Mededeling

**smeenk** · 19-05-08, 09:06

Download Malwarebytes' Anti-Malware via hier of hier.

Dubbelklik mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Launch Malwarebytes' Anti-Malware, Klik daarna op "finish".
Indien een update gevonden werd, zal het die downloaden en de laatste versie installeren.
Wanneer het programma volledig up to date is, selecteer "Perform Quick Scan", daarna klik Scan.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik OK, daarna "Show Results" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik: Remove Selected.
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie extra nota onderaan)
De log wordt automatisch bewaard door MBAM die je kan zien door de "Logs" tab te klikken in MBAM.
Kopieer en plak de resultaten van de log in je volgend antwoord, samen met een nieuw HijackThislog.

Extra opmerking:
Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de Computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

**NOEL** · 19-05-08, 19:29

hallo en bedankt voor je hulp
met deze een nieuwe hijackthis file en
Logfile of HijackThis v1.99.1
Scan saved at 19:24:43, on 19/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\vssvc.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\WINDOWS\Dit.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Steganos Password Manager 2007\PasswordManagerFFAutoFill.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Norton Ghost\Agent\VProTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AutoCAD 2006\AutoCAD 2006 Vertaler\XLStart.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\dllhost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Trend Micro\TrendSecure\TSCFCommander.exe
C:\Documents and Settings\Noel\Bureaublad\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Steganos Password Manager AutoFill - {1427A821-7B93-4F08-9A34-9FA03A3D93DB} - C:\Program Files\Steganos Password Manager 2007\PasswordManagerBHO.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - C:\Program Files\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll
O3 - Toolbar: Transaction Protector - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - C:\Program Files\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PCMService] C:\Program Files\CyberLink\PowerCinema\PCMService.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SPM2007 PasswordManagerFFAutoFill] "C:\Program Files\Steganos Password Manager 2007\PasswordManagerFFAutoFill.exe"
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Norton Ghost 14.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\RunOnce: [TSC] "C:\Program Files\Trend Micro\Internet Security\tsc.exe" /HD
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [TrendSecure Remote File Lock] C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [OE] "C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe"
O4 - Global Startup: AutoCAD 2006 Vertaler.lnk = C:\Program Files\AutoCAD 2006\AutoCAD 2006 Vertaler\XLStart.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WinCtrl32 - C:\WINDOWS\SYSTEM32\WinCtrl32.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Unknown owner - C:\Program Files\Trend Micro\BM\TMBMSRV.exe" /service (file missing)
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

mbam log file
Malwarebytes' Anti-Malware 1.12
Database versie: 768

Scan type: Volledige Scan (C:\|D:\|E:\|F:\|G:\|H:\|K:\|)
Objecten gescand: 100513
Verstreken tijd: 52 minute(s), 59 second(s)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 2
Registersleutels geïnfecteerd: 12
Registerwaarden geïnfecteerd: 1
Registerdata bestanden geïnfecteerd: 2
Mappen geïnfecteerd: 2
Bestanden geïnfecteerd: 28

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:
C:\WINDOWS\system32\byXNgGAt.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\iifgHwuS.dll (Trojan.Vundo) -> Unloaded module successfully.

Registersleutels geïnfecteerd:
HKEY_CLASSES_ROOT\Interface\{21447c90-6ec1-4fc1-9379-bd515008aedb} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{32c97a37-e2b8-4097-9330-5f3e1125e181} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b0c3de1b-e3ff-4dd0-9229-f452cf9c678e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d2d94732-a74d-433c-98f7-9ed740e82ae9} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{dfd5d79b-ef2f-4a51-9821-5b469f05262e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{23f89af5-e044-4cdc-9efc-a7de0ff1d1b6} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bfd340d1-800e-432d-bd4f-f046a877fd0b} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{47551f98-cc7f-4701-a650-d7231eea60bd} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47551f98-cc7f-4701-a650-d7231eea60bd} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\iifghwus (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{47551f98-cc7f-4701-a650-d7231eea60bd} (Trojan.Vundo) -> Quarantined and deleted successfully.

Registerdata bestanden geïnfecteerd:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\byxnggat -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\byxnggat -> Quarantined and deleted successfully.

Mappen geïnfecteerd:
C:\Documents and Settings\Noel\Application Data\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\Noel\Application Data\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.

Bestanden geïnfecteerd:
C:\WINDOWS\system32\byXNgGAt.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\tAGgNXyb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP129\A0035793.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP129\A0035802.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP129\A0035813.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP129\A0035815.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP130\A0036834.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP130\A0036848.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP130\A0037852.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP130\A0037890.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP131\A0038890.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP131\A0038930.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP131\A0039931.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP131\A0040931.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP131\A0041935.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP131\A0041946.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP133\A0043174.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP133\A0044169.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP133\A0045167.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{2D37D13F-9799-49BB-9091-98E773B830D0}\RP133\A0046167.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\orU47(2).sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\orU47(3).sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\orU47(4).sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\orU47(5).sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\orU47(6).sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\orU47(7).sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Noel\Application Data\RegistrySmart\Log\2008 Apr 29 - 07_33_17 PM_562.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iifgHwuS.dll (Trojan.Vundo) -> Delete on reboot.

**smeenk** · 20-05-08, 10:52

Probeer het volgende eens:
Zoek dit bestand op met je verkenner: C:\WINDOWS\SYSTEM32\WinCtrl32.dll
Rechtsklik op dit bestand en kies in het contextmenu dat verschijnt voor "Naam wijzigen".
Probeer nu de naam te veranderen in: C:\WINDOWS\SYSTEM32\WinCtrl32.bak
Als dit gelukt is herstart je de computer.
Post na de herstart een nieuw logje van Hijackthis en vertel of je nog problemen ondervindt

**NOEL** · 20-05-08, 17:55

het is al veel beter denk zelfs dat het ok is
behalve dat ik soms een melding krijg een rechthoekig kader in het midden van het scherm heb het straks nog gezien was iets met explorer wilt u de fout opzoeken en details maar ben het vergeten wat precies als het later nog komt zal ik opnieuw een bericht doen
hier dan ook de log na dat ik die ddl fille veranderd heb

Logfile of HijackThis v1.99.1
Scan saved at 17:45:06, on 20/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\vssvc.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\WINDOWS\Dit.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Steganos Password Manager 2007\PasswordManagerFFAutoFill.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Norton Ghost\Agent\VProTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe
C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exe
C:\Program Files\AutoCAD 2006\AutoCAD 2006 Vertaler\XLStart.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Trend Micro\TrendSecure\TSCFCommander.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Noel\Bureaublad\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Steganos Password Manager AutoFill - {1427A821-7B93-4F08-9A34-9FA03A3D93DB} - C:\Program Files\Steganos Password Manager 2007\PasswordManagerBHO.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - C:\Program Files\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll
O3 - Toolbar: Transaction Protector - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - C:\Program Files\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PCMService] C:\Program Files\CyberLink\PowerCinema\PCMService.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SPM2007 PasswordManagerFFAutoFill] "C:\Program Files\Steganos Password Manager 2007\PasswordManagerFFAutoFill.exe"
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Norton Ghost 14.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [TrendSecure Remote File Lock] C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [OE] "C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe"
O4 - Global Startup: AutoCAD 2006 Vertaler.lnk = C:\Program Files\AutoCAD 2006\AutoCAD 2006 Vertaler\XLStart.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WinCtrl32 - C:\WINDOWS\SYSTEM32\WinCtrl32.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Unknown owner - C:\Program Files\Trend Micro\BM\TMBMSRV.exe" /service (file missing)
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

groetjes
noel

**smeenk** · 20-05-08, 18:13

Download dit bestand: zoek.exe
Dubbelklik het, na een tijdje opent er een logje.
Post de inhoud van dit logje in je volgende bericht

**NOEL** · 20-05-08, 19:04

dit is het logje dat je vroeg

======C:\WINDOWS====
----a-w 0 2008-05-20 16:42:18 C:\WINDOWS\0.log
----a-w 2,990 2008-04-29 16:13:39 C:\WINDOWS\Ascd_tmp.ini
--s-a-w 2,048 2008-05-20 16:40:18 C:\WINDOWS\bootstat.dat
----a-w 517 2008-05-18 11:24:51 C:\WINDOWS\canopus.ini
----a-w 592 2008-04-29 02:17:39 C:\WINDOWS\chgkey.vbs
----a-w 26 2008-04-27 21:11:28 C:\WINDOWS\CMCDPLAY.INI
----a-w 92 2008-04-27 21:11:28 C:\WINDOWS\CMISETUP.INI
----a-w 200 2008-04-29 04:21:28 C:\WINDOWS\cmsetacl.log
----a-w 4,984 2008-05-18 14:54:08 C:\WINDOWS\COM+.log
----a-w 237,154 2008-05-18 15:16:09 C:\WINDOWS\comsetup.log
----a-w 173 2008-05-12 15:48:43 C:\WINDOWS\ConnMgr.ini
----a-w 0 2008-04-27 19:03:08 C:\WINDOWS\control.ini
----a-w 19,848 2008-05-12 16:58:56 C:\WINDOWS\dasetup.log
----a-w 10,752 2008-05-19 17:22:26 C:\WINDOWS\DCEBoot.exe
----a-w 786 2008-05-19 18:16:30 C:\WINDOWS\DCEBOOT.LOG
----a-w 48,460 2008-05-12 16:50:38 C:\WINDOWS\DirectX.log
----a-w 3,170 2008-05-17 14:05:10 C:\WINDOWS\discwriter.log
----a-w 34,052 2008-05-20 15:01:20 C:\WINDOWS\DPINST.LOG
----a-w 360 2008-04-29 04:34:26 C:\WINDOWS\DtcInstall.log
----a-w 2,618 2008-05-19 05:43:42 C:\WINDOWS\EventSystem.log
----a-w 707,301 2008-05-18 15:15:02 C:\WINDOWS\FaxSetup.log
----a-w 79 2008-05-18 08:06:24 C:\WINDOWS\hotcore3.log
----a-w 29,435 2008-05-09 19:42:52 C:\WINDOWS\hpoins03.dat
----a-w 1,133 2008-05-20 16:31:41 C:\WINDOWS\IE4 Error Log.txt
----a-w 925,424 2008-05-18 15:15:35 C:\WINDOWS\iis6.log
----a-w 75 2008-05-12 15:47:44 C:\WINDOWS\ImportClient.INI
----a-w 4,566 2008-05-18 15:11:19 C:\WINDOWS\imsins.BAK
----a-w 34,032 2008-05-18 15:16:06 C:\WINDOWS\imsins.log
----a-w 847 2008-05-10 09:11:12 C:\WINDOWS\INSTALL.LOG
----a-w 52,674 2008-04-29 15:54:32 C:\WINDOWS\KB835221.log
----a-w 19,590 2008-04-29 00:50:40 C:\WINDOWS\KB835409.log
----a-w 7,293 2008-04-27 22:00:33 C:\WINDOWS\KB842773.log
----a-w 7,053 2008-04-29 04:35:21 C:\WINDOWS\KB873333.log
----a-w 56,735 2008-04-29 19:02:02 C:\WINDOWS\KB873339.log
----a-w 62,146 2008-04-29 19:06:45 C:\WINDOWS\KB885835.log
----a-w 52,967 2008-04-29 19:06:39 C:\WINDOWS\KB885836.log
----a-w 16,821 2008-04-29 18:57:45 C:\WINDOWS\KB886185.log
----a-w 37,557 2008-04-29 19:01:26 C:\WINDOWS\KB887472.log
----a-w 35,817 2008-04-29 04:56:04 C:\WINDOWS\KB888302.log
----a-w 46,262 2008-04-29 19:00:13 C:\WINDOWS\KB890046.log
----a-w 213,074 2008-04-29 04:25:13 C:\WINDOWS\KB890859.log
----a-w 48,331 2008-04-29 19:00:32 C:\WINDOWS\KB891781.log
----a-w 13,524 2008-04-29 00:51:31 C:\WINDOWS\KB892944.log
----a-w 54,835 2008-04-29 19:05:30 C:\WINDOWS\KB893756.log
----a-w 5,645 2008-04-27 20:15:09 C:\WINDOWS\KB893803v2.log
----a-w 24,412 2008-04-29 18:57:13 C:\WINDOWS\KB894391.log
----a-w 50,636 2008-04-29 19:01:17 C:\WINDOWS\KB896358.log
----a-w 53,764 2008-04-29 19:02:23 C:\WINDOWS\KB896423.log
----a-w 18,563 2008-04-29 00:52:41 C:\WINDOWS\KB896424.log
----a-w 34,673 2008-04-29 04:54:13 C:\WINDOWS\KB896428.log
----a-w 8,473 2008-04-27 21:58:50 C:\WINDOWS\KB898461.log
----a-w 58,083 2008-04-29 19:07:14 C:\WINDOWS\KB899587.log
----a-w 17,925 2008-04-29 00:51:56 C:\WINDOWS\KB899589.log
----a-w 53,424 2008-04-29 19:05:48 C:\WINDOWS\KB899591.log
----a-w 42,432 2008-04-29 19:02:18 C:\WINDOWS\KB900485.log
----a-w 45,837 2008-04-29 18:58:17 C:\WINDOWS\KB900725.log
----a-w 55,132 2008-04-29 19:05:53 C:\WINDOWS\KB901017.log
----a-w 44,270 2008-04-29 18:59:15 C:\WINDOWS\KB901214.log
----a-w 55,539 2008-04-29 19:00:23 C:\WINDOWS\KB902400.log
----a-w 10,232 2008-04-29 04:34:41 C:\WINDOWS\KB904706.log
----a-w 50,004 2008-04-29 18:59:24 C:\WINDOWS\KB905414.log
----a-w 13,355 2008-04-29 02:05:38 C:\WINDOWS\KB905495.log
----a-w 42,293 2008-04-29 18:57:26 C:\WINDOWS\KB905749.log
----a-w 207,664 2008-04-29 04:25:34 C:\WINDOWS\KB908519.log
----a-w 37,962 2008-04-29 18:57:33 C:\WINDOWS\KB908531.log
----a-w 28,965 2008-04-29 19:01:02 C:\WINDOWS\KB910437.log
----a-w 58,713 2008-04-29 19:05:17 C:\WINDOWS\KB911280.log
----a-w 59,483 2008-04-29 19:05:06 C:\WINDOWS\KB911562.log
----a-w 22,391 2008-04-29 19:00:57 C:\WINDOWS\KB911564.log
----a-w 55,639 2008-04-29 19:05:59 C:\WINDOWS\KB911927.log
----a-w 13,341 2008-04-29 00:50:56 C:\WINDOWS\KB912919.log
----a-w 32,333 2008-04-29 04:54:25 C:\WINDOWS\KB913580.log
----a-w 51,943 2008-04-29 18:59:29 C:\WINDOWS\KB914388.log
----a-w 209,409 2008-04-29 04:25:53 C:\WINDOWS\KB914389.log
----a-w 25,624 2008-04-29 18:57:41 C:\WINDOWS\KB916595.log
----a-w 13,714 2008-04-29 00:51:49 C:\WINDOWS\KB917344.log
----a-w 16,798 2008-04-29 02:05:27 C:\WINDOWS\KB917422.log
----a-w 13,622 2008-04-29 00:51:44 C:\WINDOWS\KB917953.log
----a-w 29,996 2008-04-29 18:58:53 C:\WINDOWS\KB918118.log
----a-w 37,271 2008-04-29 19:00:27 C:\WINDOWS\KB918439.log
----a-w 9,799 2008-05-18 07:31:02 C:\WINDOWS\KB918997.log
----a-w 45,659 2008-04-29 18:59:34 C:\WINDOWS\KB919007.log
----a-w 28,776 2008-04-29 18:58:03 C:\WINDOWS\KB920213.log
----a-w 53,014 2008-04-29 19:00:37 C:\WINDOWS\KB920670.log
----a-w 207,603 2008-04-29 04:26:11 C:\WINDOWS\KB920683.log
----a-w 54,085 2008-04-29 19:05:36 C:\WINDOWS\KB920685.log
----a-w 35,938 2008-04-29 19:00:04 C:\WINDOWS\KB920872.log
----a-w 18,134 2008-04-29 00:52:21 C:\WINDOWS\KB921398.log
----a-w 12,546 2008-04-29 00:52:54 C:\WINDOWS\KB921883.log
----a-w 22,198 2008-04-29 18:59:06 C:\WINDOWS\KB922582.log
----a-w 12,460 2008-04-29 00:52:49 C:\WINDOWS\KB922616.log
----a-w 55,295 2008-04-29 19:06:51 C:\WINDOWS\KB922819.log
----a-w 41,018 2008-04-29 18:59:11 C:\WINDOWS\KB923191.log
----a-w 56,124 2008-04-29 19:06:34 C:\WINDOWS\KB923414.log
----a-w 44,364 2008-04-29 19:05:25 C:\WINDOWS\KB923980.log
----a-w 21,102 2008-04-29 00:53:04 C:\WINDOWS\KB924191.log
----a-w 42,005 2008-04-29 19:02:12 C:\WINDOWS\KB924270.log
----a-w 56,375 2008-04-29 19:01:58 C:\WINDOWS\KB924496.log
----a-w 40,658 2008-04-29 19:04:56 C:\WINDOWS\KB924667.log
----a-w 24,191 2008-04-29 19:01:11 C:\WINDOWS\KB925398.log
----a-w 38,616 2008-04-29 19:00:47 C:\WINDOWS\KB925902.log
----a-w 8,803 2008-04-29 04:38:35 C:\WINDOWS\KB926239.log
----a-w 32,086 2008-04-29 18:58:49 C:\WINDOWS\KB926255.log
----a-w 33,986 2008-04-29 19:00:08 C:\WINDOWS\KB926436.log
----a-w 48,517 2008-04-29 19:07:09 C:\WINDOWS\KB927779.log
----a-w 45,518 2008-04-29 19:07:03 C:\WINDOWS\KB927802.log
----a-w 29,574 2008-04-29 19:01:36 C:\WINDOWS\KB927891.log
----a-w 45,638 2008-04-29 19:06:15 C:\WINDOWS\KB928255.log
----a-w 23,405 2008-04-29 18:56:36 C:\WINDOWS\KB928843.log
----a-w 37,652 2008-04-29 19:00:42 C:\WINDOWS\KB929123.log
----a-w 13,448 2008-04-29 18:58:40 C:\WINDOWS\KB929399.log
----a-w 34,719 2008-04-29 18:59:53 C:\WINDOWS\KB930178.log
----a-w 25,804 2008-04-29 18:57:38 C:\WINDOWS\KB930916.log
----a-w 40,584 2008-04-29 19:02:07 C:\WINDOWS\KB931261.log
----a-w 45,889 2008-04-29 19:06:08 C:\WINDOWS\KB931784.log
----a-w 33,552 2008-04-29 18:59:20 C:\WINDOWS\KB932168.log
----a-w 33,741 2008-04-29 19:05:43 C:\WINDOWS\KB933729.log
----a-w 24,759 2008-04-29 18:57:22 C:\WINDOWS\KB935839.log
----a-w 27,534 2008-04-29 18:57:58 C:\WINDOWS\KB935840.log
----a-w 43,813 2008-04-29 19:05:11 C:\WINDOWS\KB936021.log
----a-w 5,795 2008-04-29 18:57:07 C:\WINDOWS\KB936782.log
----a-w 46,156 2008-04-29 19:06:30 C:\WINDOWS\KB937894.log
----a-w 28,560 2008-04-29 18:58:12 C:\WINDOWS\KB938127.log
----a-w 42,394 2008-04-29 19:05:02 C:\WINDOWS\KB938828.log
----a-w 12,422 2008-04-29 18:58:27 C:\WINDOWS\KB939683.log
----a-w 29,777 2008-04-29 18:58:58 C:\WINDOWS\KB941202.log
----a-w 30,170 2008-04-29 18:58:44 C:\WINDOWS\KB941568.log
----a-w 20,712 2008-04-29 18:59:48 C:\WINDOWS\KB941569.log
----a-w 41,093 2008-04-29 19:01:53 C:\WINDOWS\KB941644.log
----a-w 38,512 2008-04-29 19:01:31 C:\WINDOWS\KB941693.log
----a-w 45,934 2008-04-29 18:59:58 C:\WINDOWS\KB942763.log
----a-w 24,399 2008-04-29 18:57:17 C:\WINDOWS\KB943055.log
----a-w 35,009 2008-04-29 19:06:58 C:\WINDOWS\KB943460.log
----a-w 27,164 2008-04-29 18:57:54 C:\WINDOWS\KB943485.log
----a-w 29,403 2008-04-29 18:58:08 C:\WINDOWS\KB944338.log
----a-w 22,603 2008-04-29 18:56:42 C:\WINDOWS\KB944653.log
----a-w 27,102 2008-04-29 18:57:50 C:\WINDOWS\KB945553.log
----a-w 38,520 2008-04-29 19:01:21 C:\WINDOWS\KB946026.log
----a-w 46,520 2008-04-29 19:01:48 C:\WINDOWS\KB947864.log
----a-w 29,674 2008-04-29 18:58:31 C:\WINDOWS\KB948590.log
----a-w 33,607 2008-04-29 19:06:21 C:\WINDOWS\KB948881.log
----a-w 15,747 2008-05-13 20:19:07 C:\WINDOWS\KB950749.log
----a-w 48,178 2008-05-18 15:16:06 C:\WINDOWS\medctroc.Log
----a-w 3,469 2008-04-29 04:38:22 C:\WINDOWS\MSCompPackV1.log
----a-w 36,419 2008-05-18 15:15:04 C:\WINDOWS\msgsocm.log
----a-w 238,524 2008-05-18 15:15:04 C:\WINDOWS\msmqinst.log
----a-w 289,754 2008-04-29 04:53:44 C:\WINDOWS\msxml4-KB936181-enu.LOG
----a-w 506,870 2008-05-12 19:56:20 C:\WINDOWS\msxml6-KB933579-enu-x86.LOG
----a-w 116 2008-05-18 13:08:10 C:\WINDOWS\NeroDigital.ini
----a-w 125,154 2008-05-18 15:16:07 C:\WINDOWS\netfxocm.log
----a-w 324,280 2008-05-18 15:18:41 C:\WINDOWS\ntbtlog.txt
----a-w 145,262 2008-05-18 15:16:09 C:\WINDOWS\ntdtcsetup.log
----a-w 371,648 2008-05-18 15:16:07 C:\WINDOWS\ocgen.log
----a-w 42,267 2008-05-18 15:15:06 C:\WINDOWS\ocmsn.log
----a-w 395 2008-04-30 02:39:15 C:\WINDOWS\ODBC.INI
----a-w 4,207 2008-04-27 19:02:59 C:\WINDOWS\ODBCINST.INI
----a-w 1,178 2008-04-29 04:33:37 C:\WINDOWS\OEWABLog.txt
----a-w 0 2008-05-17 14:17:12 C:\WINDOWS\OrangeBurn.log
----a-r 215,144 2008-05-07 14:46:56 C:\WINDOWS\patchw32.dll
----a-r 215,144 2008-05-07 14:46:56 C:\WINDOWS\pw32a.dll
----a-w 1,409 2008-05-18 15:51:00 C:\WINDOWS\QTFont.for
---ha-w 54,156 2008-05-20 16:56:53 C:\WINDOWS\QTFont.qfn
----a-w 3,172 2008-04-27 20:56:17 C:\WINDOWS\regopt.log
----a-w 52 2008-05-17 14:02:49 C:\WINDOWS\Save Windows and Programs (No Data or Documents).BDF
----a-w 27,444 2008-05-20 16:39:20 C:\WINDOWS\SchedLgU.Txt
----a-w 4,096 2008-05-17 14:17:41 C:\WINDOWS\sectors.txt
----a-w 1,277 2008-04-29 04:21:01 C:\WINDOWS\sessmgr.setup.log
------w 249,856 2008-05-17 13:59:57 C:\WINDOWS\Setup1.exe
----a-w 190,152 2008-05-18 15:15:33 C:\WINDOWS\setupact.log
----a-w 199,537 2008-05-20 15:01:20 C:\WINDOWS\setupapi.log
----a-w 112 2008-05-18 15:15:33 C:\WINDOWS\setuperr.log
----a-w 778,484 2008-04-29 04:33:10 C:\WINDOWS\setuplog.txt
----a-w 30,878 2008-04-29 19:09:39 C:\WINDOWS\spupdsvc.log
----a-w 73,216 2008-05-17 13:59:55 C:\WINDOWS\ST6UNST.EXE
----a-w 165 2008-05-04 08:30:48 C:\WINDOWS\startUp manager.INI
----a-w 0 2008-04-27 20:55:31 C:\WINDOWS\Sti_Trace.log
----a-w 82 2008-05-02 15:39:08 C:\WINDOWS\SuperUtil.ini
----a-w 471,338 2008-04-29 04:26:17 C:\WINDOWS\svcpack.log
------w 231 2008-04-27 20:53:02 C:\WINDOWS\system.ini
----a-w 35,953 2008-05-18 15:13:45 C:\WINDOWS\tabletoc.log
----a-w 111,468 2008-05-20 16:57:23 C:\WINDOWS\TmComm.log
----a-w 14,062 2008-05-20 16:40:44 C:\WINDOWS\tmevtmgr.log
----a-w 336,036 2008-05-18 15:15:33 C:\WINDOWS\tsoc.log
----a-w 4,872 2008-05-17 14:02:09 C:\WINDOWS\Ufxmaint31.exe
----a-w 620 2008-05-18 08:09:02 C:\WINDOWS\uiminstall.log
----a-w 1,733 2008-05-17 20:32:42 C:\WINDOWS\Ultra EDIT.INI
----a-w 607 2008-04-29 15:52:29 C:\WINDOWS\Uninstall Manager.INI
----a-w 31,245 2008-05-18 07:30:44 C:\WINDOWS\updspapi.log
----a-w 36 2008-04-27 19:00:18 C:\WINDOWS\vb.ini
----a-w 37 2008-04-27 19:00:18 C:\WINDOWS\vbaddin.ini
----a-w 2,064 2008-04-29 20:04:02 C:\WINDOWS\vminst.log
----a-w 2,169 2008-05-17 14:17:41 C:\WINDOWS\WCBackupDebugTrace.log
----a-w 14,512 2008-04-29 20:03:38 C:\WINDOWS\WgaNotify.log
----a-w 159 2008-05-20 16:40:47 C:\WINDOWS\wiadebug.log
----a-w 49 2008-05-20 16:40:41 C:\WINDOWS\wiaservc.log
----a-w 669 2008-05-09 19:42:51 C:\WINDOWS\win.ini
----a-w 280 2008-04-27 19:02:47 C:\WINDOWS\Windows Update.log
---ha-r 749 2008-04-27 19:02:20 C:\WINDOWS\WindowsShell.Manifest
----a-w 2,078,209 2008-05-20 16:43:00 C:\WINDOWS\WindowsUpdate.log
----a-w 0 2008-04-27 21:11:28 C:\WINDOWS\Wininit.ini
----a-w 25,482 2008-04-29 04:37:34 C:\WINDOWS\WMFDist11.log
----a-w 13,683 2008-04-29 04:38:10 C:\WINDOWS\wmp11.log
----a-w 34,951 2008-04-30 03:59:55 C:\WINDOWS\wmsetup.log
----a-w 2,096 2008-04-29 04:38:10 C:\WINDOWS\wmsetup10.log
----a-w 316,640 2008-04-29 04:33:48 C:\WINDOWS\WMSysPr9.prx
----a-w 299,552 2008-04-27 19:03:06 C:\WINDOWS\WMSysPrx.prx
----a-w 0 2008-05-06 17:42:49 C:\WINDOWS\wplog.txt
----a-w 7,110 2008-04-29 04:36:56 C:\WINDOWS\Wudf01000Inst.log
----a-w 14 2008-05-01 19:34:14 C:\WINDOWS\{12345-6789-0}.dat

Entries: 209 (206)
Directories: 0 Files: 209
Bytes: 14,604,931 Blocks: 28,635
======C:\WINDOWS\system32=====
----a-w 532 2008-04-27 19:05:22 C:\WINDOWS\System32\$winnt$.inf
----a-w 16,832 2008-04-29 04:38:09 C:\WINDOWS\System32\amcompat.tlb
----a-w 518,656 2008-05-16 12:51:20 C:\WINDOWS\System32\autoprnt.exe
----a-w 274,432 2008-04-07 20:47:04 C:\WINDOWS\System32\baksm.dat
----a-w 10,752 2008-04-30 02:14:06 C:\WINDOWS\System32\BASSMOD.dll
------w 319,872 2008-05-19 17:15:04 C:\WINDOWS\System32\byXNgGAt.dll
---ha-r 749 2008-04-27 19:02:20 C:\WINDOWS\System32\cdplayer.exe.manifest
----a-w 0 2008-05-19 05:32:34 C:\WINDOWS\System32\clkcnt.txt
----a-w 2,845 2008-04-27 19:03:08 C:\WINDOWS\System32\CONFIG.NT
----a-w 552 2008-04-27 19:42:00 C:\WINDOWS\System32\d3d8caps.dat
----a-w 664 2008-04-28 18:44:15 C:\WINDOWS\System32\d3d9caps.dat
----a-w 21,748 2008-04-27 19:00:21 C:\WINDOWS\System32\emptyregdb.dat
----a-w 540,832 2008-05-17 14:26:48 C:\WINDOWS\System32\FNTCACHE.DAT
----a-w 107,368 2008-05-07 14:44:38 C:\WINDOWS\System32\GEARAspi.dll
----a-w 0 2008-04-27 20:58:09 C:\WINDOWS\System32\h323log.txt
------w 28,800 2008-05-19 17:15:05 C:\WINDOWS\System32\iifgHwuS.dll
----a-w 77,824 2008-05-19 15:43:21 C:\WINDOWS\System32\kdfapi.dll
----a-w 53,248 2008-05-19 15:43:21 C:\WINDOWS\System32\Kdfhok.dll
----a-w 849,920 2008-05-06 23:26:33 C:\WINDOWS\System32\kdfinj.dll
----a-w 726,568 2008-05-19 15:43:21 C:\WINDOWS\System32\kdfmgr.exe
----a-w 192,512 2008-05-19 15:43:21 C:\WINDOWS\System32\kdfvmgr.exe
----a-w 1,480,232 2008-03-20 16:06:36 C:\WINDOWS\System32\LegitCheckControl.DLL
---ha-r 488 2008-04-27 19:02:24 C:\WINDOWS\System32\logonui.exe.manifest
----a-w 2,212 2008-04-29 19:28:48 C:\WINDOWS\System32\lvcoinst.log
----a-w 143 2008-05-19 16:24:11 C:\WINDOWS\System32\mcrh.tmp
----a-w 16,863,864 2008-05-09 21:35:04 C:\WINDOWS\System32\MRT.exe
----a-w 518,944 2008-03-25 04:50:28 C:\WINDOWS\System32\msexch40.dll
----a-w 326,432 2008-03-25 04:50:30 C:\WINDOWS\System32\msexcl40.dll
----a-w 297 2008-05-16 21:04:54 C:\WINDOWS\System32\MsiExec.exe.log
----a-w 1,516,568 2008-03-25 04:50:34 C:\WINDOWS\System32\msjet40.dll
----a-w 355,112 2008-03-25 04:50:40 C:\WINDOWS\System32\msjetoledb40.dll
----a-w 183,072 2008-03-25 04:51:56 C:\WINDOWS\System32\msjint40.dll
----a-w 60,192 2008-03-25 04:50:42 C:\WINDOWS\System32\msjter40.dll
----a-w 248,608 2008-03-25 04:50:42 C:\WINDOWS\System32\msjtes40.dll
----a-w 219,936 2008-03-25 04:50:44 C:\WINDOWS\System32\msltus40.dll
----a-w 355,104 2008-03-25 04:50:45 C:\WINDOWS\System32\mspbde40.dll
----a-w 432,928 2008-03-25 04:50:47 C:\WINDOWS\System32\msrd2x40.dll
----a-w 322,336 2008-03-25 04:50:49 C:\WINDOWS\System32\msrd3x40.dll
----a-w 559,904 2008-03-25 04:50:52 C:\WINDOWS\System32\msrepl40.dll
----a-w 264,992 2008-03-25 04:50:55 C:\WINDOWS\System32\mstext40.dll
----a-w 838,432 2008-03-25 04:50:57 C:\WINDOWS\System32\mswdat10.dll
----a-w 621,344 2008-03-25 04:51:56 C:\WINDOWS\System32\mswstr10.dll
----a-w 355,104 2008-03-25 04:50:58 C:\WINDOWS\System32\msxbde40.dll
---ha-r 749 2008-04-27 19:02:20 C:\WINDOWS\System32\ncpa.cpl.manifest
----a-w 23,392 2008-04-29 04:38:09 C:\WINDOWS\System32\nscompat.tlb
----a-w 163,353 2008-05-20 16:56:43 C:\WINDOWS\System32\nvapps.xml
----a-w 442,368 2008-03-24 09:27:40 C:\WINDOWS\System32\NVUNINST.EXE
---ha-r 749 2008-04-27 19:02:20 C:\WINDOWS\System32\nwc.cpl.manifest
----a-w 86,016 2008-04-28 16:22:21 C:\WINDOWS\System32\OpenAL32.dll
----a-w 75,704 2008-05-18 15:16:08 C:\WINDOWS\System32\perfc009.dat
----a-w 96,126 2008-05-18 15:16:09 C:\WINDOWS\System32\perfc013.dat
----a-w 428,044 2008-05-18 15:16:08 C:\WINDOWS\System32\perfh009.dat
----a-w 494,802 2008-05-18 15:16:09 C:\WINDOWS\System32\perfh013.dat
----a-w 1,011,564 2008-05-10 23:17:26 C:\WINDOWS\System32\PerfStringBackup.INI
----a-w 3,221 2008-04-30 04:00:14 C:\WINDOWS\System32\qtplugin.log
---ha-r 749 2008-04-27 19:02:20 C:\WINDOWS\System32\sapi.cpl.manifest
----a-w 52 2008-05-17 14:02:49 C:\WINDOWS\System32\Save Windows and Programs (No Data or Documents).BDF
----a-w 37,888 2008-05-16 12:51:19 C:\WINDOWS\System32\setupnt.dll
----a-w 269 2008-04-29 04:32:29 C:\WINDOWS\System32\spupdwxp.log
----a-w 274,432 2008-04-07 20:47:04 C:\WINDOWS\System32\supermenuhook.dll
----a-w 0 2008-04-30 05:30:04 C:\WINDOWS\System32\suupdate.dat
----a-w 2,368 2008-04-30 02:53:39 C:\WINDOWS\System32\SVKP.sys
----a-w 138,760 2008-04-29 18:59:55 C:\WINDOWS\System32\TZLog.log
----a-w 52 2008-05-01 05:12:02 C:\WINDOWS\System32\vb6sock.dll
----a-w 2,256,896 2008-04-10 18:20:42 C:\WINDOWS\System32\vbsbak.dat
----a-w 1,845,376 2008-03-20 08:10:47 C:\WINDOWS\System32\win32k.sys
----a-w 14,336 2008-05-20 14:48:49 C:\WINDOWS\System32\WinCtrl32.bak
----a-w 14,336 2008-05-20 16:40:16 C:\WINDOWS\System32\WinCtrl32.dll
----a-w 14,336 2008-05-20 16:57:07 C:\WINDOWS\System32\WinCtrl32.dl_
---ha-r 488 2008-04-27 19:02:24 C:\WINDOWS\System32\WindowsLogon.manifest
----a-w 25,065 2008-04-27 19:11:22 C:\WINDOWS\System32\wmpscheme.xml
----a-w 2,206 2008-05-20 16:56:30 C:\WINDOWS\System32\wpa.dbl
----a-w 262,144 2008-04-28 16:22:21 C:\WINDOWS\System32\wrap_oal.dll
---ha-r 749 2008-04-27 19:02:20 C:\WINDOWS\System32\wuaucpl.cpl.manifest

Entries: 74 (67)
Directories: 0 Files: 74
Bytes: 36,987,540 Blocks: 72,271
======C:\WINDOWS\system32\drivers=====
----a-w 43,488 2008-05-09 19:31:45 C:\WINDOWS\System32\drivers\AFS2K.SYS
----a-w 16,168 2008-05-07 14:44:38 C:\WINDOWS\System32\drivers\GEARAspiWDM.sys
----a-w 15,864 2008-05-05 18:46:32 C:\WINDOWS\System32\drivers\mbam.sys
----a-w 27,048 2008-05-05 18:46:36 C:\WINDOWS\System32\drivers\mbamcatchme.sys
----a-w 29,056 2008-05-20 16:57:09 C:\WINDOWS\System32\drivers\orU47.sys
----a-w 114,048 2008-04-28 19:21:19 C:\WINDOWS\System32\drivers\snapman.sys
----a-w 137,952 2008-05-07 10:30:54 C:\WINDOWS\System32\drivers\symsnap.sys
----a-w 32,768 2008-04-28 19:21:25 C:\WINDOWS\System32\drivers\tifsfilt.sys
----a-w 392,320 2008-04-28 19:21:25 C:\WINDOWS\System32\drivers\timntr.sys
----a-w 36,368 2008-03-30 17:07:30 C:\WINDOWS\System32\drivers\tmpreflt.sys
----a-w 204,816 2008-03-30 17:07:36 C:\WINDOWS\System32\drivers\tmxpflt.sys
----a-w 13,440 2008-05-20 16:56:50 C:\WINDOWS\System32\drivers\USBCRFT.SYS
----a-w 1,169,240 2008-03-30 16:50:58 C:\WINDOWS\System32\drivers\vsapint.sys

Entries: 13 (13)
Directories: 0 Files: 13
Bytes: 2,232,576 Blocks: 4,366
=======C:\Program Files=====
Entries: 0 (0)
Directories: 0 Files: 0
Bytes: 0 Blocks: 0
=======C:=====
----a-w 0 2008-04-27 19:03:08 C:\AUTOEXEC.BAT
----a-w 36,231,254 2008-04-28 15:52:34 C:\BackupRegistry(20080428).reg
----a-w 97,317,742 2008-05-18 18:56:35 C:\BackupRegistry(20080518).reg
----a-w 95,285,432 2008-05-19 15:56:31 C:\BackupRegistry(20080519).reg
----a-w 95,463,932 2008-05-20 15:37:12 C:\BackupRegistry(20080520).reg
--sha-r 212 2008-05-12 16:48:51 C:\boot.ini
----a-w 0 2008-04-27 19:03:08 C:\CONFIG.SYS
--sha-r 0 2008-04-27 19:03:08 C:\IO.SYS
--sha-r 0 2008-04-27 19:03:08 C:\MSDOS.SYS
--sha-r 47,564 2008-04-29 04:15:41 C:\NTDETECT.COM
--sha-r 251,184 2008-04-29 04:15:41 C:\ntldr
--sha-w 2,145,386,496 2008-05-20 16:40:03 C:\pagefile.sys
----a-w 173 2008-04-28 17:02:41 C:\pdisdk.log
----a-w 52 2008-05-17 14:02:48 C:\Save Everything On Computer.BDF
----a-w 52 2008-05-17 14:02:49 C:\Save Windows and Programs (No Data or Documents).BDF

Entries: 15 (9)
Directories: 0 Files: 15
Bytes: 2,469,984,093 Blocks: 4,824,193
======C:\Documents and Settings\Noel\Application Data======
--sha-w 62 2008-04-27 20:52:41 C:\Documents and Settings\Noel\Application Data\desktop.ini

Entries: 1 (0)
Directories: 0 Files: 1
Bytes: 62 Blocks: 1
======C:\Temp======
Entries: 0 (0)
Directories: 0 Files: 0
Bytes: 0 Blocks: 0
======C:\Documents and Settings\Noel======
----a-w 1,024 2008-05-16 21:30:49 C:\Documents and Settings\Noel\.rnd
----a-w 150 2008-05-18 13:08:35 C:\Documents and Settings\Noel\default.pls
----a-w 4,284,416 2008-05-20 16:39:26 C:\Documents and Settings\Noel\ntuser.dat
---ha-w 278,528 2008-05-20 17:02:24 C:\Documents and Settings\Noel\NTUSER.DAT.LOG
--sh--w 188 2008-05-19 20:21:35 C:\Documents and Settings\Noel\ntuser.ini

Entries: 5 (3)
Directories: 0 Files: 5
Bytes: 4,564,306 Blocks: 8,916
======C:\WINDOWS\Downloaded Program Files====
---h--w 65 2008-04-27 19:02:24 C:\WINDOWS\Downloaded Program Files\desktop.ini
----a-w 1,527,056 2008-03-24 17:33:02 C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
----a-w 367 2008-03-20 13:10:04 C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
----a-w 247 2008-03-24 17:18:48 C:\WINDOWS\Downloaded Program Files\swflash.inf

Entries: 4 (3)
Directories: 0 Files: 4
Bytes: 1,527,735 Blocks: 2,986
=============

**smeenk** · 20-05-08, 19:10

Zoek dit bestand opnieuw op met je verkenner: C:\WINDOWS\SYSTEM32\WinCtrl32.dll
Rechtsklik op dit bestand en kies in het contextmenu dat verschijnt voor "Naam wijzigen".
Probeer nu de naam te veranderen in: C:\WINDOWS\SYSTEM32\WinCtrl32.res
De computer nu niet herstarten.

Installeer daarna unlocker eens : http://ccollomb.free.fr/unlocker/

Probeer daarna dit bestand te vinden met je verkenner:
C:\WINDOWS\System32\drivers\orU47.sys
Rechtklik op dit bestand en kies voor het icoontje van Unlocker en daarna voor "Alles vrijgeven".
Herstart je computer en post een nieuw logje van Hijackthis

**NOEL** · 20-05-08, 20:54

gedaan wat je vroeg doch unlocker gaf melding dat er niets geblokeerd was
hier de log van hijackfile

gr
noel
Logfile of HijackThis v1.99.1
Scan saved at 20:50:32, on 20/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\vssvc.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\System32\dllhost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\WINDOWS\Dit.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Steganos Password Manager 2007\PasswordManagerFFAutoFill.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe
C:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exe
C:\Program Files\Trend Micro\TrendSecure\TSCFCommander.exe
C:\Documents and Settings\Noel\Application Data\Desktopicon\eBayShortcuts.exe
C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\AutoCAD 2006\AutoCAD 2006 Vertaler\XLStart.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\Noel\Bureaublad\HijackThis.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Steganos Password Manager AutoFill - {1427A821-7B93-4F08-9A34-9FA03A3D93DB} - C:\Program Files\Steganos Password Manager 2007\PasswordManagerBHO.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - C:\Program Files\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll
O3 - Toolbar: Transaction Protector - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - C:\Program Files\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PCMService] C:\Program Files\CyberLink\PowerCinema\PCMService.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SPM2007 PasswordManagerFFAutoFill] "C:\Program Files\Steganos Password Manager 2007\PasswordManagerFFAutoFill.exe"
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Norton Ghost 14.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [TrendSecure Remote File Lock] C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [OE] "C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe"
O4 - Global Startup: AutoCAD 2006 Vertaler.lnk = C:\Program Files\AutoCAD 2006\AutoCAD 2006 Vertaler\XLStart.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WinCtrl32 - C:\WINDOWS\SYSTEM32\WinCtrl32.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Unknown owner - C:\Program Files\Trend Micro\BM\TMBMSRV.exe" /service (file missing)
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

**smeenk** · 20-05-08, 20:58

Maak even een nieuw logje met zoek.exe en post deze.

**NOEL** · 20-05-08, 21:09

log van zoek

======C:\WINDOWS====
----a-w 0 2008-05-20 18:48:25 C:\WINDOWS\0.log
----a-w 2,990 2008-04-29 16:13:39 C:\WINDOWS\Ascd_tmp.ini
--s-a-w 2,048 2008-05-20 18:47:24 C:\WINDOWS\bootstat.dat
----a-w 517 2008-05-20 19:04:56 C:\WINDOWS\canopus.ini
----a-w 592 2008-04-29 02:17:39 C:\WINDOWS\chgkey.vbs
----a-w 26 2008-04-27 21:11:28 C:\WINDOWS\CMCDPLAY.INI
----a-w 92 2008-04-27 21:11:28 C:\WINDOWS\CMISETUP.INI
----a-w 200 2008-04-29 04:21:28 C:\WINDOWS\cmsetacl.log
----a-w 7,856 2008-05-20 18:46:27 C:\WINDOWS\COM+.log
----a-w 237,154 2008-05-18 15:16:09 C:\WINDOWS\comsetup.log
----a-w 173 2008-05-12 15:48:43 C:\WINDOWS\ConnMgr.ini
----a-w 0 2008-04-27 19:03:08 C:\WINDOWS\control.ini
----a-w 19,848 2008-05-12 16:58:56 C:\WINDOWS\dasetup.log
----a-w 10,752 2008-05-19 17:22:26 C:\WINDOWS\DCEBoot.exe
----a-w 786 2008-05-19 18:16:30 C:\WINDOWS\DCEBOOT.LOG
----a-w 48,460 2008-05-12 16:50:38 C:\WINDOWS\DirectX.log
----a-w 3,170 2008-05-17 14:05:10 C:\WINDOWS\discwriter.log
----a-w 34,052 2008-05-20 15:01:20 C:\WINDOWS\DPINST.LOG
----a-w 360 2008-04-29 04:34:26 C:\WINDOWS\DtcInstall.log
----a-w 2,618 2008-05-19 05:43:42 C:\WINDOWS\EventSystem.log
----a-w 707,301 2008-05-18 15:15:02 C:\WINDOWS\FaxSetup.log
----a-w 79 2008-05-18 08:06:24 C:\WINDOWS\hotcore3.log
----a-w 29,435 2008-05-09 19:42:52 C:\WINDOWS\hpoins03.dat
----a-w 1,089 2008-05-20 18:45:59 C:\WINDOWS\IE4 Error Log.txt
----a-w 925,424 2008-05-18 15:15:35 C:\WINDOWS\iis6.log
----a-w 75 2008-05-12 15:47:44 C:\WINDOWS\ImportClient.INI
----a-w 4,566 2008-05-18 15:11:19 C:\WINDOWS\imsins.BAK
----a-w 34,032 2008-05-18 15:16:06 C:\WINDOWS\imsins.log
----a-w 847 2008-05-10 09:11:12 C:\WINDOWS\INSTALL.LOG
----a-w 52,674 2008-04-29 15:54:32 C:\WINDOWS\KB835221.log
----a-w 19,590 2008-04-29 00:50:40 C:\WINDOWS\KB835409.log
----a-w 7,293 2008-04-27 22:00:33 C:\WINDOWS\KB842773.log
----a-w 7,053 2008-04-29 04:35:21 C:\WINDOWS\KB873333.log
----a-w 56,735 2008-04-29 19:02:02 C:\WINDOWS\KB873339.log
----a-w 62,146 2008-04-29 19:06:45 C:\WINDOWS\KB885835.log
----a-w 52,967 2008-04-29 19:06:39 C:\WINDOWS\KB885836.log
----a-w 16,821 2008-04-29 18:57:45 C:\WINDOWS\KB886185.log
----a-w 37,557 2008-04-29 19:01:26 C:\WINDOWS\KB887472.log
----a-w 35,817 2008-04-29 04:56:04 C:\WINDOWS\KB888302.log
----a-w 46,262 2008-04-29 19:00:13 C:\WINDOWS\KB890046.log
----a-w 213,074 2008-04-29 04:25:13 C:\WINDOWS\KB890859.log
----a-w 48,331 2008-04-29 19:00:32 C:\WINDOWS\KB891781.log
----a-w 13,524 2008-04-29 00:51:31 C:\WINDOWS\KB892944.log
----a-w 54,835 2008-04-29 19:05:30 C:\WINDOWS\KB893756.log
----a-w 5,645 2008-04-27 20:15:09 C:\WINDOWS\KB893803v2.log
----a-w 24,412 2008-04-29 18:57:13 C:\WINDOWS\KB894391.log
----a-w 50,636 2008-04-29 19:01:17 C:\WINDOWS\KB896358.log
----a-w 53,764 2008-04-29 19:02:23 C:\WINDOWS\KB896423.log
----a-w 18,563 2008-04-29 00:52:41 C:\WINDOWS\KB896424.log
----a-w 34,673 2008-04-29 04:54:13 C:\WINDOWS\KB896428.log
----a-w 8,473 2008-04-27 21:58:50 C:\WINDOWS\KB898461.log
----a-w 58,083 2008-04-29 19:07:14 C:\WINDOWS\KB899587.log
----a-w 17,925 2008-04-29 00:51:56 C:\WINDOWS\KB899589.log
----a-w 53,424 2008-04-29 19:05:48 C:\WINDOWS\KB899591.log
----a-w 42,432 2008-04-29 19:02:18 C:\WINDOWS\KB900485.log
----a-w 45,837 2008-04-29 18:58:17 C:\WINDOWS\KB900725.log
----a-w 55,132 2008-04-29 19:05:53 C:\WINDOWS\KB901017.log
----a-w 44,270 2008-04-29 18:59:15 C:\WINDOWS\KB901214.log
----a-w 55,539 2008-04-29 19:00:23 C:\WINDOWS\KB902400.log
----a-w 10,232 2008-04-29 04:34:41 C:\WINDOWS\KB904706.log
----a-w 50,004 2008-04-29 18:59:24 C:\WINDOWS\KB905414.log
----a-w 13,355 2008-04-29 02:05:38 C:\WINDOWS\KB905495.log
----a-w 42,293 2008-04-29 18:57:26 C:\WINDOWS\KB905749.log
----a-w 207,664 2008-04-29 04:25:34 C:\WINDOWS\KB908519.log
----a-w 37,962 2008-04-29 18:57:33 C:\WINDOWS\KB908531.log
----a-w 28,965 2008-04-29 19:01:02 C:\WINDOWS\KB910437.log
----a-w 58,713 2008-04-29 19:05:17 C:\WINDOWS\KB911280.log
----a-w 59,483 2008-04-29 19:05:06 C:\WINDOWS\KB911562.log
----a-w 22,391 2008-04-29 19:00:57 C:\WINDOWS\KB911564.log
----a-w 55,639 2008-04-29 19:05:59 C:\WINDOWS\KB911927.log
----a-w 13,341 2008-04-29 00:50:56 C:\WINDOWS\KB912919.log
----a-w 32,333 2008-04-29 04:54:25 C:\WINDOWS\KB913580.log
----a-w 51,943 2008-04-29 18:59:29 C:\WINDOWS\KB914388.log
----a-w 209,409 2008-04-29 04:25:53 C:\WINDOWS\KB914389.log
----a-w 25,624 2008-04-29 18:57:41 C:\WINDOWS\KB916595.log
----a-w 13,714 2008-04-29 00:51:49 C:\WINDOWS\KB917344.log
----a-w 16,798 2008-04-29 02:05:27 C:\WINDOWS\KB917422.log
----a-w 13,622 2008-04-29 00:51:44 C:\WINDOWS\KB917953.log
----a-w 29,996 2008-04-29 18:58:53 C:\WINDOWS\KB918118.log
----a-w 37,271 2008-04-29 19:00:27 C:\WINDOWS\KB918439.log
----a-w 9,799 2008-05-18 07:31:02 C:\WINDOWS\KB918997.log
----a-w 45,659 2008-04-29 18:59:34 C:\WINDOWS\KB919007.log
----a-w 28,776 2008-04-29 18:58:03 C:\WINDOWS\KB920213.log
----a-w 53,014 2008-04-29 19:00:37 C:\WINDOWS\KB920670.log
----a-w 207,603 2008-04-29 04:26:11 C:\WINDOWS\KB920683.log
----a-w 54,085 2008-04-29 19:05:36 C:\WINDOWS\KB920685.log
----a-w 35,938 2008-04-29 19:00:04 C:\WINDOWS\KB920872.log
----a-w 18,134 2008-04-29 00:52:21 C:\WINDOWS\KB921398.log
----a-w 12,546 2008-04-29 00:52:54 C:\WINDOWS\KB921883.log
----a-w 22,198 2008-04-29 18:59:06 C:\WINDOWS\KB922582.log
----a-w 12,460 2008-04-29 00:52:49 C:\WINDOWS\KB922616.log
----a-w 55,295 2008-04-29 19:06:51 C:\WINDOWS\KB922819.log
----a-w 41,018 2008-04-29 18:59:11 C:\WINDOWS\KB923191.log
----a-w 56,124 2008-04-29 19:06:34 C:\WINDOWS\KB923414.log
----a-w 44,364 2008-04-29 19:05:25 C:\WINDOWS\KB923980.log
----a-w 21,102 2008-04-29 00:53:04 C:\WINDOWS\KB924191.log
----a-w 42,005 2008-04-29 19:02:12 C:\WINDOWS\KB924270.log
----a-w 56,375 2008-04-29 19:01:58 C:\WINDOWS\KB924496.log
----a-w 40,658 2008-04-29 19:04:56 C:\WINDOWS\KB924667.log
----a-w 24,191 2008-04-29 19:01:11 C:\WINDOWS\KB925398.log
----a-w 38,616 2008-04-29 19:00:47 C:\WINDOWS\KB925902.log
----a-w 8,803 2008-04-29 04:38:35 C:\WINDOWS\KB926239.log
----a-w 32,086 2008-04-29 18:58:49 C:\WINDOWS\KB926255.log
----a-w 33,986 2008-04-29 19:00:08 C:\WINDOWS\KB926436.log
----a-w 48,517 2008-04-29 19:07:09 C:\WINDOWS\KB927779.log
----a-w 45,518 2008-04-29 19:07:03 C:\WINDOWS\KB927802.log
----a-w 29,574 2008-04-29 19:01:36 C:\WINDOWS\KB927891.log
----a-w 45,638 2008-04-29 19:06:15 C:\WINDOWS\KB928255.log
----a-w 23,405 2008-04-29 18:56:36 C:\WINDOWS\KB928843.log
----a-w 37,652 2008-04-29 19:00:42 C:\WINDOWS\KB929123.log
----a-w 13,448 2008-04-29 18:58:40 C:\WINDOWS\KB929399.log
----a-w 34,719 2008-04-29 18:59:53 C:\WINDOWS\KB930178.log
----a-w 25,804 2008-04-29 18:57:38 C:\WINDOWS\KB930916.log
----a-w 40,584 2008-04-29 19:02:07 C:\WINDOWS\KB931261.log
----a-w 45,889 2008-04-29 19:06:08 C:\WINDOWS\KB931784.log
----a-w 33,552 2008-04-29 18:59:20 C:\WINDOWS\KB932168.log
----a-w 33,741 2008-04-29 19:05:43 C:\WINDOWS\KB933729.log
----a-w 24,759 2008-04-29 18:57:22 C:\WINDOWS\KB935839.log
----a-w 27,534 2008-04-29 18:57:58 C:\WINDOWS\KB935840.log
----a-w 43,813 2008-04-29 19:05:11 C:\WINDOWS\KB936021.log
----a-w 5,795 2008-04-29 18:57:07 C:\WINDOWS\KB936782.log
----a-w 46,156 2008-04-29 19:06:30 C:\WINDOWS\KB937894.log
----a-w 28,560 2008-04-29 18:58:12 C:\WINDOWS\KB938127.log
----a-w 42,394 2008-04-29 19:05:02 C:\WINDOWS\KB938828.log
----a-w 12,422 2008-04-29 18:58:27 C:\WINDOWS\KB939683.log
----a-w 29,777 2008-04-29 18:58:58 C:\WINDOWS\KB941202.log
----a-w 30,170 2008-04-29 18:58:44 C:\WINDOWS\KB941568.log
----a-w 20,712 2008-04-29 18:59:48 C:\WINDOWS\KB941569.log
----a-w 41,093 2008-04-29 19:01:53 C:\WINDOWS\KB941644.log
----a-w 38,512 2008-04-29 19:01:31 C:\WINDOWS\KB941693.log
----a-w 45,934 2008-04-29 18:59:58 C:\WINDOWS\KB942763.log
----a-w 24,399 2008-04-29 18:57:17 C:\WINDOWS\KB943055.log
----a-w 35,009 2008-04-29 19:06:58 C:\WINDOWS\KB943460.log
----a-w 27,164 2008-04-29 18:57:54 C:\WINDOWS\KB943485.log
----a-w 29,403 2008-04-29 18:58:08 C:\WINDOWS\KB944338.log
----a-w 22,603 2008-04-29 18:56:42 C:\WINDOWS\KB944653.log
----a-w 27,102 2008-04-29 18:57:50 C:\WINDOWS\KB945553.log
----a-w 38,520 2008-04-29 19:01:21 C:\WINDOWS\KB946026.log
----a-w 46,520 2008-04-29 19:01:48 C:\WINDOWS\KB947864.log
----a-w 29,674 2008-04-29 18:58:31 C:\WINDOWS\KB948590.log
----a-w 33,607 2008-04-29 19:06:21 C:\WINDOWS\KB948881.log
----a-w 15,747 2008-05-13 20:19:07 C:\WINDOWS\KB950749.log
----a-w 48,178 2008-05-18 15:16:06 C:\WINDOWS\medctroc.Log
----a-w 3,469 2008-04-29 04:38:22 C:\WINDOWS\MSCompPackV1.log
----a-w 36,419 2008-05-18 15:15:04 C:\WINDOWS\msgsocm.log
----a-w 238,524 2008-05-18 15:15:04 C:\WINDOWS\msmqinst.log
----a-w 289,754 2008-04-29 04:53:44 C:\WINDOWS\msxml4-KB936181-enu.LOG
----a-w 506,870 2008-05-12 19:56:20 C:\WINDOWS\msxml6-KB933579-enu-x86.LOG
----a-w 116 2008-05-20 19:01:43 C:\WINDOWS\NeroDigital.ini
----a-w 125,154 2008-05-18 15:16:07 C:\WINDOWS\netfxocm.log
----a-w 324,280 2008-05-18 15:18:41 C:\WINDOWS\ntbtlog.txt
----a-w 145,262 2008-05-18 15:16:09 C:\WINDOWS\ntdtcsetup.log
----a-w 371,648 2008-05-18 15:16:07 C:\WINDOWS\ocgen.log
----a-w 42,267 2008-05-18 15:15:06 C:\WINDOWS\ocmsn.log
----a-w 395 2008-04-30 02:39:15 C:\WINDOWS\ODBC.INI
----a-w 4,207 2008-04-27 19:02:59 C:\WINDOWS\ODBCINST.INI
----a-w 1,178 2008-04-29 04:33:37 C:\WINDOWS\OEWABLog.txt
----a-w 0 2008-05-17 14:17:12 C:\WINDOWS\OrangeBurn.log
----a-r 215,144 2008-05-07 14:46:56 C:\WINDOWS\patchw32.dll
----a-r 215,144 2008-05-07 14:46:56 C:\WINDOWS\pw32a.dll
----a-w 1,409 2008-05-18 15:51:00 C:\WINDOWS\QTFont.for
---ha-w 54,156 2008-05-20 18:49:14 C:\WINDOWS\QTFont.qfn
----a-w 3,172 2008-04-27 20:56:17 C:\WINDOWS\regopt.log
----a-w 52 2008-05-17 14:02:49 C:\WINDOWS\Save Windows and Programs (No Data or Documents).BDF
----a-w 28,164 2008-05-20 18:46:26 C:\WINDOWS\SchedLgU.Txt
----a-w 4,096 2008-05-17 14:17:41 C:\WINDOWS\sectors.txt
----a-w 1,277 2008-04-29 04:21:01 C:\WINDOWS\sessmgr.setup.log
------w 249,856 2008-05-17 13:59:57 C:\WINDOWS\Setup1.exe
----a-w 190,152 2008-05-18 15:15:33 C:\WINDOWS\setupact.log
----a-w 203,827 2008-05-20 18:09:32 C:\WINDOWS\setupapi.log
----a-w 112 2008-05-18 15:15:33 C:\WINDOWS\setuperr.log
----a-w 778,484 2008-04-29 04:33:10 C:\WINDOWS\setuplog.txt
----a-w 30,878 2008-04-29 19:09:39 C:\WINDOWS\spupdsvc.log
----a-w 73,216 2008-05-17 13:59:55 C:\WINDOWS\ST6UNST.EXE
----a-w 165 2008-05-04 08:30:48 C:\WINDOWS\startUp manager.INI
----a-w 0 2008-04-27 20:55:31 C:\WINDOWS\Sti_Trace.log
----a-w 82 2008-05-02 15:39:08 C:\WINDOWS\SuperUtil.ini
----a-w 471,338 2008-04-29 04:26:17 C:\WINDOWS\svcpack.log
------w 231 2008-04-27 20:53:02 C:\WINDOWS\system.ini
----a-w 35,953 2008-05-18 15:13:45 C:\WINDOWS\tabletoc.log
----a-w 116,149 2008-05-20 19:01:35 C:\WINDOWS\TmComm.log
----a-w 14,617 2008-05-20 18:47:28 C:\WINDOWS\tmevtmgr.log
----a-w 336,036 2008-05-18 15:15:33 C:\WINDOWS\tsoc.log
----a-w 4,872 2008-05-17 14:02:09 C:\WINDOWS\Ufxmaint31.exe
----a-w 620 2008-05-18 08:09:02 C:\WINDOWS\uiminstall.log
----a-w 1,733 2008-05-17 20:32:42 C:\WINDOWS\Ultra EDIT.INI
----a-w 607 2008-04-29 15:52:29 C:\WINDOWS\Uninstall Manager.INI
----a-w 31,245 2008-05-18 07:30:44 C:\WINDOWS\updspapi.log
----a-w 36 2008-04-27 19:00:18 C:\WINDOWS\vb.ini
----a-w 37 2008-04-27 19:00:18 C:\WINDOWS\vbaddin.ini
----a-w 2,064 2008-04-29 20:04:02 C:\WINDOWS\vminst.log
----a-w 2,169 2008-05-17 14:17:41 C:\WINDOWS\WCBackupDebugTrace.log
----a-w 14,512 2008-04-29 20:03:38 C:\WINDOWS\WgaNotify.log
----a-w 159 2008-05-20 18:47:32 C:\WINDOWS\wiadebug.log
----a-w 49 2008-05-20 18:47:27 C:\WINDOWS\wiaservc.log
----a-w 669 2008-05-09 19:42:51 C:\WINDOWS\win.ini
----a-w 280 2008-04-27 19:02:47 C:\WINDOWS\Windows Update.log
---ha-r 749 2008-04-27 19:02:20 C:\WINDOWS\WindowsShell.Manifest
----a-w 1,088,581 2008-05-20 18:48:56 C:\WINDOWS\WindowsUpdate.log
----a-w 0 2008-04-27 21:11:28 C:\WINDOWS\Wininit.ini
----a-w 25,482 2008-04-29 04:37:34 C:\WINDOWS\WMFDist11.log
----a-w 13,683 2008-04-29 04:38:10 C:\WINDOWS\wmp11.log
----a-w 34,951 2008-04-30 03:59:55 C:\WINDOWS\wmsetup.log
----a-w 2,096 2008-04-29 04:38:10 C:\WINDOWS\wmsetup10.log
----a-w 316,640 2008-04-29 04:33:48 C:\WINDOWS\WMSysPr9.prx
----a-w 299,552 2008-04-27 19:03:06 C:\WINDOWS\WMSysPrx.prx
----a-w 0 2008-05-06 17:42:49 C:\WINDOWS\wplog.txt
----a-w 7,110 2008-04-29 04:36:56 C:\WINDOWS\Wudf01000Inst.log
----a-w 14 2008-05-01 19:34:14 C:\WINDOWS\{12345-6789-0}.dat

Entries: 209 (206)
Directories: 0 Files: 209
Bytes: 13,628,377 Blocks: 26,729
======C:\WINDOWS\system32=====
----a-w 532 2008-04-27 19:05:22 C:\WINDOWS\System32\$winnt$.inf
----a-w 16,832 2008-04-29 04:38:09 C:\WINDOWS\System32\amcompat.tlb
----a-w 518,656 2008-05-16 12:51:20 C:\WINDOWS\System32\autoprnt.exe
----a-w 274,432 2008-04-07 20:47:04 C:\WINDOWS\System32\baksm.dat
----a-w 10,752 2008-04-30 02:14:06 C:\WINDOWS\System32\BASSMOD.dll
------w 319,872 2008-05-19 17:15:04 C:\WINDOWS\System32\byXNgGAt.dll
---ha-r 749 2008-04-27 19:02:20 C:\WINDOWS\System32\cdplayer.exe.manifest
----a-w 0 2008-05-19 05:32:34 C:\WINDOWS\System32\clkcnt.txt
----a-w 2,845 2008-04-27 19:03:08 C:\WINDOWS\System32\CONFIG.NT
----a-w 552 2008-04-27 19:42:00 C:\WINDOWS\System32\d3d8caps.dat
----a-w 664 2008-04-28 18:44:15 C:\WINDOWS\System32\d3d9caps.dat
----a-w 21,748 2008-04-27 19:00:21 C:\WINDOWS\System32\emptyregdb.dat
----a-w 540,832 2008-05-17 14:26:48 C:\WINDOWS\System32\FNTCACHE.DAT
----a-w 107,368 2008-05-07 14:44:38 C:\WINDOWS\System32\GEARAspi.dll
----a-w 0 2008-04-27 20:58:09 C:\WINDOWS\System32\h323log.txt
------w 28,800 2008-05-19 17:15:05 C:\WINDOWS\System32\iifgHwuS.dll
----a-w 77,824 2008-05-19 15:43:21 C:\WINDOWS\System32\kdfapi.dll
----a-w 53,248 2008-05-19 15:43:21 C:\WINDOWS\System32\Kdfhok.dll
----a-w 849,920 2008-05-06 23:26:33 C:\WINDOWS\System32\kdfinj.dll
----a-w 726,568 2008-05-19 15:43:21 C:\WINDOWS\System32\kdfmgr.exe
----a-w 192,512 2008-05-19 15:43:21 C:\WINDOWS\System32\kdfvmgr.exe
----a-w 1,480,232 2008-03-20 16:06:36 C:\WINDOWS\System32\LegitCheckControl.DLL
---ha-r 488 2008-04-27 19:02:24 C:\WINDOWS\System32\logonui.exe.manifest
----a-w 2,212 2008-04-29 19:28:48 C:\WINDOWS\System32\lvcoinst.log
----a-w 143 2008-05-19 16:24:11 C:\WINDOWS\System32\mcrh.tmp
----a-w 16,863,864 2008-05-09 21:35:04 C:\WINDOWS\System32\MRT.exe
----a-w 518,944 2008-03-25 04:50:28 C:\WINDOWS\System32\msexch40.dll
----a-w 326,432 2008-03-25 04:50:30 C:\WINDOWS\System32\msexcl40.dll
----a-w 297 2008-05-16 21:04:54 C:\WINDOWS\System32\MsiExec.exe.log
----a-w 1,516,568 2008-03-25 04:50:34 C:\WINDOWS\System32\msjet40.dll
----a-w 355,112 2008-03-25 04:50:40 C:\WINDOWS\System32\msjetoledb40.dll
----a-w 183,072 2008-03-25 04:51:56 C:\WINDOWS\System32\msjint40.dll
----a-w 60,192 2008-03-25 04:50:42 C:\WINDOWS\System32\msjter40.dll
----a-w 248,608 2008-03-25 04:50:42 C:\WINDOWS\System32\msjtes40.dll
----a-w 219,936 2008-03-25 04:50:44 C:\WINDOWS\System32\msltus40.dll
----a-w 355,104 2008-03-25 04:50:45 C:\WINDOWS\System32\mspbde40.dll
----a-w 432,928 2008-03-25 04:50:47 C:\WINDOWS\System32\msrd2x40.dll
----a-w 322,336 2008-03-25 04:50:49 C:\WINDOWS\System32\msrd3x40.dll
----a-w 559,904 2008-03-25 04:50:52 C:\WINDOWS\System32\msrepl40.dll
----a-w 264,992 2008-03-25 04:50:55 C:\WINDOWS\System32\mstext40.dll
----a-w 838,432 2008-03-25 04:50:57 C:\WINDOWS\System32\mswdat10.dll
----a-w 621,344 2008-03-25 04:51:56 C:\WINDOWS\System32\mswstr10.dll
----a-w 355,104 2008-03-25 04:50:58 C:\WINDOWS\System32\msxbde40.dll
---ha-r 749 2008-04-27 19:02:20 C:\WINDOWS\System32\ncpa.cpl.manifest
----a-w 23,392 2008-04-29 04:38:09 C:\WINDOWS\System32\nscompat.tlb
----a-w 163,353 2008-05-20 18:48:53 C:\WINDOWS\System32\nvapps.xml
----a-w 442,368 2008-03-24 09:27:40 C:\WINDOWS\System32\NVUNINST.EXE
---ha-r 749 2008-04-27 19:02:20 C:\WINDOWS\System32\nwc.cpl.manifest
----a-w 86,016 2008-04-28 16:22:21 C:\WINDOWS\System32\OpenAL32.dll
----a-w 75,704 2008-05-18 15:16:08 C:\WINDOWS\System32\perfc009.dat
----a-w 96,126 2008-05-18 15:16:09 C:\WINDOWS\System32\perfc013.dat
----a-w 428,044 2008-05-18 15:16:08 C:\WINDOWS\System32\perfh009.dat
----a-w 494,802 2008-05-18 15:16:09 C:\WINDOWS\System32\perfh013.dat
----a-w 1,011,564 2008-05-10 23:17:26 C:\WINDOWS\System32\PerfStringBackup.INI
----a-w 3,221 2008-04-30 04:00:14 C:\WINDOWS\System32\qtplugin.log
---ha-r 749 2008-04-27 19:02:20 C:\WINDOWS\System32\sapi.cpl.manifest
----a-w 52 2008-05-17 14:02:49 C:\WINDOWS\System32\Save Windows and Programs (No Data or Documents).BDF
----a-w 37,888 2008-05-16 12:51:19 C:\WINDOWS\System32\setupnt.dll
----a-w 269 2008-04-29 04:32:29 C:\WINDOWS\System32\spupdwxp.log
----a-w 274,432 2008-04-07 20:47:04 C:\WINDOWS\System32\supermenuhook.dll
----a-w 0 2008-04-30 05:30:04 C:\WINDOWS\System32\suupdate.dat
----a-w 2,368 2008-04-30 02:53:39 C:\WINDOWS\System32\SVKP.sys
----a-w 138,760 2008-04-29 18:59:55 C:\WINDOWS\System32\TZLog.log
----a-w 52 2008-05-01 05:12:02 C:\WINDOWS\System32\vb6sock.dll
----a-w 2,256,896 2008-04-10 18:20:42 C:\WINDOWS\System32\vbsbak.dat
----a-w 1,845,376 2008-03-20 08:10:47 C:\WINDOWS\System32\win32k.sys
----a-w 14,336 2008-05-20 14:48:49 C:\WINDOWS\System32\WinCtrl32.bak
----a-w 14,336 2008-05-20 18:47:24 C:\WINDOWS\System32\WinCtrl32.dll
----a-w 14,336 2008-05-20 18:49:15 C:\WINDOWS\System32\WinCtrl32.dl_
---ha-r 488 2008-04-27 19:02:24 C:\WINDOWS\System32\WindowsLogon.manifest
----a-w 25,065 2008-04-27 19:11:22 C:\WINDOWS\System32\wmpscheme.xml
----a-w 2,206 2008-05-20 18:48:57 C:\WINDOWS\System32\wpa.dbl
----a-w 262,144 2008-04-28 16:22:21 C:\WINDOWS\System32\wrap_oal.dll
---ha-r 749 2008-04-27 19:02:20 C:\WINDOWS\System32\wuaucpl.cpl.manifest

Entries: 74 (67)
Directories: 0 Files: 74
Bytes: 36,987,540 Blocks: 72,271
======C:\WINDOWS\system32\drivers=====
----a-w 43,488 2008-05-09 19:31:45 C:\WINDOWS\System32\drivers\AFS2K.SYS
----a-w 16,168 2008-05-07 14:44:38 C:\WINDOWS\System32\drivers\GEARAspiWDM.sys
----a-w 15,864 2008-05-05 18:46:32 C:\WINDOWS\System32\drivers\mbam.sys
----a-w 27,048 2008-05-05 18:46:36 C:\WINDOWS\System32\drivers\mbamcatchme.sys
----a-w 29,056 2008-05-20 18:49:17 C:\WINDOWS\System32\drivers\orU47.sys
----a-w 114,048 2008-04-28 19:21:19 C:\WINDOWS\System32\drivers\snapman.sys
----a-w 32,768 2008-04-28 19:21:25 C:\WINDOWS\System32\drivers\tifsfilt.sys
----a-w 392,320 2008-04-28 19:21:25 C:\WINDOWS\System32\drivers\timntr.sys
----a-w 36,368 2008-03-30 17:07:30 C:\WINDOWS\System32\drivers\tmpreflt.sys
----a-w 204,816 2008-03-30 17:07:36 C:\WINDOWS\System32\drivers\tmxpflt.sys
----a-w 13,440 2008-05-20 19:00:07 C:\WINDOWS\System32\drivers\USBCRFT.SYS
----a-w 1,169,240 2008-03-30 16:50:58 C:\WINDOWS\System32\drivers\vsapint.sys

Entries: 12 (12)
Directories: 0 Files: 12
Bytes: 2,094,624 Blocks: 4,096
=======C:\Program Files=====
Entries: 0 (0)
Directories: 0 Files: 0
Bytes: 0 Blocks: 0
=======C:=====
----a-w 0 2008-04-27 19:03:08 C:\AUTOEXEC.BAT
----a-w 36,231,254 2008-04-28 15:52:34 C:\BackupRegistry(20080428).reg
----a-w 97,317,742 2008-05-18 18:56:35 C:\BackupRegistry(20080518).reg
----a-w 95,285,432 2008-05-19 15:56:31 C:\BackupRegistry(20080519).reg
----a-w 95,463,932 2008-05-20 15:37:12 C:\BackupRegistry(20080520).reg
--sha-r 212 2008-05-12 16:48:51 C:\boot.ini
----a-w 0 2008-04-27 19:03:08 C:\CONFIG.SYS
--sha-r 0 2008-04-27 19:03:08 C:\IO.SYS
--sha-r 0 2008-04-27 19:03:08 C:\MSDOS.SYS
--sha-r 47,564 2008-04-29 04:15:41 C:\NTDETECT.COM
--sha-r 251,184 2008-04-29 04:15:41 C:\ntldr
--sha-w 2,145,386,496 2008-05-20 18:47:11 C:\pagefile.sys
----a-w 173 2008-04-28 17:02:41 C:\pdisdk.log
----a-w 52 2008-05-17 14:02:48 C:\Save Everything On Computer.BDF
----a-w 52 2008-05-17 14:02:49 C:\Save Windows and Programs (No Data or Documents).BDF

Entries: 15 (9)
Directories: 0 Files: 15
Bytes: 2,469,984,093 Blocks: 4,824,193
======C:\Documents and Settings\Noel\Application Data======
--sha-w 62 2008-04-27 20:52:41 C:\Documents and Settings\Noel\Application Data\desktop.ini

Entries: 1 (0)
Directories: 0 Files: 1
Bytes: 62 Blocks: 1
======C:\Temp======
Entries: 0 (0)
Directories: 0 Files: 0
Bytes: 0 Blocks: 0
======C:\Documents and Settings\Noel======
----a-w 1,024 2008-05-16 21:30:49 C:\Documents and Settings\Noel\.rnd
----a-w 150 2008-05-18 13:08:35 C:\Documents and Settings\Noel\default.pls
----a-w 4,284,416 2008-05-20 18:46:32 C:\Documents and Settings\Noel\ntuser.dat
---ha-w 532,480 2008-05-20 19:09:18 C:\Documents and Settings\Noel\NTUSER.DAT.LOG
--sh--w 188 2008-05-19 20:21:35 C:\Documents and Settings\Noel\ntuser.ini

Entries: 5 (3)
Directories: 0 Files: 5
Bytes: 4,818,258 Blocks: 9,412
======C:\WINDOWS\Downloaded Program Files====
---h--w 65 2008-04-27 19:02:24 C:\WINDOWS\Downloaded Program Files\desktop.ini
----a-w 1,527,056 2008-03-24 17:33:02 C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
----a-w 367 2008-03-20 13:10:04 C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
----a-w 247 2008-03-24 17:18:48 C:\WINDOWS\Downloaded Program Files\swflash.inf

Entries: 4 (3)
Directories: 0 Files: 4
Bytes: 1,527,735 Blocks: 2,986
=============

**smeenk** · 20-05-08, 22:39

Download: RVAXO.exe

Sla het bestand op je bureaublad op, dubbelklik het en kies voor "Unzip" om het uit te pakken.
Start de computer in veilige modus.
Open nu de map RVAXO op je bureaublad en dubbeklik RunMe.cmd
Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze gewoon zijn werk doen.
Daarna zal je PC herstarten, laat hem nu weer in normale modus starten. Na de herstart opent het cmd-venster van RVAXO opnieuw.
Laat deze lopen en wacht tot er een logfile opent: C:\RVAXO-results.log
Herstart je computer niet vanzelf, of start de tool niet na de reboot, doe dit dan handmatig.
Post de inhoud van de logfile in je volgende bericht.

Post ook een nieuw logje van Hijackthis

**NOEL** · 21-05-08, 19:16

an dit het zijn lijkt me wel een korte file of is dit zo

---RVAXO.exe Updated: 2008-05-21---first run---
Uninstallers:

Files found:
C:\WINDOWS\wininit.ini
C:\WINDOWS\system32\clkcnt.txt
C:\WINDOWS\system32\WinCtrl32.dll
C:\WINDOWS\system32\WinCtrl32.dl_
C:\WINDOWS\system32\SVKP.sys
C:\WINDOWS\system32\drivers\orU47.sys
C:\WINDOWS\system32\mcrh.tmp

Folders Found:

Hosts-file was reset, If you use a custom hosts file please replace it...

--------------RVAXO.exe last run---------------
Not deleted items:
C:\WINDOWS\system32\drivers\orU47.sys

--------------RVAXO.exe finished----------------

**smeenk** · 21-05-08, 20:22

Kan best hoor, des te korter, des te beter

Oorspronkelijk geplaatst door smeenk Bekijk Berichten

Post ook een nieuw logje van Hijackthis

**NOEL** · 21-05-08, 20:42

is volgens jou alles ok nu ? of merk je nog iets wat er niet thuis hoort

Mededeling

hulp gevraagd A.U.B pc probleem

hulp gevraagd A.U.B pc probleem

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment