Mededeling

Collapse
No announcement yet.

Instabiel systeem

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Instabiel systeem

    Hallo,

    Mijn systeem loopt sinds een paar dagen helemaal niet lekker meer, ondanks dat scans niks opleveren leek het mij toch nuttig om even een logje te plaatsen..

    Ik hoop dat jullie kunnen helpen, bij voorbaat dank.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:07:39, on 8-4-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
    C:\Program Files\SMSC\Seticon.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Sweex WiFi LAN 140 Nitro XM Utility\WlanUtl.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Meijvogel\Bureaublad\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: ThreeShips IEHelper - {17FDB9F8-DCC4-4F6A-AE07-B16018A48469} - C:\Program Files\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
    O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [WMAAD] C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
    O4 - HKLM\..\Run: [SetIcon] \Program Files\SMSC\Seticon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [DriverUpdaterPro] C:\Program Files\jaap\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe -t
    O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
    O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Sweex WiFi LAN 140 Nitro XM Utility.lnk = ?
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Transfer by Image Converter 3 - C:\PROGRAM FILES\SONY\IMAGE CONVERTER 3\menu.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O15 - Trusted Zone: http://asia.msi.com.tw
    O15 - Trusted Zone: http://global.msi.com.tw
    O15 - Trusted Zone: http://www.msi.com.tw
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://www.yougamers.com/systeminfo/MSC3.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
    O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    O24 - Desktop Component 0: (no name) - http://www.google.nl/

    --
    End of file - 10013 bytes

    -Jaap

  • #2
    Jouw computer is geinfecteerd door een virus dat via USB-memorysticks of USB disk wordt verspreid.
    Maar ook via een MP3 speler of digitale camera is het mogelijk om het virus over te dragen.

    Download het volgende programma en start het.
    Flash_Disinfector.exe

    Het programma sluit Internet Explorer en de Windows Verkenner.
    Er wordt gevraagd om de USB-disk aan te sluiten. Herhaal dit als je meerdere USB apparaten hebt.




    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe

    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.



    Verwijder op iedere USB-disk mogelijk de volgende foute bestanden:
    c:\autorun.inf
    C:\n1deiect.com
    C:\nideiect.com
    C:\utdetect.com
    C:\80avp08.com
    C:\semo2x.exe



    Volg de instructies zoals beschreven op de volgende pagina: hoe-dient-combofix-gebruikt-te-worden

    Gebruik je Vista, dan hoeft de Recovery Console niet te worden geinstalleerd.
    Is er iets niet duidelijk, dan vraag je het.
    Als het tooltje klaar is, opent er een logfile (C:\combofix.txt).
    Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.

    succes

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      Iig bedankt alvast.

      Oorspronkelijk geplaatst door Combofix
      ComboFix 08-04-08.7 - Meijvogel 2008-04-09 8:19:37.1 - NTFSx86
      Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.498 [GMT 2:00]
      Gestart vanuit: C:\Documents and Settings\Meijvogel\Bureaublad\ComboFix.exe
      * Nieuw herstelpunt werd aangemaakt


      .

      (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      C:\Autorun.inf
      C:\Documents and Settings\Meijvogel\Application Data\macromedia\Flash Player\#SharedObjects\WYL7HVP5\www.broadcaster.com
      C:\Documents and Settings\Meijvogel\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
      C:\Documents and Settings\Meijvogel\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
      C:\Program Files\ContextTool
      C:\Program Files\ContextTool\ContextHelper.dat
      C:\Program Files\ContextTool\pcre3.dll
      C:\Program Files\ContextTool\uninstall.exe
      C:\WINDOWS\system32\mcrh.tmp

      .
      (((((((((((((((((((( Bestanden Gemaakt van 2008-03-09 to 2008-04-09 ))))))))))))))))))))))))))))))
      .

      2008-04-09 08:05 . 2008-04-09 08:05 <DIR> d-------- C:\WINDOWS\LastGood
      2008-04-08 10:31 . 2008-04-08 10:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
      2008-04-08 10:13 . 2008-04-08 16:21 54,156 --ah----- C:\WINDOWS\QTFont.qfn
      2008-04-08 10:13 . 2008-04-08 10:13 1,409 --a------ C:\WINDOWS\QTFont.for
      2008-04-04 22:56 . 2008-04-06 14:40 103,966 -r-hs---- C:\t.com
      2008-04-04 22:55 . 2008-04-03 18:57 103,037 -r-hs---- C:\ranvrgn.exe
      2008-04-02 18:52 . 2008-04-02 18:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
      2008-04-02 18:52 . 2008-04-02 18:52 103,556 -r-hs---- C:\xyw9tmdj.com
      2008-04-02 17:29 . 2008-04-02 17:29 <DIR> d-------- C:\Program Files\Bonjour
      2008-04-02 17:21 . 2008-04-02 17:21 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
      2008-03-29 14:52 . 2008-03-29 14:52 <DIR> d-------- C:\Documents and Settings\Meijvogel\Application Data\Nexon
      2008-03-29 14:51 . 2008-03-29 14:51 <DIR> d-------- C:\Program Files\Common Files\INCA Shared
      2008-03-26 23:50 . 2008-03-26 23:51 <DIR> d-------- C:\Program Files\GameShadow
      2008-03-24 15:54 . 2008-02-25 22:05 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
      2008-03-24 15:48 . 2008-03-24 15:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ATI
      2008-03-24 13:41 . 2008-03-24 13:41 <DIR> d-------- C:\Program Files\MultiRes
      2008-03-23 22:28 . 2008-03-24 15:55 <DIR> d-------- C:\Program Files\ATI Technologies
      2008-03-23 22:21 . 2008-03-24 15:50 10 --a------ C:\WINDOWS\WININIT.INI
      2008-03-23 15:41 . 2008-03-23 15:41 <DIR> d-------- C:\Documents and Settings\Meijvogel\Application Data\Uniblue
      2008-03-22 16:17 . 2008-03-22 16:17 <DIR> d-------- C:\Program Files\Activision
      2008-03-22 12:18 . 2008-03-22 12:18 <DIR> d-------- C:\WINDOWS\system32\SuperAdBlocker.com
      2008-03-20 17:38 . 2008-03-20 17:38 <DIR> d-------- C:\Program Files\DIFX
      2008-03-20 17:35 . 2006-08-18 11:28 208,896 --------- C:\WINDOWS\system32\nvuide.exe
      2008-03-20 17:35 . 2006-06-01 16:32 1,570 --------- C:\WINDOWS\system32\nvide.nvu
      2008-03-20 17:34 . 2006-08-14 13:09 1,428 --a------ C:\WINDOWS\system32\drivers\nvphy.bin
      2008-03-20 17:28 . 2008-03-20 17:35 <DIR> d-------- C:\Program Files\Setup Files
      2008-03-20 17:27 . 2008-03-20 17:27 <DIR> d-------- C:\Program Files\MSI
      2008-03-20 16:54 . 2008-03-20 16:54 262,144 --a------ C:\WINDOWS\system32\wrap_oal.dll
      2008-03-20 16:54 . 2008-03-20 16:54 86,016 --a------ C:\WINDOWS\system32\OpenAL32.dll
      2008-03-19 19:53 . 2008-03-19 19:53 <DIR> d-------- C:\WINDOWS\system32\Futuremark
      2008-03-19 19:53 . 2007-09-07 15:55 27,672 --a------ C:\WINDOWS\system32\drivers\Entech.sys
      2008-03-19 19:53 . 2007-09-07 15:55 12,744 --a------ C:\WINDOWS\system32\drivers\Entech64.sys
      2008-03-19 19:53 . 2001-11-19 21:05 3,972 --a------ C:\WINDOWS\system32\drivers\PciBus.sys

      .
      ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-04-09 06:10 --------- d-----w C:\Program Files\Jaap
      2008-04-08 08:31 --------- d-----w C:\Program Files\Lavasoft
      2008-04-08 08:30 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
      2008-04-08 06:50 --------- d-----w C:\Documents and Settings\Arie\Application Data\Azureus
      2008-04-07 13:55 --------- d-----w C:\Program Files\Windows Live Safety Center
      2008-04-06 16:22 --------- d-----w C:\Documents and Settings\Meijvogel\Application Data\Skype
      2008-04-05 12:24 --------- d--h--w C:\Documents and Settings\Meijvogel\Application Data\GrabIt
      2008-04-03 12:56 --------- d--h--w C:\Documents and Settings\Meijvogel\Application Data\Azureus
      2008-04-02 15:29 --------- d-----w C:\Program Files\Common Files\Adobe
      2008-03-30 20:50 --------- d-----w C:\Program Files\Limewire
      2008-03-30 20:32 --------- d-----w C:\Documents and Settings\Meijvogel\Application Data\LimeWire
      2008-03-28 07:18 --------- d-----w C:\Program Files\vghd
      2008-03-24 13:58 --------- d--h--w C:\Documents and Settings\Meijvogel\Application Data\ATI
      2008-03-24 13:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
      2008-03-24 11:41 472,576 ----a-w C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe
      2008-03-21 17:01 --------- d-----w C:\Program Files\SUPERAntiSpyware
      2008-03-13 12:23 --------- d-----w C:\Program Files\Java
      2008-02-26 05:51 2,863,616 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
      2008-02-26 03:12 372,736 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
      2008-02-26 03:10 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
      2008-02-26 03:10 299,520 ------w C:\WINDOWS\system32\ati2dvag.dll
      2008-02-26 03:02 172,032 ----a-w C:\WINDOWS\system32\atipdlxx.dll
      2008-02-26 03:02 126,976 ----a-w C:\WINDOWS\system32\Oemdspif.dll
      2008-02-26 03:01 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
      2008-02-26 03:01 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
      2008-02-26 03:01 126,976 ----a-w C:\WINDOWS\system32\ati2evxx.dll
      2008-02-26 03:00 520,192 ----a-w C:\WINDOWS\system32\ati2evxx.exe
      2008-02-26 02:59 9,797,632 ----a-w C:\WINDOWS\system32\atioglx2.dll
      2008-02-26 02:58 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
      2008-02-26 02:49 3,176,480 ------w C:\WINDOWS\system32\ati3duag.dll
      2008-02-26 02:41 1,755,264 ------w C:\WINDOWS\system32\ativvaxx.dll
      2008-02-26 02:29 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
      2008-02-26 02:25 393,216 ----a-w C:\WINDOWS\system32\atikvmag.dll
      2008-02-26 02:23 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
      2008-02-26 02:22 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
      2008-02-26 02:21 5,439,488 ----a-w C:\WINDOWS\system32\atioglxx.dll
      2008-02-26 02:19 167,936 ----a-w C:\WINDOWS\system32\atiok3x2.dll
      2008-02-26 02:16 520,192 ------w C:\WINDOWS\system32\ati2cqag.dll
      2008-02-21 14:48 --------- d-----w C:\Program Files\Server Map Pack
      2008-02-17 15:21 --------- d-----w C:\Documents and Settings\Arie\Application Data\vlc
      2008-02-17 13:47 --------- d-----w C:\Documents and Settings\Arie\Application Data\dvdcss
      2008-02-15 14:00 --------- d-----w C:\Program Files\Norton Security Scan
      2008-02-10 12:19 --------- d-----w C:\Documents and Settings\Arie\Application Data\ATI
      2008-02-09 21:56 --------- d-----w C:\Documents and Settings\Administrator\Application Data\ATI
      2008-02-09 11:24 --------- d-----w C:\Documents and Settings\Meijvogel\Application Data\Xfire
      2008-02-01 16:07 18,487 ----a-w C:\WINDOWS\system32\Ntaccess.sys
      2008-01-31 02:02 54,608 ----a-w C:\WINDOWS\system32\xfcodec.dll
      2007-12-12 19:22 22,328 ---ha-w C:\Documents and Settings\Meijvogel\Application Data\PnkBstrK.sys
      .

      ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2002-12-31 14:00 15360]
      "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54 5674352]
      "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 19:25 1961984]
      "DriverUpdaterPro"="C:\Program Files\jaap\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe" [ ]
      "Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2004-08-10 05:04 59392]
      "CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [ ]
      "RTHDCPL"="RTHDCPL.EXE" [2006-09-06 05:44 16262656 C:\WINDOWS\RTHDCPL.exe]
      "SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe]
      "vptray"="C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe" [2003-04-26 02:18 90112]
      "DXDllRegExe"="dxdllreg.exe"
      "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
      "WMAAD"="C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe" [2007-02-16 18:41 110592]
      "SetIcon"="\Program Files\SMSC\Seticon.exe" [2004-01-30 09:03 46080]
      "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 07:24 286720]
      "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 13:17 61440]
      "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2002-12-31 14:00 15360]

      C:\Documents and Settings\Arie\Menu Start\Programma's\Opstarten\
      PowerReg Scheduler.exe [2007-02-16 17:33:14 256000]
      VirtuaGirl HD.LNK - C:\Program Files\vghd\vghd.exe [2008-01-03 19:53:46 11769152]

      C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
      Sweex WiFi LAN 140 Nitro XM Utility.lnk - C:\Program Files\Sweex WiFi LAN 140 Nitro XM Utility\WlanUtl.exe [2007-02-08 22:48:44 794624]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
      "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

      [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
      "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 14:55 77824]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
      C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 14:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "msacm.scg726"= scg726.acm
      "msacm.alf2cd"= alf2cd.acm
      "msacm.ac3acm"= AC3ACM.acm
      "vidc.dvsd"= mcdvd_32.dll
      "msacm.lameacm"= LameACM.acm
      "VIDC.XFR1"= xfcodec.dll

      [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]
      path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk
      backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

      [HKLM\~\startupfolder\C:^Documents and Settings^Arie^Menu Start^Programma's^Opstarten^Xfire.lnk]
      path=C:\Documents and Settings\Arie\Menu Start\Programma's\Opstarten\Xfire.lnk
      backup=C:\WINDOWS\pss\Xfire.lnkStartup

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
      --a------ 2005-07-14 15:09 57344 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
      --a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
      C:\Program Files\DAEMON Tools\daemon.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashIcon]
      --a------ 2004-07-21 14:48 40960 C:\Program Files\Generic\USB Card Reader Driver v2.3\FlashIcon.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
      --a------ 2004-05-12 15:18 241664 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
      --a------ 2003-08-04 18:28 49152 C:\Program Files\HP\HP Software Update\HPWuSchd.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
      --a------ 2006-10-30 10:36 256576 C:\Program Files\iTunes\iTunesHelper.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
      C:\Program Files\PowerISO\PWRISOVM.EXE

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SIDEBAR]
      C:\Program Files\Desktop Sidebar\dsidebar.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
      C:\Program Files\Steam\Steam.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
      --a------ 2008-03-08 10:07 1481968 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YeppStudioAgent]
      C:\Program Files\Samsung\SamsungMediaStudio4.1\SamsungMediaStudioAgent.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\security center]
      "AntiVirusOverride"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "C:\\StubInstaller.exe"=
      "C:\\Program Files\\LimeWire\\LimeWire.exe"=
      "C:\\Program Files\\iTunes\\iTunes.exe"=
      "C:\\Program Files\\Xfire\\Xfire.exe"=
      "C:\\Program Files\\Azureus\\Azureus.exe"=
      "C:\\WINDOWS\\system32\\mshta.exe"=
      "C:\\Program Files\\World of Warcraft\\WoW-1.12.0-enGB-downloader.exe"=
      "C:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enGB-patch-downloader.exe"=
      "C:\\Program Files\\World of Warcraft\\WoW-2.0.3-enGB-downloader.exe"=
      "C:\\Program Files\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.12.6546-enGB-downloader.exe"=
      "C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
      "C:\\WINDOWS\\system32\\dpvsetup.exe"=
      "C:\\WINDOWS\\system32\\rundll32.exe"=
      "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
      "C:\\Program Files\\MSN Messenger\\livecall.exe"=
      "C:\\Program Files\\Arie\\Azureus.exe"=
      "C:\\Program Files\\Warcraft III\\Warcraft III.exe"=
      "C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
      "C:\\Program Files\\Jaap\\Nexon\\Maplestory\\MapleStory.exe"=
      "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
      "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
      "62454:TCP"= 62454:TCP:azureus
      "3724:TCP"= 3724:TCP:wow
      "8080:TCP"= 8080:TCP:wow
      "8085:TCP"= 8085:TCP:wow

      R3 SWXG7031;Sweex 802.11g XG703 SP3 Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2006-01-19 16:18]
      S3 filter;filter;C:\WINDOWS\system32\drivers\filter.sys [2004-07-05 08:21]
      S3 ICScsiSV;Image Converter SCSI Service;C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe [2007-01-26 11:39]
      S3 IcVzMonLauncher;IcVzMonLauncher;"C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe" [2007-01-26 11:38]
      S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe [2007-01-26 11:38]
      S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS

      *Newly Created Service* - CATCHME
      .
      Inhoud van de 'Gedeelde Taken' map
      "2008-02-27 06:26:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
      - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
      "2008-02-15 14:00:16 C:\WINDOWS\Tasks\Norton Security Scan.job"
      - C:\Program Files\Norton Security Scan\Nss.exe
      "2008-04-03 15:11:00 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
      - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
      "2007-12-05 16:11:15 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
      - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
      .
      **************************************************************************

      catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-04-09 08:25:38
      Windows 5.1.2600 Service Pack 2 NTFS

      scannen van verborgen processen ...

      scannen van verborgen autostart items ...

      scannen van verborgen bestanden ...

      Scan succesvol afgerond
      verborgen bestanden: 0

      **************************************************************************
      .
      --------------------- DLLs Geladen Onder Lopende Processen ---------------------

      PROCESS: C:\WINDOWS\system32\winlogon.exe
      -> C:\WINDOWS\system32\NavLogon.dll
      .
      Voltooingstijd: 2008-04-09 8:26:15
      ComboFix-quarantined-files.txt 2008-04-09 06:26:06
      Pre-Run: 17,581,187,072 bytes beschikbaar
      Post-Run: 17,633,914,880 bytes beschikbaar
      .
      2008-03-12 16:45:40 --- E O F ---
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 8:30:01, on 9-4-2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16608)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\ehome\ehtray.exe
      C:\WINDOWS\RTHDCPL.EXE
      C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
      C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
      C:\Program Files\SMSC\Seticon.exe
      C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\MSN Messenger\MsnMsgr.Exe
      C:\WINDOWS\eHome\ehmsas.exe
      C:\Program Files\Sweex WiFi LAN 140 Nitro XM Utility\WlanUtl.exe
      C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
      C:\WINDOWS\eHome\ehRecvr.exe
      C:\WINDOWS\eHome\ehSched.exe
      C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\dllhost.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\WINDOWS\explorer.exe
      C:\Program Files\Jaap\HiJackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
      O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: ThreeShips IEHelper - {17FDB9F8-DCC4-4F6A-AE07-B16018A48469} - C:\Program Files\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
      O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
      O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
      O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
      O4 - HKLM\..\Run: [WMAAD] C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
      O4 - HKLM\..\Run: [SetIcon] \Program Files\SMSC\Seticon.exe
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
      O4 - HKCU\..\Run: [DriverUpdaterPro] C:\Program Files\jaap\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe -t
      O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
      O4 - Global Startup: Sweex WiFi LAN 140 Nitro XM Utility.lnk = ?
      O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O8 - Extra context menu item: Transfer by Image Converter 3 - C:\PROGRAM FILES\SONY\IMAGE CONVERTER 3\menu.htm
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O15 - Trusted Zone: http://asia.msi.com.tw
      O15 - Trusted Zone: http://global.msi.com.tw
      O15 - Trusted Zone: http://www.msi.com.tw
      O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
      O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
      O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
      O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
      O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
      O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
      O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://www.yougamers.com/systeminfo/MSC3.cab
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
      O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
      O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
      O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
      O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
      O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
      O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
      O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
      O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
      O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
      O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
      O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
      O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
      O24 - Desktop Component 0: (no name) - http://www.google.nl/

      --
      End of file - 9708 bytes
      Overgens misschien slim om te zeggen, het 2de item die ik moest verwijderen stond er al niet meer, [O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe]
      Misschien is dat omdat ik die log gisterochtend gemaakt heb, en sinds toen Ad-aware en Superantispyware een keer heb laten scannen.

      Jaap

      Comment


      • #4
        Wie weet,

        Open Kladblok, kopieer en plak het volgende (vetgedrukte, blauwe tekst) in een leeg venster:

        • File::
          C:\t.com
          C:\ranvrgn.exe
          C:\xyw9tmdj.com



        Sla dit op op je Bureaublad als CFScript.txt.

        Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld :



        Dit zal ComboFix doen herstarten.

        Na het herstarten van je computer, (indien het vraagt om te herstarten), kopieer en plak de inhoud van Combofix.txt in je volgende antwoord.

        vertel even of je verbetering ziet.

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          ComboFix 08-04-08.7 - Meijvogel 2008-04-09 12:20:58.2 - NTFSx86
          Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.516 [GMT 2:00]
          Gestart vanuit: C:\Documents and Settings\Meijvogel\Bureaublad\ComboFix.exe
          Command switches used :: C:\Documents and Settings\Meijvogel\Bureaublad\CFScript.txt.txt
          * Nieuw herstelpunt werd aangemaakt



          FILE ::
          C:\ranvrgn.exe
          C:\t.com
          C:\xyw9tmdj.com
          .

          (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
          .

          C:\ranvrgn.exe
          C:\t.com
          C:\xyw9tmdj.com

          .
          (((((((((((((((((((( Bestanden Gemaakt van 2008-03-09 to 2008-04-09 ))))))))))))))))))))))))))))))
          .

          2008-04-08 10:31 . 2008-04-08 10:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
          2008-04-08 10:13 . 2008-04-08 16:21 54,156 --ah----- C:\WINDOWS\QTFont.qfn
          2008-04-08 10:13 . 2008-04-08 10:13 1,409 --a------ C:\WINDOWS\QTFont.for
          2008-04-02 18:52 . 2008-04-02 18:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
          2008-04-02 17:29 . 2008-04-02 17:29 <DIR> d-------- C:\Program Files\Bonjour
          2008-04-02 17:21 . 2008-04-02 17:21 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
          2008-03-29 14:52 . 2008-03-29 14:52 <DIR> d-------- C:\Documents and Settings\Meijvogel\Application Data\Nexon
          2008-03-29 14:51 . 2008-03-29 14:51 <DIR> d-------- C:\Program Files\Common Files\INCA Shared
          2008-03-26 23:50 . 2008-03-26 23:51 <DIR> d-------- C:\Program Files\GameShadow
          2008-03-24 15:54 . 2008-02-25 22:05 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
          2008-03-24 15:48 . 2008-03-24 15:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ATI
          2008-03-24 13:41 . 2008-03-24 13:41 <DIR> d-------- C:\Program Files\MultiRes
          2008-03-23 22:28 . 2008-03-24 15:55 <DIR> d-------- C:\Program Files\ATI Technologies
          2008-03-23 22:21 . 2008-03-24 15:50 10 --a------ C:\WINDOWS\WININIT.INI
          2008-03-23 15:41 . 2008-03-23 15:41 <DIR> d-------- C:\Documents and Settings\Meijvogel\Application Data\Uniblue
          2008-03-22 16:17 . 2008-03-22 16:17 <DIR> d-------- C:\Program Files\Activision
          2008-03-22 12:18 . 2008-03-22 12:18 <DIR> d-------- C:\WINDOWS\system32\SuperAdBlocker.com
          2008-03-20 17:38 . 2008-03-20 17:38 <DIR> d-------- C:\Program Files\DIFX
          2008-03-20 17:35 . 2006-08-18 11:28 208,896 --------- C:\WINDOWS\system32\nvuide.exe
          2008-03-20 17:35 . 2006-06-01 16:32 1,570 --------- C:\WINDOWS\system32\nvide.nvu
          2008-03-20 17:34 . 2006-08-14 13:09 1,428 --a------ C:\WINDOWS\system32\drivers\nvphy.bin
          2008-03-20 17:28 . 2008-03-20 17:35 <DIR> d-------- C:\Program Files\Setup Files
          2008-03-20 17:27 . 2008-03-20 17:27 <DIR> d-------- C:\Program Files\MSI
          2008-03-20 16:54 . 2008-03-20 16:54 262,144 --a------ C:\WINDOWS\system32\wrap_oal.dll
          2008-03-20 16:54 . 2008-03-20 16:54 86,016 --a------ C:\WINDOWS\system32\OpenAL32.dll
          2008-03-19 19:53 . 2008-03-19 19:53 <DIR> d-------- C:\WINDOWS\system32\Futuremark
          2008-03-19 19:53 . 2007-09-07 15:55 27,672 --a------ C:\WINDOWS\system32\drivers\Entech.sys
          2008-03-19 19:53 . 2007-09-07 15:55 12,744 --a------ C:\WINDOWS\system32\drivers\Entech64.sys
          2008-03-19 19:53 . 2001-11-19 21:05 3,972 --a------ C:\WINDOWS\system32\drivers\PciBus.sys

          .
          ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          2008-04-09 06:29 --------- d-----w C:\Program Files\Jaap
          2008-04-08 08:31 --------- d-----w C:\Program Files\Lavasoft
          2008-04-08 08:30 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
          2008-04-08 06:50 --------- d-----w C:\Documents and Settings\Arie\Application Data\Azureus
          2008-04-07 13:55 --------- d-----w C:\Program Files\Windows Live Safety Center
          2008-04-06 16:22 --------- d-----w C:\Documents and Settings\Meijvogel\Application Data\Skype
          2008-04-05 12:24 --------- d--h--w C:\Documents and Settings\Meijvogel\Application Data\GrabIt
          2008-04-03 12:56 --------- d--h--w C:\Documents and Settings\Meijvogel\Application Data\Azureus
          2008-04-02 15:29 --------- d-----w C:\Program Files\Common Files\Adobe
          2008-03-30 20:50 --------- d-----w C:\Program Files\Limewire
          2008-03-30 20:32 --------- d-----w C:\Documents and Settings\Meijvogel\Application Data\LimeWire
          2008-03-28 07:18 --------- d-----w C:\Program Files\vghd
          2008-03-24 13:58 --------- d--h--w C:\Documents and Settings\Meijvogel\Application Data\ATI
          2008-03-24 13:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
          2008-03-24 11:41 472,576 ----a-w C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe
          2008-03-21 17:01 --------- d-----w C:\Program Files\SUPERAntiSpyware
          2008-03-20 08:10 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
          2008-03-13 12:23 --------- d-----w C:\Program Files\Java
          2008-03-01 13:05 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
          2008-02-26 05:51 2,863,616 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
          2008-02-26 03:12 372,736 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
          2008-02-26 03:10 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
          2008-02-26 03:10 299,520 ------w C:\WINDOWS\system32\ati2dvag.dll
          2008-02-26 03:02 172,032 ----a-w C:\WINDOWS\system32\atipdlxx.dll
          2008-02-26 03:02 126,976 ----a-w C:\WINDOWS\system32\Oemdspif.dll
          2008-02-26 03:01 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
          2008-02-26 03:01 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
          2008-02-26 03:01 126,976 ----a-w C:\WINDOWS\system32\ati2evxx.dll
          2008-02-26 03:00 520,192 ----a-w C:\WINDOWS\system32\ati2evxx.exe
          2008-02-26 02:59 9,797,632 ----a-w C:\WINDOWS\system32\atioglx2.dll
          2008-02-26 02:58 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
          2008-02-26 02:49 3,176,480 ------w C:\WINDOWS\system32\ati3duag.dll
          2008-02-26 02:41 1,755,264 ------w C:\WINDOWS\system32\ativvaxx.dll
          2008-02-26 02:29 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
          2008-02-26 02:25 393,216 ----a-w C:\WINDOWS\system32\atikvmag.dll
          2008-02-26 02:23 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
          2008-02-26 02:22 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
          2008-02-26 02:21 5,439,488 ----a-w C:\WINDOWS\system32\atioglxx.dll
          2008-02-26 02:19 167,936 ----a-w C:\WINDOWS\system32\atiok3x2.dll
          2008-02-26 02:16 520,192 ------w C:\WINDOWS\system32\ati2cqag.dll
          2008-02-21 14:48 --------- d-----w C:\Program Files\Server Map Pack
          2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
          2008-02-20 05:39 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
          2008-02-17 15:21 --------- d-----w C:\Documents and Settings\Arie\Application Data\vlc
          2008-02-17 13:47 --------- d-----w C:\Documents and Settings\Arie\Application Data\dvdcss
          2008-02-15 14:00 --------- d-----w C:\Program Files\Norton Security Scan
          2008-02-10 12:19 --------- d-----w C:\Documents and Settings\Arie\Application Data\ATI
          2008-02-09 21:56 --------- d-----w C:\Documents and Settings\Administrator\Application Data\ATI
          2008-02-09 11:24 --------- d-----w C:\Documents and Settings\Meijvogel\Application Data\Xfire
          2008-02-01 16:07 18,487 ----a-w C:\WINDOWS\system32\Ntaccess.sys
          2008-01-31 02:02 54,608 ----a-w C:\WINDOWS\system32\xfcodec.dll
          2007-12-12 19:22 22,328 ---ha-w C:\Documents and Settings\Meijvogel\Application Data\PnkBstrK.sys
          .

          ((((((((((((((((((((((((((((( [email protected]_ 8.25.59,18 )))))))))))))))))))))))))))))))))))))))))
          .
          + 2007-12-07 02:18:00 124,928 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\advpack.dll
          + 2007-12-19 22:57:24 347,136 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtmsft.dll
          + 2007-12-07 02:18:00 214,528 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\dxtrans.dll
          + 2007-12-07 02:18:00 133,120 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\extmgr.dll
          + 2007-12-07 02:18:00 63,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\icardie.dll
          + 2007-12-06 11:04:23 70,656 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe
          + 2007-12-07 02:18:00 153,088 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakeng.dll
          + 2007-12-07 02:18:00 230,400 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieaksie.dll
          + 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieakui.dll
          + 2007-12-07 02:18:01 383,488 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieapfltr.dll
          + 2007-12-07 02:18:01 384,512 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll
          + 2007-12-07 02:18:03 6,066,176 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieframe.dll
          + 2007-12-07 02:18:03 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iernonce.dll
          + 2007-12-07 02:18:03 267,776 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll
          + 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe
          + 2007-12-06 11:04:44 625,664 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe
          + 2007-12-07 02:18:04 27,648 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\jsproxy.dll
          + 2007-12-07 02:18:04 459,264 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeeds.dll
          + 2007-12-07 02:18:04 52,224 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msfeedsbs.dll
          + 2007-12-08 05:18:08 3,592,192 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtml.dll
          + 2007-12-07 02:18:06 478,208 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mshtmled.dll
          + 2007-12-07 02:18:06 193,024 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll
          + 2007-12-07 02:18:06 671,232 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\mstime.dll
          + 2007-12-07 02:18:07 102,912 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\occache.dll
          + 2008-01-11 05:52:55 44,544 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\pngfilt.dll
          + 2007-03-06 01:58:27 216,800 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe
          + 2007-03-06 01:59:37 389,856 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\updspapi.dll
          + 2007-12-07 02:18:07 105,984 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\url.dll
          + 2007-12-07 02:18:07 1,159,680 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\urlmon.dll
          + 2007-12-07 02:18:07 233,472 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\webcheck.dll
          + 2007-12-07 02:18:08 824,832 -c----w C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
          - 2007-12-07 02:18:00 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
          + 2008-03-01 13:05:10 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
          - 2007-12-07 02:18:00 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
          + 2008-03-01 13:05:10 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
          - 2006-06-26 17:45:39 148,480 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
          + 2008-02-20 05:39:05 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
          - 2002-12-31 12:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
          + 2008-02-20 05:39:05 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
          - 2007-12-19 22:57:24 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
          + 2008-03-01 13:05:10 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
          - 2007-12-07 02:18:00 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
          + 2008-03-01 13:05:10 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
          - 2007-12-07 02:18:00 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
          + 2008-03-01 13:05:10 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
          - 2007-06-19 13:33:12 282,112 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
          + 2008-02-20 06:51:59 282,624 -c--a-w C:\WINDOWS\system32\dllcache\gdi32.dll
          - 2007-12-07 02:18:00 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
          + 2008-03-01 13:05:10 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
          - 2007-12-06 11:04:23 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
          + 2008-02-29 08:58:12 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
          - 2007-12-07 02:18:00 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
          + 2008-03-01 13:05:10 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
          - 2007-12-07 02:18:00 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
          + 2008-03-01 13:05:10 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
          - 2007-12-06 04:59:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
          + 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
          - 2007-12-07 02:18:01 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
          + 2008-03-01 13:05:11 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
          - 2007-12-07 02:18:01 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
          + 2008-03-01 13:05:11 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
          - 2007-12-07 02:18:03 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
          + 2008-03-01 13:05:13 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
          - 2007-12-07 02:18:03 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
          + 2008-03-01 13:05:13 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
          - 2007-12-07 02:18:03 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
          + 2008-03-01 13:05:13 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
          - 2007-12-06 11:00:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
          + 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
          - 2007-12-06 11:04:44 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
          + 2008-02-29 08:58:53 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
          - 2007-12-07 02:18:04 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
          + 2008-03-01 13:05:13 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
          - 2007-12-07 02:18:04 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
          + 2008-03-01 13:05:13 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
          - 2007-12-07 02:18:04 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
          + 2008-03-01 13:05:13 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
          - 2007-12-08 05:18:08 3,592,192 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
          + 2008-03-01 16:35:16 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
          - 2007-12-07 02:18:06 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
          + 2008-03-01 13:05:15 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
          - 2007-12-07 02:18:06 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
          + 2008-03-01 13:05:16 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
          - 2007-12-07 02:18:06 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
          + 2008-03-01 13:05:16 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
          - 2007-12-07 02:18:07 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
          + 2008-03-01 13:05:16 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
          - 2008-01-11 05:52:55 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
          + 2008-03-01 13:05:16 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
          - 2007-12-07 02:18:07 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
          + 2008-03-01 13:05:16 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
          - 2007-12-07 02:18:07 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
          + 2008-03-01 13:05:17 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
          - 2007-12-07 02:18:07 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
          + 2008-03-01 13:05:17 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
          - 2007-03-08 15:37:59 1,843,712 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
          + 2008-03-20 08:10:47 1,845,376 -c--a-w C:\WINDOWS\system32\dllcache\win32k.sys
          - 2007-12-07 02:18:08 824,832 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
          + 2008-03-01 13:05:17 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
          - 2006-06-26 17:45:39 148,480 ----a-w C:\WINDOWS\system32\dnsapi.dll
          + 2008-02-20 05:39:05 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
          - 2007-12-19 22:57:24 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
          + 2008-03-01 13:05:10 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
          - 2007-12-07 02:18:00 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
          + 2008-03-01 13:05:10 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
          - 2007-12-07 02:18:00 133,120 ------w C:\WINDOWS\system32\extmgr.dll
          + 2008-03-01 13:05:10 133,120 ------w C:\WINDOWS\system32\extmgr.dll
          - 2008-01-25 11:35:42 220,040 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
          + 2008-04-09 10:16:26 220,040 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
          - 2007-12-07 02:18:00 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
          + 2008-03-01 13:05:10 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
          - 2007-12-06 11:04:23 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
          + 2008-02-29 08:58:12 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
          - 2007-12-07 02:18:00 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
          + 2008-03-01 13:05:10 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
          - 2007-12-07 02:18:00 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
          + 2008-03-01 13:05:10 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
          - 2007-12-06 04:59:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll
          + 2008-02-15 05:44:25 161,792 ------w C:\WINDOWS\system32\ieakui.dll
          - 2007-12-07 02:18:01 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
          + 2008-03-01 13:05:11 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
          - 2007-12-07 02:18:01 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
          + 2008-03-01 13:05:11 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
          - 2007-12-07 02:18:03 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
          + 2008-03-01 13:05:13 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
          - 2007-12-07 02:18:03 44,544 ------w C:\WINDOWS\system32\iernonce.dll
          + 2008-03-01 13:05:13 44,544 ------w C:\WINDOWS\system32\iernonce.dll
          - 2007-12-07 02:18:03 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
          + 2008-03-01 13:05:13 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
          - 2007-12-06 11:00:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
          + 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
          - 2007-12-07 02:18:04 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
          + 2008-03-01 13:05:13 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
          - 2008-03-05 16:30:54 19,148,408 ----a-w C:\WINDOWS\system32\MRT.exe
          + 2008-04-06 05:56:20 19,836,024 ----a-w C:\WINDOWS\system32\MRT.exe
          - 2007-12-07 02:18:04 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
          + 2008-03-01 13:05:13 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
          - 2007-12-07 02:18:04 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
          + 2008-03-01 13:05:13 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
          - 2007-12-08 05:18:08 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
          + 2008-03-01 16:35:16 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
          - 2007-12-07 02:18:06 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
          + 2008-03-01 13:05:15 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
          - 2007-12-07 02:18:06 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
          + 2008-03-01 13:05:16 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
          - 2007-12-07 02:18:06 671,232 ------w C:\WINDOWS\system32\mstime.dll
          + 2008-03-01 13:05:16 671,232 ------w C:\WINDOWS\system32\mstime.dll
          - 2007-12-07 02:18:07 102,912 ------w C:\WINDOWS\system32\occache.dll
          + 2008-03-01 13:05:16 102,912 ------w C:\WINDOWS\system32\occache.dll
          - 2008-04-09 06:07:33 62,344 ----a-w C:\WINDOWS\system32\perfc009.dat
          + 2008-04-09 10:20:58 62,344 ----a-w C:\WINDOWS\system32\perfc009.dat
          - 2008-04-09 06:07:33 81,146 ----a-w C:\WINDOWS\system32\perfc013.dat
          + 2008-04-09 10:20:58 81,146 ----a-w C:\WINDOWS\system32\perfc013.dat
          - 2008-04-09 06:07:33 401,064 ----a-w C:\WINDOWS\system32\perfh009.dat
          + 2008-04-09 10:20:58 401,064 ----a-w C:\WINDOWS\system32\perfh009.dat
          - 2008-04-09 06:07:33 465,612 ----a-w C:\WINDOWS\system32\perfh013.dat
          + 2008-04-09 10:20:58 465,612 ----a-w C:\WINDOWS\system32\perfh013.dat
          - 2008-01-11 05:52:55 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
          + 2008-03-01 13:05:16 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
          - 2007-12-07 02:18:07 105,984 ----a-w C:\WINDOWS\system32\url.dll
          + 2008-03-01 13:05:16 105,984 ----a-w C:\WINDOWS\system32\url.dll
          - 2007-12-07 02:18:07 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
          + 2008-03-01 13:05:17 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
          - 2007-12-07 02:18:07 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
          + 2008-03-01 13:05:17 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
          .
          -- Snapshot reset to current date --
          .
          ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          .
          REGEDIT4
          *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2002-12-31 14:00 15360]
          "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54 5674352]
          "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 19:25 1961984]
          "DriverUpdaterPro"="C:\Program Files\jaap\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe" [ ]
          "Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]

          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2004-08-10 05:04 59392]
          "CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [ ]
          "RTHDCPL"="RTHDCPL.EXE" [2006-09-06 05:44 16262656 C:\WINDOWS\RTHDCPL.exe]
          "SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe]
          "vptray"="C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe" [2003-04-26 02:18 90112]
          "DXDllRegExe"="dxdllreg.exe"
          "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
          "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
          "WMAAD"="C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe" [2007-02-16 18:41 110592]
          "SetIcon"="\Program Files\SMSC\Seticon.exe" [2004-01-30 09:03 46080]
          "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 07:24 286720]
          "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 13:17 61440]
          "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]

          [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
          "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2002-12-31 14:00 15360]

          C:\Documents and Settings\Arie\Menu Start\Programma's\Opstarten\
          PowerReg Scheduler.exe [2007-02-16 17:33:14 256000]
          VirtuaGirl HD.LNK - C:\Program Files\vghd\vghd.exe [2008-01-03 19:53:46 11769152]

          C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
          Sweex WiFi LAN 140 Nitro XM Utility.lnk - C:\Program Files\Sweex WiFi LAN 140 Nitro XM Utility\WlanUtl.exe [2007-02-08 22:48:44 794624]

          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
          "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
          "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

          [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
          "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 14:55 77824]

          [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
          C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 14:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

          [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
          "msacm.scg726"= scg726.acm
          "msacm.alf2cd"= alf2cd.acm
          "msacm.ac3acm"= AC3ACM.acm
          "vidc.dvsd"= mcdvd_32.dll
          "msacm.lameacm"= LameACM.acm
          "VIDC.XFR1"= xfcodec.dll

          [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]
          path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk
          backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

          [HKLM\~\startupfolder\C:^Documents and Settings^Arie^Menu Start^Programma's^Opstarten^Xfire.lnk]
          path=C:\Documents and Settings\Arie\Menu Start\Programma's\Opstarten\Xfire.lnk
          backup=C:\WINDOWS\pss\Xfire.lnkStartup

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
          --a------ 2005-07-14 15:09 57344 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
          --a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
          C:\Program Files\DAEMON Tools\daemon.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashIcon]
          --a------ 2004-07-21 14:48 40960 C:\Program Files\Generic\USB Card Reader Driver v2.3\FlashIcon.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
          --a------ 2004-05-12 15:18 241664 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
          --a------ 2003-08-04 18:28 49152 C:\Program Files\HP\HP Software Update\HPWuSchd.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
          --a------ 2006-10-30 10:36 256576 C:\Program Files\iTunes\iTunesHelper.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
          C:\Program Files\PowerISO\PWRISOVM.EXE

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SIDEBAR]
          C:\Program Files\Desktop Sidebar\dsidebar.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
          C:\Program Files\Steam\Steam.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
          --a------ 2008-03-08 10:07 1481968 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YeppStudioAgent]
          C:\Program Files\Samsung\SamsungMediaStudio4.1\SamsungMediaStudioAgent.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\security center]
          "AntiVirusOverride"=dword:00000001

          [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
          "%windir%\\system32\\sessmgr.exe"=
          "C:\\StubInstaller.exe"=
          "C:\\Program Files\\LimeWire\\LimeWire.exe"=
          "C:\\Program Files\\iTunes\\iTunes.exe"=
          "C:\\Program Files\\Xfire\\Xfire.exe"=
          "C:\\Program Files\\Azureus\\Azureus.exe"=
          "C:\\WINDOWS\\system32\\mshta.exe"=
          "C:\\Program Files\\World of Warcraft\\WoW-1.12.0-enGB-downloader.exe"=
          "C:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enGB-patch-downloader.exe"=
          "C:\\Program Files\\World of Warcraft\\WoW-2.0.3-enGB-downloader.exe"=
          "C:\\Program Files\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.12.6546-enGB-downloader.exe"=
          "C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
          "C:\\WINDOWS\\system32\\dpvsetup.exe"=
          "C:\\WINDOWS\\system32\\rundll32.exe"=
          "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
          "C:\\Program Files\\MSN Messenger\\livecall.exe"=
          "C:\\Program Files\\Arie\\Azureus.exe"=
          "C:\\Program Files\\Warcraft III\\Warcraft III.exe"=
          "C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
          "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
          "C:\\Program Files\\Jaap\\Nexon\\Maplestory\\MapleStory.exe"=
          "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
          "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

          [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
          "62454:TCP"= 62454:TCP:azureus
          "3724:TCP"= 3724:TCP:wow
          "8080:TCP"= 8080:TCP:wow
          "8085:TCP"= 8085:TCP:wow

          R3 SWXG7031;Sweex 802.11g XG703 SP3 Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2006-01-19 16:18]
          S3 filter;filter;C:\WINDOWS\system32\drivers\filter.sys [2004-07-05 08:21]
          S3 ICScsiSV;Image Converter SCSI Service;C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe [2007-01-26 11:39]
          S3 IcVzMonLauncher;IcVzMonLauncher;"C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe" [2007-01-26 11:38]
          S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe [2007-01-26 11:38]
          S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS

          *Newly Created Service* - PCANDIS5
          .
          Inhoud van de 'Gedeelde Taken' map
          "2008-02-27 06:26:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
          - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
          "2008-02-15 14:00:16 C:\WINDOWS\Tasks\Norton Security Scan.job"
          - C:\Program Files\Norton Security Scan\Nss.exe
          "2008-04-03 15:11:00 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
          - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
          "2007-12-05 16:11:15 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
          - C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
          .
          **************************************************************************

          catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
          Rootkit scan 2008-04-09 12:26:28
          Windows 5.1.2600 Service Pack 2 NTFS

          scannen van verborgen processen ...

          scannen van verborgen autostart items ...

          scannen van verborgen bestanden ...

          Scan succesvol afgerond
          verborgen bestanden: 0

          **************************************************************************
          .
          --------------------- DLLs Geladen Onder Lopende Processen ---------------------

          PROCESS: C:\WINDOWS\system32\winlogon.exe
          -> C:\WINDOWS\system32\NavLogon.dll
          .
          Voltooingstijd: 2008-04-09 12:27:10
          ComboFix-quarantined-files.txt 2008-04-09 10:27:01
          ComboFix2.txt 2008-04-09 06:26:15
          Pre-Run: 19,685,498,880 bytes beschikbaar
          Post-Run: 19,672,465,408 bytes beschikbaar
          .
          2008-04-09 07:21:53 --- E O F ---


          Heb zeker verbetering gemerkt. :')
          Bedankt alvast.
          Last edited by Juisterr; 09-04-08, 16:50.

          Comment


          • #6
            Dat is mooi, kijk het nog even aan en meld je weer eens over een paar dagen of het nog steeds goed gaat.

            Windows 10 opstarten in Veilige Modus

            Comment

            Sorry, you are not authorized to view this page
            Working...
            X