07-20 23:17:22 167776 --a------ C:\WINDOWS\System32\dodolook388.exe
2007-07-20 23:17:18 189952 --a------ C:\WINDOWS\QQIEHelper.dll
2007-07-20 23:17:04 0 --a------ C:\WINDOWS\rssadoer.dll
2007-07-20 22:57:00 0 d-------- C:\Program Files\winp
2007-07-20 22:56:51 0 --a------ C:\WINDOWS\erttersbar.dll
2007-07-20 22:56:37 232276 --a------ C:\WINDOWS\System32\ad_2276.exe
2007-07-20 22:56:23 173152 --a------ C:\WINDOWS\System32\k9641300421.exe
2007-07-20 22:56:15 29 --a------ C:\WINDOWS\System32\2610195-87
2007-07-20 22:25:56 0 --a------ C:\WINDOWS\144.exe
2007-07-18 19:26:10 221184 --a------ C:\WINDOWS\System32\Dfssvr.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
2007-07-08 16:04:36 299008 --a------ C:\WINDOWS\dc.dll <Not Verified; ; dataacess Dynamic Link Library>
2007-06-22 20:59:16 0 d-------- C:\WINDOWS\?dobe
2007-06-02 12:50:00 0 --a------ C:\WINDOWS\update.exe
2007-05-27 09:00:48 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\s?curity
2007-04-08 12:13:28 0 --a----c- C:\WINDOWS\winhp32.exe
2007-03-29 22:20:26 0 d-------- C:\WINDOWS\System32\??crosoft.NET
2007-03-25 13:47:45 0 d-------- C:\Program Files\Common Files\?racle
2007-03-23 20:32:12 0 d-------- C:\WINDOWS\?icrosoft
2007-03-19 17:26:54 18071 --a------ C:\WINDOWS\System32\12.exe
2007-03-19 17:26:39 17992 --a------ C:\WINDOWS\System32\10.exe
2007-03-19 17:26:35 13524 --a------ C:\WINDOWS\System32\9.exe
2007-03-19 17:15:38 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\Bitdefender
2007-03-19 17:11:53 81984 --a------ C:\WINDOWS\System32\bdod.bin
2007-03-19 17:04:43 0 d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2007-03-17 12:39:08 0 d-------- C:\WINDOWS\?ppPatch
2007-03-16 02:13:17 0 d-------- C:\WINDOWS\System32\appmgmt
2007-03-16 02:00:10 0 d-------- C:\Program Files\Trend Micro
2007-03-15 17:20:55 0 dr-h----- C:\Documents and Settings\Administrator\Onlangs geopend
2007-03-15 17:19:47 0 d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2007-03-15 17:17:11 0 d-------- C:\Documents and Settings\Administrator\Favorieten
2007-03-15 17:17:11 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2007-03-15 17:17:11 0 d-------- C:\Documents and Settings\Administrator\Bureaublad
2007-03-15 17:17:11 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2007-03-15 17:17:11 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2007-03-15 17:17:10 0 d--h----- C:\Documents and Settings\Administrator\Sjablonen
2007-03-15 17:17:10 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2007-03-15 17:17:10 786432 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-03-15 17:17:10 0 d--h----- C:\Documents and Settings\Administrator\Netwerkprinteromgeving
2007-03-15 17:17:10 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2007-03-15 17:17:10 0 d-------- C:\Documents and Settings\Administrator\Mijn documenten
2007-03-15 17:17:10 0 dr------- C:\Documents and Settings\Administrator\Menu Start
2007-03-15 17:17:10 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2007-03-15 17:01:26 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-03-15 17:00:43 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-03-15 17:00:43 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\SUPERAntiSpyware.com
2007-03-15 16:59:40 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-03-15 16:46:50 0 d-------- C:\Program Files\XP Repair Pro 2007
2007-03-15 16:26:17 0 dr-h----- C:\Documents and Settings\Gebruiker\Onlangs geopend
2007-03-15 16:15:03 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\WinRAR
2007-03-12 18:43:31 15128 ---hs---- C:\WINDOWS\System32\tsqc.dll
2007-03-12 18:43:26 8396 ---hs---- C:\WINDOWS\System32\qlihzouhgnfe.dll
2007-03-12 18:43:18 9934 ---hs---- C:\WINDOWS\System32\taijoad.dll
2007-03-12 18:43:04 154814 --a------ C:\WINDOWS\System32\hfrdzx.dll
2007-03-12 18:42:56 162437 --a------ C:\WINDOWS\System32\zjydcx.dll
2007-03-12 18:42:53 9938 ---hs---- C:\WINDOWS\System32\laixuhz.dll
2007-03-12 18:42:47 9259 ---hs---- C:\WINDOWS\System32\kiluw.dll
2007-03-12 18:42:35 15118 ---hs---- C:\WINDOWS\System32\cuhad.dll
2007-03-12 18:40:39 78184 ---hs---- C:\WINDOWS\System32\wininat.dll
2007-03-11 19:38:52 7602176 --a------ C:\Documents and Settings\Gebruiker\ntuser.dat
2007-02-23 21:32:27 153021 --a------ C:\WINDOWS\System32\sgrefg.dll
2007-02-23 21:32:16 13602 ---hs---- C:\WINDOWS\System32\oaijihzeuyouhz.dll
2007-02-23 21:29:47 48945 --ahs---- C:\WINDOWS\914847MM.DLL
2007-02-23 21:29:17 9778 ---hs---- C:\WINDOWS\System32\zadnew.dll
2007-02-23 20:44:34 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-02-23 20:05:36 0 d-------- C:\WINDOWS\System32\W?nSxS
2007-02-22 11:49:34 155 --a------ C:\DFD4545085.bat
2007-02-22 10:35:09 155 --a------ C:\DFD79564.bat
2007-02-22 10:35:04 155 --a------ C:\DFD75488.bat
2007-02-22 10:33:21 155 --a------ C:\DFD6819786.bat
2007-02-21 00:14:44 155 --a------ C:\DFD69920.bat
2007-02-21 00:13:10 155 --a------ C:\DFD1792116.bat

-- Find3M Report ---------------------------------------------------------------

2008-02-11 20:52:42 246 --a------ C:\WINDOWS\System32\7B027864.dat
2008-01-05 00:58:08 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\?ymantec
2007-09-30 12:54:59 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\??sks
2007-09-29 17:38:25 61440 --ahs---- C:\WINDOWS\System32\WanPacket.dll <Not Verified; CACE Technologies; WinPcap low level NetMon wrapper library>
2007-09-29 17:38:23 233472 --ahs---- C:\WINDOWS\System32\wpcap.dll <Not Verified; CACE Technologies; WinPcap high level library>
2007-09-29 17:38:21 81920 --ahs---- C:\WINDOWS\System32\Packet.dll <Not Verified; CACE Technologies; WinPcap low level packet library>
2007-09-28 17:04:17 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\??crosoft.NET
2007-08-17 12:36:25 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\??mbols
2007-08-11 23:12:41 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\?icrosoft.NET
2007-07-21 23:02:29 2461 --a------ C:\WINDOWS\System32\gkek80wg7.dll
2007-07-21 22:59:22 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\Cuckoo
2007-07-21 21:55:39 69276 --a------ C:\WINDOWS\003.exe
2007-07-20 23:57:36 33 --a------ C:\WINDOWS\System32\1kJ8Pgw1g.dll
2007-07-20 23:25:06 56 --a------ C:\WINDOWS\System32\winzqf44.bin
2007-05-27 09:00:48 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\s?curity
2007-03-25 13:47:45 0 d-------- C:\Program Files\Common Files\?racle
2007-03-19 18:29:29 0 d-------- C:\Program Files\Soulseek
2007-03-19 18:27:18 0 d-------- C:\Program Files\QuickTime
2007-03-19 17:43:06 0 d-------- C:\Program Files\Last.fm Player
2007-03-19 17:41:42 0 d-------- C:\Program Files\Graphmatica
2007-03-19 17:41:39 0 d-------- C:\Program Files\Google
2007-03-19 17:41:33 0 d-------- C:\Program Files\ewido anti-spyware 4.0
2007-03-19 17:38:20 0 d-------- C:\Program Files\CCleaner
2007-03-19 17:17:42 6723 --ahs---- C:\WINDOWS\rgdzkfnr.dll
2007-03-19 17:17:42 76 --a------ C:\WINDOWS\mhjisghu.dat
2007-03-19 17:17:42 6723 --ahs---- C:\WINDOWS\dhosesmh.dll
2007-03-19 17:17:41 36096 --a------ C:\WINDOWS\fxjrlzdz.dat
2007-03-19 17:02:26 0 d-a------ C:\Program Files\Common Files
2007-03-18 22:09:57 0 d-------- C:\Program Files\Ahead
2007-03-16 02:56:44 0 d-------- C:\Program Files\Common Files\InstallShield
2007-03-16 02:53:04 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-03-16 02:24:34 0 d-------- C:\Program Files\Common Files\Autodesk Shared
2007-03-16 02:23:50 0 d-------- C:\Program Files\Help
2007-03-16 02:23:45 0 d-------- C:\Program Files\Sample
2007-03-16 02:11:01 0 d-------- C:\Program Files\AutoCAD 2002
2007-03-15 17:33:19 0 d-------- C:\Program Files\proe2001
2007-03-15 16:37:27 393872 --a----c- C:\WINDOWS\System32\perfh013.dat
2007-03-15 16:37:27 67990 --a----c- C:\WINDOWS\System32\perfc013.dat
2007-02-23 23:10:34 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\a?sembly
2007-02-23 22:01:32 10179 ---hs---- C:\WINDOWS\gzfrdxlz.exe
2007-02-23 21:29:12 10179 ---hs---- C:\WINDOWS\thwumhxij.exe
2007-02-21 00:44:41 19446 ---hs---- C:\WINDOWS\System32\sauhad.dll
2007-02-19 14:31:28 201728 --a------ C:\WINDOWS\System32\mwiszyys32_080131.dll
2007-02-19 10:27:43 13043 ---hs---- C:\WINDOWS\System32\naijihzeuyouhz.dll
2007-02-19 10:26:29 19817 ---hs---- C:\WINDOWS\System32\auhad.dll
2007-02-15 16:00:23 0 d-------- C:\Documents and Settings\Gebruiker\Application Data\Lavasoft
2007-02-15 16:00:03 0 d-------- C:\Program Files\Lavasoft
2007-02-15 15:53:46 19716 ---hs---- C:\WINDOWS\System32\hjxr.dll
2007-02-14 20:16:52 155 --a------ C:\DFD649433.bat
2007-02-14 20:16:47 19144 ---hs---- C:\WINDOWS\System32\3auhad.dll
2007-02-14 19:47:00 0 d-------- C:\Program Files\MSN Messenger
2007-02-14 18:49:15 68 --a------ C:\WINDOWS\System32\1fd629
2007-02-14 18:19:15 68 --a------ C:\WINDOWS\System32\01fd
2007-02-14 18:13:32 128 --a------ C:\WINDOWS\iwvfdvkv.dat
2007-01-31 13:50:32 913408 --a------ C:\WINDOWS\System32\xreglib.dll

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{106FDA5E-0EDC-1A20-E67F-1F2AA097CFFD}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1B75A53F-72E6-3641-DFD9-35F8BD1198A8}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2CFF1B3B-9BB4-D445-8D79-DF066DA7F3AC}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4B23A8E5-CC9C-4A15-81F3-9B902C00AF4B}]
C:\Program Files\Internet Explorer\PLUGINS\NvSys_55.Sys

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4DA2834E-5390-413D-FAFE-178A3B6ACCFA}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{55CE9E32-1FB6-0511-8E79-5FCE0ED9D4AE}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6611B70A-E4CA-4856-9781-1D956AD1653C}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{75147C85-FE5C-B2AE-6622-BAA08814AEFA}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{86257D12-F8CD-ED3E-A73E-BB80EAD10CA7}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{97ABF81A-62A9-6E5F-DB2E-39E671815C95}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9F65FB44-7BC5-386E-A57E-6FBDA9E117F9}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A286C81A-4F9A-5B6B-F61E-09CB41B171A5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A51B4230-93BA-8713-DCEC-86F38D8327F5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A9BDC921-4DFB-0B0E-936D-0E5B270D78A6}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AD5C1210-C19A-D06F-A4EB-D6869A4228F7}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B27F6BB7-BE6F-FCCA-0374-AFC1EED163F4}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D167D287-590D-17FE-39C4-44CFAF405BF7}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DF88F2EE-206C-3BC9-5EC1-346844480AA3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E5F1E07D-32A0-2804-9FB8-234937BA36A1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F85713B0-9039-D599-56D4-85B3C85529FF}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FEBFCE2A-1CFE-0F08-C16D-0E5B280C2BF1}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Tweak UI"="TWEAKUI.CPL" [17/06/2000 23:00 C:\WINDOWS\system32\TWEAKUI.CPL]
"AME_CSA"="amecsa.cpl" [03/10/2002 09:25 C:\WINDOWS\system32\AmeCSA.cpl]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [04/04/2004 09:05]
"WSockDrv32"="C:\WINDOWS\WSockDrv32.exe"

"bqrqefar"="C:\WINDOWS\qqfrgjoj.exe"

"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [02/04/2007 15:48]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [26/03/2007 14:49]
"AVPSrv"="C:\WINDOWS\AVPSrv.exE"

"upxdnd"="C:\WINDOWS\upxdnd.exe"

"Kvsc3"="C:\WINDOWS\Kvsc3.exE"

"PTSShell"="C:\WINDOWS\PTSShell.exe"

"DbgHlp32"="C:\WINDOWS\DbgHlp32.exe"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [19/01/2007 11:54]
"Pmb"="C:\WINDOWS\system32\??crosoft.NET\?canregw.exe" [28/01/2008 17:29]
"Racb"="C:\DOCUME~1\GEBRUI~1\APPLIC~1\ASEMBL~1\taskmgr.exe" [23/02/2007 22:22]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [29/02/2008 16:03]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [04/02/2007 00:38]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"thwumhxij"=thwumhxij.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{7A65498A-7653-9801-1647-987114AB7F47}"= C:\WINDOWS\System32\zxgpri.dll [ ]
"{759AFD5B-159F-ACD8-954C-ACD545FA6587}"= C:\WINDOWS\System32\jzgpri.dll [ ]
"{5562452F-FA36-BA4F-892A-FF5FBBAC5315}"= C:\WINDOWS\System32\myepri.dll [04/08/2004 12:36 20019]
"{42311A42-AC1B-158F-FD32-5674345F23A4}"= C:\WINDOWS\System32\dhdpri.dll [ ]
"{4F12545B-1212-1314-5679-4512ACEF8904}"= C:\WINDOWS\System32\wddpri.dll [ ]
"{4859245F-345D-BC13-AC4F-145D47DA34F4}"= C:\WINDOWS\System32\avzxdmn.dll [ ]
"{3A1247C1-53DA-FF43-ABD3-345F323A48D3}"= C:\WINDOWS\System32\avwgcmn.dll [ ]
"{3C87A354-ABC3-DEDE-FF33-3213FD7447C3}"= C:\WINDOWS\System32\kvdxcma.dll [ ]
"{b024bc32-ad86-4169-b2f8-0bb1e64dc3fd}"= C:\WINDOWS\System32\BAABAA1025.dll [ ]
"{4B23A8E5-CC9C-4A15-81F3-9B902C00AF4B}"= C:\Program Files\Internet Explorer\PLUGINS\NvSys_55.Sys [ ]
"{8C41B7F7-3168-400D-A702-0E7EFE0BA304}"= C:\WINDOWS\System32\sgrefg.dll [23/02/2007 22:03 153021]
"{45AADFAA-DD36-42AB-83AD-0521BBF58C24}"= C:\WINDOWS\System32\zjydcx.dll [19/03/2007 16:56 162437]
"{1DB3C525-5271-46F7-887A-D4E1ADAA7632}"= C:\WINDOWS\System32\hfrdzx.dll [19/03/2007 16:57 154814]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 12:55 77824]
"{73AE86E6-7F03-4C3B-8980-FB1DA157D3C7}"= C:\WINDOWS\System32\fmcvxy.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 19/04/2007 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avwgcmn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^THDetect.exe]
path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\THDetect.exe
backup=C:\WINDOWS\pss\THDetect.exeCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloseDNF]
C:\WINDOWS\System32\Utility.exe \1008

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DbgHlp32]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
?????

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVDispDrv]
C:\WINDOWS\soxwrj.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTSShell]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SHAProc]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

-- End of Deckard's System Scanner: finished at 2007-03-20 09:42:10 ------------

**Dribs** · 19-03-08, 15:07

Formatteren dus.
Bij deze "opgelost".

**Pimmerd** · 19-03-08, 21:18

Inderdaad, zoals via PM besproken is het niet onmogelijk om dit schoon te krijgen, toch gaat er erg veel tijd inzitten en zou het sneller zijn om te formatteren, want hij is wel erg besmet

Vergeet niet voordat je het internet op gaat eerst een virusscanner te installeren! Lees ook dit eens door:

404 Not Found

http://users.telenet.be/marcvn/spyware/1564073.htm

Mededeling

Computer total loss.

Computer total loss.

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment