Mededeling

Collapse
No announcement yet.

srosa infectie

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    srosa infectie

    Hallo,

    mijn pc is geinfecteerd met srosa. Ik ben al even bezig geweest om dingen weg te krijgen, maar aangezien het een rootkit is lukt het me niet. Mijn mcafee is uitgeschakeld en wil niet herstellen, AVG krijgt het niet weg. Spybot wordt geweigerd en ad-aware geeft foutmeldingen. Ik vrees dat dit mijn kunde te boven gaat. Kan iemand me helpen?

    Alvast heel erg bedankt voor de moeite!

    Ik heb met Hijackthis het volgende log gemaakt:


    Logfile of HijackThis v1.99.1
    Scan saved at 17:01:02, on 29-3-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\Program Files\SiteAdvisor\6253\SAService.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\PROGRA~1\AVG\AVG8\avgam.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\WINDOWS\Explorer.exe
    C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    C:\Program Files\Google\Gmail Notifier\gnotify.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Program Files\eMule\emule.exe
    C:\Program Files\McAfee\MSC\mcuimgr.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE
    C:\Documents and Settings\Alphons Bakker\Local Settings\Temporary Internet Files\Content.IE5\CMONV3JN\HijackThis[1].exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.reddingsbrigadeoss.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Config\csrss.exe
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
    O2 - BHO: ThreeShips IEHelper - {17FDB9F8-DCC4-4F6A-AE07-B16018A48469} - C:\Program Files\Common Files\Threeships Shared\Dll\ThreeShipsIEHelper.dll
    O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: De Telefoongids - {790C1F44-C559-434B-BE18-13C042555D8E} - C:\Program Files\De Telefoongids\De Telefoongids Zoekbalk\PhoneShell.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6253\SiteAdv.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "C:\Program Files\Google\Gmail Notifier\gnotify.exe"
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
    O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with ScanSoft PDF Converter 4.0 - res://C:\Program Files\ScanSoft\PDF Professional 4.0\cnvres_eng.dll /100
    O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1199346546903
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game09.zylom.com/activex/zylomgamesplayer.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5251/mcfscan.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - AppInit_DLLs: avgrsstx.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe Version Cue CS3 - Unknown owner - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" -win32service (file missing)
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: perfmons Service (perfmons) - Unknown owner - C:\WINDOWS\system32\perfmonss.exe (file missing)
    O23 - Service: Routing Service (Routing) - Unknown owner - C:\WINDOWS\system32\routing.exe (file missing)
    O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional Business XIIc\Win32\RpcDataSrv.exe
    O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional Business XIIc\RpcSandraSrv.exe
    O23 - Service: SiteAdvisor-service (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    Labels: Geen
    • Citaat
  • #2
    Ga naar deze pagina: http://www.zonavirus.com/datos/desca...5/elibagla.asp
    Helemaal onderaan klik je op de knop "Descargar ELIBAGLA 11.20"
    Plaats dit bestand (EliBaglA.exe) op je bureaublad.
    Dubbelklik erop om het programma te starten.
    Controleer of naast Unidad dit staat: C:\
    Onderaan moet je zorgen dat "Eliminar Ficheros Automaticamente" aangevinkt is.
    Klik nu op de knop "Explorar" om de tool te laten scannen.

    Post de inhoud van het bestandje C:\InfoSat.txt
    Vervolgens klik je op de knop "Salir" om het programma af te sluiten.
    • Citaat

    Comment

    • #3
      Hoi Steggel, dank voor je hulp.
      Dit is het gevraagde bestandje:


      Sun Mar 30 10:12:13 2008
      EliBagle v11.20 (c)2008 S.G.H. / Satinfo S.L.
      ----------------------------------------------
      Lista de Acciones (por Acción Directa):
      C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
      C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
      C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle Acceso Denegado.
      C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
      Reinicie para Completar la Limpieza.

      Sun Mar 30 10:13:07 2008
      EliBagle v11.20 (c)2008 S.G.H. / Satinfo S.L.
      ----------------------------------------------
      Lista de Acciones (por Exploración):
      Explorando Unidad C:\

      Nº Total de Directorios: 14101
      Nº Total de Ficheros: 165569
      Nº de Ficheros Analizados: 13514
      Nº de Ficheros Infectados: 0
      Nº de Ficheros Limpiados: 0
      • Citaat

      Comment

      • #4
        Herstart de computer, dan start het programma opnieuw en wordt een nieuw log gemaakt.
        • Citaat

        Comment

        • #5
          Dit zou het moeten zijn. Het progje wilde ook de d gaan scannen. Heb ik niet laten doen. Is dat ok?


          Sun Mar 30 10:12:13 2008
          EliBagle v11.20 (c)2008 S.G.H. / Satinfo S.L.
          ----------------------------------------------
          Lista de Acciones (por Acción Directa):
          C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
          C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
          C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle Acceso Denegado.
          C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
          Reinicie para Completar la Limpieza.

          Sun Mar 30 10:13:07 2008
          EliBagle v11.20 (c)2008 S.G.H. / Satinfo S.L.
          ----------------------------------------------
          Lista de Acciones (por Exploración):
          Explorando Unidad C:\

          Nº Total de Directorios: 14101
          Nº Total de Ficheros: 165569
          Nº de Ficheros Analizados: 13514
          Nº de Ficheros Infectados: 0
          Nº de Ficheros Limpiados: 0

          Sun Mar 30 12:09:15 2008
          EliBagle v11.20 (c)2008 S.G.H. / Satinfo S.L.
          ----------------------------------------------
          Lista de Acciones (por Acción Directa):
          C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
          C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle Acceso Denegado.
          C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
          Reinicie para Completar la Limpieza.

          Sun Mar 30 12:09:20 2008
          EliBagle v11.20 (c)2008 S.G.H. / Satinfo S.L.
          ----------------------------------------------
          Lista de Acciones (por Exploración):
          Explorando Unidad C:\

          Nº Total de Directorios: 14102
          Nº Total de Ficheros: 165622
          Nº de Ficheros Analizados: 13514
          Nº de Ficheros Infectados: 0
          Nº de Ficheros Limpiados: 0
          • Citaat

          Comment

          • #6
            Ik ben nog niet overtuigt of het goed is gelukt.

            Download Combofix.exe naar je bureaublad.
            LET OP bij het opslaan, hernoem het als Combo-Fix.exe om op je Bureaublad op te slaan.

            Dubbelklik dan op Combo-Fix.exe, accepteer de waarschuwing, de computer wordt gescant.
            Post het log dat na enkele minuten wordt gemaakt.
            • Citaat

            Comment

            • #7
              De pc werd opneiuw opgestart, ook het programma elibagla wilde opstarten, ik heb dit niet geaccepteerd.
              Het volgende log rolde er uit:

              ComboFix 08-03-30.1 - Alphons Bakker 2008-03-30 12:51:17.1 - NTFSx86
              Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.2239 [GMT 2:00]
              Gestart vanuit: C:\Documents and Settings\Alphons Bakker\Bureaublad\Combo-Fix.exe
              * Nieuw herstelpunt werd aangemaakt

              WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
              .

              (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
              .

              C:\WINDOWS\2.exe
              C:\WINDOWS\system32\drivers\down
              C:\WINDOWS\system32\drivers\down\109421.exe
              C:\WINDOWS\system32\drivers\down\110046.exe
              C:\WINDOWS\system32\drivers\down\112437.exe
              C:\WINDOWS\system32\drivers\down\115125.exe
              C:\WINDOWS\system32\drivers\down\11562890.exe
              C:\WINDOWS\system32\drivers\down\11564234.exe
              C:\WINDOWS\system32\drivers\down\11565015.exe
              C:\WINDOWS\system32\drivers\down\11566250.exe
              C:\WINDOWS\system32\drivers\down\11573390.exe
              C:\WINDOWS\system32\drivers\down\11592218.exe
              C:\WINDOWS\system32\drivers\down\11598812.exe
              C:\WINDOWS\system32\drivers\down\11611390.exe
              C:\WINDOWS\system32\drivers\down\11613765.exe
              C:\WINDOWS\system32\drivers\down\11620171.exe
              C:\WINDOWS\system32\drivers\down\11623750.exe
              C:\WINDOWS\system32\drivers\down\11627265.exe
              C:\WINDOWS\system32\drivers\down\11628218.exe
              C:\WINDOWS\system32\drivers\down\11629781.exe
              C:\WINDOWS\system32\drivers\down\123140.exe
              C:\WINDOWS\system32\drivers\down\143046.exe
              C:\WINDOWS\system32\drivers\down\14705125.exe
              C:\WINDOWS\system32\drivers\down\14705406.exe
              C:\WINDOWS\system32\drivers\down\14707609.exe
              C:\WINDOWS\system32\drivers\down\14707734.exe
              C:\WINDOWS\system32\drivers\down\14711875.exe
              C:\WINDOWS\system32\drivers\down\14713531.exe
              C:\WINDOWS\system32\drivers\down\14717421.exe
              C:\WINDOWS\system32\drivers\down\14725390.exe
              C:\WINDOWS\system32\drivers\down\14726468.exe
              C:\WINDOWS\system32\drivers\down\14727562.exe
              C:\WINDOWS\system32\drivers\down\14731312.exe
              C:\WINDOWS\system32\drivers\down\14735421.exe
              C:\WINDOWS\system32\drivers\down\14740734.exe
              C:\WINDOWS\system32\drivers\down\14742203.exe
              C:\WINDOWS\system32\drivers\down\14744125.exe
              C:\WINDOWS\system32\drivers\down\14748078.exe
              C:\WINDOWS\system32\drivers\down\14751343.exe
              C:\WINDOWS\system32\drivers\down\14751578.exe
              C:\WINDOWS\system32\drivers\down\14752781.exe
              C:\WINDOWS\system32\drivers\down\14755218.exe
              C:\WINDOWS\system32\drivers\down\14759250.exe
              C:\WINDOWS\system32\drivers\down\14759562.exe
              C:\WINDOWS\system32\drivers\down\14761609.exe
              C:\WINDOWS\system32\drivers\down\14763171.exe
              C:\WINDOWS\system32\drivers\down\14763390.exe
              C:\WINDOWS\system32\drivers\down\14765750.exe
              C:\WINDOWS\system32\drivers\down\14769937.exe
              C:\WINDOWS\system32\drivers\down\14771906.exe
              C:\WINDOWS\system32\drivers\down\14773218.exe
              C:\WINDOWS\system32\drivers\down\14774250.exe
              C:\WINDOWS\system32\drivers\down\14775312.exe
              C:\WINDOWS\system32\drivers\down\14775515.exe
              C:\WINDOWS\system32\drivers\down\14777593.exe
              C:\WINDOWS\system32\drivers\down\14789343.exe
              C:\WINDOWS\system32\drivers\down\14803515.exe
              C:\WINDOWS\system32\drivers\down\14806921.exe
              C:\WINDOWS\system32\drivers\down\14808468.exe
              C:\WINDOWS\system32\drivers\down\14811171.exe
              C:\WINDOWS\system32\drivers\down\14811906.exe
              C:\WINDOWS\system32\drivers\down\14815234.exe
              C:\WINDOWS\system32\drivers\down\14816781.exe
              C:\WINDOWS\system32\drivers\down\14818484.exe
              C:\WINDOWS\system32\drivers\down\14820546.exe
              C:\WINDOWS\system32\drivers\down\14826812.exe
              C:\WINDOWS\system32\drivers\down\14830468.exe
              C:\WINDOWS\system32\drivers\down\14830859.exe
              C:\WINDOWS\system32\drivers\down\14831062.exe
              C:\WINDOWS\system32\drivers\down\14832562.exe
              C:\WINDOWS\system32\drivers\down\14863406.exe
              C:\WINDOWS\system32\drivers\down\14866937.exe
              C:\WINDOWS\system32\drivers\down\149671.exe
              C:\WINDOWS\system32\drivers\down\15024625.exe
              C:\WINDOWS\system32\drivers\down\15024953.exe
              C:\WINDOWS\system32\drivers\down\15068359.exe
              C:\WINDOWS\system32\drivers\down\15068500.exe
              C:\WINDOWS\system32\drivers\down\15069562.exe
              C:\WINDOWS\system32\drivers\down\15075265.exe
              C:\WINDOWS\system32\drivers\down\15095796.exe
              C:\WINDOWS\system32\drivers\down\15102656.exe
              C:\WINDOWS\system32\drivers\down\15104312.exe
              C:\WINDOWS\system32\drivers\down\15106703.exe
              C:\WINDOWS\system32\drivers\down\151343.exe
              C:\WINDOWS\system32\drivers\down\15158984.exe
              C:\WINDOWS\system32\drivers\down\15162328.exe
              C:\WINDOWS\system32\drivers\down\15203109.exe
              C:\WINDOWS\system32\drivers\down\15206265.exe
              C:\WINDOWS\system32\drivers\down\15210734.exe
              C:\WINDOWS\system32\drivers\down\15242187.exe
              C:\WINDOWS\system32\drivers\down\15245593.exe
              C:\WINDOWS\system32\drivers\down\162906.exe
              C:\WINDOWS\system32\drivers\down\168281.exe
              C:\WINDOWS\system32\drivers\down\168734.exe
              C:\WINDOWS\system32\drivers\down\170484.exe
              C:\WINDOWS\system32\drivers\down\172468.exe
              C:\WINDOWS\system32\drivers\down\175937.exe
              C:\WINDOWS\system32\drivers\down\177000.exe
              C:\WINDOWS\system32\drivers\down\177421.exe
              C:\WINDOWS\system32\drivers\down\184421.exe
              C:\WINDOWS\system32\drivers\down\187265.exe
              C:\WINDOWS\system32\drivers\down\187796.exe
              C:\WINDOWS\system32\drivers\down\188500.exe
              C:\WINDOWS\system32\drivers\down\190031.exe
              C:\WINDOWS\system32\drivers\down\194140.exe
              C:\WINDOWS\system32\drivers\down\199281.exe
              C:\WINDOWS\system32\drivers\down\199953.exe
              C:\WINDOWS\system32\drivers\down\200234.exe
              C:\WINDOWS\system32\drivers\down\201750.exe
              C:\WINDOWS\system32\drivers\down\207015.exe
              C:\WINDOWS\system32\drivers\down\207984.exe
              C:\WINDOWS\system32\drivers\down\208968.exe
              C:\WINDOWS\system32\drivers\down\212718.exe
              C:\WINDOWS\system32\drivers\down\213031.exe
              C:\WINDOWS\system32\drivers\down\219984.exe
              C:\WINDOWS\system32\drivers\down\220625.exe
              C:\WINDOWS\system32\drivers\down\224078.exe
              C:\WINDOWS\system32\drivers\down\224640.exe
              C:\WINDOWS\system32\drivers\down\227843.exe
              C:\WINDOWS\system32\drivers\down\229984.exe
              C:\WINDOWS\system32\drivers\down\235156.exe
              C:\WINDOWS\system32\drivers\down\236890.exe
              C:\WINDOWS\system32\drivers\down\238890.exe
              C:\WINDOWS\system32\drivers\down\249859.exe
              C:\WINDOWS\system32\drivers\down\254390.exe
              C:\WINDOWS\system32\drivers\down\257296.exe
              C:\WINDOWS\system32\drivers\down\258515.exe
              C:\WINDOWS\system32\drivers\down\259906.exe
              C:\WINDOWS\system32\drivers\down\259953.exe
              C:\WINDOWS\system32\drivers\down\260812.exe
              C:\WINDOWS\system32\drivers\down\262000.exe
              C:\WINDOWS\system32\drivers\down\266968.exe
              C:\WINDOWS\system32\drivers\down\272296.exe
              C:\WINDOWS\system32\drivers\down\274609.exe
              C:\WINDOWS\system32\drivers\down\276531.exe
              C:\WINDOWS\system32\drivers\down\279078.exe
              C:\WINDOWS\system32\drivers\down\283406.exe
              C:\WINDOWS\system32\drivers\down\29213359.exe
              C:\WINDOWS\system32\drivers\down\29213640.exe
              C:\WINDOWS\system32\drivers\down\29214656.exe
              C:\WINDOWS\system32\drivers\down\29214781.exe
              C:\WINDOWS\system32\drivers\down\29216031.exe
              C:\WINDOWS\system32\drivers\down\29221484.exe
              C:\WINDOWS\system32\drivers\down\29238781.exe
              C:\WINDOWS\system32\drivers\down\29241187.exe
              C:\WINDOWS\system32\drivers\down\29242625.exe
              C:\WINDOWS\system32\drivers\down\29244296.exe
              C:\WINDOWS\system32\drivers\down\29274031.exe
              C:\WINDOWS\system32\drivers\down\29274312.exe
              C:\WINDOWS\system32\drivers\down\29277359.exe
              C:\WINDOWS\system32\drivers\down\29278390.exe
              C:\WINDOWS\system32\drivers\down\29282593.exe
              C:\WINDOWS\system32\drivers\down\29298328.exe
              C:\WINDOWS\system32\drivers\down\29300812.exe
              C:\WINDOWS\system32\drivers\down\29304250.exe
              C:\WINDOWS\system32\drivers\down\29306078.exe
              C:\WINDOWS\system32\drivers\down\29308078.exe
              C:\WINDOWS\system32\drivers\down\29312640.exe
              C:\WINDOWS\system32\drivers\down\29316875.exe
              C:\WINDOWS\system32\drivers\down\29317234.exe
              C:\WINDOWS\system32\drivers\down\29317531.exe
              C:\WINDOWS\system32\drivers\down\29317593.exe
              C:\WINDOWS\system32\drivers\down\29319078.exe
              C:\WINDOWS\system32\drivers\down\29348750.exe
              C:\WINDOWS\system32\drivers\down\29349078.exe
              C:\WINDOWS\system32\drivers\down\29349265.exe
              C:\WINDOWS\system32\drivers\down\29349796.exe
              C:\WINDOWS\system32\drivers\down\29350578.exe
              C:\WINDOWS\system32\drivers\down\29353234.exe
              C:\WINDOWS\system32\drivers\down\293546.exe
              C:\WINDOWS\system32\drivers\down\29381515.exe
              C:\WINDOWS\system32\drivers\down\29384906.exe
              C:\WINDOWS\system32\drivers\down\29652296.exe
              C:\WINDOWS\system32\drivers\down\29652609.exe
              C:\WINDOWS\system32\drivers\down\29656968.exe
              C:\WINDOWS\system32\drivers\down\29657093.exe
              C:\WINDOWS\system32\drivers\down\29658093.exe
              C:\WINDOWS\system32\drivers\down\29662171.exe
              C:\WINDOWS\system32\drivers\down\29678406.exe
              C:\WINDOWS\system32\drivers\down\29685484.exe
              C:\WINDOWS\system32\drivers\down\29687390.exe
              C:\WINDOWS\system32\drivers\down\29689234.exe
              C:\WINDOWS\system32\drivers\down\29698921.exe
              C:\WINDOWS\system32\drivers\down\29704312.exe
              C:\WINDOWS\system32\drivers\down\29704703.exe
              C:\WINDOWS\system32\drivers\down\29704890.exe
              C:\WINDOWS\system32\drivers\down\29706218.exe
              C:\WINDOWS\system32\drivers\down\29737984.exe
              C:\WINDOWS\system32\drivers\down\29741406.exe
              C:\WINDOWS\system32\drivers\down\297515.exe
              C:\WINDOWS\system32\drivers\down\308890.exe
              C:\WINDOWS\system32\drivers\down\311906.exe
              C:\WINDOWS\system32\drivers\down\314484.exe
              C:\WINDOWS\system32\drivers\down\314796.exe
              C:\WINDOWS\system32\drivers\down\314953.exe
              C:\WINDOWS\system32\drivers\down\317343.exe
              C:\WINDOWS\system32\drivers\down\318703.exe
              C:\WINDOWS\system32\drivers\down\348421.exe
              C:\WINDOWS\system32\drivers\down\352281.exe
              C:\WINDOWS\system32\drivers\down\406750.exe
              C:\WINDOWS\system32\drivers\down\407140.exe
              C:\WINDOWS\system32\drivers\down\408453.exe
              C:\WINDOWS\system32\drivers\down\409343.exe
              C:\WINDOWS\system32\drivers\down\410515.exe
              C:\WINDOWS\system32\drivers\down\415750.exe
              C:\WINDOWS\system32\drivers\down\43760546.exe
              C:\WINDOWS\system32\drivers\down\43761031.exe
              C:\WINDOWS\system32\drivers\down\43763031.exe
              C:\WINDOWS\system32\drivers\down\43764687.exe
              C:\WINDOWS\system32\drivers\down\43768078.exe
              C:\WINDOWS\system32\drivers\down\43791921.exe
              C:\WINDOWS\system32\drivers\down\43792390.exe
              C:\WINDOWS\system32\drivers\down\43794140.exe
              C:\WINDOWS\system32\drivers\down\43806203.exe
              C:\WINDOWS\system32\drivers\down\43814765.exe
              C:\WINDOWS\system32\drivers\down\43816484.exe
              C:\WINDOWS\system32\drivers\down\43817187.exe
              C:\WINDOWS\system32\drivers\down\43821421.exe
              C:\WINDOWS\system32\drivers\down\43822140.exe
              C:\WINDOWS\system32\drivers\down\43824906.exe
              C:\WINDOWS\system32\drivers\down\43829625.exe
              C:\WINDOWS\system32\drivers\down\43834421.exe
              C:\WINDOWS\system32\drivers\down\43836265.exe
              C:\WINDOWS\system32\drivers\down\43839593.exe
              C:\WINDOWS\system32\drivers\down\43841015.exe
              C:\WINDOWS\system32\drivers\down\43842828.exe
              C:\WINDOWS\system32\drivers\down\43843953.exe
              C:\WINDOWS\system32\drivers\down\43845468.exe
              C:\WINDOWS\system32\drivers\down\43847187.exe
              C:\WINDOWS\system32\drivers\down\43859234.exe
              C:\WINDOWS\system32\drivers\down\43862625.exe
              C:\WINDOWS\system32\drivers\down\43863921.exe
              C:\WINDOWS\system32\drivers\down\43864203.exe
              C:\WINDOWS\system32\drivers\down\43865781.exe
              C:\WINDOWS\system32\drivers\down\43894812.exe
              C:\WINDOWS\system32\drivers\down\43897906.exe
              C:\WINDOWS\system32\drivers\down\43898578.exe
              C:\WINDOWS\system32\drivers\down\43901718.exe
              C:\WINDOWS\system32\drivers\down\44148187.exe
              C:\WINDOWS\system32\drivers\down\44148656.exe
              C:\WINDOWS\system32\drivers\down\44151500.exe
              C:\WINDOWS\system32\drivers\down\44152125.exe
              C:\WINDOWS\system32\drivers\down\44154671.exe
              C:\WINDOWS\system32\drivers\down\44158750.exe
              C:\WINDOWS\system32\drivers\down\44177906.exe
              C:\WINDOWS\system32\drivers\down\44181125.exe
              C:\WINDOWS\system32\drivers\down\44182671.exe
              C:\WINDOWS\system32\drivers\down\44184343.exe
              C:\WINDOWS\system32\drivers\down\44192250.exe
              C:\WINDOWS\system32\drivers\down\44195640.exe
              C:\WINDOWS\system32\drivers\down\44196328.exe
              C:\WINDOWS\system32\drivers\down\44199609.exe
              C:\WINDOWS\system32\drivers\down\44201296.exe
              C:\WINDOWS\system32\drivers\down\44232109.exe
              C:\WINDOWS\system32\drivers\down\44235906.exe
              C:\WINDOWS\system32\drivers\down\452843.exe
              C:\WINDOWS\system32\drivers\down\482875.exe
              C:\WINDOWS\system32\drivers\down\484484.exe
              C:\WINDOWS\system32\drivers\down\486218.exe
              C:\WINDOWS\system32\drivers\down\493171.exe
              C:\WINDOWS\system32\drivers\down\496125.exe
              C:\WINDOWS\system32\drivers\down\496625.exe
              C:\WINDOWS\system32\drivers\down\499968.exe
              C:\WINDOWS\system32\drivers\down\501609.exe
              C:\WINDOWS\system32\drivers\down\508156.exe
              C:\WINDOWS\system32\drivers\down\508656.exe
              C:\WINDOWS\system32\drivers\down\510390.exe
              C:\WINDOWS\system32\drivers\down\511171.exe
              C:\WINDOWS\system32\drivers\down\512171.exe
              C:\WINDOWS\system32\drivers\down\528875.exe
              C:\WINDOWS\system32\drivers\down\532265.exe
              C:\WINDOWS\system32\drivers\down\536000.exe
              C:\WINDOWS\system32\drivers\down\549859.exe
              C:\WINDOWS\system32\drivers\down\557171.exe
              C:\WINDOWS\system32\drivers\down\558890.exe
              C:\WINDOWS\system32\drivers\down\561031.exe
              C:\WINDOWS\system32\drivers\down\569937.exe
              C:\WINDOWS\system32\drivers\down\573312.exe
              C:\WINDOWS\system32\drivers\down\576328.exe
              C:\WINDOWS\system32\drivers\down\576734.exe
              C:\WINDOWS\system32\drivers\down\578343.exe
              C:\WINDOWS\system32\drivers\down\58327015.exe
              C:\WINDOWS\system32\drivers\down\58327296.exe
              C:\WINDOWS\system32\drivers\down\58334375.exe
              C:\WINDOWS\system32\drivers\down\58335296.exe
              C:\WINDOWS\system32\drivers\down\58338703.exe
              C:\WINDOWS\system32\drivers\down\58356734.exe
              C:\WINDOWS\system32\drivers\down\58361953.exe
              C:\WINDOWS\system32\drivers\down\58363562.exe
              C:\WINDOWS\system32\drivers\down\58366109.exe
              C:\WINDOWS\system32\drivers\down\58368328.exe
              C:\WINDOWS\system32\drivers\down\58373953.exe
              C:\WINDOWS\system32\drivers\down\58377453.exe
              C:\WINDOWS\system32\drivers\down\58378390.exe
              C:\WINDOWS\system32\drivers\down\58378578.exe
              C:\WINDOWS\system32\drivers\down\58380156.exe
              C:\WINDOWS\system32\drivers\down\58411906.exe
              C:\WINDOWS\system32\drivers\down\58415406.exe
              C:\WINDOWS\system32\drivers\down\613359.exe
              C:\WINDOWS\system32\drivers\down\617140.exe
              C:\WINDOWS\system32\drivers\hldrrr.exe
              C:\WINDOWS\system32\drivers\srosa.sys
              C:\WINDOWS\system32\drmgs.sys
              C:\WINDOWS\system32\Indt2.sys
              C:\WINDOWS\system32\mdelk.exe
              C:\WINDOWS\system32\tmp0_120379198139.bk
              C:\WINDOWS\system32\tmp0_157038461527.bk
              C:\WINDOWS\system32\tmp0_19429422331.bk
              C:\WINDOWS\system32\tmp0_260857626158.bk
              C:\WINDOWS\system32\tmp0_283314332102.bk
              C:\WINDOWS\system32\tmp0_29272325801.bk
              C:\WINDOWS\system32\tmp0_354869404200.bk
              C:\WINDOWS\system32\tmp0_475509884334.bk
              C:\WINDOWS\system32\tmp0_516061691969.bk
              C:\WINDOWS\system32\tmp0_618716174127.bk
              C:\WINDOWS\system32\tmp0_675110366411.bk
              C:\WINDOWS\system32\tmp0_722688179405.bk
              C:\WINDOWS\system32\tmp0_731717354630.bk
              C:\WINDOWS\system32\tmp0_827533129101.bk
              C:\WINDOWS\system32\wintems.exe

              .
              ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
              .

              -------\Legacy_PERFMONS
              -------\Legacy_ROUTING
              -------\Legacy_SROSA
              -------\Service_perfmons
              -------\Service_Routing
              -------\Service_srosa


              (((((((((((((((((((( Bestanden Gemaakt van 2008-02-28 to 2008-03-30 ))))))))))))))))))))))))))))))
              .

              2008-03-30 10:12 . 2008-03-30 10:12 <DIR> d-------- C:\Muestras
              2008-03-28 21:03 . 2008-03-28 21:03 54,156 --ah----- C:\WINDOWS\QTFont.qfn
              2008-03-28 21:03 . 2008-03-28 21:03 1,409 --a------ C:\WINDOWS\QTFont.for
              2008-03-24 17:08 . 2008-03-24 17:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Zylom
              2008-03-21 17:03 . 2008-03-22 18:07 512 --a------ C:\WINDOWS\Elsevier.ini
              2008-03-21 17:00 . 2008-03-21 17:01 <DIR> d-------- C:\Elsevier
              2008-03-21 16:56 . 2008-03-21 16:56 <DIR> d-------- C:\Program Files\Belastingdienst
              2008-03-16 17:28 . 2008-03-16 17:28 8,192 --ahs---- C:\WINDOWS\Thumbs.db
              2008-03-16 16:00 . 2008-03-29 14:08 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
              2008-03-16 16:00 . 2008-03-16 16:00 <DIR> d-------- C:\Program Files\AVG
              2008-03-16 16:00 . 2008-03-16 16:00 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
              2008-03-16 16:00 . 2008-03-16 16:00 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
              2008-03-16 16:00 . 2008-03-16 16:00 74,760 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
              2008-03-16 16:00 . 2008-03-16 16:00 12,424 --a------ C:\WINDOWS\system32\drivers\avgrkx86.sys
              2008-03-16 16:00 . 2008-03-16 16:00 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
              2008-03-16 15:20 . 2008-03-16 15:20 <DIR> d-------- C:\Program Files\Lavasoft
              2008-03-16 15:20 . 2008-03-16 15:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
              2008-03-14 15:28 . 2008-03-14 15:28 <DIR> d-------- C:\WINDOWS\McAfee.com
              2008-03-13 20:28 . 2007-06-05 11:56 44,928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS
              2008-03-13 20:21 . 2007-06-08 10:44 8,576 --a------ C:\WINDOWS\system32\drivers\lyeqmuwvuunn.sys
              2008-03-13 20:18 . 2007-06-08 10:44 8,576 --a------ C:\WINDOWS\system32\drivers\RkPavProc.sys
              2008-03-13 20:01 . 2008-03-13 20:01 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
              2008-03-13 20:01 . 2008-03-13 20:01 1,406 --a------ C:\WINDOWS\system32\Help.ico
              2008-03-13 00:01 . 2008-03-13 00:01 68 --a------ C:\WINDOWS\system32\tmp3_186093776420.bk
              2008-03-13 00:01 . 2008-03-13 00:01 68 --a------ C:\WINDOWS\system32\tmp1_808821263681.bk
              2008-03-12 12:32 . 2008-03-12 12:32 68 --a------ C:\WINDOWS\system32\tmp4_68939127004.bk
              2008-03-12 12:32 . 2008-03-12 12:32 68 --a------ C:\WINDOWS\system32\tmp3_270261740214.bk
              2008-03-12 12:32 . 2008-03-12 12:32 68 --a------ C:\WINDOWS\system32\tmp1_701553843304.bk
              2008-03-12 01:03 . 2008-03-12 01:03 68 --a------ C:\WINDOWS\system32\tmp4_703552191735.bk
              2008-03-12 01:03 . 2008-03-12 01:03 68 --a------ C:\WINDOWS\system32\tmp3_148130809722.bk
              2008-03-12 01:03 . 2008-03-12 01:03 68 --a------ C:\WINDOWS\system32\tmp1_332446455372.bk
              2008-03-11 19:41 . 2008-03-11 19:41 <DIR> d-------- C:\Program Files\Astraware
              2008-03-11 12:31 . 2008-03-11 12:31 68 --a------ C:\WINDOWS\system32\tmp4_495917663554.bk
              2008-03-11 12:31 . 2008-03-11 12:31 68 --a------ C:\WINDOWS\system32\tmp3_42623525412.bk
              2008-03-11 12:31 . 2008-03-11 12:31 68 --a------ C:\WINDOWS\system32\tmp1_705587898669.bk
              2008-03-11 01:00 . 2008-03-11 01:00 68 --a------ C:\WINDOWS\system32\tmp4_140348851778.bk
              2008-03-11 01:00 . 2008-03-11 01:00 68 --a------ C:\WINDOWS\system32\tmp3_123046232474.bk
              2008-03-11 01:00 . 2008-03-11 01:00 68 --a------ C:\WINDOWS\system32\tmp1_172621427546.bk
              2008-03-10 23:28 . 2008-03-10 23:28 <DIR> d-------- C:\Program Files\SuDokuV2
              2008-03-10 22:27 . 2008-03-10 23:04 <DIR> d-------- C:\Program Files\HHLHLearn4Life
              2008-03-10 22:27 . 2008-03-10 22:27 <DIR> d-------- C:\Program Files\Common Files\Threeships Shared
              2008-03-10 22:27 . 2004-04-29 12:22 106,582 --------- C:\WINDOWS\system32\NATWorks.cpl
              2008-03-10 12:31 . 2008-03-10 12:31 68 --a------ C:\WINDOWS\system32\tmp4_7220629843.bk
              2008-03-10 12:31 . 2008-03-10 12:31 68 --a------ C:\WINDOWS\system32\tmp3_8212154420.bk
              2008-03-10 12:31 . 2008-03-10 12:31 68 --a------ C:\WINDOWS\system32\tmp1_230829362742.bk
              2008-03-10 07:52 . 2008-03-10 21:48 <DIR> d-------- C:\Program Files\SuDoku
              2008-03-10 07:52 . 2003-07-12 19:35 231,936 --a------ C:\WINDOWS\epsuninst.exe
              2008-03-10 01:01 . 2008-03-10 01:01 68 --a------ C:\WINDOWS\system32\tmp4_118400256361.bk
              2008-03-10 01:01 . 2008-03-10 01:01 68 --a------ C:\WINDOWS\system32\tmp3_447036749006.bk
              2008-03-10 01:01 . 2008-03-10 01:01 68 --a------ C:\WINDOWS\system32\tmp1_4192063026.bk
              2008-03-09 12:33 . 2008-03-09 12:33 68 --a------ C:\WINDOWS\system32\tmp4_376957164815.bk
              2008-03-09 12:32 . 2008-03-09 12:32 68 --a------ C:\WINDOWS\system32\tmp3_52765515303.bk
              2008-03-09 12:32 . 2008-03-09 12:32 68 --a------ C:\WINDOWS\system32\tmp1_85367741773.bk
              2008-03-09 01:00 . 2008-03-09 01:00 68 --a------ C:\WINDOWS\system32\tmp4_794191317259.bk
              2008-03-09 01:00 . 2008-03-09 01:00 68 --a------ C:\WINDOWS\system32\tmp3_548653221714.bk
              2008-03-09 01:00 . 2008-03-09 01:00 68 --a------ C:\WINDOWS\system32\tmp1_431881460228.bk
              2008-03-08 12:32 . 2008-03-08 12:32 68 --a------ C:\WINDOWS\system32\tmp4_25447866425.bk
              2008-03-08 12:32 . 2008-03-08 12:32 68 --a------ C:\WINDOWS\system32\tmp3_3321636229.bk
              2008-03-08 12:32 . 2008-03-08 12:32 68 --a------ C:\WINDOWS\system32\tmp1_57280314321.bk
              2008-03-08 01:01 . 2008-03-08 01:01 68 --a------ C:\WINDOWS\system32\tmp4_41636815706.bk
              2008-03-08 01:01 . 2008-03-08 01:01 68 --a------ C:\WINDOWS\system32\tmp3_6547879878.bk
              2008-03-08 01:00 . 2008-03-08 01:00 68 --a------ C:\WINDOWS\system32\tmp1_637420732845.bk
              2008-03-07 12:31 . 2008-03-07 12:31 68 --a------ C:\WINDOWS\system32\tmp4_372879853191.bk
              2008-03-07 12:31 . 2008-03-07 12:31 68 --a------ C:\WINDOWS\system32\tmp3_29965609826.bk
              2008-03-07 12:31 . 2008-03-07 12:31 68 --a------ C:\WINDOWS\system32\tmp2_862935234772.bk
              2008-03-07 12:31 . 2008-03-07 12:31 68 --a------ C:\WINDOWS\system32\tmp1_349366348417.bk
              2008-03-07 01:01 . 2008-03-07 01:01 68 --a------ C:\WINDOWS\system32\tmp4_494160750959.bk
              2008-03-07 01:01 . 2008-03-07 01:01 68 --a------ C:\WINDOWS\system32\tmp3_376098393333.bk
              2008-03-07 01:01 . 2008-03-07 01:01 68 --a------ C:\WINDOWS\system32\tmp2_505405176001.bk
              2008-03-07 01:01 . 2008-03-07 01:01 68 --a------ C:\WINDOWS\system32\tmp1_322261325521.bk
              2008-03-07 00:06 . 2008-03-07 00:06 <DIR> d-------- C:\Program Files\NeroInstall.bak
              2008-03-06 18:15 . 2008-03-06 18:15 68 --a------ C:\WINDOWS\system32\tmp4_3520388817.bk
              2008-03-06 18:15 . 2008-03-06 18:15 68 --a------ C:\WINDOWS\system32\tmp3_16547131119.bk
              2008-03-06 18:15 . 2008-03-06 18:15 68 --a------ C:\WINDOWS\system32\tmp2_854171556865.bk
              2008-03-06 18:15 . 2008-03-06 18:15 68 --a------ C:\WINDOWS\system32\tmp1_227224543801.bk
              2008-03-06 18:13 . 2008-03-06 18:13 124,688 --a------ C:\WINDOWS\system32\MSWINSCK.OCX
              2008-02-25 19:20 . 2008-03-02 23:44 <DIR> d-------- C:\xtra
              2008-02-22 01:02 . 2008-03-13 21:28 <DIR> d-------- C:\Documents and Settings\Alphons Bakker\Application Data\Lavasoft
              2008-02-22 00:59 . 2008-03-14 16:09 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
              2008-02-22 00:58 . 2008-02-22 00:58 164 --a------ C:\install.dat
              2008-02-22 00:57 . 2008-03-16 16:14 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
              2008-02-22 00:57 . 2008-03-16 16:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
              2008-02-22 00:56 . 2005-08-25 19:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
              2008-02-22 00:55 . 2008-02-22 00:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Prevx
              2008-02-01 00:13 . 2008-02-01 00:13 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
              2008-02-01 00:13 . 2008-02-01 00:13 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts

              .
              ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
              .
              2008-03-30 07:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
              2008-03-29 20:13 --------- d-----w C:\Program Files\eMule
              2008-03-28 19:57 --------- d-----w C:\Documents and Settings\Alphons Bakker\Application Data\Vso
              2008-03-28 12:54 --------- d-----w C:\Program Files\WMR11
              2008-03-24 08:22 --------- d-----w C:\Documents and Settings\Alphons Bakker\Application Data\Azureus
              2008-03-24 08:06 --------- d-----w C:\Program Files\Azureus
              2008-03-21 19:54 --------- d-----w C:\Documents and Settings\Alphons Bakker\Application Data\SiteAdvisor
              2008-03-16 16:13 --------- d-----w C:\Program Files\NewsLeecher
              2008-03-16 13:20 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
              2008-03-14 12:37 --------- d-----w C:\Program Files\McAfee
              2008-03-13 21:41 --------- d-----w C:\Documents and Settings\Alphons Bakker\Application Data\XnView Deluxe
              2008-03-13 21:34 --------- d-----w C:\Program Files\TuneUp Utilities 2007
              2008-03-13 19:38 --------- d-----w C:\Program Files\SiteAdvisor
              2008-03-13 19:30 --------- d-----w C:\Program Files\Hitman Pro
              2008-03-12 02:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
              2008-03-10 20:27 --------- d--h--w C:\Program Files\InstallShield Installation Information
              2008-03-08 21:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
              2008-03-06 22:16 --------- d-----w C:\Program Files\Common Files\Nero
              2008-03-06 22:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
              2008-02-09 19:05 --------- d-----w C:\Program Files\QuickTime
              2008-02-06 18:16 --------- d-----w C:\Documents and Settings\Alphons Bakker\Application Data\Apple Computer
              2008-02-06 15:36 --------- d-----w C:\Documents and Settings\Alphons Bakker\Application Data\NewsLeecher
              2008-01-31 16:04 --------- d-----w C:\Program Files\activePDF
              2008-01-30 22:13 --------- d-----w C:\Documents and Settings\Alphons Bakker\Application Data\ScanSoft
              2008-01-30 22:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\ScanSoft
              2008-01-30 22:10 --------- d-----w C:\Program Files\ScanSoft
              2008-01-30 21:53 --------- d-----w C:\Program Files\Common Files\ScanSoft Shared
              2008-01-30 21:45 --------- d-----w C:\Program Files\PowerISO
              2008-01-28 02:00 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
              2008-01-03 12:18 61,480 ----a-w C:\Documents and Settings\Alphons Bakker\GoToAssistDownloadHelper.exe
              2007-12-20 18:03 87,608 ----a-w C:\Documents and Settings\Alphons Bakker\Application Data\ezpinst.exe
              2007-12-20 18:03 47,360 ----a-w C:\Documents and Settings\Alphons Bakker\Application Data\pcouffin.sys
              2007-12-04 08:59 972,072 ----a-w C:\WINDOWS\UNRecode.exe
              .

              ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
              .
              .
              REGEDIT4
              *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

              [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
              "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 19:34 1289000]
              "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360]

              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
              "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2008-03-30 12:54 582992]
              "SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [2007-08-24 23:57 36640]
              "Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-03-29 23:14 624248]
              "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 23:48 479232]
              "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2006-05-18 15:26 729088]
              "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
              "McENUI"="C:\PROGRA~1\McAfee\MHN\McENUI.exe" [2007-07-22 21:29 1160480]

              [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
              "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]

              [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
              "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 16:39 294400]

              [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
              "AppInit_DLLs"=avgrsstx.dll

              [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
              "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe
              "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
              "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background

              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
              "Adobe Photo Downloader"="C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe"
              "Adobe_ID0EYTHM"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
              "emMON"=emMON.exe
              "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
              "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
              "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
              "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
              "PVR Agent"=C:\Program Files\KWorld Multimedia\PVR Plus\TVR\Scheduled.exe
              "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
              "Media Codec Update Service"=C:\Program Files\Essentials Codec Pack\update.exe -silent
              "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
              "McENUI"=C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
              "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
              "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
              "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE"
              "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe"
              "SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
              "PDF4 Registry Controller"="C:\Program Files\ScanSoft\PDF Professional 4.0\\RegistryController.exe"
              "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
              "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
              "ScanSoft OmniPage 16-reminder"="C:\Program Files\ScanSoft\OmniPage16\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\OmniPage 16\Ereg\Ereg.ini"
              "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe"
              "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe

              [HKEY_LOCAL_MACHINE\software\microsoft\security center]
              "AntiVirusDisableNotify"=dword:00000001

              [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
              "DisableMonitoring"=dword:00000001

              [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
              "DisableMonitoring"=dword:00000001

              [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
              "EnableFirewall"= 0 (0x0)

              [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
              "%windir%\\system32\\sessmgr.exe"=
              "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
              "C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
              "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
              "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
              "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
              "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
              "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
              "C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
              "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
              "C:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
              "C:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional Business XIIc\\Win32\\RpcDataSrv.exe"=
              "C:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional Business XIIc\\RpcSandraSrv.exe"=
              "C:\\Program Files\\eMule\\emule.exe"=

              [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
              "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
              "3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
              "3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
              "50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
              "50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server

              [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
              "AllowInboundEchoRequest"= 1 (0x1)

              R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\avgrkx86.sys [2008-03-16 16:00]
              R0 iteraid;ITERAID_Service_Install;C:\WINDOWS\system32\drivers\iteraid.sys [2005-03-17 11:00]
              R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-03-16 16:00]
              R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-03-16 16:00]
              R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-03-16 16:00]
              R2 UxTuneUp;TuneUp Thema-uitbreiding;C:\WINDOWS\System32\svchost.exe [2006-03-02 14:00]
              R2 webdavfs;WebDAV File System;C:\WINDOWS\system32\drivers\webdavfs.sys [2007-02-27 15:50]
              S3 hitmanpro2;Hitman Pro 2 Driver;C:\Program Files\Hitman Pro\hitmanpro2.sys [2006-11-03 13:02]

              HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
              UxTuneUp

              [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cf9d31c-d08d-11dc-8524-0018f36ac27f}]
              \Shell\AutoRun\command - K:\ClaroReadInternational.exe

              [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8011fdb8-b9f4-11dc-8516-0018f36ac27f}]
              \Shell\AutoRun\command - K:\ClaroReadInternational.exe

              .
              Inhoud van de 'Gedeelde Taken' map
              "2008-03-28 16:20:57 C:\WINDOWS\Tasks\1-Click Maintenance.job"
              - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
              "2008-03-29 17:59:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
              - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
              "2008-02-15 00:16:31 C:\WINDOWS\Tasks\McDefragTask.job"
              - c:\PROGRA~1\mcafee\mqc\QcConsol.exe'
              "2008-03-01 00:00:17 C:\WINDOWS\Tasks\McQcTask.job"
              - c:\PROGRA~1\mcafee\mqc\QcConsol.exe
              "2008-03-30 03:08:14 C:\WINDOWS\Tasks\User_Feed_Synchronization-{1532754E-902F-4689-81DE-8B93829C9325}.job"
              - C:\WINDOWS\system32\msfeedssync.exe
              .
              **************************************************************************

              catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
              Rootkit scan 2008-03-30 12:59:10
              Windows 5.1.2600 Service Pack 2 NTFS

              scannen van verborgen processen ...

              scannen van verborgen autostart items ...

              scannen van verborgen bestanden ...

              Scan succesvol afgerond
              verborgen bestanden: 0

              **************************************************************************
              .
              --------------------- DLLs Geladen Onder Lopende Processen ---------------------

              PROCESS: C:\WINDOWS\explorer.exe
              -> C:\Program Files\SiteAdvisor\6253\saHook.dll
              -> C:\WINDOWS\system32\webdavnp.dll
              .
              ------------------------ Other Running Processes ------------------------
              .
              C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
              C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
              C:\Program Files\Bonjour\mDNSResponder.exe
              C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
              C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
              c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
              c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
              C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
              C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
              C:\PROGRA~1\AVG\AVG8\avgam.exe
              C:\PROGRA~1\AVG\AVG8\avgrsx.exe
              C:\PROGRA~1\AVG\AVG8\avgnsx.exe
              C:\Program Files\SiteAdvisor\6253\SAService.exe
              C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
              C:\WINDOWS\system32\SearchIndexer.exe
              C:\WINDOWS\system32\wscntfy.exe
              C:\PROGRA~1\MI3AA1~1\rapimgr.exe
              C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
              C:\Program Files\McAfee\MSC\mcuimgr.exe
              .
              **************************************************************************
              .
              Voltooingstijd: 2008-03-30 13:02:36 - machine was rebooted
              ComboFix-quarantined-files.txt 2008-03-30 11:02:33
              Pre-Run: 67,529,596,928 bytes beschikbaar
              Post-Run: 68,630,339,584 bytes beschikbaar
              .
              2008-03-12 02:06:00 --- E O F ---
              • Citaat

              Comment

              • #8
                Ziet er goed uit.

                Had je toestemming aan Elibagla gegeven dan had dat ook goed geweest, maar de bestanden zijn nu door Combo-Fix verwijderd.

                Verwijder ComboFix via Start > Uitvoeren, kopiëer en plak Combo-fix /U
                Klik op OK of toets Enter.
                Dit verwijdert zowel ComboFix, als je oude systeemherstelpunten (met eventuele restanten van malware), en maakt een nieuw systeemherstelpunt aan.

                Enig idee hoe srosa op je computer is gekomen?
                • Citaat

                Comment

                • #9
                  als ik combo-fix/u kopieer en plak krijg ik de melding dat het programma niet gevonden wordt. kan ik het ook via software weghalen?

                  En hoe kwam het er op.... Ik heb een bestand gedownload en daar zat een bestandje in dat ik niet vertrouwde, een keygen met erg weinig kb's. Ik gebruikte de toets del en toen enter. Helaas had ik del niet goed geraakt zodat het bestand ging openen. Foutje....
                  • Citaat

                  Comment

                  • #10
                    Heb je wel een spatie tussen Combo-fix /U
                    • Citaat

                    Comment

                    • #11
                      Probeer anders eens : Combofix /U
                      (dus zonder streepje)
                      • Citaat

                      Comment

                      • #12
                        dat deed ie wel. Ik ga mijn pc opnieuw opstarten. Ik laat je zo nog even weten of alles naar behoren werkt. Ik wacht gespannen af, maar heb er alle vertrouwen in.
                        • Citaat

                        Comment

                        • #13
                          Beste Steggel,

                          het ziet er naar uit dat alles weer naar behoren werkt. Mag ik je heel hartelijk danken!! Ik zal snel de mcafee software opnieuw gaan installeren. Nogmaals dank. Wat doen jullie op dit forum goed werk!
                          • Citaat

                          Comment

                          • #14
                            Download Java Runtime Environment (JRE) 6u5.
                            • Scroll omlaag naar : "Java Runtime Environment (JRE) 6 Update 5".
                            • Klik op de "Download" knop aan de rechterkant.
                            • Vink aan: "Accept License Agreement", en klik op Continue.
                            • De pagina zal herladen.
                            • Klik op de Windows Offline Installation, Multi-language link ONDER Windows Platform - Java SE Runtime Environment 6 Update 5 en bewaar het op je Bureaublad.
                            • Sluit alle programma's die eventueel open zijn - Zeker je web browser!
                            • Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst. (met Java Runtime Environment (JRE of J2SE) in de naam.
                            • Herhaal dit tot alle oudere versies verdwenen zijn.
                            • Na het verwijderen van alle oudere versies, herstart je pc.
                            • Dubbelklik vervolgens op jre-6u5-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.


                            En gebruik in het vervolg geen cracks. Volgende keer heb je een keylogger of spamtool zonder dat je het weet.

                            Ik zal deze als opgelost markeren.
                            • Citaat

                            Comment

                            Vorige template Volgende
                            Sorry, you are not authorized to view this page
                            Working...
                            X