Vraag & Antwoord

Beveiliging & privacy

Hijack Logje Checken Graag

7 antwoorden
  • Elke start onnodige Internet Explorer Popup Alvast Bedankt Logfile of HijackThis v1.99.1 Scan saved at 14:34:16, on 11-10-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SYSTEM32\rundll32.exe C:\WINDOWS\system32\acs.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Armor2net\Armor2net Personal Firewall\Armor2net.exe C:\WINDOWS\iexplore.exe C:\Program Files\Common Files\{3C985221-063C-1043-0309-06051124001f}\Update.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Jevithan\Bureaublad\TAMIL° ZONE\Setup\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - Default URLSearchHook is missing O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\Program Files\Common Files\{3C985221-063C-1043-0309-06051124001f}\MyToolBar.dll (file missing) O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll O4 - HKLM\..\Run: [Armor2net] C:\Program Files\Armor2net\Armor2net Personal Firewall\Armor2net.exe O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\iexplore.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEExt.htm O8 - Extra context menu item: Ontvang alle bestanden door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html O8 - Extra context menu item: Ontvangst door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {5DD731E6-D4F0-11D3-BE3F-00105A6FDA50} (V3ProX Control) - http://ahnlabdownload.nefficient.co.kr/plugin/myv3/myv3.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152987549625 O16 - DPF: {82FFA573-38AA-482A-99AD-91F697B91631} (Installer.InstallControl) - http://static.35mb.com/applet/applet_o.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://filelodge.bolt.com/ImageUploader3.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: , O20 - Winlogon Notify: Extensions - C:\WINDOWS\system32\p0n8la5u1d.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - (no file) O23 - Service: Atheros-clienthulpprogramma (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
  • Hallo, Start HJT opnieuw en doe een systemscan only, vink onderstaande regel aan sluit alle vensters behalve HJT en klik op fix checked. [b:ae4642b449]R3 - Default URLSearchHook is missing O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) 3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\Program Files\Common Files\{3C985221-063C-1043-0309-06051124001f}\MyToolBar.dll (file missing) O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll O20 - Winlogon Notify: Extensions - C:\WINDOWS\system32\p0n8la5u1d.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - (no file)[/b:ae4642b449] start verkenner en zoek naar onderstaande map dikgedrukt en verwijder die. C:\Program Files\Common Files\[b:ae4642b449]{3C985221-063C-1043-0309-06051124001f}[/b:ae4642b449] C:\Program Files\[b:ae4642b449]ToolBar888\MyToolBar.dll[/b:ae4642b449] C:\WINDOWS\system32\[b:ae4642b449]p0n8la5u1d.dll[/b:ae4642b449] Download [url=http://download.bleepingcomputer.com/sUBs/combofix.exe][b:ae4642b449]Combofix[/b:ae4642b449][/url] naar je Bureaublad.[list:ae4642b449] Dubbelklik [b:ae4642b449]Combofix.exe[/b:ae4642b449] Volg de instructies, aanvaard de disclaimer door "y" of "Y" te typen. Tijdens het runnen van de fix, [b:ae4642b449]NIET[/b:ae4642b449] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:ae4642b449] Wanneer de fix voltooid is en na herstart, zal de log [b:ae4642b449]combofix.txt[/b:ae4642b449] openen. [i:ae4642b449]Plaats deze log in je volgende post samen met een nieuw HijackThis log.[/i:ae4642b449] NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren succes Juisterr
  • Jevithan - 06-10-11 19:22:06,12 Service Pack 2 ComboFix 06.10.11 - Running from: "C:\Documents and Settings\Jevithan\Bureaublad" ((((((((((((((((((((((((((((((((((((((((((((( Look2Me's Log )))))))))))))))))))))))))))))))))))))))))))))))))) REGISTRY ENTRIES REMOVED: [HKEY_CLASSES_ROOT\CLSID\{37AC27C9-F0A9-4F67-9307-19062817848F}] @="" [HKEY_CLASSES_ROOT\CLSID\{37AC27C9-F0A9-4F67-9307-19062817848F}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{37AC27C9-F0A9-4F67-9307-19062817848F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{37AC27C9-F0A9-4F67-9307-19062817848F}\InprocServer32] @="C:\\WINDOWS\\system32\\xnnput9_1_0.dll" "ThreadingModel"="Apartment" [HKEY_CLASSES_ROOT\CLSID\{DDE78090-9A83-44A3-BD61-E766E47DEBDF}] @="" [HKEY_CLASSES_ROOT\CLSID\{DDE78090-9A83-44A3-BD61-E766E47DEBDF}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{DDE78090-9A83-44A3-BD61-E766E47DEBDF}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{DDE78090-9A83-44A3-BD61-E766E47DEBDF}\InprocServer32] @="C:\\WINDOWS\\system32\\dawsockx.dll" "ThreadingModel"="Apartment" * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * FILES REMOVED: C:\WINDOWS\system32\dawsockx.dll C:\WINDOWS\system32\g0lm0a31ed.dll C:\WINDOWS\system32\t6r80g9ue6.dll C:\WINDOWS\system32\xnnput9_1_0.dll (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Documents and Settings\Jevithan\Local Settings\Temporary Internet Files\Content.IE5\QTGHSTIF\dfndrff_e_uit[1].exe C:\Documents and Settings\Jevithan\Local Settings\Temporary Internet Files\Content.IE5\CHUVCTIJ\drsmartload45a[1].exe C:\Documents and Settings\Jevithan\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\drsmartload833a[1].exe C:\Documents and Settings\Jevithan\Local Settings\Temporary Internet Files\Content.IE5\C1I3W1MN\MTE3NDI6ODoxNgV2[1].exe C:\Documents and Settings\Jevithan\Local Settings\Temporary Internet Files\Content.IE5\U761SJQ3\nwnmff_e[1].exe ((((((((((((((((((((((((((((((( Files Created from 2006-09-11 to 2006-10-11 )))))))))))))))))))))))))))))))))) 2006-10-10 18:29 224,478 --a------ C:\WINDOWS\iexplore.exe 2006-10-09 13:12 86,016 --a------ C:\WINDOWS\unvise32qt.exe 2006-10-08 18:28 32,896 --a------ C:\WINDOWS\system32\APFTrans.sys 2006-10-02 18:19 81,920 --a------ C:\WINDOWS\system32\AppToPort.dll 2006-10-02 18:19 24,576 --a------ C:\WINDOWS\system32\hook1.dll 2006-10-02 18:19 20,480 --a------ C:\WINDOWS\system32\hook2.dll 2006-10-02 16:11 77,824 --a------ C:\WINDOWS\system32\driverif.dll 2006-10-02 16:11 733,236 --a------ C:\WINDOWS\system32\vete.dll 2006-10-02 16:11 541,733 --a------ C:\WINDOWS\system32\drivers\vetmonnt.sys 2006-10-02 16:11 21,605 --a------ C:\WINDOWS\system32\drivers\vet-filt.sys 2006-10-02 16:11 15,668 --a------ C:\WINDOWS\system32\drivers\vet-rec.sys 2006-10-02 16:11 12,288 --a------ C:\WINDOWS\system32\vetntmsg.dll 2006-10-02 16:11 108,453 --a------ C:\WINDOWS\system32\drivers\vetfddnt.sys 2006-10-02 12:14 5,120 --a------ C:\WINDOWS\system32\ff_vfw.dll 2006-09-27 15:11 720,896 --a------ C:\WINDOWS\iun6002.exe 2006-09-26 17:46 62,240 --a------ C:\WINDOWS\Snelkiezer_.exe 2006-09-26 17:46 62,240 --a------ C:\WINDOWS\Snelkiezer.exe 2006-09-26 16:05 3,082 --a------ C:\WINDOWS\system32\affv9553p6now.sys 2006-09-26 15:59 395,776 --a------ C:\WINDOWS\system32\libmplayer.dll 2006-09-26 15:59 34,820 --a------ C:\WINDOWS\system32\ffdshow.reg 2006-09-26 15:59 262,144 --a------ C:\WINDOWS\system32\TomsMoComp_ff.dll 2006-09-26 15:59 2,255,360 --a------ C:\WINDOWS\system32\libavcodec.dll 2006-09-26 15:59 112,640 --a------ C:\WINDOWS\system32\libmpeg2_ff.dll 2006-09-26 15:53 33,280 --a------ C:\WINDOWS\is-HAP4U.exe 2006-09-21 18:54 1,003,520 --a------ C:\WINDOWS\system32\ltmm_n.dll 2006-09-21 18:51 969,728 --a------ C:\WINDOWS\system32\libmcl-4.4.0.dll 2006-09-21 18:51 8,192 --a------ C:\WINDOWS\system32\libcvr-1.0.0.dll 2006-09-21 18:51 39,936 --a------ C:\WINDOWS\system32\libxpm-1.0.0.dll 2006-09-21 18:51 301,056 --a------ C:\WINDOWS\system32\libtif-1.0.0.dll 2006-09-21 18:51 30,720 --a------ C:\WINDOWS\system32\libdsw-1.0.0.dll 2006-09-21 18:51 22,016 --a------ C:\WINDOWS\system32\libhav-1.0.0.dll 2006-09-21 18:51 205,824 --a------ C:\WINDOWS\system32\libjp2-1.0.0.dll 2006-09-21 18:51 16,384 --a------ C:\WINDOWS\system32\libgif-1.0.0.dll 2006-09-21 18:51 149,504 --a------ C:\WINDOWS\system32\libpng-1.0.0.dll 2006-09-21 18:51 110,592 --a------ C:\WINDOWS\system32\libjpg-1.0.0.dll 2006-09-21 18:51 1,679,872 --a------ C:\WINDOWS\system32\libmpg-1.0.0.dll 2006-09-21 18:51 1,185,280 --a------ C:\WINDOWS\system32\libogg-1.0.0.dll 2006-09-18 13:19 24,576 --a------ C:\WINDOWS\system32\STKIT432.DLL 2006-09-14 15:08 94,208 --------- C:\WINDOWS\system32\mclsp.dll 2006-09-14 15:08 32,768 --a------ C:\WINDOWS\system32\instlsp.exe 2006-09-14 15:08 11,264 --a------ C:\WINDOWS\system32\sporder.dll 2006-09-14 13:20 0 --a------ C:\WINDOWS\system32\Ultra.dll 2006-09-14 10:47 53,248 --a------ C:\WINDOWS\system32\Process.exe 2006-09-14 10:47 40,960 --a------ C:\WINDOWS\system32\swsc.exe 2006-09-14 10:47 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2006-09-14 10:47 135,168 --a------ C:\WINDOWS\system32\swreg.exe 2006-09-13 12:11 10,193 -r-h----- C:\WINDOWS\system32\win_3.exe (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-10-11 19:19 -------- d-------- C:\Program Files\Common Files 2006-10-11 19:09 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Azureus 2006-10-11 19:03 -------- d-------- C:\Program Files\ElcomSoft 2006-10-11 16:48 -------- d-------- C:\Program Files\WinRAR 2006-10-11 14:22 -------- d-------- C:\Program Files\Intelore 2006-10-11 14:14 -------- d-------- C:\Program Files\DC++ 2006-10-11 13:59 -------- d-------- C:\Program Files\Xilisoft 2006-10-10 19:08 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\NetPumper 2006-10-10 18:57 -------- d-------- C:\Program Files\7-Zip 2006-10-10 16:06 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Media Player Classic 2006-10-09 16:35 -------- d-------- C:\Program Files\eMule 2006-10-09 13:25 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\PC Tools 2006-10-08 18:37 -------- d-------- C:\Program Files\Common Files\Wise Installation Wizard 2006-10-08 18:28 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-10-08 18:28 -------- d-------- C:\Program Files\Armor2net 2006-10-06 22:36 -------- d-------- C:\Program Files\DreamCatcher 2006-10-06 20:23 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\.ABC 2006-10-04 20:14 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Macromedia 2006-10-04 15:09 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\SiteAdvisor 2006-10-04 15:05 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\McAfee 2006-10-04 14:59 -------- d-------- C:\Program Files\Common Files\McAfee 2006-10-02 18:58 -------- d-------- C:\Program Files\File Recover 2006-10-02 15:57 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Comodo 2006-10-02 12:14 -------- d-------- C:\Program Files\K-Lite Codec Pack 2006-10-02 11:51 -------- d-------- C:\Program Files\WinAVI VideoConverter 2006-10-01 19:14 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Lavasoft 2006-10-01 12:52 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Registry Booster 2006-09-30 18:31 -------- d-------- C:\Program Files\Azureus 2006-09-30 18:14 -------- d-------- C:\Program Files\TuneUp Utilities 2006 2006-09-29 13:37 -------- d-------- C:\Program Files\Gabest 2006-09-23 18:08 5632 --ahs---- C:\Program Files\Thumbs.db 2006-09-23 18:08 -------- d-------- C:\Program Files\ShopInsite MMI 2006-09-23 18:08 -------- d-------- C:\Program Files\Messenger 2006-09-23 18:08 -------- d-------- C:\Program Files\A-one Video Joiner 2006-09-22 12:05 -------- d-------- C:\Program Files\Super Video Splitter 2006-09-20 22:03 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\STOIK 2006-09-20 16:11 -------- d---s---- C:\Documents and Settings\Jevithan\Application Data\Microsoft 2006-09-18 21:32 -------- d-------- C:\Program Files\Common Files\Microsoft Shared 2006-09-18 21:32 -------- d-------- C:\Program Files\Common Files\Designer 2006-09-18 21:31 -------- d-------- C:\Program Files\Microsoft Office 2006-09-18 21:31 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Microsoft Web Folders 2006-09-18 14:27 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\.BitTornado 2006-09-18 12:01 -------- d-------- C:\Program Files\AliveMedia 2006-09-15 14:21 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\LimeWire 2006-09-14 16:09 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\McAfee.com Personal Firewall 2006-09-14 15:07 15360 --a------ C:\WINDOWS\system32\BASSMOD.dll 2006-09-13 20:40 -------- d-------- C:\Program Files\Admiresoft 2006-09-13 16:15 -------- d-------- C:\Program Files\Internet Explorer 2006-09-10 21:35 -------- d-------- C:\Program Files\Allok Video Joiner 2006-09-07 16:00 -------- d-------- C:\Program Files\Common Files\Deterministic Networks 2006-09-06 20:44 -------- d-------- C:\Program Files\Common Files\Softwin 2006-09-06 19:44 77824 --a------ C:\WINDOWS\system32\xcomm.dll 2006-09-06 19:44 73728 --a------ C:\WINDOWS\system32\sockspy.dll 2006-08-30 13:07 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\dvdcss 2006-08-29 00:47 1257783 --a------ C:\WINDOWS\system32\drivers\v3engine.sys 2006-08-28 21:11 -------- d-------- C:\Program Files\EA Games 2006-08-28 20:32 -------- d-------- C:\Program Files\Windows Media Player 2006-08-28 20:14 -------- d-------- C:\Program Files\Movie Joiner 2006-08-24 18:09 -------- d-------- C:\Program Files\Innovatools 2006-08-24 17:25 12464 --a------ C:\WINDOWS\system32\drivers\secdrv.sys 2006-08-24 17:05 -------- d-------- C:\Program Files\D-Tools 2006-08-22 20:24 -------- d-------- C:\Program Files\ATI Technologies 2006-08-21 14:28 16896 --a------ C:\WINDOWS\system32\fltlib.dll 2006-08-21 14:11 -------- d-------- C:\Program Files\MSN Messenger 2006-08-21 11:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe 2006-08-21 11:14 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys 2006-08-20 18:35 -------- d-------- C:\Program Files\Allok Video Splitter 2006-08-19 22:07 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Vso 2006-08-19 19:54 5680 --a------ C:\WINDOWS\system32\drivers\psntkd20.sys 2006-08-16 16:42 -------- d-------- C:\Program Files\Windows NT 2006-08-15 13:13 -------- d-------- C:\Program Files\Bucek 2006-08-15 13:02 -------- d-------- C:\Program Files\AVI MPEG RM WMV Joiner 2006-08-14 19:32 -------- d-------- C:\Program Files\Easy Video Joiner 2006-08-13 19:36 -------- d-------- C:\Program Files\Google 2006-08-13 18:16 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Google 2006-08-13 16:54 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Skype 2006-08-12 16:59 -------- d-------- C:\Program Files\Xara 2006-08-12 15:47 -------- d-------- C:\Program Files\AviSynth 2.5 2006-08-12 15:46 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\uTorrent 2006-08-11 20:58 666624 --a------ C:\WINDOWS\is-7DAPH.exe 2006-08-11 20:58 -------- d-------- C:\Program Files\Common Files\Agnitum Shared 2006-08-10 19:37 8 --a------ C:\WINDOWS\system32\lssexp.dll 2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll 2006-07-27 15:26 679424 --a------ C:\WINDOWS\system32\inetcomm.dll 2006-07-21 10:29 72704 --a------ C:\WINDOWS\system32\hlink.dll 2006-07-20 22:24 286720 --a------ C:\WINDOWS\iun506.exe 2006-07-18 20:45 46 --a------ C:\WINDOWS\system32\w3c985va.dll 2006-07-16 22:10 784 --a------ C:\Documents and Settings\Jevithan\Application Data\mpauth.dat 2006-07-16 16:23 73216 --a------ C:\WINDOWS\ST6UNST.EXE (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Armor2net"="C:\\Program Files\\Armor2net\\Armor2net Personal Firewall\\Armor2net.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000000 "GeneralFlags"=dword:00000000 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "NoChangeStartMenu"=dword:00000000 "NoClose"=dword:00000000 "NoLogOff"=dword:00000000 "NoRun"=dword:00000000 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "DisableTaskMgr"=dword:00000000 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-] "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Microsoft Office.lnk" "backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\MICROS~2\\Office\\OSA9.EXE -b -l" "item"="Microsoft Office" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^Jevithan^Menu Start^Programma's^Opstarten^Snelkoppeling naar zlclient.lnk] "path"="C:\\Documents and Settings\\Jevithan\\Menu Start\\Programma's\\Opstarten\\Snelkoppeling naar zlclient.lnk" "backup"="C:\\WINDOWS\\pss\\Snelkoppeling naar zlclient.lnkStartup" "location"="Startup" "command"="C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe " "item"="Snelkoppeling naar zlclient" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKLM" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\0153901159966770mcinstcleanup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="cleanup" "hkey"="HKLM" "command"="C:\\DOCUME~1\\Jevithan\\LOCALS~1\\Temp\\015390~1.EXE C:\\PROGRA~1\\COMMON~1\\McAfee\\INSTAL~1\\cleanup.ini -cleanup -nolog" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\APVXDWIN] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APVXDWIN" "hkey"="HKLM" "command"="\"C:\\Program Files\\Panda Software\\Panda Antivirus Platinum\\APVXDWIN.EXE\" /s" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ATIPTA] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="atiptaxx" "hkey"="HKLM" "command"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BDMCon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="bdmcon" "hkey"="HKLM" "command"="C:\\PROGRA~1\\Softwin\\BITDEF~1\\bdmcon.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BDNewsAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="bdnagent" "hkey"="HKLM" "command"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdnagent.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BDOESRV] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="bdoesrv" "hkey"="HKLM" "command"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdoesrv.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BDSwitchAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="bdswitch" "hkey"="HKLM" "command"="\"C:\\PROGRA~1\\Softwin\\BITDEF~1\\bdswitch.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BitTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="bittorrent" "hkey"="HKCU" "command"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\CaISSDT] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="caissdt" "hkey"="HKLM" "command"="\"C:\\Program Files\\CA\\eTrust Internet Security Suite\\caissdt.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\CTFMON.EXE] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ctfmon" "hkey"="HKCU" "command"="C:\\WINDOWS\\system32\\ctfmon.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\DAEMON Tools-1033] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="daemon" "hkey"="HKLM" "command"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\defender] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="dfndrff_e26" "hkey"="HKLM" "command"="C:\\\\dfndrff_e26.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\eTrustPPAP] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PPActiveDetection" "hkey"="HKLM" "command"="\"C:\\Program Files\\CA\\eTrust Internet Security Suite\\eTrust PestPatrol Anti-Spyware\\PPActiveDetection.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Explorer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iexplore" "hkey"="HKLM" "command"="C:\\WINDOWS\\iexplore.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\FreeCall] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="FreeCall" "hkey"="HKCU" "command"="\"C:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe\" -nosplash -minimized" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\FSWebServer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="fsws" "hkey"="HKLM" "command"="C:\\Program Files\\Easy File Sharing Web Server\\fsws.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\IDMan] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IDMan" "hkey"="HKCU" "command"="C:\\Program Files\\eMule\\Incoming\\Internet Download Manager v5.03.02 Multilangages Incl-Crack\\Crack\\IDMan.exe /onboot" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\KernelFaultCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="dumprep 0 -k" "hkey"="HKLM" "command"="%systemroot%\\system32\\dumprep 0 -k" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\keyboard] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="kybrdff_16" "hkey"="HKLM" "command"="c:\\\\kybrdff_16.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\kis] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="avp" "hkey"="HKLM" "command"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 6.0\\avp.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\kqkm] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="kqkmm" "hkey"="HKCU" "command"="C:\\PROGRA~1\\COMMON~1\\kqkm\\kqkmm.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\MacroVirus] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MacroVirus" "hkey"="HKLM" "command"="C:\\Program Files\\MacroVirus\\MacroVirus.exe -boot" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\MessengerPlus3] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MsgPlus" "hkey"="HKLM" "command"="\"C:\\Program Files\\MessengerPlus! 3\\MsgPlus.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\MSMSGS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msmsgs" "hkey"="HKCU" "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\MsnMsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\msnreord] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmonitor" "hkey"="HKLM" "command"="C:\\Documents and Settings\\Jevithan\\Bureaublad\\TAMIL° ZONE\\Setup\\MSN_Password_Logger_v3\\msnmonitor.ex" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroCheck" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\NeroCheck.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\newname] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="nwnmff_e26" "hkey"="HKLM" "command"="C:\\\\nwnmff_e26.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\NI.UWA6PM_0001_N91M2107] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UWA6PM_0001_N91M2107NetInstaller" "hkey"="HKLM" "command"="\"C:\\WINDOWS\\Downloaded Program Files\\UWA6PM_0001_N91M2107NetInstaller.exe\" -nag " "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Outpost Firewall] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="outpost" "hkey"="HKLM" "command"="\"C:\\Program Files\\Agnitum\\Outpost Firewall\\outpost.exe\" /waitservice" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\OutpostFeedBack] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="feedback" "hkey"="HKLM" "command"="C:\\Program Files\\Agnitum\\Outpost Firewall\\feedback.exe /dump:os_startup" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\PadTouch] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PadExe" "hkey"="HKLM" "command"="C:\\Program Files\\TOSHIBA\\Touch and Launch\\PadExe.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\pccguide.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="pccguide" "hkey"="HKLM" "command"="\"C:\\Program Files\\Trend Micro\\Internet Security 2005\\pccguide.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\PCTAVApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKCU" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\PrivacyKeyboard] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PrivacyKeyboard" "hkey"="HKLM" "command"="C:\\KAV5.0\\PrivacyKeyboard\\PrivacyKeyboard.exe /autorun" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\PWRISOVM.EXE] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PWRISOVM" "hkey"="HKLM" "command"="C:\\Program Files\\PowerISO\\PWRISOVM.EXE" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SCANINICIO] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Inicio" "hkey"="HKLM" "command"="\"C:\\Program Files\\Panda Software\\Panda Antivirus Platinum\\Inicio.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\shell] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ibm00001" "hkey"="HKCU" "command"="\"C:\\Program Files\\Common Files\\Microsoft Shared\\Web Folders\\ibm00001.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SmoothView] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SmoothView" "hkey"="HKLM" "command"="C:\\Program Files\\TOSHIBA\\TOSHIBA-zoomutility\\SmoothView.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Snelkiezer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Snelkiezer" "hkey"="HKLM" "command"="C:\\WINDOWS\\Snelkiezer.exe /quiet" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SpeedOptimizer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SPO" "hkey"="HKLM" "command"="C:\\PROGRA~1\\SPEEDO~1\\SPO.EXE -s " "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SpyEmergency] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SpyEmergency" "hkey"="HKCU" "command"="\"C:\\Program Files\\Netgate\\Spy Emergency 2006\\SpyEmergency.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SpySweeper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SpySweeper" "hkey"="HKLM" "command"="\"C:\\Program Files\\Webroot\\Spy Sweeper\\SpySweeper.exe\" /startintray" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Spyware Doctor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKCU" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\startkey] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="system32" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\system32.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\stonedrv] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="stonedrv" "hkey"="HKLM" "command"="c:\\windows\\system32\\stonedrv.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SunServer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="sunserver" "hkey"="HKLM" "command"="C:\\Program Files\\Sunbelt Software\\CounterSpy\\Consumer\\sunserver.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SurfSideKick 3] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKLM" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SynTPEnh] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SynTPEnh" "hkey"="HKLM" "command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SysTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="lhiq" "hkey"="HKLM" "command"="c:\\Program Files\\lhiq.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\TkBellExe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="realsched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\tkq0724f] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RUNDLL32" "hkey"="HKLM" "command"="RUNDLL32.EXE w1111879.dll,n 0040724b0000000a1111879" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\TOSCDSPD] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="toscdspd" "hkey"="HKCU" "command"="\"C:\\Program Files\\TOSHIBA\\TOSCDSPD\\toscdspd.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Toshiba Hotkey Utility] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Hotkey" "hkey"="HKLM" "command"="\"C:\\Program Files\\Toshiba\\Windows Utilities\\Hotkey.exe\" /lang NL" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\TPSMain] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TPSMain" "hkey"="HKLM" "command"="TPSMain.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\VoipStunt] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="VoipStunt" "hkey"="HKCU" "command"="\"C:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe\" -nosplash -minimized" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Windows Defender] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MSASCui" "hkey"="HKLM" "command"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Windows installer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="winstall" "hkey"="HKCU" "command"="C:\\winstall.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Windows Task Manager] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="taskmgn" "hkey"="HKLM" "command"="c:\\windows\\system32\\taskmgn.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Zone Labs Client] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="zlclient" "hkey"="HKLM" "command"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\services] "PAVSRV"=dword:00000002 "PAVFIRES"=dword:00000002 "SDhelper"=dword:00000002 "wampmysqld"=dword:00000003 "wampapache"=dword:00000003 "TUWinStylerThemeSvc"=dword:00000003 "AVP"=dword:00000002 "VSSERV"=dword:00000002 "bdss"=dword:00000002 "LIVESRV"=dword:00000002 "XCOMM"=dword:00000002 "WinDefend"=dword:00000002 "WWW File Share Pro"=dword:00000002 "Ati HotKey Poller"=dword:00000002 "MSIServer"=dword:00000003 "wuauserv"=dword:00000002 "svcWRSSSDK"=dword:00000002 HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\1-Click Maintenance.job C:\WINDOWS\tasks\XoftSpy.job Completion time: Wed 11-10-2006 19:26:44.29 ComboFix.txt Logfile of HijackThis v1.99.1 Scan saved at 19:31:55, on 11-10-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\acs.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Armor2net\Armor2net Personal Firewall\Armor2net.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Jevithan\Bureaublad\TAMIL° ZONE\Setup\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - Default URLSearchHook is missing O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\Program Files\Common Files\{3C985221-063C-1043-0309-06051124001f}\MyToolBar.dll (file missing) O4 - HKLM\..\Run: [Armor2net] C:\Program Files\Armor2net\Armor2net Personal Firewall\Armor2net.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEExt.htm O8 - Extra context menu item: Ontvang alle bestanden door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html O8 - Extra context menu item: Ontvangst door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {5DD731E6-D4F0-11D3-BE3F-00105A6FDA50} (V3ProX Control) - http://ahnlabdownload.nefficient.co.kr/plugin/myv3/myv3.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152987549625 O16 - DPF: {82FFA573-38AA-482A-99AD-91F697B91631} (Installer.InstallControl) - http://static.35mb.com/applet/applet_o.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://filelodge.bolt.com/ImageUploader3.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: , O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Atheros-clienthulpprogramma (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
  • Download [url=http://www.downloads.subratam.org/KillBox.zip][color=blue:abf840c0f2][b:abf840c0f2]KillBox![/b:abf840c0f2][/color:abf840c0f2][/url] en pak het uit naar je bureaublad. [b:abf840c0f2]Selecteer[/b:abf840c0f2] de onderstaande, vetgedrukte regels, door de linker muisknop ingedrukt te houden en van links boven naar rechts beneden te bewegen (het veld wordt blauw): [list:abf840c0f2][b:abf840c0f2] 2006-10-09 13:12 86,016 --a------ C:\WINDOWS\unvise32qt.exe 2006-09-26 17:46 62,240 --a------ C:\WINDOWS\Snelkiezer_.exe 2006-09-26 17:46 62,240 --a------ C:\WINDOWS\Snelkiezer.exe 2006-09-14 10:47 53,248 --a------ C:\WINDOWS\system32\Process.exe 2006-09-14 13:20 0 --a------ C:\WINDOWS\system32\Ultra.dll [/b:abf840c0f2][/list:u:abf840c0f2] Klik met je rechtermuisknop in het blauwe veld en vervolgens op kopieeren [*] Start KillBox! door te dubbelklikken op het killbox icoontje [*] Open [b:abf840c0f2]options[/b:abf840c0f2] in het killbox menu en selecteer [b:abf840c0f2]auto parse[/b:abf840c0f2] [*] Open [b:abf840c0f2]file[/b:abf840c0f2] in het killboxmenu bovenaan en kies: [b:abf840c0f2]Paste from clipboard[/b:abf840c0f2] [*] [i:abf840c0f2]Het vetgedrukte, dat je hebt geselecteerd en gekopiëerd, zal nu verschijnen in het veld bij Full Path of File to Delete. (Controleer dit eventueel door te klikken op het pijltje naast dat veld) Files die niet (meer) bestaan worden door killbox niet weergegeven[/i:abf840c0f2] [*] kies de optie ('s) [b:abf840c0f2]Delete on reboot[/b:abf840c0f2] en [b:abf840c0f2]unregister dll's before deleting.[/b:abf840c0f2] [*] Klik op de knop [b:abf840c0f2]All files[/b:abf840c0f2]. [*] Klik op de rode cirkel met het wit kruisje erin. [*] Killbox! zal zeggen dat deze bestanden zullen verwijderd worden on reboot.. Klik YES [*] Wanneer Killbox! vraagt om nu te rebooten, klik je op YES. [*] [i:abf840c0f2]Als je volgende boodschap krijgt: PendingFileRenameOperations Registry Data has been Removed by External Process! dan zal je handmatig moeten herstarten.[/i:abf840c0f2][/list] Killbox zal nu je PC herstarten Killbox zal nu je PC herstarten Verwijder na de herstart de map [b:abf840c0f2]C:\!Killbox[/b:abf840c0f2] Leeg daarna de prullenbak start HJT opnieuw en doe een systemscan only en vink onderstaande regels aan sluit alle vensters(behalve HJT) en klik op fix checked. [b:abf840c0f2]R3 - Default URLSearchHook is missing O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\Program Files\Common Files\{3C985221-063C-1043-0309-06051124001f}\MyToolBar.dll (file missing)[/b:abf840c0f2] Verwijder via verkenner onderstaand items. C:\Program Files\Common Files\[b:abf840c0f2]{3C985221-063C-1043-0309-06051124001f}[/b:abf840c0f2] Start combofix nogmaals en laat het runnen. Mag ik een nieuw HJT logje en een nieuw Combofix logje.
  • Jevithan - 06-10-12 13:30:31,56 Service Pack 2 ComboFix 06.10.12 - Running from: "C:\Documents and Settings\Jevithan\Bureaublad" ((((((((((((((((((((((((((((((( Files Created from 2006-09-12 to 2006-10-12 )))))))))))))))))))))))))))))))))) 2006-10-10 18:29 224,478 --a------ C:\WINDOWS\iexplore.exe 2006-10-08 18:28 32,896 --a------ C:\WINDOWS\system32\APFTrans.sys 2006-10-02 18:19 81,920 --a------ C:\WINDOWS\system32\AppToPort.dll 2006-10-02 18:19 24,576 --a------ C:\WINDOWS\system32\hook1.dll 2006-10-02 18:19 20,480 --a------ C:\WINDOWS\system32\hook2.dll 2006-10-02 16:11 77,824 --a------ C:\WINDOWS\system32\driverif.dll 2006-10-02 16:11 733,236 --a------ C:\WINDOWS\system32\vete.dll 2006-10-02 16:11 541,733 --a------ C:\WINDOWS\system32\drivers\vetmonnt.sys 2006-10-02 16:11 21,605 --a------ C:\WINDOWS\system32\drivers\vet-filt.sys 2006-10-02 16:11 15,668 --a------ C:\WINDOWS\system32\drivers\vet-rec.sys 2006-10-02 16:11 12,288 --a------ C:\WINDOWS\system32\vetntmsg.dll 2006-10-02 16:11 108,453 --a------ C:\WINDOWS\system32\drivers\vetfddnt.sys 2006-10-02 12:14 5,120 --a------ C:\WINDOWS\system32\ff_vfw.dll 2006-09-27 15:11 720,896 --a------ C:\WINDOWS\iun6002.exe 2006-09-26 16:05 3,082 --a------ C:\WINDOWS\system32\affv9553p6now.sys 2006-09-26 15:59 395,776 --a------ C:\WINDOWS\system32\libmplayer.dll 2006-09-26 15:59 34,820 --a------ C:\WINDOWS\system32\ffdshow.reg 2006-09-26 15:59 262,144 --a------ C:\WINDOWS\system32\TomsMoComp_ff.dll 2006-09-26 15:59 2,255,360 --a------ C:\WINDOWS\system32\libavcodec.dll 2006-09-26 15:59 112,640 --a------ C:\WINDOWS\system32\libmpeg2_ff.dll 2006-09-26 15:53 33,280 --a------ C:\WINDOWS\is-HAP4U.exe 2006-09-21 18:54 1,003,520 --a------ C:\WINDOWS\system32\ltmm_n.dll 2006-09-21 18:51 969,728 --a------ C:\WINDOWS\system32\libmcl-4.4.0.dll 2006-09-21 18:51 8,192 --a------ C:\WINDOWS\system32\libcvr-1.0.0.dll 2006-09-21 18:51 39,936 --a------ C:\WINDOWS\system32\libxpm-1.0.0.dll 2006-09-21 18:51 301,056 --a------ C:\WINDOWS\system32\libtif-1.0.0.dll 2006-09-21 18:51 30,720 --a------ C:\WINDOWS\system32\libdsw-1.0.0.dll 2006-09-21 18:51 22,016 --a------ C:\WINDOWS\system32\libhav-1.0.0.dll 2006-09-21 18:51 205,824 --a------ C:\WINDOWS\system32\libjp2-1.0.0.dll 2006-09-21 18:51 16,384 --a------ C:\WINDOWS\system32\libgif-1.0.0.dll 2006-09-21 18:51 149,504 --a------ C:\WINDOWS\system32\libpng-1.0.0.dll 2006-09-21 18:51 110,592 --a------ C:\WINDOWS\system32\libjpg-1.0.0.dll 2006-09-21 18:51 1,679,872 --a------ C:\WINDOWS\system32\libmpg-1.0.0.dll 2006-09-21 18:51 1,185,280 --a------ C:\WINDOWS\system32\libogg-1.0.0.dll 2006-09-18 13:19 24,576 --a------ C:\WINDOWS\system32\STKIT432.DLL 2006-09-14 15:08 94,208 --------- C:\WINDOWS\system32\mclsp.dll 2006-09-14 15:08 32,768 --a------ C:\WINDOWS\system32\instlsp.exe 2006-09-14 15:08 11,264 --a------ C:\WINDOWS\system32\sporder.dll 2006-09-14 10:47 40,960 --a------ C:\WINDOWS\system32\swsc.exe 2006-09-14 10:47 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2006-09-14 10:47 135,168 --a------ C:\WINDOWS\system32\swreg.exe 2006-09-13 12:11 10,193 -r-h----- C:\WINDOWS\system32\win_3.exe (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-10-12 13:24 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Azureus 2006-10-11 19:19 -------- d-------- C:\Program Files\Common Files 2006-10-11 19:03 -------- d-------- C:\Program Files\ElcomSoft 2006-10-11 16:48 -------- d-------- C:\Program Files\WinRAR 2006-10-11 14:22 -------- d-------- C:\Program Files\Intelore 2006-10-11 14:14 -------- d-------- C:\Program Files\DC++ 2006-10-11 13:59 -------- d-------- C:\Program Files\Xilisoft 2006-10-10 19:08 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\NetPumper 2006-10-10 18:57 -------- d-------- C:\Program Files\7-Zip 2006-10-10 16:06 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Media Player Classic 2006-10-09 16:35 -------- d-------- C:\Program Files\eMule 2006-10-09 13:25 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\PC Tools 2006-10-08 18:37 -------- d-------- C:\Program Files\Common Files\Wise Installation Wizard 2006-10-08 18:28 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-10-08 18:28 -------- d-------- C:\Program Files\Armor2net 2006-10-06 22:36 -------- d-------- C:\Program Files\DreamCatcher 2006-10-06 20:23 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\.ABC 2006-10-04 20:14 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Macromedia 2006-10-04 15:09 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\SiteAdvisor 2006-10-04 15:05 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\McAfee 2006-10-04 14:59 -------- d-------- C:\Program Files\Common Files\McAfee 2006-10-02 18:58 -------- d-------- C:\Program Files\File Recover 2006-10-02 15:57 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Comodo 2006-10-02 12:14 -------- d-------- C:\Program Files\K-Lite Codec Pack 2006-10-02 11:51 -------- d-------- C:\Program Files\WinAVI VideoConverter 2006-10-01 19:14 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Lavasoft 2006-10-01 12:52 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Registry Booster 2006-09-30 18:31 -------- d-------- C:\Program Files\Azureus 2006-09-30 18:14 -------- d-------- C:\Program Files\TuneUp Utilities 2006 2006-09-29 13:37 -------- d-------- C:\Program Files\Gabest 2006-09-23 18:08 5632 --ahs---- C:\Program Files\Thumbs.db 2006-09-23 18:08 -------- d-------- C:\Program Files\ShopInsite MMI 2006-09-23 18:08 -------- d-------- C:\Program Files\Messenger 2006-09-23 18:08 -------- d-------- C:\Program Files\A-one Video Joiner 2006-09-22 12:05 -------- d-------- C:\Program Files\Super Video Splitter 2006-09-20 22:03 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\STOIK 2006-09-20 16:11 -------- d---s---- C:\Documents and Settings\Jevithan\Application Data\Microsoft 2006-09-18 21:32 -------- d-------- C:\Program Files\Common Files\Microsoft Shared 2006-09-18 21:32 -------- d-------- C:\Program Files\Common Files\Designer 2006-09-18 21:31 -------- d-------- C:\Program Files\Microsoft Office 2006-09-18 21:31 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Microsoft Web Folders 2006-09-18 14:27 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\.BitTornado 2006-09-18 12:01 -------- d-------- C:\Program Files\AliveMedia 2006-09-15 14:21 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\LimeWire 2006-09-14 16:09 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\McAfee.com Personal Firewall 2006-09-14 15:07 15360 --a------ C:\WINDOWS\system32\BASSMOD.dll 2006-09-13 20:40 -------- d-------- C:\Program Files\Admiresoft 2006-09-13 16:15 -------- d-------- C:\Program Files\Internet Explorer 2006-09-10 21:35 -------- d-------- C:\Program Files\Allok Video Joiner 2006-09-07 16:00 -------- d-------- C:\Program Files\Common Files\Deterministic Networks 2006-09-06 20:44 -------- d-------- C:\Program Files\Common Files\Softwin 2006-09-06 19:44 77824 --a------ C:\WINDOWS\system32\xcomm.dll 2006-09-06 19:44 73728 --a------ C:\WINDOWS\system32\sockspy.dll 2006-08-30 13:07 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\dvdcss 2006-08-29 00:47 1257783 --a------ C:\WINDOWS\system32\drivers\v3engine.sys 2006-08-28 21:11 -------- d-------- C:\Program Files\EA Games 2006-08-28 20:32 -------- d-------- C:\Program Files\Windows Media Player 2006-08-28 20:14 -------- d-------- C:\Program Files\Movie Joiner 2006-08-24 18:09 -------- d-------- C:\Program Files\Innovatools 2006-08-24 17:25 12464 --a------ C:\WINDOWS\system32\drivers\secdrv.sys 2006-08-24 17:05 -------- d-------- C:\Program Files\D-Tools 2006-08-22 20:24 -------- d-------- C:\Program Files\ATI Technologies 2006-08-21 14:28 16896 --a------ C:\WINDOWS\system32\fltlib.dll 2006-08-21 14:11 -------- d-------- C:\Program Files\MSN Messenger 2006-08-21 11:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe 2006-08-21 11:14 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys 2006-08-20 18:35 -------- d-------- C:\Program Files\Allok Video Splitter 2006-08-19 22:07 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Vso 2006-08-19 19:54 5680 --a------ C:\WINDOWS\system32\drivers\psntkd20.sys 2006-08-16 16:42 -------- d-------- C:\Program Files\Windows NT 2006-08-15 13:13 -------- d-------- C:\Program Files\Bucek 2006-08-15 13:02 -------- d-------- C:\Program Files\AVI MPEG RM WMV Joiner 2006-08-14 19:32 -------- d-------- C:\Program Files\Easy Video Joiner 2006-08-13 19:36 -------- d-------- C:\Program Files\Google 2006-08-13 18:16 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Google 2006-08-13 16:54 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\Skype 2006-08-12 16:59 -------- d-------- C:\Program Files\Xara 2006-08-12 15:47 -------- d-------- C:\Program Files\AviSynth 2.5 2006-08-12 15:46 -------- d-------- C:\Documents and Settings\Jevithan\Application Data\uTorrent 2006-08-11 20:58 666624 --a------ C:\WINDOWS\is-7DAPH.exe 2006-08-10 19:37 8 --a------ C:\WINDOWS\system32\lssexp.dll 2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll 2006-07-27 15:26 679424 --a------ C:\WINDOWS\system32\inetcomm.dll 2006-07-21 10:29 72704 --a------ C:\WINDOWS\system32\hlink.dll 2006-07-20 22:24 286720 --a------ C:\WINDOWS\iun506.exe 2006-07-18 20:45 46 --a------ C:\WINDOWS\system32\w3c985va.dll 2006-07-16 22:10 784 --a------ C:\Documents and Settings\Jevithan\Application Data\mpauth.dat 2006-07-16 16:23 73216 --a------ C:\WINDOWS\ST6UNST.EXE (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "Armor2net"="C:\\Program Files\\Armor2net\\Armor2net Personal Firewall\\Armor2net.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000000 "GeneralFlags"=dword:00000000 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "NoChangeStartMenu"=dword:00000000 "NoClose"=dword:00000000 "NoLogOff"=dword:00000000 "NoRun"=dword:00000000 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "DisableTaskMgr"=dword:00000000 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Microsoft Office.lnk" "backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\MICROS~2\\Office\\OSA9.EXE -b -l" "item"="Microsoft Office" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Jevithan^Menu Start^Programma's^Opstarten^Snelkoppeling naar zlclient.lnk] "path"="C:\\Documents and Settings\\Jevithan\\Menu Start\\Programma's\\Opstarten\\Snelkoppeling naar zlclient.lnk" "backup"="C:\\WINDOWS\\pss\\Snelkoppeling naar zlclient.lnkStartup" "location"="Startup" "command"="C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe " "item"="Snelkoppeling naar zlclient" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKLM" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\0153901159966770mcinstcleanup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="cleanup" "hkey"="HKLM" "command"="C:\\DOCUME~1\\Jevithan\\LOCALS~1\\Temp\\015390~1.EXE C:\\PROGRA~1\\COMMON~1\\McAfee\\INSTAL~1\\cleanup.ini -cleanup -nolog" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APVXDWIN] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APVXDWIN" "hkey"="HKLM" "command"="\"C:\\Program Files\\Panda Software\\Panda Antivirus Platinum\\APVXDWIN.EXE\" /s" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="atiptaxx" "hkey"="HKLM" "command"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDMCon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="bdmcon" "hkey"="HKLM" "command"="C:\\PROGRA~1\\Softwin\\BITDEF~1\\bdmcon.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDNewsAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="bdnagent" "hkey"="HKLM" "command"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdnagent.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDOESRV] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="bdoesrv" "hkey"="HKLM" "command"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdoesrv.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDSwitchAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="bdswitch" "hkey"="HKLM" "command"="\"C:\\PROGRA~1\\Softwin\\BITDEF~1\\bdswitch.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="bittorrent" "hkey"="HKCU" "command"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CaISSDT] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="caissdt" "hkey"="HKLM" "command"="\"C:\\Program Files\\CA\\eTrust Internet Security Suite\\caissdt.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ctfmon" "hkey"="HKCU" "command"="C:\\WINDOWS\\system32\\ctfmon.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="daemon" "hkey"="HKLM" "command"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\defender] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="dfndrff_e26" "hkey"="HKLM" "command"="C:\\\\dfndrff_e26.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eTrustPPAP] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PPActiveDetection" "hkey"="HKLM" "command"="\"C:\\Program Files\\CA\\eTrust Internet Security Suite\\eTrust PestPatrol Anti-Spyware\\PPActiveDetection.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Explorer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iexplore" "hkey"="HKLM" "command"="C:\\WINDOWS\\iexplore.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeCall] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="FreeCall" "hkey"="HKCU" "command"="\"C:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe\" -nosplash -minimized" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FSWebServer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="fsws" "hkey"="HKLM" "command"="C:\\Program Files\\Easy File Sharing Web Server\\fsws.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IDMan" "hkey"="HKCU" "command"="C:\\Program Files\\eMule\\Incoming\\Internet Download Manager v5.03.02 Multilangages Incl-Crack\\Crack\\IDMan.exe /onboot" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="dumprep 0 -k" "hkey"="HKLM" "command"="%systemroot%\\system32\\dumprep 0 -k" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\keyboard] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="kybrdff_16" "hkey"="HKLM" "command"="c:\\\\kybrdff_16.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kis] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="avp" "hkey"="HKLM" "command"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 6.0\\avp.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kqkm] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="kqkmm" "hkey"="HKCU" "command"="C:\\PROGRA~1\\COMMON~1\\kqkm\\kqkmm.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MacroVirus] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MacroVirus" "hkey"="HKLM" "command"="C:\\Program Files\\MacroVirus\\MacroVirus.exe -boot" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MsgPlus" "hkey"="HKLM" "command"="\"C:\\Program Files\\MessengerPlus! 3\\MsgPlus.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msmsgs" "hkey"="HKCU" "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnreord] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmonitor" "hkey"="HKLM" "command"="C:\\Documents and Settings\\Jevithan\\Bureaublad\\TAMIL° ZONE\\Setup\\MSN_Password_Logger_v3\\msnmonitor.ex" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroCheck" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\NeroCheck.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\newname] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="nwnmff_e26" "hkey"="HKLM" "command"="C:\\\\nwnmff_e26.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NI.UWA6PM_0001_N91M2107] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UWA6PM_0001_N91M2107NetInstaller" "hkey"="HKLM" "command"="\"C:\\WINDOWS\\Downloaded Program Files\\UWA6PM_0001_N91M2107NetInstaller.exe\" -nag " "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Outpost Firewall] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="outpost" "hkey"="HKLM" "command"="\"C:\\Program Files\\Agnitum\\Outpost Firewall\\outpost.exe\" /waitservice" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OutpostFeedBack] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="feedback" "hkey"="HKLM" "command"="C:\\Program Files\\Agnitum\\Outpost Firewall\\feedback.exe /dump:os_startup" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PadTouch] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PadExe" "hkey"="HKLM" "command"="C:\\Program Files\\TOSHIBA\\Touch and Launch\\PadExe.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pccguide.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="pccguide" "hkey"="HKLM" "command"="\"C:\\Program Files\\Trend Micro\\Internet Security 2005\\pccguide.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCTAVApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKCU" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivacyKeyboard] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PrivacyKeyboard" "hkey"="HKLM" "command"="C:\\KAV5.0\\PrivacyKeyboard\\PrivacyKeyboard.exe /autorun" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PWRISOVM" "hkey"="HKLM" "command"="C:\\Program Files\\PowerISO\\PWRISOVM.EXE" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SCANINICIO] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Inicio" "hkey"="HKLM" "command"="\"C:\\Program Files\\Panda Software\\Panda Antivirus Platinum\\Inicio.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\shell] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ibm00001" "hkey"="HKCU" "command"="\"C:\\Program Files\\Common Files\\Microsoft Shared\\Web Folders\\ibm00001.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SmoothView" "hkey"="HKLM" "command"="C:\\Program Files\\TOSHIBA\\TOSHIBA-zoomutility\\SmoothView.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snelkiezer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Snelkiezer" "hkey"="HKLM" "command"="C:\\WINDOWS\\Snelkiezer.exe /quiet" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedOptimizer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SPO" "hkey"="HKLM" "command"="C:\\PROGRA~1\\SPEEDO~1\\SPO.EXE -s " "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyEmergency] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SpyEmergency" "hkey"="HKCU" "command"="\"C:\\Program Files\\Netgate\\Spy Emergency 2006\\SpyEmergency.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SpySweeper" "hkey"="HKLM" "command"="\"C:\\Program Files\\Webroot\\Spy Sweeper\\SpySweeper.exe\" /startintray" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKCU" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\startkey] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="system32" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\system32.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\stonedrv] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="stonedrv" "hkey"="HKLM" "command"="c:\\windows\\system32\\stonedrv.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunServer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="sunserver" "hkey"="HKLM" "command"="C:\\Program Files\\Sunbelt Software\\CounterSpy\\Consumer\\sunserver.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SurfSideKick 3] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKLM" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SynTPEnh" "hkey"="HKLM" "command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="lhiq" "hkey"="HKLM" "command"="c:\\Program Files\\lhiq.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="realsched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tkq0724f] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RUNDLL32" "hkey"="HKLM" "command"="RUNDLL32.EXE w1111879.dll,n 0040724b0000000a1111879" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSCDSPD] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="toscdspd" "hkey"="HKCU" "command"="\"C:\\Program Files\\TOSHIBA\\TOSCDSPD\\toscdspd.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Hotkey Utility] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Hotkey" "hkey"="HKLM" "command"="\"C:\\Program Files\\Toshiba\\Windows Utilities\\Hotkey.exe\" /lang NL" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPSMain] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TPSMain" "hkey"="HKLM" "command"="TPSMain.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipStunt] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="VoipStunt" "hkey"="HKCU" "command"="\"C:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe\" -nosplash -minimized" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MSASCui" "hkey"="HKLM" "command"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows installer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="winstall" "hkey"="HKCU" "command"="C:\\winstall.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Task Manager] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="taskmgn" "hkey"="HKLM" "command"="c:\\windows\\system32\\taskmgn.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zone Labs Client] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="zlclient" "hkey"="HKLM" "command"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "PAVSRV"=dword:00000002 "PAVFIRES"=dword:00000002 "SDhelper"=dword:00000002 "wampmysqld"=dword:00000003 "wampapache"=dword:00000003 "TUWinStylerThemeSvc"=dword:00000003 "AVP"=dword:00000002 "VSSERV"=dword:00000002 "bdss"=dword:00000002 "LIVESRV"=dword:00000002 "XCOMM"=dword:00000002 "WinDefend"=dword:00000002 "WWW File Share Pro"=dword:00000002 "Ati HotKey Poller"=dword:00000002 "MSIServer"=dword:00000003 "wuauserv"=dword:00000002 "svcWRSSSDK"=dword:00000002 HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\1-Click Maintenance.job C:\WINDOWS\tasks\XoftSpy.job Completion time: 06-10-12 13:32:20.90 ComboFix.txt Logfile of HijackThis v1.99.1 Scan saved at 13:35:56, on 12-10-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Armor2net\Armor2net Personal Firewall\Armor2net.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Jevithan\Bureaublad\TAMIL° ZONE\Setup\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\Program Files\Common Files\{3C985221-063C-1043-0309-06051124001f}\MyToolBar.dll (file missing) O4 - HKLM\..\Run: [Armor2net] C:\Program Files\Armor2net\Armor2net Personal Firewall\Armor2net.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEExt.htm O8 - Extra context menu item: Ontvang alle bestanden door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html O8 - Extra context menu item: Ontvangst door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {5DD731E6-D4F0-11D3-BE3F-00105A6FDA50} (V3ProX Control) - http://ahnlabdownload.nefficient.co.kr/plugin/myv3/myv3.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152987549625 O16 - DPF: {82FFA573-38AA-482A-99AD-91F697B91631} (Installer.InstallControl) - http://static.35mb.com/applet/applet_o.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://filelodge.bolt.com/ImageUploader3.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: , O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Atheros-clienthulpprogramma (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
  • moet ik nog iets doen?
  • Ja onderstaande aub. Download en installeer [url=http://www.ewido.net/en/download/][b:0f92c64512]AVG Anti-Spyware[/b:0f92c64512][/url].[list:0f92c64512] Na de installatie, open AVG Anti-Spyware: * onder "[b:0f92c64512]Status[/b:0f92c64512]", klik op [b:0f92c64512]Change state[/b:0f92c64512] naast "Resident shield". (wijzig van active naar [b:0f92c64512]inactive[/b:0f92c64512]!) * onder "[b:0f92c64512]Update[/b:0f92c64512]", klik op de [b:0f92c64512]Start update[/b:0f92c64512] knop. * onder "[b:0f92c64512]Scanner[/b:0f92c64512]", tab "Settings":[list:0f92c64512]- onder "How to act?", klik op "[u:0f92c64512]Recommended actions[/u:0f92c64512]" en selecteer [b:0f92c64512]Quarantine[/b:0f92c64512]. ([b:0f92c64512]ZEER BELANGRIJK![/b:0f92c64512]) * onder "Reports", selecteer [b:0f92c64512]Automatically generate report after every scan[/b:0f92c64512] en [u:0f92c64512]verwijder[/u:0f92c64512] het vinkje bij [b:0f92c64512]Only if threats were found[/b:0f92c64512][/list:u:0f92c64512] Sluit AVG Anti-Spyware. Laat het [b:0f92c64512]nog niet[/b:0f92c64512] scannen.[/list:u:0f92c64512] Start op in veilige modus, (op F8 getapt drukken tijdens opstarten) Start HJT opnieuw en vink onderstaande regels aan sluit alle vensters behalve HJT en klik op fix checked. [b:0f92c64512]O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\Program Files\Common Files\{3C985221-063C-1043-0309-06051124001f}\MyToolBar.dll (file missing) O16 - DPF: {82FFA573-38AA-482A-99AD-91F697B91631} (Installer.InstallControl) - http://static.35mb.com/applet/applet_o.cab[/b:0f92c64512] Start [b:0f92c64512]AVG Anti-Spyware[/b:0f92c64512].[list:0f92c64512]* Klik op [b:0f92c64512]Scan[/b:0f92c64512] en kies [b:0f92c64512]Complete System Scan[/b:0f92c64512]. Na de scan; volg onderstaande instructies : [color=blue:0f92c64512]BELANGRIJK : Klik niet op de "Save Scan Report" knop vooraleer je de "Apply all Actions" knop hebt aangeklikt ![/color:0f92c64512] * Draag er zorg voor dat [b:0f92c64512]Set all elements to[/b:0f92c64512]: op [b:0f92c64512]Quarantine[/b:0f92c64512] staat [color=blue:0f92c64512](1)[/color:0f92c64512], zoniet klik op de link en kies [b:0f92c64512]Quarantine[/b:0f92c64512] in de popup menu.[color=blue:0f92c64512] (2)[/color:0f92c64512] (Dit geldt niet voor cookies, deze worden onveranderlijk gedelete !) * Onderaan het venster klik op de [b:0f92c64512]Apply all Actions[/b:0f92c64512] knop. [color=blue:0f92c64512](3)[/color:0f92c64512] [img:0f92c64512]http://home.scarlet.be/~topalex/ewidoscan.jpg[/img:0f92c64512] * Wanneer je de melding krijgt 'All actions have been applied', klik je onderaan op de knop [b:0f92c64512]Save Report[/b:0f92c64512]. * Klik in het menu bovenaan op [b:0f92c64512]Reports[/b:0f92c64512]. Kopieer het rapport van de scan en plaats dat hier in je volgende bericht.[/list:u:0f92c64512]En ook nog. Download [url=http://java.sun.com/javase/downloads/index.jsp][b:0f92c64512][color=blue:0f92c64512]Java Runtime Environment (JRE) 5.0 Update 9[/color:0f92c64512][/b:0f92c64512][/url]. [list:0f92c64512][*:0f92c64512]Scroll omlaag naar : "[i:0f92c64512]The J2SE Runtime Environment (JRE) allows end-users to run Java applications[/i:0f92c64512]". [*:0f92c64512]Klik op de "[b:0f92c64512]Download[/b:0f92c64512]" knop aan de rechterkant. [*:0f92c64512]Vink aan: "[b:0f92c64512][i:0f92c64512]Accept[/b:0f92c64512] License Agreement[/i:0f92c64512]". [*:0f92c64512]De pagina zal herladen. [*:0f92c64512]Klik op de link om [i:0f92c64512]Windows [b:0f92c64512]Offline[/b:0f92c64512] Installation[/i:0f92c64512] te downloaden met Meerdere-talen, en bewaar het naar je Bureaublad. [*:0f92c64512]Sluit alle programma's die eventueel open zijn - Zeker je web browser! [*:0f92c64512]Ga dan naar [b:0f92c64512]Start[/b:0f92c64512] > [b:0f92c64512]Configuratiescherm[/b:0f92c64512] > [b:0f92c64512]Software[/b:0f92c64512] en verwijder alle oudere versies van Java uit de Softwarelijst. [*:0f92c64512]Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam. [*:0f92c64512]Klik dan op [b:0f92c64512]Verwijderen[/b:0f92c64512] of op de [b:0f92c64512]Wijzig/Verwijder[/b:0f92c64512] knop. [*:0f92c64512]Herhaal dit tot alle oudere versies verdwenen zijn. [*:0f92c64512]Na het verwijderen van alle oudere versies, [b:0f92c64512]herstart[/b:0f92c64512] je pc. [*:0f92c64512]Dubbelkik vervolgens op [b:0f92c64512]jre-1_5_0_09-windows-i586-p.exe[/b:0f92c64512] op je Bureaublad om de nieuwste versie van Java te installeren.[/list:u:0f92c64512] Aub een nieuw HJT logje en het AVG report

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.