Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

HJT Logje

None
10 antwoorden
  • Sinds kort last van popups van www.broadcaster.com, en iedere keer bij het opstarten een vijftal waarschuwingen van threats die zijn gevonden door NOD32. Gisteren een in-depth analysis en een local scan gedaan, paar dingen gevonden, verwijderd, blijven terugkomen. Hitman Pro gedraaid, alsmede AVG AS. Hier het HJT logje:

    [list:f1a6311702]Logfile of HijackThis v1.99.1
    Scan saved at 16:28:53, on 10-4-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware Pro\aawservice.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Eset
    od32kui.exe
    C:\Program Files\Eset
    od32krn.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\ATI Tray Tools\atitray.exe
    C:\Program Files\uTorrent\utorrent.exe
    C:\Program Files\United Devices\UD.EXE
    C:\Program Files\United Devices\ud_7174683.exe
    C:\Program Files\United Devices\ud_7174683_0.dir\ud_ligfit_Release.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset
    od32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\ATI Tray Tools\atitray.exe"
    O4 - HKCU\..\Run: [µTorrent] "C:\Program Files\uTorrent\utorrent.exe"
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\utorrent.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
    O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com
    esource/download/scanner/wlscbase8300.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware Pro\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset
    od32krn.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe[/list:u:f1a6311702]




  • Download combofix.exe: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Plaats het op je bureaublad.
    Dubbelklik er op om het programma te starten.
    In het scherm dat verschijnt tik je een Y in om het cleaningsprocess te starten.
    Volg de instructies op het scherm.
    Als het tooltje klaar is, opent er een logfile (combofix.txt).
    Post de inhoud van dit bestandje samen met een nieuwe hijacthislog.
  • "Thomas" - 07-04-10 21:55:55 Service Pack 2
    ComboFix 07-04-05 - Running from: "C:\Documents and Settings\Thomas\Desktop"


    (((((((((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


    "C:\WINDOWS\system32\ssqrq.dll"


    * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



    ((((((((((((((((((((((((((((((( Files Created from 2007-03-10 to 2007-04-10 ))))))))))))))))))))))))))))))))))


    2007-04-09 13:36 <DIR> d——– C:\Program Files\Eidos
    2007-04-09 13:24 512,453 —hs—- C:\WINDOWS\system32\qrqss.bak2
    2007-04-08 17:54 <DIR> d——– C:\Program Files\Foxit Software
    2007-04-08 13:24 512,453 —hs—- C:\WINDOWS\system32\qrqss.bak1
    2007-04-08 12:31 26,056 –a—— C:\WINDOWS\system32\drivers\hamachi.sys
    2007-04-08 12:31 <DIR> d——– C:\Program Files\Hamachi
    2007-04-08 12:31 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\Hamachi
    2007-04-08 02:46 <DIR> d——– C:\WINDOWS\system32\ActiveScan
    2007-04-08 02:43 <DIR> d——– C:\Program Files\Windows Live Safety Center
    2007-04-07 00:57 <DIR> d——– C:\Program Files\DC++
    2007-04-06 22:00 <DIR> d——– C:\Program Files\Virtual Dub
    2007-04-06 17:25 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\Command & Conquer 3 Tiberium Wars
    2007-04-06 16:40 <DIR> d——– C:\Program Files\Electronic Arts
    2007-04-05 13:50 <DIR> d——– C:\Program Files\EA SPORTS
    2007-04-04 17:29 <DIR> d——– C:\Program Files\Common Files\Wise Installation Wizard
    2007-04-01 11:19 3,968 –a—— C:\WINDOWS\system32\drivers\AvgAsCln.sys
    2007-03-31 17:58 <DIR> d——– C:\Program Files\Java
    2007-03-31 17:58 <DIR> d——– C:\Program Files\Common Files\Java
    2007-03-30 19:04 <DIR> d——– C:\Program Files\MagicISO
    2007-03-30 13:22 86,016 –a—— C:\WINDOWS\system32\OpenAL32.dll
    2007-03-29 19:30 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\gtk-2.0
    2007-03-29 19:30 <DIR> d——– C:\DOCUME~1\Thomas\.thumbnails
    2007-03-29 19:27 <DIR> d——– C:\DOCUME~1\Thomas\.gimp-2.2
    2007-03-29 19:26 <DIR> d——– C:\Program Files\GIMP-2.0
    2007-03-29 19:24 <DIR> d——– C:\Program Files\Common Files\GTK
    2007-03-29 19:21 <DIR> d——– C:\DOCUME~1\Thomas\.gimp-2.3
    2007-03-29 19:11 36,864 –a—— C:\WINDOWS\system32\drivers\AmdK8.sys
    2007-03-29 19:11 <DIR> d——– C:\Program Files\DIFX
    2007-03-29 18:49 83,968 –a—— C:\WINDOWS\system32
    vraidservice.exe
    2007-03-29 18:49 74,240 –a—— C:\WINDOWS\system32\NvRaidWizardEnu.dll
    2007-03-29 18:49 6,144 –a—— C:\WINDOWS\system32\NvRaidSvEnu.dll
    2007-03-29 18:49 396,800 –a—— C:\WINDOWS\system32\NvRaidWizard.dll
    2007-03-29 18:49 244,224 –a—— C:\WINDOWS\system32\NvRaidMan.exe
    2007-03-29 18:49 20,480 –a—— C:\WINDOWS\system32\NvRaidEnu.dll
    2007-03-29 18:49 176,128 –a—— C:\WINDOWS\system32
    vusmb.exe
    2007-03-29 18:49 176,128 –a—— C:\WINDOWS\system32
    vunrm.exe
    2007-03-29 18:49 176,128 –a—— C:\WINDOWS\system32
    vuide.exe
    2007-03-29 18:49 176,128 –a—— C:\WINDOWS\system32
    vugart.exe
    2007-03-29 18:49 <DIR> d——– C:\NVIDIA
    2007-03-29 18:34 22,040 –a—— C:\DOCUME~1\Thomas\APPLIC~1\addon.dat
    2007-03-29 18:34 <DIR> d——– C:\WINDOWS\system32\Bifrost
    2007-03-29 16:51 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    2007-03-29 16:49 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\Adobe
    2007-03-29 16:46 <DIR> d——– C:\Program Files\Common Files\Adobe Systems Shared
    2007-03-29 16:45 <DIR> d——– C:\Program Files\Common Files\Adobe
    2007-03-29 16:45 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    2007-03-29 13:27 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\atitray
    2007-03-29 13:26 <DIR> d——– C:\Program Files\ATI Tray Tools
    2007-03-28 23:39 520,192 ——— C:\WINDOWS\system32\ati2sgag.exe
    2007-03-28 23:39 <DIR> d——– C:\Program Files\ATI Technologies
    2007-03-27 23:52 <DIR> d——– C:\Program Files\ATITool
    2007-03-27 00:49 5,632 –a—— C:\WINDOWS\system32\drivers\Entech64.sys
    2007-03-27 00:24 3,972 –a—— C:\WINDOWS\system32\drivers\PciBus.sys
    2007-03-27 00:24 21,664 –a—— C:\WINDOWS\system32\drivers\Entech.sys
    2007-03-27 00:24 <DIR> d——– C:\WINDOWS\system32\Futuremark
    2007-03-27 00:24 <DIR> d——– C:\Program Files\Futuremark
    2007-03-27 00:21 <DIR> d——– C:\Program Files\MadOnion.com
    2007-03-26 23:26 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    2007-03-26 21:11 <DIR> d——– C:\Program Files\THQ
    2007-03-25 20:18 108,144 –a—— C:\WINDOWS\system32\CmdLineExt.dll
    2007-03-25 20:18 <DIR> dr-h—– C:\DOCUME~1\Thomas\APPLIC~1\SecuROM
    2007-03-25 19:43 <DIR> d——– C:\Program Files\Ubisoft
    2007-03-25 19:42 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\InstallShield
    2007-03-25 18:31 <DIR> d——– C:\Program Files\EA GAMES
    2007-03-25 18:31 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\InstallShield Installation Information
    2007-03-25 16:29 <DIR> d——– C:\Program Files\Rockstar Games
    2007-03-25 16:25 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\ATI
    2007-03-25 16:18 <DIR> d——– C:\ATI
    2007-03-25 16:04 <DIR> d——– C:\Program Files\Driver Cleaner Pro
    2007-03-25 02:00 <DIR> d——– C:\Program Files\Audacity
    2007-03-24 12:28 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    2007-03-23 00:20 87,608 –a—— C:\DOCUME~1\Thomas\APPLIC~1\ezpinst.exe
    2007-03-23 00:20 47,360 –a—— C:\WINDOWS\system32\drivers\pcouffin.sys
    2007-03-23 00:20 47,360 –a—— C:\DOCUME~1\Thomas\APPLIC~1\pcouffin.sys
    2007-03-23 00:20 <DIR> d——– C:\Program Files\vso
    2007-03-23 00:20 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\Vso
    2007-03-21 19:35 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\foobar2000
    2007-03-18 19:44 <DIR> d——– C:\DOCUME~1\Thomas\WINDOWS
    2007-03-18 19:35 <DIR> d——– C:\Program Files\Max Payne
    2007-03-18 19:06 <DIR> d——– C:\Program Files\Kyodai Mahjongg
    2007-03-17 01:23 <DIR> d——– C:\Program Files\iPod
    2007-03-16 17:55 73,728 –a—— C:\WINDOWS\system32\GkSui18.EXE
    2007-03-16 17:55 69,632 –a—— C:\WINDOWS\system32\Copy of GkSui18.EXE
    2007-03-16 17:55 <DIR> d——– C:\Program Files\Folding@Home
    2007-03-16 17:26 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\Google
    2007-03-16 17:25 <DIR> d——– C:\Program Files\Windows Defender
    2007-03-16 12:21 <DIR> d–h—– C:\6e8fa1e725a0e6989e97f57774d36f8b
    2007-03-16 12:10 <DIR> d——– C:\Program Files
    Lite
    2007-03-11 22:48 <DIR> d——– C:\WINDOWS\system32\appmgmt
    2007-03-10 21:03 <DIR> d——– C:\Program Files\Power Tab Software
    2007-03-10 20:20 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\Help


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2007-04-10 22:03 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\utorrent
    2007-04-10 22:01 ——– d——– C:\Program Files\united devices
    2007-04-09 19:35 2404 –a—— C:\WINDOWS\system32\d3d9caps.dat
    2007-04-09 17:24 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\xfire
    2007-04-09 15:22 ——– dr——- C:\Program Files\xfire
    2007-04-09 15:06 ——– d——– C:\Program Files\steam
    2007-04-09 14:37 ——– d——– C:\Program Files\hitman pro
    2007-04-09 14:17 ——– d——– C:\Program Files\spywareblaster
    2007-04-09 13:36 ——– d–h—– C:\Program Files\installshield installation information
    2007-04-08 17:55 ——– d——– C:\Program Files\foxit reader
    2007-04-08 02:33 ——– d——– C:\Program Files\utorrent
    2007-04-07 11:13 4212 —h—– C:\WINDOWS\system32\zllictbl.dat
    2007-04-07 00:51 ——– d——– C:\Program Files\mirc
    2007-04-04 17:30 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\lavasoft
    2007-04-04 17:29 ——– d——– C:\Program Files\lavasoft
    2007-04-01 18:25 ——– d——– C:\Program Files\kyodai mahjongg 2006
    2007-03-29 18:42 ——– d——– C:\Program Files\media player classic
    2007-03-25 00:41 1632 –a—— C:\WINDOWS\system32\d3d8caps.dat
    2007-03-23 20:30 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\screenshot sender
    2007-03-23 00:20 34 –a—— C:\DOCUME~1\Thomas\APPLIC~1\pcouffin.log
    2007-03-23 00:20 1144 –a—— C:\DOCUME~1\Thomas\APPLIC~1\pcouffin.inf
    2007-03-23 00:20 1074 –a—— C:\DOCUME~1\Thomas\APPLIC~1\pcouffin.cat
    2007-03-21 19:35 ——– d——– C:\Program Files\foobar2000
    2007-03-20 00:40 ——– d——– C:\Program Files\kyodai
    2007-03-20 00:36 ——– d——– C:\Program Files\lavalys
    2007-03-17 01:23 ——– d——– C:\Program Files\itunes
    2007-03-16 17:51 405504 –a—— C:\WINDOWS\system32\wrap_oal.dll
    2007-03-16 17:51 ——– d——– C:\Program Files\creative
    2007-03-16 17:25 ——– d——– C:\Program Files\google
    2007-03-14 00:21 ——– d——– C:\Program Files\bearshare
    2007-03-12 00:33 ——– d——– C:\Program Files\xchat
    2007-03-09 01:01 1087216 –a—— C:\WINDOWS\system32\zpeng24.dll
    2007-03-08 17:48 578048 –a—— C:\WINDOWS\system32\user32.dll
    2007-03-08 17:48 40960 –a—— C:\WINDOWS\system32\mf3216.dll
    2007-03-08 17:48 282112 –a—— C:\WINDOWS\system32\gdi32.dll
    2007-03-08 15:49 1843968 –a—— C:\WINDOWS\system32\win32k.sys
    2007-03-07 21:30 73728 –a—— C:\WINDOWS\ud.scr
    2007-03-06 18:02 ——– d——– C:\Program Files\apple software update
    2007-03-06 17:36 ——– d——– C:\Program Files\msn messenger
    2007-03-06 17:36 ——– d——– C:\Program Files\messenger plus! live
    2007-03-05 23:38 5632 –a—— C:\WINDOWS\system32\drivers\AWRTPD.sys
    2007-03-05 21:59 ——– d——– C:\Program Files\picasa2
    2007-03-03 13:40 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\sun
    2007-03-03 13:40 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\real
    2007-03-02 22:57 307200 –a—— C:\WINDOWS\system32\atiiiexx.dll
    2007-03-02 22:54 307200 –a—— C:\WINDOWS\system32\atidemgx.dll
    2007-03-02 22:53 265728 –a—— C:\WINDOWS\system32\ati2dvag.dll
    2007-03-02 22:53 1972224 –a—— C:\WINDOWS\system32\drivers\ati2mtag.sys
    2007-03-02 22:47 42496 –a—— C:\WINDOWS\system32\ati2edxx.dll
    2007-03-02 22:47 26112 –a—— C:\WINDOWS\system32\ati2mdxx.exe
    2007-03-02 22:47 118784 –a—— C:\WINDOWS\system32\atipdlxx.dll
    2007-03-02 22:47 110592 –a—— C:\WINDOWS\system32\oemdspif.dll
    2007-03-02 22:47 110592 –a—— C:\WINDOWS\system32\ati2evxx.dll
    2007-03-02 22:46 446464 –a—— C:\WINDOWS\system32\ati2evxx.exe
    2007-03-02 22:45 53248 –a—— C:\WINDOWS\system32\atiddc.dll
    2007-03-02 22:38 2824512 –a—— C:\WINDOWS\system32\ati3duag.dll
    2007-03-02 22:29 3107788 –a—— C:\WINDOWS\system32\ativvaxx.dat
    2007-03-02 22:29 1288960 –a—— C:\WINDOWS\system32\ativvaxx.dll
    2007-03-02 22:21 5398528 –a—— C:\WINDOWS\system32\atioglxx.dll
    2007-03-02 22:17 258048 –a—— C:\WINDOWS\system32\atikvmag.dll
    2007-03-02 22:16 17408 –a—— C:\WINDOWS\system32\atitvo32.dll
    2007-03-02 22:11 348160 –a—— C:\WINDOWS\system32\ati2cqag.dll
    2007-03-01 00:36 ——– d——– C:\Program Files\dvd audio extractor
    2007-02-28 15:16 ——– d——– C:\Program Files\imtoo
    2007-02-28 14:49 ——– d——– C:\Program Files\badgerit
    2007-02-28 00:22 ——– d——– C:\Program Files\imageshack
    2007-02-27 21:55 ——– d——– C:\Program Files\logitech
    2007-02-27 21:55 ——– d——– C:\Program Files\Common Files\logitech
    2007-02-27 16:26 ——– d——– C:\Program Files\msbuild
    2007-02-27 16:21 ——– d——– C:\Program Files\reference assemblies
    2007-02-26 17:51 ——– d——– C:\Program Files\last.fm
    2007-02-26 17:44 147685 –a—— C:\WINDOWS\system32\atiicdxx.dat
    2007-02-25 19:14 ——– d——– C:\Program Files\partygaming
    2007-02-25 00:40 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\officeupdate12
    2007-02-25 00:30 ——– d——– C:\Program Files\microsoft activesync
    2007-02-24 00:16 ——– d——– C:\Program Files\Common Files\real
    2007-02-24 00:00 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\x-chat 2
    2007-02-23 22:04 ——– d——– C:\Program Files\daemon tools
    2007-02-23 17:04 ——– d——– C:\Program Files\sitecom
    2007-02-23 17:04 ——– d——– C:\Program Files\Common Files\installshield
    2007-02-23 17:02 ——– d——– C:\Program Files\microsoft.net
    2007-02-23 16:56 646392 –a—— C:\WINDOWS\system32\drivers\sptd.sys
    2007-02-22 23:35 ——– d——– C:\Program Files\Common Files\ahead
    2007-02-22 22:17 335 –a—— C:\WINDOWS\mozregistry.dat
    2007-02-22 22:09 1168 –a—— C:\WINDOWS\mozver.dat
    2007-02-22 20:36 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\media player classic
    2007-02-22 20:21 ——– d——– C:\Program Files\ffdshow
    2007-02-22 20:16 ——– d——– C:\Program Files\smart projects
    2007-02-22 20:05 0 –a—— C:\WINDOWS
    sreg.dat
    2007-02-22 19:51 62 –ahs—- C:\DOCUME~1\Thomas\APPLIC~1\desktop.ini
    2007-02-22 19:51 ——– d——– C:\Program Files\Common Files\speechengines
    2007-02-22 19:51 ——– d——– C:\Program Files\Common Files\odbc
    2007-02-22 19:41 ——– d——– C:\Program Files\ccleaner
    2007-02-22 19:40 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\winrar
    2007-02-22 19:34 512096 –a—— C:\WINDOWS\system32\drivers\amon.sys
    2007-02-22 19:34 298104 –a—— C:\WINDOWS\system32\imon.dll
    2007-02-22 19:34 15424 –a—— C:\WINDOWS\system32\drivers
    od32drv.sys
    2007-02-22 19:18 0 -rahs—- C:\MSDOS.SYS
    2007-02-22 19:18 0 -rahs—- C:\IO.SYS
    2007-02-22 19:18 0 –a—— C:\CONFIG.SYS
    2007-02-22 19:18 0 –a—— C:\AUTOEXEC.BAT
    2007-02-22 19:18 ——– d——– C:\Program Files\microsoft frontpage
    2007-02-22 19:17 ——– d–h—– C:\Program Files\windowsupdate
    2007-02-22 19:16 ——– d——– C:\Program Files\movie maker
    2007-02-22 19:16 ——– d——– C:\Program Files\Common Files\mssoap
    2007-02-22 19:15 21640 –a—— C:\WINDOWS\system32\emptyregdb.dat
    2007-02-22 19:15 ——– d——– C:\Program Files\windows nt
    2007-02-22 19:15 ——– d——– C:\Program Files\windows media connect 2
    2007-02-22 19:15 ——– d——– C:\Program Files\online services
    2007-02-22 19:15 ——– d——– C:\Program Files\msn gaming zone
    2007-02-22 19:15 ——– d——– C:\Program Files\messenger
    2007-02-20 15:04 80128 –a—— C:\WINDOWS\system32\drivers\parport.sys
    2007-02-20 15:04 63744 –a—— C:\WINDOWS\system32\drivers\mf.sys
    2007-02-20 15:04 61824 –a—— C:\WINDOWS\system32\drivers
    ic1394.sys
    2007-02-20 15:04 60800 –a—— C:\WINDOWS\system32\drivers\arp1394.sys
    2007-02-20 15:04 52736 –a—— C:\WINDOWS\system32\wzcsapi.dll
    2007-02-20 15:04 52224 –a—— C:\WINDOWS\system32\dmutil.dll
    2007-02-20 15:04 476160 –a—— C:\WINDOWS\system32\wzcsvc.dll
    2007-02-20 15:04 47616 –a—— C:\WINDOWS\system32\iyuv_32.dll
    2007-02-20 15:04 47104 –a—— C:\WINDOWS\system32\cnbjmon.dll
    2007-02-20 15:04 4352 –a—— C:\WINDOWS\system32\drivers\swenum.sys
    2007-02-20 15:04 42496 –a—— C:\WINDOWS\system32\drivers\p3.sys
    2007-02-20 15:04 37376 –a—— C:\WINDOWS\system32\drivers\amdk7.sys
    2007-02-20 15:04 36992 –a—— C:\WINDOWS\system32\drivers\amdk6.sys
    2007-02-20 15:04 36480 –a—— C:\WINDOWS\system32\drivers\crusoe.sys
    2007-02-20 15:04 35456 –a—— C:\WINDOWS\system32\drivers\processr.sys
    2007-02-20 15:04 35328 –a—— C:\WINDOWS\system32\pid.dll
    2007-02-20 15:04 30080 –a—— C:\WINDOWS\system32\drivers\modem.sys
    2007-02-20 15:04 25472 –a—— C:\WINDOWS\system32\drivers\sonydcam.sys
    2007-02-20 15:04 20992 –a—— C:\WINDOWS\system32\hid.dll
    2007-02-20 15:04 17408 –a—— C:\WINDOWS\system32\msyuv.dll
    2007-02-20 15:04 16000 –a—— C:\WINDOWS\system32\drivers\usbintel.sys
    2007-02-20 15:04 1580544 –a—— C:\WINDOWS\system32\sfcfiles.dll
    2007-02-20 15:04 15488 –a—— C:\WINDOWS\system32\drivers\mssmbios.sys
    2007-02-20 15:04 15360 –a—— C:\WINDOWS\system32\pjlmon.dll
    2007-02-20 15:04 14592 –a—— C:\WINDOWS\system32\drivers
    disuio.sys
    2007-02-20 15:04 12416 –a—— C:\WINDOWS\system32\drivers\tunmp.sys
    2007-02-20 15:02 86073 –a—— C:\WINDOWS\system32\usrfaxa.dll
    2007-02-20 15:02 8192 –a—— C:\WINDOWS\system32\tsbyuv.dll
    2007-02-20 15:02 8192 –a—— C:\WINDOWS\system32\streamci.dll
    2007-02-20 15:02 77891 –a—— C:\WINDOWS\system32\usrmlnka.exe
    2007-02-20 15:02 77890 –a—— C:\WINDOWS\system32\usrdpa.dll
    2007-02-20 15:02 77883 –a—— C:\WINDOWS\system32\usrrtosa.dll
    2007-02-20 15:02 72192 –a—— C:\WINDOWS\system32\sprio800.dll
    2007-02-20 15:02 70656 –a—— C:\WINDOWS\system32\sprio600.dll
    2007-02-20 15:02 69700 –a—— C:\WINDOWS\system32\usrshuta.exe
    2007-02-20 15:02 69699 –a—— C:\WINDOWS\system32\usrcoina.dll
    2007-02-20 15:02 69632 –a—— C:\WINDOWS\system32\spnike.dll
    2007-02-20 15:02 61508 –a—— C:\WINDOWS\system32\usrprbda.exe
    2007-02-20 15:02 61500 –a—— C:\WINDOWS\system32\usrcntra.dll
    2007-02-20 15:02 58112 –a—— C:\WINDOWS\system32\drivers\vdmindvd.sys
    2007-02-20 15:02 55296 –a—— C:\WINDOWS\system32\dvdplay.exe
    2007-02-20 15:02 53305 –a—— C:\WINDOWS\system32\usrlbva.dll
    2007-02-20 15:02 51712 –a—— C:\WINDOWS\system32\drivers\tosdvd.sys
    2007-02-20 15:02 49211 –a—— C:\WINDOWS\system32\usrvpa.dll
    2007-02-20 15:02 49211 –a—— C:\WINDOWS\system32\usrsdpia.dll
    2007-02-20 15:02 49209 –a—— C:\WINDOWS\system32\usrv80a.dll
    2007-02-20 15:02 45116 –a—— C:\WINDOWS\system32\usrvoica.dll
    2007-02-20 15:02 41019 –a—— C:\WINDOWS\system32\usrsvpia.dll
    2007-02-20 15:02 323641 –a—— C:\WINDOWS\system32\usrdtea.dll
    2007-02-20 15:02 3200 –a—— C:\WINDOWS\system32\wowfax.dll
    2007-02-20 15:02 262528 –a—— C:\WINDOWS\system32\drivers\cinemst2.sys
    2007-02-20 15:02 23936 –a—— C:\WINDOWS\system32\drivers\usbcamd2.sys
    2007-02-20 15:02 23808 –a—— C:\WINDOWS\system32\drivers\usbcamd.sys
    2007-02-20 15:02 21376 –a—— C:\WINDOWS\system32\drivers\tsbvcap.sys
    2007-02-20 15:02 18688 –a—— C:\WINDOWS\system32\drivers\cdaudio.sys
    2007-02-20 15:02 157696 –a—— C:\WINDOWS\system32\paqsp.dll
    2007-02-20 15:02 147968 –a—— C:\WINDOWS\system32\mdwmdmsp.dll
    2007-02-20 15:02 13824 –a—— C:\WINDOWS\system32\wowfaxui.dll
    2007-02-20 15:02 12160 –a—— C:\WINDOWS\system32\drivers\fsvga.sys
    2007-02-20 15:02 12032 –a—— C:\WINDOWS\system32\drivers\riodrv.sys
    2007-02-20 15:02 12032 –a—— C:\WINDOWS\system32\drivers\rio8drv.sys
    2007-02-20 15:02 12032 –a—— C:\WINDOWS\system32\drivers
    ikedrv.sys
    2007-02-20 15:02 11776 –a—— C:\WINDOWS\system32\drivers\cpqdap01.sys
    2007-02-20 15:02 102457 –a—— C:\WINDOWS\system32\usrv42a.dll
    2007-02-20 14:52 984576 –a—— C:\WINDOWS\system32\syssetup.dll
    2007-02-20 14:52 68888 –a—— C:\WINDOWS\system32\xinput1_3.dll
    2007-02-20 14:52 68224 –a—— C:\WINDOWS\system32\drivers
    vraid.sys
    2007-02-20 14:52 62744 –a—— C:\WINDOWS\system32\xinput1_2.dll
    2007-02-20 14:52 32256 –a—— C:\WINDOWS\system32
    vcog.dll
    2007-02-20 14:52 294400 –a—— C:\WINDOWS\system32\idecoi.dll
    2007-02-20 14:52 255848 –a—— C:\WINDOWS\system32\xactengine2_6.dll
    2007-02-20 14:52 251672 –a—— C:\WINDOWS\system32\xactengine2_5.dll
    2007-02-20 14:52 237848 –a—— C:\WINDOWS\system32\xactengine2_4.dll
    2007-02-20 14:52 236824 –a—— C:\WINDOWS\system32\xactengine2_3.dll
    2007-02-20 14:52 21760 –a—— C:\WINDOWS\system32\drivers
    v_agp.SYS
    2007-02-20 14:52 18432 –a—— C:\WINDOWS\system32
    vraidco.dll
    2007-02-20 14:51 3426072 –a—— C:\WINDOWS\system32\d3dx9_32.dll
    2007-02-20 14:51 2414360 –a—— C:\WINDOWS\system32\d3dx9_31.dll
    2007-02-20 14:51 2297552 –a—— C:\WINDOWS\system32\d3dx9_26.dll
    2007-02-20 14:51 15128 –a—— C:\WINDOWS\system32\x3daudio1_1.dll
    2007-02-20 14:50 940544 –a—— C:\WINDOWS\system32\wmspdmoe.dll
    2007-02-20 14:50 826368 –a—— C:\WINDOWS\system32\wmvdmod.dll
    2007-02-20 14:50 66560 –a—— C:\WINDOWS\system32\wpdmtpus.dll
    2007-02-20 14:50 61952 –a—— C:\WINDOWS\system32\wpdconns.dll
    2007-02-20 14:50 486400 –a—— C:\WINDOWS\system32\audiodev.dll
    2007-02-20 14:50 47104 –a—— C:\WINDOWS\system32\uwdf.exe
    2007-02-20 14:50 407552 –a—— C:\WINDOWS\system32\wmspdmod.dll
    2007-02-20 14:50 38912 –a—— C:\WINDOWS\system32\wpd_ci.dll
    2007-02-20 14:50 38912 –a—— C:\WINDOWS\system32\wdfmgr.exe
    2007-02-20 14:50 344064 –a—— C:\WINDOWS\system32\wmdrmdev.dll
    2007-02-20 14:50 331776 –a—— C:\WINDOWS\system32\wpdmtpdr.dll
    2007-02-20 14:50 329728 –a—— C:\WINDOWS\system32\wpdsp.dll
    2007-02-20 14:50 290816 –a—— C:\WINDOWS\system32\wmdrmnet.dll
    2007-02-20 14:50 23040 –a—— C:\WINDOWS\kb913800.exe
    2007-02-20 14:50 18944 –a—— C:\WINDOWS\system32\drivers\wpdusb.sys
    2007-02-20 14:50 180224 –a—— C:\WINDOWS\system32\wmdrmsdk.dll
    2007-02-20 14:50 178936 –a—— C:\WINDOWS\system32\drmupgds.exe
    2007-02-20 14:50 175104 –a—— C:\WINDOWS\system32\wmpsrcwp.dll
    2007-02-20 14:50 1594880 –a—— C:\WINDOWS\system32\wmpencen.dll
    2007-02-20 14:50 15872 –a—— C:\WINDOWS\system32\wdfapi.dll
    2007-02-20 14:50 1512448 –a—— C:\WINDOWS\system32\wmvadve.dll
    2007-02-20 14:50 1216000 –a—— C:\WINDOWS\system32\wmvadvd.dll
    2007-02-20 14:50 114176 –a—— C:\WINDOWS\system32\wpdmtp.dll
    2007-02-20 14:50 1119744 –a—— C:\WINDOWS\system32\wmsdmoe2.dll
    2007-02-20 14:50 10752 –a—— C:\WINDOWS\system32\wpdtrace.dll
    2007-02-20 14:50 106496 –a—— C:\WINDOWS\system32\mfplat.dll
    2007-02-20 14:50 1003008 –a—— C:\WINDOWS\system32\wmvdmoe2.dll
    2007-02-20 14:49 988672 –a—— C:\WINDOWS\system32\wmnetmgr.dll
    2007-02-20 14:49 96768 –a—— C:\WINDOWS\system32\logagent.exe
    2007-02-20 14:49 86016 –a—— C:\WINDOWS\system32\wmpshell.dll
    2007-02-20 14:49 771584 –a—— C:\WINDOWS\system32\wmsdmod.dll
    2007-02-20 14:49 716288 –a—— C:\WINDOWS\system32\wmadmoe.dll
    2007-02-20 14:49 6656 –a—— C:\WINDOWS\system32\laprxy.dll
    2007-02-20 14:49 391928 –a—— C:\WINDOWS\system32\mp4sdmod.dll
    2007-02-20 14:49 37376 –a—— C:\WINDOWS\system32\wmdmps.dll
    2007-02-20 14:49 359936 –a—— C:\WINDOWS\system32\wmadmod.dll
    2007-02-20 14:49 346624 –a—— C:\WINDOWS\system32\msscp.dll
    2007-02-20 14:49 3371008 –a—— C:\WINDOWS\system32\wmploc.dll
    2007-02-20 14:49 315904 –a—— C:\WINDOWS\system32\mswmdm.dll
    2007-02-20 14:49 29184 –a—— C:\WINDOWS\system32\wmdmlog.dll
    2007-02-20 14:49 282624 –a—— C:\WINDOWS\system32\wmpdxm.dll
    2007-02-20 14:49 25088 –a—— C:\WINDOWS\system32\mspmsnsv.dll
    2007-02-20 14:49 246814 –a—— C:\WINDOWS\system32\strmdll.dll
    2007-02-20 14:49 227840 –a—— C:\WINDOWS\system32\wmasf.dll
    2007-02-20 14:49 221184 –a—— C:\WINDOWS\system32\qasf.dll
    2007-02-20 14:49 20480 –a—— C:\WINDOWS\system32\wmpui.dll
    2007-02-20 14:49 20480 –a—— C:\WINDOWS\system32\wmpcore.dll
    2007-02-20 14:49 20480 –a—— C:\WINDOWS\system32\wmpcd.dll
    2007-02-20 14:49 189440 –a—— C:\WINDOWS\system32\wmerror.dll
    2007-02-20 14:49 173568 –a—— C:\WINDOWS\system32\mspmsp.dll
    2007-02-20 14:49 150016 –a—— C:\WINDOWS\system32\wmidx.dll
    2007-02-20 14:49 135168 –a—— C:\WINDOWS\system32\wmpasf.dll
    2007-02-20 14:49 115200 –a—— C:\WINDOWS\system32\msnetobj.dll
    2007-02-20 14:48 96768 –a—— C:\WINDOWS\system32\drmstor.dll
    2007-02-20 14:48 86728 –a—— C:\WINDOWS\system32\msxml6r.dll
    2007-02-20 14:48 84480 –a—— C:\WINDOWS\system32\pintool.exe
    2007-02-20 14:48 82432 –a—— C:\WINDOWS\system32\msxml4r.dll
    2007-02-20 14:48 8192 –a—— C:\WINDOWS\system32\asferror.dll
    2007-02-20 14:48 69120 –a—— C:\WINDOWS\system32\wlanapi.dll
    2007-02-20 14:48 62336 –a—— C:\WINDOWS\system32\drivers\rspndr.sys
    2007-02-20 14:48 581632 –a—— C:\WINDOWS\system32\drmv2clt.dll
    2007-02-20 14:48 531568 –a—— C:\WINDOWS\system32\rmactivate_isv.exe
    2007-02-20 14:48 523376 –a—— C:\WINDOWS\system32\rmactivate.exe
    2007-02-20 14:48 519280 –a—— C:\WINDOWS\system32\secproc_isv.dll
    2007-02-20 14:48 518768 –a—— C:\WINDOWS\system32\secproc.dll
    2007-02-20 14:48 498742 –a—— C:\WINDOWS\system32\dxmasf.dll
    2007-02-20 14:48 429056 –a—— C:\WINDOWS\system32\blackbox.dll
    2007-02-20 14:48 36352 –a—— C:\WINDOWS\system32\tsgqec.dll
    2007-02-20 14:48 35840 –a—— C:\WINDOWS\system32\qfecheck.exe
    2007-02-20 14:48 358000 –a—— C:\WINDOWS\system32\rmactivate_ssp.exe
    2007-02-20 14:48 354416 –a—— C:\WINDOWS\system32\rmactivate_ssp_isv.exe
    2007-02-20 14:48 323696 –a—— C:\WINDOWS\system32\msdrm.dll
    2007-02-20 14:48 288768 –a—— C:\WINDOWS\system32\rhttpaa.dll
    2007-02-20 14:48 28672 –a—— C:\WINDOWS\system32\verclsid.exe
    2007-02-20 14:48 258296 –a—— C:\WINDOWS\system32\drmclien.dll
    2007-02-20 14:48 207872 –a—— C:\WINDOWS\system32\cewmdm.dll
    2007-02-20 14:48 192624 –a—— C:\WINDOWS\system32\secproc_ssp_isv.dll
    2007-02-20 14:48 192624 –a—— C:\WINDOWS\system32\secproc_ssp.dll
    2007-02-20 14:48 18392 –a—— C:\WINDOWS\system32\wups2.dll
    2007-02-20 14:48 178408 –a—— C:\WINDOWS\system32\muweb.dll
    2007-02-20 14:48 1321744 –a—— C:\WINDOWS\system32\msxml6.dll
    2007-02-20 14:48 1245696 –a—— C:\WINDOWS\system32\msxml4.dll
    2007-02-20 14:48 10752 –a—— C:\WINDOWS\system32\rspndr.exe
    2007-02-20 14:47 96792 –a—— C:\WINDOWS\system32\basecsp.dll
    2007-02-20 14:47 65536 –a—— C:\WINDOWS\system32\wshext.dll
    2007-02-20 14:47 61952 –a—— C:\WINDOWS\system32\hdashcut.exe
    2007-02-20 14:47 5120 –a—— C:\WINDOWS\system32\hdaudres.dll
    2007-02-20 14:47 465368 –a—— C:\WINDOWS\system32\wuapi.dll
    2007-02-20 14:47 41432 –a—— C:\WINDOWS\system32\wups.dll
    2007-02-20 14:47 397312 –a—— C:\WINDOWS\system32\mmcex.dll
    2007-02-20 14:47 383488 –a—— C:\WINDOWS\system32\wzcdlg.dll
    2007-02-20 14:47 33792 –a—— C:\WINDOWS\system32\mmcperf.exe
    2007-02-20 14:47 25600 –a—— C:\WINDOWS\system32\bcsprsrc.dll
    2007-02-20 14:47 25088 –a—— C:\WINDOWS\system32\hdaprop.dll
    2007-02-20 14:47 194520 –a—— C:\WINDOWS\system32\wuaueng1.dll
    2007-02-20 14:47 184320 –a—— C:\WINDOWS\system32\microsoft.managementconsole.dll
    2007-02-20 14:47 18392 –a—— C:\WINDOWS\system32\wuauserv.dll
    2007-02-20 14:47 174040 –a—— C:\WINDOWS\system32\wuweb.dll
    2007-02-20 14:47 172504 –a—— C:\WINDOWS\system32\wuauclt1.exe
    2007-02-20 14:47 151552 –a—— C:\WINDOWS\system32\ifxcardm.dll
    2007-02-20 14:47 145920 –a—— C:\WINDOWS\system32\drivers\hdaudio.sys
    2007-02-20 14:47 138752 –a—— C:\WINDOWS\system32\drivers\hdaudbus.sys
    2007-02-20 14:47 1353688 –a—— C:\WINDOWS\system32\wuaueng.dll
    2007-02-20 14:47 133120 –a—— C:\WINDOWS\system32\axaltocm.dll
    2007-02-20 14:47 127448 –a—— C:\WINDOWS\system32\wucltui.dll
    2007-02-20 14:47 124376 –a—— C:\WINDOWS\system32\wuauclt.exe
    2007-02-20 14:47 11776 –a—— C:\WINDOWS\system32\xolehlp.dll
    2007-02-20 14:47 116736 –a—— C:\WINDOWS\system32\aaclient.dll
    2007-02-20 14:47 106496 –a—— C:\WINDOWS\system32\mmcfxcommon.dll
    2007-02-20 14:46 81664 –a—— C:\WINDOWS\system32\drivers\videoprt.sys
    2007-02-20 14:46 80896 –a—— C:\WINDOWS\system32\wscsvc.dll
    2007-02-20 14:46 68096 –a—— C:\WINDOWS\system32\webclnt.dll
    2007-02-20 14:46 59264 –a—— C:\WINDOWS\system32\drivers\usbhub.sys
    2007-02-20 14:46 55808 –a—— C:\WINDOWS\system32\twext.dll
    2007-02-20 14:46 50176 –a—— C:\WINDOWS\system32\utilman.exe
    2007-02-20 14:46 49152 –a—— C:\WINDOWS\system32\wdigest.dll
    2007-02-20 14:46 35840 –a—— C:\WINDOWS\system32\umandlg.dll
    2007-02-20 14:46 30208 –a—— C:\WINDOWS\system32\drivers\usbehci.sys
    2007-02-20 14:46 295424 –a—— C:\WINDOWS\system32\termsrv.dll
    2007-02-20 14:46 291840 –a—— C:\WINDOWS\system32\winsrv.dll
    2007-02-20 14:46 28672 –a—— C:\WINDOWS\system32\wshcon.dll
    2007-02-20 14:46 26624 –a—— C:\WINDOWS\system32\verifier.dll
    2007-02-20 14:46 225664 –a—— C:\WINDOWS\system32\drivers\tcpip6.sys
    2007-02-20 14:46 218624 –a—— C:\WINDOWS\system32\uxtheme.dll
    2007-02-20 14:46 209280 –a—— C:\WINDOWS\system32\drivers\update.sys
    2007-02-20 14:46 17152 –a—— C:\WINDOWS\system32\drivers\usbohci.sys
    2007-02-20 14:46 143488 –a—— C:\WINDOWS\system32\drivers\usbport.sys
    2007-02-20 14:46 132096 –a—— C:\WINDOWS\system32\wkssvc.dll
    2007-02-20 14:46 123392 –a—— C:\WINDOWS\system32\umpnpmgr.dll
    2007-02-20 14:46 114688 –a—— C:\WINDOWS\system32\wscript.exe
    2007-02-20 14:46 101376 –a—— C:\WINDOWS\system32\txflog.dll
    2007-02-20 14:45 985088 –a—— C:\WINDOWS\system32\setupapi.dll
    2007-02-20 14:45 96768 –a—— C:\WINDOWS\system32\srvsvc.dll
    2007-02-20 14:45 713216 –a—— C:\WINDOWS\system32\sxs.dll
    2007-02-20 14:45 59392 –a—— C:\WINDOWS\system32\stclient.dll
    2007-02-20 14:45 582656 –a—— C:\WINDOWS\system32\rpcrt4.dll
    2007-02-20 14:45 57856 –a—— C:\WINDOWS\system32\spoolsv.exe
    2007-02-20 14:45 399360 –a—— C:\WINDOWS\system32\rpcss.dll
    2007-02-20 14:45 360704 –a—— C:\WINDOWS\system32\drivers\tcpip.sys
    2007-02-20 14:45 332928 –a—— C:\WINDOWS\system32\drivers\srv.sys
    2007-02-20 14:45 249344 –a—— C:\WINDOWS\system32\tapisrv.dll
    2007-02-20 14:45 202496 –a—— C:\WINDOWS\system32\drivers\RMCast.sys
    2007-02-20 14:45 174592 –a—— C:\WINDOWS\system32\drivers\rdbss.sys
    2007-02-20 14:45 163644 –a—— C:\WINDOWS\system32\drivers\secdrv.sys
    2007-02-20 14:45 151552 –a—— C:\WINDOWS\system32\scrrun.dll
    2007-02-20 14:45 151552 –a—— C:\WINDOWS\system32\scrobj.dll
    2007-02-20 14:45 1435648 –a—— C:\WINDOWS\system32\query.dll
    2007-02-20 14:45 139528 –a—— C:\WINDOWS\system32\drivers\rdpwd.sys
    2007-02-20 14:45 117760 –a—— C:\WINDOWS\system32\t2embed.dll
    2007-02-20 14:44 91648 –a—— C:\WINDOWS\system32\mtxoci.dll
    2007-02-20 14:44 838360 –a—— C:\WINDOWS\system32\mswdat10.dll
    2007-02-20 14:44 74752 –a—— C:\WINDOWS\system32\olecli32.dll
    2007-02-20 14:44 701440 –a—— C:\WINDOWS\system32\msxml2.dll
    2007-02-20 14:44 66560 –a—— C:\WINDOWS\system32\mtxclu.dll
    2007-02-20 14:44 65536 –a—— C:\WINDOWS\system32
    wwks.dll
    2007-02-20 14:44 64000 –a—— C:\WINDOWS\system32
    wapi32.dll
    2007-02-20 14:44 621272 –a—— C:\WINDOWS\system32\mswstr10.dll
    2007-02-20 14:44 600576 –a—— C:\WINDOWS\system32\mstsc.exe
    2007-02-20 14:44 58880 –a—— C:\WINDOWS\system32\pnrpnsp.dll
    2007-02-20 14:44 553984 –a—— C:\WINDOWS\system32\p2psvc.dll
    2007-02-20 14:44 53760 –a—— C:\WINDOWS\system32
    arrator.exe
    2007-02-20 14:44 43520 –a—— C:\WINDOWS\system32
    tlanman.dll
    2007-02-20 14:44 386048 –a—— C:\WINDOWS\system32\qdvd.dll
    2007-02-20 14:44 37376 –a—— C:\WINDOWS\system32\olecnv32.dll
    2007-02-20 14:44 313344 –a—— C:\WINDOWS\system32\p2pgraph.dll
    2007-02-20 14:44 270336 –a—— C:\WINDOWS\system32\oakley.dll
    2007-02-20 14:44 247808 –a—— C:\WINDOWS\system32
    ewdev.dll
    2007-02-20 14:44 215552 –a—— C:\WINDOWS\system32\osk.exe
    2007-02-20 14:44 197632 –a—— C:\WINDOWS\system32
    etman.dll
    2007-02-20 14:44 192512 –a—— C:\WINDOWS\system32\qcap.dll
    2007-02-20 14:44 1866240 –a—— C:\WINDOWS\system32\mstscax.dll
    2007-02-20 14:44 1705472 –a—— C:\WINDOWS\system32
    etshell.dll
    2007-02-20 14:44 163456 –a—— C:\WINDOWS\system32\drivers
    wrdr.sys
    2007-02-20 14:44 15360 –a—— C:\WINDOWS\system32\msisip.dll
    2007-02-20 14:44 153088 –a—— C:\WINDOWS\system32\p2p.dll
    2007-02-20 14:44 142336 –a—— C:\WINDOWS\system32
    wprovau.dll
    2007-02-20 14:44 1287680 –a—— C:\WINDOWS\system32\quartz.dll
    2007-02-20 14:44 1286656 –a—— C:\WINDOWS\system32\ole32.dll
    2007-02-20 14:44 122880 –a—— C:\WINDOWS\system32\oledlg.dll
    2007-02-20 14:44 115712 –a—— C:\WINDOWS\system32\p2pnetsh.dll
    2007-02-20 14:44 1084416 –a—— C:\WINDOWS\system32\msxml3.dll
    2007-02-20 14:44 105088 –a—— C:\WINDOWS\system32\drivers\mup.sys
    2007-02-20 14:44 104960 –a—— C:\WINDOWS\system32\p2pgasvc.dll
    2007-02-20 14:43 981760 –a—— C:\WINDOWS\system32\mfc42u.dll
    2007-02-20 14:43 956928 –a—— C:\WINDOWS\system32\msdtctm.dll
    2007-02-20 14:43 884736 –a—— C:\WINDOWS\system32\msimsg.dll
    2007-02-20 14:43 78848 –a—— C:\WINDOWS\system32\msiexec.exe
    2007-02-20 14:43 73728 –a—— C:\WINDOWS\system32\mscms.dll
    2007-02-20 14:43 72704 –a—— C:\WINDOWS\system32\magnify.exe
    2007-02-20 14:43 726528 –a—— C:\WINDOWS\system32\lsasrv.dll
    2007-02-20 14:43 61440 –a—— C:\WINDOWS\system32\mmcshext.dll
    2007-02-20 14:43 58880 –a—— C:\WINDOWS\system32\msdtclog.dll
    2007-02-20 14:43 586240 –a—— C:\WINDOWS\system32\mlang.dll
    2007-02-20 14:43 454656 –a—— C:\WINDOWS\system32\drivers\mrxsmb.sys
    2007-02-20 14:43 427520 –a—— C:\WINDOWS\system32\msdtcprx.dll
    2007-02-20 14:43 297472 –a—— C:\WINDOWS\system32\msctf.dll
    2007-02-20 14:43 2890240 –a—— C:\WINDOWS\system32\msi.dll
    2007-02-20 14:43 271360 –a—— C:\WINDOWS\system32\msihnd.dll
    2007-02-20 14:43 19968 –a—— C:\WINDOWS\system32\linkinfo.dll
    2007-02-20 14:43 1913344 –a—— C:\WINDOWS\system32\mmcndmgr.dll
    2007-02-20 14:43 163328 –a—— C:\WINDOWS\system32\mmcbase.dll
    2007-02-20 14:43 161792 –a—— C:\WINDOWS\system32\msdtcuiu.dll
    2007-02-20 14:43 1354752 –a—— C:\WINDOWS\system32\mmc.exe
    2007-02-20 14:42 98304 –a—— C:\WINDOWS\system32\cscript.exe
    2007-02-20 14:42 97792 –a—— C:\WINDOWS\system32\comrepl.dll
    2007-02-20 14:42 80896 –a—— C:\WINDOWS\system32\fontsub.dll
    2007-02-20 14:42 72704 –a—— C:\WINDOWS\system32\hlink.dll
    2007-02-20 14:42 679424 –a—— C:\WINDOWS\system32\inetcomm.dll
    2007-02-20 14:42 62464 –a—— C:\WINDOWS\system32\cryptsvc.dll
    2007-02-20 14:42 617472 –a—— C:\WINDOWS\system32\comctl32.dll
    2007-02-20 14:42 60416 –a—— C:\WINDOWS\system32\colbact.dll
    2007-02-20 14:42 539648 –a—— C:\WINDOWS\system32\comuid.dll
    2007-02-20 14:42 42496 –a—— C:\WINDOWS\system32\ftp.exe
    2007-02-20 14:42 41984 –a—— C:\WINDOWS\system32\drivers\imapi.sys
    2007-02-20 14:42 41472 –a—— C:\WINDOWS\system32\hhsetup.dll
    2007-02-20 14:42 36921 –a—— C:\WINDOWS\system32\imeshare.dll
    2007-02-20 14:42 36864 –a—— C:\WINDOWS\system32\drivers\hidclass.sys
    2007-02-20 14:42 36096 –a—— C:\WINDOWS\system32\drivers\intelppm.sys
    2007-02-20 14:42 347136 –a—— C:\WINDOWS\system32\hypertrm.dll
    2007-02-20 14:42 298496 –a—— C:\WINDOWS\system32\kerberos.dll
    2007-02-20 14:42 28672 –a—— C:\WINDOWS\system32\dispex.dll
    2007-02-20 14:42 262656 –a—— C:\WINDOWS\system32\drivers\http.sys
    2007-02-20 14:42 254976 –a—— C:\WINDOWS\system32\icm32.dll
    2007-02-20 14:42 243200 –a—— C:\WINDOWS\system32\es.dll
    2007-02-20 14:42 23040 –a—— C:\WINDOWS\system32\fltmc.exe
    2007-02-20 14:42 198616 –a—— C:\WINDOWS\system32\iuengine.dll
    2007-02-20 14:42 183808 –a—— C:\WINDOWS\system32\ipsecsvc.dll
    2007-02-20 14:42 16896 –a—— C:\WINDOWS\system32\fltlib.dll
    2007-02-20 14:42 155136 –a—— C:\WINDOWS\system32\itircl.dll
    2007-02-20 14:42 137216 –a—— C:\WINDOWS\system32\itss.dll
    2007-02-20 14:42 136320 –a—— C:\WINDOWS\system32\drivers\ipnat.sys
    2007-02-20 14:42 128768 –a—— C:\WINDOWS\system32\drivers\fltMgr.sys
    2007-02-20 14:42 1269248 –a—— C:\WINDOWS\system32\comsvcs.dll
    2007-02-20 14:42 123392 –a—— C:\WINDOWS\system32\input.dll
    2007-02-20 14:42 1082368 –a—— C:\WINDOWS\system32\esent.dll
    2007-02-20 14:42 10752 –a—— C:\WINDOWS\hh.exe
    2007-02-20 14:42 1033216 –a—— C:\WINDOWS\explorer.exe
    2007-02-20 14:41 77824 –a—— C:\WINDOWS\system32\browser.dll
    2007-02-20 14:41 75736 –a—— C:\WINDOWS\system32\cdm.dll
    2007-02-20 14:41 69120 –a—— C:\WINDOWS\system32\ciodm.dll
    2007-02-20 14:41 625152 –a—— C:\WINDOWS\system32\catsrvut.dll
    2007-02-20 14:41 62464 –a—— C:\WINDOWS\system32\authz.dll
    2007-02-20 14:41 498688 –a—— C:\WINDOWS\system32\clbcatq.dll
    2007-02-20 14:41 49536 –a—— C:\WINDOWS\system32\drivers\classpnp.sys
    2007-02-20 14:41 225792 –a—— C:\WINDOWS\system32\catsrv.dll
    2007-02-20 14:41 2068480 –a—— C:\WINDOWS\system32\cdosys.dll
    2007-02-20 14:41 148480 –a—— C:\WINDOWS\system32\cic.dll
    2007-02-20 14:41 110080 –a—— C:\WINDOWS\system32\clbcatex.dll
    2007-02-20 14:39 100352 –a—— C:\WINDOWS\system32\6to4svc.dll
    2007-01-19 13:53 51056 –a—— C:\WINDOWS\system32\sirenacm.dll


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries & legit default entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
    "AtiTrayTools"="\"C:\\Program Files\\ATI Tray Tools\\atitray.exe\""
    "µTorrent"="\"C:\\Program Files\\uTorrent\\utorrent.exe\""
    "uTorrent"="\"C:\\Program Files\\uTorrent\\utorrent.exe\""
    "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "nod32kui"="\"C:\\Program Files\\Eset\
    od32kui.exe\" /WAITSERVICE"
    "ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
    "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
    "nltide_3"=hex(2):72,75,6e,64,6c,6c,33,32,20,61,64,76,70,61,63,6b,2e,64,6c,6c,\
    2c,4c,61,75,6e,63,68,49,4e,46,53,65,63,74,69,6f,6e,45,78,20,6e,4c,69,74,65,\
    2e,69,6e,66,2c,43,2c,2c,34,2c,4e,00

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Thomas^Start Menu^Programs^Startup^Adobe Gamma.lnk]
    "path"="C:\\Documents and Settings\\Thomas\\Start Menu\\Programs\\Startup\\Adobe Gamma.lnk"
    "backup"="C:\\WINDOWS\\pss\\Adobe Gamma.lnkStartup"
    "location"="Startup"
    "command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
    "item"="Adobe Gamma"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Thomas^Start Menu^Programs^Startup^Folding@Home 5.03.lnk]
    "path"="C:\\Documents and Settings\\Thomas\\Start Menu\\Programs\\Startup\\Folding@Home 5.03.lnk"
    "backup"="C:\\WINDOWS\\pss\\Folding@Home 5.03.lnkStartup"
    "location"="Startup"
    "command"="C:\\PROGRA~1\\FOLDIN~1\\winFAH.exe "
    "item"="Folding@Home 5.03"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Thomas^Start Menu^Programs^Startup^WLAN Utility.lnk]
    "path"="C:\\Documents and Settings\\Thomas\\Start Menu\\Programs\\Startup\\WLAN Utility.lnk"
    "backup"="C:\\WINDOWS\\pss\\WLAN Utility.lnkStartup"
    "location"="Startup"
    "command"="C:\\PROGRA~1\\Sitecom\\SITECO~1\\WLANUTL.exe "
    "item"="WLAN Utility"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="daemon"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="iTunesHelper"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Logi_MwX"
    "hkey"="HKLM"
    "command"="Logi_MwX.Exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="msmsgs"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="NeroCheck"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17Helper]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Rundll32 P17"
    "hkey"="HKLM"
    "command"="Rundll32 P17.dll,P17Helper"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Steam"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Steam\\Steam.exe\" -silent"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="jusched"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="MSASCui"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "WZCSVC"=dword:00000002
    "Schedule"=dword:00000002
    "SCardSvr"=dword:00000003
    "RDSessMgr"=dword:00000003
    "RasMan"=dword:00000003
    "RasAuto"=dword:00000003
    "ImapiService"=dword:00000003
    "iPod Service"=dword:00000003
    "idsvc"=dword:00000003
    "gusvc"=dword:00000003
    "FAH@F:+Firefox Downloads+FAH502-Console.exe"=dword:00000002


    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"
    "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
    "{7F5FFCB8-4838-43CD-80EA-A7EC9C744281}"=""

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "DisableCAD"=dword:00000000

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools"=dword:00000000

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoLowDiskSpaceChecks"=dword:00000001

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoLowDiskSpaceChecks"=dword:00000001

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer\run]

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoLowDiskSpaceChecks"=dword:00000001

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer\run]

    HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\gebcaaa
    HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\ssqrq

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
    Authentication Packages REG_MULTI_SZ msv1_0\0\0
    Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
    Notification Packages REG_MULTI_SZ scecli\0\0

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0



    Contents of the 'Scheduled Tasks' folder
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\MP Scheduled Scan.job


    ********************************************************************

    catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
    http://www.gmer.net

    scanning hidden processes …

    scanning hidden services …

    scanning hidden autostart entries …

    scanning hidden files …

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    ********************************************************************

    Completion time: 07-04-10 22:05:05
    C:\ComboFix-quarantined-files.txt … 07-04-10 22:05


























  • Ga naar start - uitvoeren en tik in: [b:a36a498686]"%userprofile%\Desktop\combofix.exe" /v gebcaaa ssqrq [/b:a36a498686]
    Volg de instructies op het scherm.
    Als het tooltje klaar is, opent er een logfile (combofix.txt).
    Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.
  • [size=24:9ff7e7bedc][b:9ff7e7bedc]Combofix[/b:9ff7e7bedc][/size:9ff7e7bedc]

    "Thomas" - 07-04-11 23:58:50 Service Pack 2
    ComboFix 07-04-05 - Running from: "C:\Documents and Settings\Thomas\Desktop"
    Command switches used :: /v gebcaaa ssqrq


    ((((((((((((((((((((((((((((((( Files Created from 2007-03-11 to 2007-04-11 ))))))))))))))))))))))))))))))))))


    2007-04-11 17:57 <DIR> d——– C:\WINDOWS\LastGood
    2007-04-10 22:50 <DIR> d——– C:\Program Files\Activision
    2007-04-09 13:36 <DIR> d——– C:\Program Files\Eidos
    2007-04-08 17:54 <DIR> d——– C:\Program Files\Foxit Software
    2007-04-08 12:31 26,056 –a—— C:\WINDOWS\system32\drivers\hamachi.sys
    2007-04-08 12:31 <DIR> d——– C:\Program Files\Hamachi
    2007-04-08 12:31 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\Hamachi
    2007-04-08 02:46 <DIR> d——– C:\WINDOWS\system32\ActiveScan
    2007-04-08 02:43 <DIR> d——– C:\Program Files\Windows Live Safety Center
    2007-04-07 00:57 <DIR> d——– C:\Program Files\DC++
    2007-04-06 22:00 <DIR> d——– C:\Program Files\Virtual Dub
    2007-04-06 17:25 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\Command & Conquer 3 Tiberium Wars
    2007-04-06 16:40 <DIR> d——– C:\Program Files\Electronic Arts
    2007-04-05 13:50 <DIR> d——– C:\Program Files\EA SPORTS
    2007-04-04 17:29 <DIR> d——– C:\Program Files\Common Files\Wise Installation Wizard
    2007-04-01 11:19 3,968 –a—— C:\WINDOWS\system32\drivers\AvgAsCln.sys
    2007-03-31 17:58 <DIR> d——– C:\Program Files\Java
    2007-03-31 17:58 <DIR> d——– C:\Program Files\Common Files\Java
    2007-03-30 19:04 <DIR> d——– C:\Program Files\MagicISO
    2007-03-30 13:22 86,016 –a—— C:\WINDOWS\system32\OpenAL32.dll
    2007-03-29 19:30 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\gtk-2.0
    2007-03-29 19:30 <DIR> d——– C:\DOCUME~1\Thomas\.thumbnails
    2007-03-29 19:27 <DIR> d——– C:\DOCUME~1\Thomas\.gimp-2.2
    2007-03-29 19:26 <DIR> d——– C:\Program Files\GIMP-2.0
    2007-03-29 19:24 <DIR> d——– C:\Program Files\Common Files\GTK
    2007-03-29 19:21 <DIR> d——– C:\DOCUME~1\Thomas\.gimp-2.3
    2007-03-29 19:11 36,864 –a—— C:\WINDOWS\system32\drivers\AmdK8.sys
    2007-03-29 19:11 <DIR> d——– C:\Program Files\DIFX
    2007-03-29 18:49 83,968 –a—— C:\WINDOWS\system32
    vraidservice.exe
    2007-03-29 18:49 74,240 –a—— C:\WINDOWS\system32\NvRaidWizardEnu.dll
    2007-03-29 18:49 6,144 –a—— C:\WINDOWS\system32\NvRaidSvEnu.dll
    2007-03-29 18:49 396,800 –a—— C:\WINDOWS\system32\NvRaidWizard.dll
    2007-03-29 18:49 244,224 –a—— C:\WINDOWS\system32\NvRaidMan.exe
    2007-03-29 18:49 20,480 –a—— C:\WINDOWS\system32\NvRaidEnu.dll
    2007-03-29 18:49 176,128 –a—— C:\WINDOWS\system32
    vusmb.exe
    2007-03-29 18:49 176,128 –a—— C:\WINDOWS\system32
    vunrm.exe
    2007-03-29 18:49 176,128 –a—— C:\WINDOWS\system32
    vuide.exe
    2007-03-29 18:49 176,128 –a—— C:\WINDOWS\system32
    vugart.exe
    2007-03-29 18:49 <DIR> d——– C:\NVIDIA
    2007-03-29 18:34 22,040 –a—— C:\DOCUME~1\Thomas\APPLIC~1\addon.dat
    2007-03-29 18:34 <DIR> d——– C:\WINDOWS\system32\Bifrost
    2007-03-29 16:51 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    2007-03-29 16:49 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\Adobe
    2007-03-29 16:46 <DIR> d——– C:\Program Files\Common Files\Adobe Systems Shared
    2007-03-29 16:45 <DIR> d——– C:\Program Files\Common Files\Adobe
    2007-03-29 16:45 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    2007-03-29 13:27 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\atitray
    2007-03-29 13:26 <DIR> d——– C:\Program Files\ATI Tray Tools
    2007-03-28 23:39 520,192 ——— C:\WINDOWS\system32\ati2sgag.exe
    2007-03-28 23:39 <DIR> d——– C:\Program Files\ATI Technologies
    2007-03-27 23:52 <DIR> d——– C:\Program Files\ATITool
    2007-03-27 00:49 5,632 –a—— C:\WINDOWS\system32\drivers\Entech64.sys
    2007-03-27 00:24 3,972 –a—— C:\WINDOWS\system32\drivers\PciBus.sys
    2007-03-27 00:24 21,664 –a—— C:\WINDOWS\system32\drivers\Entech.sys
    2007-03-27 00:24 <DIR> d——– C:\WINDOWS\system32\Futuremark
    2007-03-27 00:24 <DIR> d——– C:\Program Files\Futuremark
    2007-03-27 00:21 <DIR> d——– C:\Program Files\MadOnion.com
    2007-03-26 23:26 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    2007-03-26 21:11 <DIR> d——– C:\Program Files\THQ
    2007-03-25 20:18 108,144 –a—— C:\WINDOWS\system32\CmdLineExt.dll
    2007-03-25 20:18 <DIR> dr-h—– C:\DOCUME~1\Thomas\APPLIC~1\SecuROM
    2007-03-25 19:43 <DIR> d——– C:\Program Files\Ubisoft
    2007-03-25 19:42 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\InstallShield
    2007-03-25 18:31 <DIR> d——– C:\Program Files\EA GAMES
    2007-03-25 18:31 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\InstallShield Installation Information
    2007-03-25 16:29 <DIR> d——– C:\Program Files\Rockstar Games
    2007-03-25 16:25 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\ATI
    2007-03-25 16:18 <DIR> d——– C:\ATI
    2007-03-25 16:04 <DIR> d——– C:\Program Files\Driver Cleaner Pro
    2007-03-25 02:00 <DIR> d——– C:\Program Files\Audacity
    2007-03-24 12:28 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    2007-03-23 00:20 87,608 –a—— C:\DOCUME~1\Thomas\APPLIC~1\ezpinst.exe
    2007-03-23 00:20 47,360 –a—— C:\WINDOWS\system32\drivers\pcouffin.sys
    2007-03-23 00:20 47,360 –a—— C:\DOCUME~1\Thomas\APPLIC~1\pcouffin.sys
    2007-03-23 00:20 <DIR> d——– C:\Program Files\vso
    2007-03-23 00:20 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\Vso
    2007-03-21 19:35 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\foobar2000
    2007-03-18 19:44 <DIR> d——– C:\DOCUME~1\Thomas\WINDOWS
    2007-03-18 19:35 <DIR> d——– C:\Program Files\Max Payne
    2007-03-18 19:06 <DIR> d——– C:\Program Files\Kyodai Mahjongg
    2007-03-17 01:23 <DIR> d——– C:\Program Files\iPod
    2007-03-16 17:55 73,728 –a—— C:\WINDOWS\system32\GkSui18.EXE
    2007-03-16 17:55 69,632 –a—— C:\WINDOWS\system32\Copy of GkSui18.EXE
    2007-03-16 17:55 <DIR> d——– C:\Program Files\Folding@Home
    2007-03-16 17:26 <DIR> d——– C:\DOCUME~1\Thomas\APPLIC~1\Google
    2007-03-16 17:25 <DIR> d——– C:\Program Files\Windows Defender
    2007-03-16 12:21 <DIR> d–h—– C:\6e8fa1e725a0e6989e97f57774d36f8b
    2007-03-16 12:10 <DIR> d——– C:\Program Files
    Lite
    2007-03-11 22:48 <DIR> d——– C:\WINDOWS\system32\appmgmt


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2007-04-11 23:52 ——– d——– C:\Program Files\united devices
    2007-04-11 23:08 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\xfire
    2007-04-11 23:08 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\utorrent
    2007-04-11 22:47 ——– dr——- C:\Program Files\xfire
    2007-04-11 21:58 ——– d——– C:\Program Files\steam
    2007-04-11 21:44 ——– d–h—– C:\Program Files\installshield installation information
    2007-04-09 19:35 2404 –a—— C:\WINDOWS\system32\d3d9caps.dat
    2007-04-09 14:37 ——– d——– C:\Program Files\hitman pro
    2007-04-09 14:17 ——– d——– C:\Program Files\spywareblaster
    2007-04-08 17:55 ——– d——– C:\Program Files\foxit reader
    2007-04-08 02:33 ——– d——– C:\Program Files\utorrent
    2007-04-07 11:13 4212 —h—– C:\WINDOWS\system32\zllictbl.dat
    2007-04-07 00:51 ——– d——– C:\Program Files\mirc
    2007-04-04 17:30 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\lavasoft
    2007-04-04 17:29 ——– d——– C:\Program Files\lavasoft
    2007-04-01 18:25 ——– d——– C:\Program Files\kyodai mahjongg 2006
    2007-03-29 18:42 ——– d——– C:\Program Files\media player classic
    2007-03-25 00:41 1632 –a—— C:\WINDOWS\system32\d3d8caps.dat
    2007-03-23 20:30 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\screenshot sender
    2007-03-23 00:20 34 –a—— C:\DOCUME~1\Thomas\APPLIC~1\pcouffin.log
    2007-03-23 00:20 1144 –a—— C:\DOCUME~1\Thomas\APPLIC~1\pcouffin.inf
    2007-03-23 00:20 1074 –a—— C:\DOCUME~1\Thomas\APPLIC~1\pcouffin.cat
    2007-03-21 19:35 ——– d——– C:\Program Files\foobar2000
    2007-03-20 00:40 ——– d——– C:\Program Files\kyodai
    2007-03-20 00:36 ——– d——– C:\Program Files\lavalys
    2007-03-17 01:23 ——– d——– C:\Program Files\itunes
    2007-03-16 17:51 405504 –a—— C:\WINDOWS\system32\wrap_oal.dll
    2007-03-16 17:51 ——– d——– C:\Program Files\creative
    2007-03-16 17:25 ——– d——– C:\Program Files\google
    2007-03-14 00:21 ——– d——– C:\Program Files\bearshare
    2007-03-12 00:33 ——– d——– C:\Program Files\xchat
    2007-03-10 21:03 ——– d——– C:\Program Files\power tab software
    2007-03-10 20:20 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\help
    2007-03-09 01:01 1087216 –a—— C:\WINDOWS\system32\zpeng24.dll
    2007-03-08 17:48 578048 –a—— C:\WINDOWS\system32\user32.dll
    2007-03-08 17:48 40960 –a—— C:\WINDOWS\system32\mf3216.dll
    2007-03-08 17:48 282112 –a—— C:\WINDOWS\system32\gdi32.dll
    2007-03-08 15:49 1843968 –a—— C:\WINDOWS\system32\win32k.sys
    2007-03-08 00:05 ——– d——– C:\Program Files\ahead
    2007-03-07 21:30 73728 –a—— C:\WINDOWS\ud.scr
    2007-03-06 18:02 ——– d——– C:\Program Files\apple software update
    2007-03-06 17:36 ——– d——– C:\Program Files\msn messenger
    2007-03-06 17:36 ——– d——– C:\Program Files\messenger plus! live
    2007-03-05 23:38 5632 –a—— C:\WINDOWS\system32\drivers\AWRTPD.sys
    2007-03-05 21:59 ——– d——– C:\Program Files\picasa2
    2007-03-03 13:40 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\sun
    2007-03-03 13:40 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\real
    2007-03-02 22:57 307200 –a—— C:\WINDOWS\system32\atiiiexx.dll
    2007-03-02 22:54 307200 –a—— C:\WINDOWS\system32\atidemgx.dll
    2007-03-02 22:53 265728 –a—— C:\WINDOWS\system32\ati2dvag.dll
    2007-03-02 22:53 1972224 –a—— C:\WINDOWS\system32\drivers\ati2mtag.sys
    2007-03-02 22:47 42496 –a—— C:\WINDOWS\system32\ati2edxx.dll
    2007-03-02 22:47 26112 –a—— C:\WINDOWS\system32\ati2mdxx.exe
    2007-03-02 22:47 118784 –a—— C:\WINDOWS\system32\atipdlxx.dll
    2007-03-02 22:47 110592 –a—— C:\WINDOWS\system32\oemdspif.dll
    2007-03-02 22:47 110592 –a—— C:\WINDOWS\system32\ati2evxx.dll
    2007-03-02 22:46 446464 –a—— C:\WINDOWS\system32\ati2evxx.exe
    2007-03-02 22:45 53248 –a—— C:\WINDOWS\system32\atiddc.dll
    2007-03-02 22:38 2824512 –a—— C:\WINDOWS\system32\ati3duag.dll
    2007-03-02 22:29 3107788 –a—— C:\WINDOWS\system32\ativvaxx.dat
    2007-03-02 22:29 1288960 –a—— C:\WINDOWS\system32\ativvaxx.dll
    2007-03-02 22:21 5398528 –a—— C:\WINDOWS\system32\atioglxx.dll
    2007-03-02 22:17 258048 –a—— C:\WINDOWS\system32\atikvmag.dll
    2007-03-02 22:16 17408 –a—— C:\WINDOWS\system32\atitvo32.dll
    2007-03-02 22:11 348160 –a—— C:\WINDOWS\system32\ati2cqag.dll
    2007-03-01 00:36 ——– d——– C:\Program Files\dvd audio extractor
    2007-02-28 15:16 ——– d——– C:\Program Files\imtoo
    2007-02-28 14:49 ——– d——– C:\Program Files\badgerit
    2007-02-28 00:22 ——– d——– C:\Program Files\imageshack
    2007-02-27 21:55 ——– d——– C:\Program Files\logitech
    2007-02-27 21:55 ——– d——– C:\Program Files\Common Files\logitech
    2007-02-27 16:26 ——– d——– C:\Program Files\msbuild
    2007-02-27 16:21 ——– d——– C:\Program Files\reference assemblies
    2007-02-26 17:51 ——– d——– C:\Program Files\last.fm
    2007-02-26 17:44 147685 –a—— C:\WINDOWS\system32\atiicdxx.dat
    2007-02-25 19:14 ——– d——– C:\Program Files\partygaming
    2007-02-25 00:40 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\officeupdate12
    2007-02-25 00:30 ——– d——– C:\Program Files\microsoft activesync
    2007-02-24 00:16 ——– d——– C:\Program Files\Common Files\real
    2007-02-24 00:00 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\x-chat 2
    2007-02-23 22:04 ——– d——– C:\Program Files\daemon tools
    2007-02-23 17:04 ——– d——– C:\Program Files\sitecom
    2007-02-23 17:04 ——– d——– C:\Program Files\Common Files\installshield
    2007-02-23 17:02 ——– d——– C:\Program Files\microsoft.net
    2007-02-23 16:56 646392 –a—— C:\WINDOWS\system32\drivers\sptd.sys
    2007-02-22 23:35 ——– d——– C:\Program Files\Common Files\ahead
    2007-02-22 22:17 335 –a—— C:\WINDOWS\mozregistry.dat
    2007-02-22 22:09 1168 –a—— C:\WINDOWS\mozver.dat
    2007-02-22 20:36 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\media player classic
    2007-02-22 20:21 ——– d——– C:\Program Files\ffdshow
    2007-02-22 20:16 ——– d——– C:\Program Files\smart projects
    2007-02-22 20:05 0 –a—— C:\WINDOWS
    sreg.dat
    2007-02-22 19:51 62 –ahs—- C:\DOCUME~1\Thomas\APPLIC~1\desktop.ini
    2007-02-22 19:51 ——– d——– C:\Program Files\Common Files\speechengines
    2007-02-22 19:51 ——– d——– C:\Program Files\Common Files\odbc
    2007-02-22 19:41 ——– d——– C:\Program Files\ccleaner
    2007-02-22 19:40 ——– d——– C:\DOCUME~1\Thomas\APPLIC~1\winrar
    2007-02-22 19:34 512096 –a—— C:\WINDOWS\system32\drivers\amon.sys
    2007-02-22 19:34 298104 –a—— C:\WINDOWS\system32\imon.dll
    2007-02-22 19:34 15424 –a—— C:\WINDOWS\system32\drivers
    od32drv.sys
    2007-02-22 19:18 0 -rahs—- C:\MSDOS.SYS
    2007-02-22 19:18 0 -rahs—- C:\IO.SYS
    2007-02-22 19:18 0 –a—— C:\CONFIG.SYS
    2007-02-22 19:18 0 –a—— C:\AUTOEXEC.BAT
    2007-02-22 19:18 ——– d——– C:\Program Files\microsoft frontpage
    2007-02-22 19:17 ——– d–h—– C:\Program Files\windowsupdate
    2007-02-22 19:16 ——– d——– C:\Program Files\movie maker
    2007-02-22 19:16 ——– d——– C:\Program Files\Common Files\mssoap
    2007-02-22 19:15 21640 –a—— C:\WINDOWS\system32\emptyregdb.dat
    2007-02-22 19:15 ——– d——– C:\Program Files\windows nt
    2007-02-22 19:15 ——– d——– C:\Program Files\windows media connect 2
    2007-02-22 19:15 ——– d——– C:\Program Files\online services
    2007-02-22 19:15 ——– d——– C:\Program Files\msn gaming zone
    2007-02-22 19:15 ——– d——– C:\Program Files\messenger
    2007-02-20 15:04 80128 –a—— C:\WINDOWS\system32\drivers\parport.sys
    2007-02-20 15:04 63744 –a—— C:\WINDOWS\system32\drivers\mf.sys
    2007-02-20 15:04 61824 –a—— C:\WINDOWS\system32\drivers
    ic1394.sys
    2007-02-20 15:04 60800 –a—— C:\WINDOWS\system32\drivers\arp1394.sys
    2007-02-20 15:04 52736 –a—— C:\WINDOWS\system32\wzcsapi.dll
    2007-02-20 15:04 52224 –a—— C:\WINDOWS\system32\dmutil.dll
    2007-02-20 15:04 476160 –a—— C:\WINDOWS\system32\wzcsvc.dll
    2007-02-20 15:04 47616 –a—— C:\WINDOWS\system32\iyuv_32.dll
    2007-02-20 15:04 47104 –a—— C:\WINDOWS\system32\cnbjmon.dll
    2007-02-20 15:04 4352 –a—— C:\WINDOWS\system32\drivers\swenum.sys
    2007-02-20 15:04 42496 –a—— C:\WINDOWS\system32\drivers\p3.sys
    2007-02-20 15:04 37376 –a—— C:\WINDOWS\system32\drivers\amdk7.sys
    2007-02-20 15:04 36992 –a—— C:\WINDOWS\system32\drivers\amdk6.sys
    2007-02-20 15:04 36480 –a—— C:\WINDOWS\system32\drivers\crusoe.sys
    2007-02-20 15:04 35456 –a—— C:\WINDOWS\system32\drivers\processr.sys
    2007-02-20 15:04 35328 –a—— C:\WINDOWS\system32\pid.dll
    2007-02-20 15:04 30080 –a—— C:\WINDOWS\system32\drivers\modem.sys
    2007-02-20 15:04 25472 –a—— C:\WINDOWS\system32\drivers\sonydcam.sys
    2007-02-20 15:04 20992 –a—— C:\WINDOWS\system32\hid.dll
    2007-02-20 15:04 17408 –a—— C:\WINDOWS\system32\msyuv.dll
    2007-02-20 15:04 16000 –a—— C:\WINDOWS\system32\drivers\usbintel.sys
    2007-02-20 15:04 1580544 –a—— C:\WINDOWS\system32\sfcfiles.dll
    2007-02-20 15:04 15488 –a—— C:\WINDOWS\system32\drivers\mssmbios.sys
    2007-02-20 15:04 15360 –a—— C:\WINDOWS\system32\pjlmon.dll
    2007-02-20 15:04 14592 –a—— C:\WINDOWS\system32\drivers
    disuio.sys
    2007-02-20 15:04 12416 –a—— C:\WINDOWS\system32\drivers\tunmp.sys
    2007-02-20 15:02 86073 –a—— C:\WINDOWS\system32\usrfaxa.dll
    2007-02-20 15:02 8192 –a—— C:\WINDOWS\system32\tsbyuv.dll
    2007-02-20 15:02 8192 –a—— C:\WINDOWS\system32\streamci.dll
    2007-02-20 15:02 77891 –a—— C:\WINDOWS\system32\usrmlnka.exe
    2007-02-20 15:02 77890 –a—— C:\WINDOWS\system32\usrdpa.dll
    2007-02-20 15:02 77883 –a—— C:\WINDOWS\system32\usrrtosa.dll
    2007-02-20 15:02 72192 –a—— C:\WINDOWS\system32\sprio800.dll
    2007-02-20 15:02 70656 –a—— C:\WINDOWS\system32\sprio600.dll
    2007-02-20 15:02 69700 –a—— C:\WINDOWS\system32\usrshuta.exe
    2007-02-20 15:02 69699 –a—— C:\WINDOWS\system32\usrcoina.dll
    2007-02-20 15:02 69632 –a—— C:\WINDOWS\system32\spnike.dll
    2007-02-20 15:02 61508 –a—— C:\WINDOWS\system32\usrprbda.exe
    2007-02-20 15:02 61500 –a—— C:\WINDOWS\system32\usrcntra.dll
    2007-02-20 15:02 58112 –a—— C:\WINDOWS\system32\drivers\vdmindvd.sys
    2007-02-20 15:02 55296 –a—— C:\WINDOWS\system32\dvdplay.exe
    2007-02-20 15:02 53305 –a—— C:\WINDOWS\system32\usrlbva.dll
    2007-02-20 15:02 51712 –a—— C:\WINDOWS\system32\drivers\tosdvd.sys
    2007-02-20 15:02 49211 –a—— C:\WINDOWS\system32\usrvpa.dll
    2007-02-20 15:02 49211 –a—— C:\WINDOWS\system32\usrsdpia.dll
    2007-02-20 15:02 49209 –a—— C:\WINDOWS\system32\usrv80a.dll
    2007-02-20 15:02 45116 –a—— C:\WINDOWS\system32\usrvoica.dll
    2007-02-20 15:02 41019 –a—— C:\WINDOWS\system32\usrsvpia.dll
    2007-02-20 15:02 323641 –a—— C:\WINDOWS\system32\usrdtea.dll
    2007-02-20 15:02 3200 –a—— C:\WINDOWS\system32\wowfax.dll
    2007-02-20 15:02 262528 –a—— C:\WINDOWS\system32\drivers\cinemst2.sys
    2007-02-20 15:02 23936 –a—— C:\WINDOWS\system32\drivers\usbcamd2.sys
    2007-02-20 15:02 23808 –a—— C:\WINDOWS\system32\drivers\usbcamd.sys
    2007-02-20 15:02 21376 –a—— C:\WINDOWS\system32\drivers\tsbvcap.sys
    2007-02-20 15:02 18688 –a—— C:\WINDOWS\system32\drivers\cdaudio.sys
    2007-02-20 15:02 157696 –a—— C:\WINDOWS\system32\paqsp.dll
    2007-02-20 15:02 147968 –a—— C:\WINDOWS\system32\mdwmdmsp.dll
    2007-02-20 15:02 13824 –a—— C:\WINDOWS\system32\wowfaxui.dll
    2007-02-20 15:02 12160 –a—— C:\WINDOWS\system32\drivers\fsvga.sys
    2007-02-20 15:02 12032 –a—— C:\WINDOWS\system32\drivers\riodrv.sys
    2007-02-20 15:02 12032 –a—— C:\WINDOWS\system32\drivers\rio8drv.sys
    2007-02-20 15:02 12032 –a—— C:\WINDOWS\system32\drivers
    ikedrv.sys
    2007-02-20 15:02 11776 –a—— C:\WINDOWS\system32\drivers\cpqdap01.sys
    2007-02-20 15:02 102457 –a—— C:\WINDOWS\system32\usrv42a.dll
    2007-02-20 14:52 984576 –a—— C:\WINDOWS\system32\syssetup.dll
    2007-02-20 14:52 68888 –a—— C:\WINDOWS\system32\xinput1_3.dll
    2007-02-20 14:52 68224 –a—— C:\WINDOWS\system32\drivers
    vraid.sys
    2007-02-20 14:52 62744 –a—— C:\WINDOWS\system32\xinput1_2.dll
    2007-02-20 14:52 32256 –a—— C:\WINDOWS\system32
    vcog.dll
    2007-02-20 14:52 294400 –a—— C:\WINDOWS\system32\idecoi.dll
    2007-02-20 14:52 255848 –a—— C:\WINDOWS\system32\xactengine2_6.dll
    2007-02-20 14:52 251672 –a—— C:\WINDOWS\system32\xactengine2_5.dll
    2007-02-20 14:52 237848 –a—— C:\WINDOWS\system32\xactengine2_4.dll
    2007-02-20 14:52 236824 –a—— C:\WINDOWS\system32\xactengine2_3.dll
    2007-02-20 14:52 21760 –a—— C:\WINDOWS\system32\drivers
    v_agp.SYS
    2007-02-20 14:52 18432 –a—— C:\WINDOWS\system32
    vraidco.dll
    2007-02-20 14:51 3426072 –a—— C:\WINDOWS\system32\d3dx9_32.dll
    2007-02-20 14:51 2414360 –a—— C:\WINDOWS\system32\d3dx9_31.dll
    2007-02-20 14:51 2297552 –a—— C:\WINDOWS\system32\d3dx9_26.dll
    2007-02-20 14:51 15128 –a—— C:\WINDOWS\system32\x3daudio1_1.dll
    2007-02-20 14:50 940544 –a—— C:\WINDOWS\system32\wmspdmoe.dll
    2007-02-20 14:50 826368 –a—— C:\WINDOWS\system32\wmvdmod.dll
    2007-02-20 14:50 66560 –a—— C:\WINDOWS\system32\wpdmtpus.dll
    2007-02-20 14:50 61952 –a—— C:\WINDOWS\system32\wpdconns.dll
    2007-02-20 14:50 486400 –a—— C:\WINDOWS\system32\audiodev.dll
    2007-02-20 14:50 47104 –a—— C:\WINDOWS\system32\uwdf.exe
    2007-02-20 14:50 407552 –a—— C:\WINDOWS\system32\wmspdmod.dll
    2007-02-20 14:50 38912 –a—— C:\WINDOWS\system32\wpd_ci.dll
    2007-02-20 14:50 38912 –a—— C:\WINDOWS\system32\wdfmgr.exe
    2007-02-20 14:50 344064 –a—— C:\WINDOWS\system32\wmdrmdev.dll
    2007-02-20 14:50 331776 –a—— C:\WINDOWS\system32\wpdmtpdr.dll
    2007-02-20 14:50 329728 –a—— C:\WINDOWS\system32\wpdsp.dll
    2007-02-20 14:50 290816 –a—— C:\WINDOWS\system32\wmdrmnet.dll
    2007-02-20 14:50 23040 –a—— C:\WINDOWS\kb913800.exe
    2007-02-20 14:50 18944 –a—— C:\WINDOWS\system32\drivers\wpdusb.sys
    2007-02-20 14:50 180224 –a—— C:\WINDOWS\system32\wmdrmsdk.dll
    2007-02-20 14:50 178936 –a—— C:\WINDOWS\system32\drmupgds.exe
    2007-02-20 14:50 175104 –a—— C:\WINDOWS\system32\wmpsrcwp.dll
    2007-02-20 14:50 1594880 –a—— C:\WINDOWS\system32\wmpencen.dll
    2007-02-20 14:50 15872 –a—— C:\WINDOWS\system32\wdfapi.dll
    2007-02-20 14:50 1512448 –a—— C:\WINDOWS\system32\wmvadve.dll
    2007-02-20 14:50 1216000 –a—— C:\WINDOWS\system32\wmvadvd.dll
    2007-02-20 14:50 114176 –a—— C:\WINDOWS\system32\wpdmtp.dll
    2007-02-20 14:50 1119744 –a—— C:\WINDOWS\system32\wmsdmoe2.dll
    2007-02-20 14:50 10752 –a—— C:\WINDOWS\system32\wpdtrace.dll
    2007-02-20 14:50 106496 –a—— C:\WINDOWS\system32\mfplat.dll
    2007-02-20 14:50 1003008 –a—— C:\WINDOWS\system32\wmvdmoe2.dll
    2007-02-20 14:49 988672 –a—— C:\WINDOWS\system32\wmnetmgr.dll
    2007-02-20 14:49 96768 –a—— C:\WINDOWS\system32\logagent.exe
    2007-02-20 14:49 86016 –a—— C:\WINDOWS\system32\wmpshell.dll
    2007-02-20 14:49 771584 –a—— C:\WINDOWS\system32\wmsdmod.dll
    2007-02-20 14:49 716288 –a—— C:\WINDOWS\system32\wmadmoe.dll
    2007-02-20 14:49 6656 –a—— C:\WINDOWS\system32\laprxy.dll
    2007-02-20 14:49 391928 –a—— C:\WINDOWS\system32\mp4sdmod.dll
    2007-02-20 14:49 37376 –a—— C:\WINDOWS\system32\wmdmps.dll
    2007-02-20 14:49 359936 –a—— C:\WINDOWS\system32\wmadmod.dll
    2007-02-20 14:49 346624 –a—— C:\WINDOWS\system32\msscp.dll
    2007-02-20 14:49 3371008 –a—— C:\WINDOWS\system32\wmploc.dll
    2007-02-20 14:49 315904 –a—— C:\WINDOWS\system32\mswmdm.dll
    2007-02-20 14:49 29184 –a—— C:\WINDOWS\system32\wmdmlog.dll
    2007-02-20 14:49 282624 –a—— C:\WINDOWS\system32\wmpdxm.dll
    2007-02-20 14:49 25088 –a—— C:\WINDOWS\system32\mspmsnsv.dll
    2007-02-20 14:49 246814 –a—— C:\WINDOWS\system32\strmdll.dll
    2007-02-20 14:49 227840 –a—— C:\WINDOWS\system32\wmasf.dll
    2007-02-20 14:49 221184 –a—— C:\WINDOWS\system32\qasf.dll
    2007-02-20 14:49 20480 –a—— C:\WINDOWS\system32\wmpui.dll
    2007-02-20 14:49 20480 –a—— C:\WINDOWS\system32\wmpcore.dll
    2007-02-20 14:49 20480 –a—— C:\WINDOWS\system32\wmpcd.dll
    2007-02-20 14:49 189440 –a—— C:\WINDOWS\system32\wmerror.dll
    2007-02-20 14:49 173568 –a—— C:\WINDOWS\system32\mspmsp.dll
    2007-02-20 14:49 150016 –a—— C:\WINDOWS\system32\wmidx.dll
    2007-02-20 14:49 135168 –a—— C:\WINDOWS\system32\wmpasf.dll
    2007-02-20 14:49 115200 –a—— C:\WINDOWS\system32\msnetobj.dll
    2007-02-20 14:48 96768 –a—— C:\WINDOWS\system32\drmstor.dll
    2007-02-20 14:48 86728 –a—— C:\WINDOWS\system32\msxml6r.dll
    2007-02-20 14:48 84480 –a—— C:\WINDOWS\system32\pintool.exe
    2007-02-20 14:48 82432 –a—— C:\WINDOWS\system32\msxml4r.dll
    2007-02-20 14:48 8192 –a—— C:\WINDOWS\system32\asferror.dll
    2007-02-20 14:48 69120 –a—— C:\WINDOWS\system32\wlanapi.dll
    2007-02-20 14:48 62336 –a—— C:\WINDOWS\system32\drivers\rspndr.sys
    2007-02-20 14:48 581632 –a—— C:\WINDOWS\system32\drmv2clt.dll
    2007-02-20 14:48 531568 –a—— C:\WINDOWS\system32\rmactivate_isv.exe
    2007-02-20 14:48 523376 –a—— C:\WINDOWS\system32\rmactivate.exe
    2007-02-20 14:48 519280 –a—— C:\WINDOWS\system32\secproc_isv.dll
    2007-02-20 14:48 518768 –a—— C:\WINDOWS\system32\secproc.dll
    2007-02-20 14:48 498742 –a—— C:\WINDOWS\system32\dxmasf.dll
    2007-02-20 14:48 429056 –a—— C:\WINDOWS\system32\blackbox.dll
    2007-02-20 14:48 36352 –a—— C:\WINDOWS\system32\tsgqec.dll
    2007-02-20 14:48 35840 –a—— C:\WINDOWS\system32\qfecheck.exe
    2007-02-20 14:48 358000 –a—— C:\WINDOWS\system32\rmactivate_ssp.exe
    2007-02-20 14:48 354416 –a—— C:\WINDOWS\system32\rmactivate_ssp_isv.exe
    2007-02-20 14:48 323696 –a—— C:\WINDOWS\system32\msdrm.dll
    2007-02-20 14:48 288768 –a—— C:\WINDOWS\system32\rhttpaa.dll
    2007-02-20 14:48 28672 –a—— C:\WINDOWS\system32\verclsid.exe
    2007-02-20 14:48 258296 –a—— C:\WINDOWS\system32\drmclien.dll
    2007-02-20 14:48 207872 –a—— C:\WINDOWS\system32\cewmdm.dll
    2007-02-20 14:48 192624 –a—— C:\WINDOWS\system32\secproc_ssp_isv.dll
    2007-02-20 14:48 192624 –a—— C:\WINDOWS\system32\secproc_ssp.dll
    2007-02-20 14:48 18392 –a—— C:\WINDOWS\system32\wups2.dll
    2007-02-20 14:48 178408 –a—— C:\WINDOWS\system32\muweb.dll
    2007-02-20 14:48 1321744 –a—— C:\WINDOWS\system32\msxml6.dll
    2007-02-20 14:48 1245696 –a—— C:\WINDOWS\system32\msxml4.dll
    2007-02-20 14:48 10752 –a—— C:\WINDOWS\system32\rspndr.exe
    2007-02-20 14:47 96792 –a—— C:\WINDOWS\system32\basecsp.dll
    2007-02-20 14:47 65536 –a—— C:\WINDOWS\system32\wshext.dll
    2007-02-20 14:47 61952 –a—— C:\WINDOWS\system32\hdashcut.exe
    2007-02-20 14:47 5120 –a—— C:\WINDOWS\system32\hdaudres.dll
    2007-02-20 14:47 465368 –a—— C:\WINDOWS\system32\wuapi.dll
    2007-02-20 14:47 41432 –a—— C:\WINDOWS\system32\wups.dll
    2007-02-20 14:47 397312 –a—— C:\WINDOWS\system32\mmcex.dll
    2007-02-20 14:47 383488 –a—— C:\WINDOWS\system32\wzcdlg.dll
    2007-02-20 14:47 33792 –a—— C:\WINDOWS\system32\mmcperf.exe
    2007-02-20 14:47 25600 –a—— C:\WINDOWS\system32\bcsprsrc.dll
    2007-02-20 14:47 25088 –a—— C:\WINDOWS\system32\hdaprop.dll
    2007-02-20 14:47 194520 –a—— C:\WINDOWS\system32\wuaueng1.dll
    2007-02-20 14:47 184320 –a—— C:\WINDOWS\system32\microsoft.managementconsole.dll
    2007-02-20 14:47 18392 –a—— C:\WINDOWS\system32\wuauserv.dll
    2007-02-20 14:47 174040 –a—— C:\WINDOWS\system32\wuweb.dll
    2007-02-20 14:47 172504 –a—— C:\WINDOWS\system32\wuauclt1.exe
    2007-02-20 14:47 151552 –a—— C:\WINDOWS\system32\ifxcardm.dll
    2007-02-20 14:47 145920 –a—— C:\WINDOWS\system32\drivers\hdaudio.sys
    2007-02-20 14:47 138752 –a—— C:\WINDOWS\system32\drivers\hdaudbus.sys
    2007-02-20 14:47 1353688 –a—— C:\WINDOWS\system32\wuaueng.dll
    2007-02-20 14:47 133120 –a—— C:\WINDOWS\system32\axaltocm.dll
    2007-02-20 14:47 127448 –a—— C:\WINDOWS\system32\wucltui.dll
    2007-02-20 14:47 124376 –a—— C:\WINDOWS\system32\wuauclt.exe
    2007-02-20 14:47 11776 –a—— C:\WINDOWS\system32\xolehlp.dll
    2007-02-20 14:47 116736 –a—— C:\WINDOWS\system32\aaclient.dll
    2007-02-20 14:47 106496 –a—— C:\WINDOWS\system32\mmcfxcommon.dll
    2007-02-20 14:46 81664 –a—— C:\WINDOWS\system32\drivers\videoprt.sys
    2007-02-20 14:46 80896 –a—— C:\WINDOWS\system32\wscsvc.dll
    2007-02-20 14:46 68096 –a—— C:\WINDOWS\system32\webclnt.dll
    2007-02-20 14:46 59264 –a—— C:\WINDOWS\system32\drivers\usbhub.sys
    2007-02-20 14:46 55808 –a—— C:\WINDOWS\system32\twext.dll
    2007-02-20 14:46 50176 –a—— C:\WINDOWS\system32\utilman.exe
    2007-02-20 14:46 49152 –a—— C:\WINDOWS\system32\wdigest.dll
    2007-02-20 14:46 35840 –a—— C:\WINDOWS\system32\umandlg.dll
    2007-02-20 14:46 30208 –a—— C:\WINDOWS\system32\drivers\usbehci.sys
    2007-02-20 14:46 295424 –a—— C:\WINDOWS\system32\termsrv.dll
    2007-02-20 14:46 291840 ——— C:\WINDOWS\system32\winsrv.dll
    2007-02-20 14:46 28672 –a—— C:\WINDOWS\system32\wshcon.dll
    2007-02-20 14:46 26624 –a—— C:\WINDOWS\system32\verifier.dll
    2007-02-20 14:46 225664 –a—— C:\WINDOWS\system32\drivers\tcpip6.sys
    2007-02-20 14:46 218624 –a—— C:\WINDOWS\system32\uxtheme.dll
    2007-02-20 14:46 209280 –a—— C:\WINDOWS\system32\drivers\update.sys
    2007-02-20 14:46 17152 –a—— C:\WINDOWS\system32\drivers\usbohci.sys
    2007-02-20 14:46 143488 –a—— C:\WINDOWS\system32\drivers\usbport.sys
    2007-02-20 14:46 132096 –a—— C:\WINDOWS\system32\wkssvc.dll
    2007-02-20 14:46 123392 –a—— C:\WINDOWS\system32\umpnpmgr.dll
    2007-02-20 14:46 114688 –a—— C:\WINDOWS\system32\wscript.exe
    2007-02-20 14:46 101376 –a—— C:\WINDOWS\system32\txflog.dll
    2007-02-20 14:45 985088 –a—— C:\WINDOWS\system32\setupapi.dll
    2007-02-20 14:45 96768 –a—— C:\WINDOWS\system32\srvsvc.dll
    2007-02-20 14:45 713216 –a—— C:\WINDOWS\system32\sxs.dll
    2007-02-20 14:45 59392 –a—— C:\WINDOWS\system32\stclient.dll
    2007-02-20 14:45 582656 –a—— C:\WINDOWS\system32\rpcrt4.dll
    2007-02-20 14:45 57856 –a—— C:\WINDOWS\system32\spoolsv.exe
    2007-02-20 14:45 399360 –a—— C:\WINDOWS\system32\rpcss.dll
    2007-02-20 14:45 360704 –a—— C:\WINDOWS\system32\drivers\tcpip.sys
    2007-02-20 14:45 332928 –a—— C:\WINDOWS\system32\drivers\srv.sys
    2007-02-20 14:45 249344 –a—— C:\WINDOWS\system32\tapisrv.dll
    2007-02-20 14:45 202496 –a—— C:\WINDOWS\system32\drivers\RMCast.sys
    2007-02-20 14:45 174592 –a—— C:\WINDOWS\system32\drivers\rdbss.sys
    2007-02-20 14:45 163644 –a—— C:\WINDOWS\system32\drivers\secdrv.sys
    2007-02-20 14:45 151552 –a—— C:\WINDOWS\system32\scrrun.dll
    2007-02-20 14:45 151552 –a—— C:\WINDOWS\system32\scrobj.dll
    2007-02-20 14:45 1435648 –a—— C:\WINDOWS\system32\query.dll
    2007-02-20 14:45 139528 –a—— C:\WINDOWS\system32\drivers\rdpwd.sys
    2007-02-20 14:45 117760 –a—— C:\WINDOWS\system32\t2embed.dll
    2007-02-20 14:44 91648 –a—— C:\WINDOWS\system32\mtxoci.dll
    2007-02-20 14:44 838360 –a—— C:\WINDOWS\system32\mswdat10.dll
    2007-02-20 14:44 74752 –a—— C:\WINDOWS\system32\olecli32.dll
    2007-02-20 14:44 701440 –a—— C:\WINDOWS\system32\msxml2.dll
    2007-02-20 14:44 66560 –a—— C:\WINDOWS\system32\mtxclu.dll
    2007-02-20 14:44 65536 –a—— C:\WINDOWS\system32
    wwks.dll
    2007-02-20 14:44 64000 –a—— C:\WINDOWS\system32
    wapi32.dll
    2007-02-20 14:44 621272 –a—— C:\WINDOWS\system32\mswstr10.dll
    2007-02-20 14:44 600576 –a—— C:\WINDOWS\system32\mstsc.exe
    2007-02-20 14:44 58880 –a—— C:\WINDOWS\system32\pnrpnsp.dll
    2007-02-20 14:44 553984 –a—— C:\WINDOWS\system32\p2psvc.dll
    2007-02-20 14:44 53760 –a—— C:\WINDOWS\system32
    arrator.exe
    2007-02-20 14:44 43520 –a—— C:\WINDOWS\system32
    tlanman.dll
    2007-02-20 14:44 386048 –a—— C:\WINDOWS\system32\qdvd.dll
    2007-02-20 14:44 37376 –a—— C:\WINDOWS\system32\olecnv32.dll
    2007-02-20 14:44 313344 –a—— C:\WINDOWS\system32\p2pgraph.dll
    2007-02-20 14:44 270336 –a—— C:\WINDOWS\system32\oakley.dll
    2007-02-20 14:44 247808 –a—— C:\WINDOWS\system32
    ewdev.dll
    2007-02-20 14:44 215552 –a—— C:\WINDOWS\system32\osk.exe
    2007-02-20 14:44 197632 –a—— C:\WINDOWS\system32
    etman.dll
    2007-02-20 14:44 192512 –a—— C:\WINDOWS\system32\qcap.dll
    2007-02-20 14:44 1866240 –a—— C:\WINDOWS\system32\mstscax.dll
    2007-02-20 14:44 1705472 –a—— C:\WINDOWS\system32
    etshell.dll
    2007-02-20 14:44 163456 –a—— C:\WINDOWS\system32\drivers
    wrdr.sys
    2007-02-20 14:44 15360 –a—— C:\WINDOWS\system32\msisip.dll
    2007-02-20 14:44 153088 –a—— C:\WINDOWS\system32\p2p.dll
    2007-02-20 14:44 142336 –a—— C:\WINDOWS\system32
    wprovau.dll
    2007-02-20 14:44 1287680 –a—— C:\WINDOWS\system32\quartz.dll
    2007-02-20 14:44 1286656 –a—— C:\WINDOWS\system32\ole32.dll
    2007-02-20 14:44 122880 –a—— C:\WINDOWS\system32\oledlg.dll
    2007-02-20 14:44 115712 –a—— C:\WINDOWS\system32\p2pnetsh.dll
    2007-02-20 14:44 1084416 –a—— C:\WINDOWS\system32\msxml3.dll
    2007-02-20 14:44 105088 –a—— C:\WINDOWS\system32\drivers\mup.sys
    2007-02-20 14:44 104960 –a—— C:\WINDOWS\system32\p2pgasvc.dll
    2007-02-20 14:43 981760 –a—— C:\WINDOWS\system32\mfc42u.dll
    2007-02-20 14:43 956928 –a—— C:\WINDOWS\system32\msdtctm.dll
    2007-02-20 14:43 884736 –a—— C:\WINDOWS\system32\msimsg.dll
    2007-02-20 14:43 78848 –a—— C:\WINDOWS\system32\msiexec.exe
    2007-02-20 14:43 73728 –a—— C:\WINDOWS\system32\mscms.dll
    2007-02-20 14:43 72704 –a—— C:\WINDOWS\system32\magnify.exe
    2007-02-20 14:43 726528 –a—— C:\WINDOWS\system32\lsasrv.dll
    2007-02-20 14:43 61440 –a—— C:\WINDOWS\system32\mmcshext.dll
    2007-02-20 14:43 58880 –a—— C:\WINDOWS\system32\msdtclog.dll
    2007-02-20 14:43 586240 –a—— C:\WINDOWS\system32\mlang.dll
    2007-02-20 14:43 454656 –a—— C:\WINDOWS\system32\drivers\mrxsmb.sys
    2007-02-20 14:43 427520 –a—— C:\WINDOWS\system32\msdtcprx.dll
    2007-02-20 14:43 297472 –a—— C:\WINDOWS\system32\msctf.dll
    2007-02-20 14:43 2890240 –a—— C:\WINDOWS\system32\msi.dll
    2007-02-20 14:43 271360 –a—— C:\WINDOWS\system32\msihnd.dll
    2007-02-20 14:43 19968 –a—— C:\WINDOWS\system32\linkinfo.dll
    2007-02-20 14:43 1913344 –a—— C:\WINDOWS\system32\mmcndmgr.dll
    2007-02-20 14:43 163328 –a—— C:\WINDOWS\system32\mmcbase.dll
    2007-02-20 14:43 161792 –a—— C:\WINDOWS\system32\msdtcuiu.dll
    2007-02-20 14:43 1354752 –a—— C:\WINDOWS\system32\mmc.exe
    2007-02-20 14:42 98304 –a—— C:\WINDOWS\system32\cscript.exe
    2007-02-20 14:42 97792 –a—— C:\WINDOWS\system32\comrepl.dll
    2007-02-20 14:42 80896 –a—— C:\WINDOWS\system32\fontsub.dll
    2007-02-20 14:42 72704 –a—— C:\WINDOWS\system32\hlink.dll
    2007-02-20 14:42 679424 –a—— C:\WINDOWS\system32\inetcomm.dll
    2007-02-20 14:42 62464 –a—— C:\WINDOWS\system32\cryptsvc.dll
    2007-02-20 14:42 617472 –a—— C:\WINDOWS\system32\comctl32.dll
    2007-02-20 14:42 60416 –a—— C:\WINDOWS\system32\colbact.dll
    2007-02-20 14:42 539648 –a—— C:\WINDOWS\system32\comuid.dll
    2007-02-20 14:42 42496 –a—— C:\WINDOWS\system32\ftp.exe
    2007-02-20 14:42 41984 –a—— C:\WINDOWS\system32\drivers\imapi.sys
    2007-02-20 14:42 41472 –a—— C:\WINDOWS\system32\hhsetup.dll
    2007-02-20 14:42 36921 –a—— C:\WINDOWS\system32\imeshare.dll
    2007-02-20 14:42 36864 –a—— C:\WINDOWS\system32\drivers\hidclass.sys
    2007-02-20 14:42 36096 –a—— C:\WINDOWS\system32\drivers\intelppm.sys
    2007-02-20 14:42 347136 –a—— C:\WINDOWS\system32\hypertrm.dll
    2007-02-20 14:42 298496 –a—— C:\WINDOWS\system32\kerberos.dll
    2007-02-20 14:42 28672 –a—— C:\WINDOWS\system32\dispex.dll
    2007-02-20 14:42 262656 –a—— C:\WINDOWS\system32\drivers\http.sys
    2007-02-20 14:42 254976 –a—— C:\WINDOWS\system32\icm32.dll
    2007-02-20 14:42 243200 –a—— C:\WINDOWS\system32\es.dll
    2007-02-20 14:42 23040 –a—— C:\WINDOWS\system32\fltmc.exe
    2007-02-20 14:42 198616 –a—— C:\WINDOWS\system32\iuengine.dll
    2007-02-20 14:42 183808 –a—— C:\WINDOWS\system32\ipsecsvc.dll
    2007-02-20 14:42 16896 –a—— C:\WINDOWS\system32\fltlib.dll
    2007-02-20 14:42 155136 –a—— C:\WINDOWS\system32\itircl.dll
    2007-02-20 14:42 137216 –a—— C:\WINDOWS\system32\itss.dll
    2007-02-20 14:42 136320 –a—— C:\WINDOWS\system32\drivers\ipnat.sys
    2007-02-20 14:42 128768 –a—— C:\WINDOWS\system32\drivers\fltMgr.sys
    2007-02-20 14:42 1269248 –a—— C:\WINDOWS\system32\comsvcs.dll
    2007-02-20 14:42 123392 –a—— C:\WINDOWS\system32\input.dll
    2007-02-20 14:42 1082368 –a—— C:\WINDOWS\system32\esent.dll
    2007-02-20 14:42 10752 –a—— C:\WINDOWS\hh.exe
    2007-02-20 14:42 1033216 –a—— C:\WINDOWS\explorer.exe
    2007-02-20 14:41 77824 –a—— C:\WINDOWS\system32\browser.dll
    2007-02-20 14:41 75736 –a—— C:\WINDOWS\system32\cdm.dll
    2007-02-20 14:41 69120 –a—— C:\WINDOWS\system32\ciodm.dll
    2007-02-20 14:41 625152 –a—— C:\WINDOWS\system32\catsrvut.dll
    2007-02-20 14:41 62464 –a—— C:\WINDOWS\system32\authz.dll
    2007-02-20 14:41 498688 –a—— C:\WINDOWS\system32\clbcatq.dll
    2007-02-20 14:41 49536 –a—— C:\WINDOWS\system32\drivers\classpnp.sys
    2007-02-20 14:41 225792 –a—— C:\WINDOWS\system32\catsrv.dll
    2007-02-20 14:41 2068480 –a—— C:\WINDOWS\system32\cdosys.dll
    2007-02-20 14:41 148480 –a—— C:\WINDOWS\system32\cic.dll
    2007-02-20 14:41 110080 –a—— C:\WINDOWS\system32\clbcatex.dll
    2007-02-20 14:39 100352 –a—— C:\WINDOWS\system32\6to4svc.dll
    2007-02-05 22:17 185344 –a—— C:\WINDOWS\system32\upnphost.dll
    2007-01-19 13:53 51056 –a—— C:\WINDOWS\system32\sirenacm.dll


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries & legit default entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
    "AtiTrayTools"="\"C:\\Program Files\\ATI Tray Tools\\atitray.exe\""
    "µTorrent"="\"C:\\Program Files\\uTorrent\\utorrent.exe\""
    "uTorrent"="\"C:\\Program Files\\uTorrent\\utorrent.exe\""
    "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
    "nod32kui"="\"C:\\Program Files\\Eset\
    od32kui.exe\" /WAITSERVICE"
    "ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
    "nltide_3"=hex(2):72,75,6e,64,6c,6c,33,32,20,61,64,76,70,61,63,6b,2e,64,6c,6c,\
    2c,4c,61,75,6e,63,68,49,4e,46,53,65,63,74,69,6f,6e,45,78,20,6e,4c,69,74,65,\
    2e,69,6e,66,2c,43,2c,2c,34,2c,4e,00

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Thomas^Start Menu^Programs^Startup^Adobe Gamma.lnk]
    "path"="C:\\Documents and Settings\\Thomas\\Start Menu\\Programs\\Startup\\Adobe Gamma.lnk"
    "backup"="C:\\WINDOWS\\pss\\Adobe Gamma.lnkStartup"
    "location"="Startup"
    "command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
    "item"="Adobe Gamma"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Thomas^Start Menu^Programs^Startup^Folding@Home 5.03.lnk]
    "path"="C:\\Documents and Settings\\Thomas\\Start Menu\\Programs\\Startup\\Folding@Home 5.03.lnk"
    "backup"="C:\\WINDOWS\\pss\\Folding@Home 5.03.lnkStartup"
    "location"="Startup"
    "command"="C:\\PROGRA~1\\FOLDIN~1\\winFAH.exe "
    "item"="Folding@Home 5.03"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Thomas^Start Menu^Programs^Startup^WLAN Utility.lnk]
    "path"="C:\\Documents and Settings\\Thomas\\Start Menu\\Programs\\Startup\\WLAN Utility.lnk"
    "backup"="C:\\WINDOWS\\pss\\WLAN Utility.lnkStartup"
    "location"="Startup"
    "command"="C:\\PROGRA~1\\Sitecom\\SITECO~1\\WLANUTL.exe "
    "item"="WLAN Utility"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="daemon"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="iTunesHelper"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Logi_MwX"
    "hkey"="HKLM"
    "command"="Logi_MwX.Exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="msmsgs"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="NeroCheck"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17Helper]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Rundll32 P17"
    "hkey"="HKLM"
    "command"="Rundll32 P17.dll,P17Helper"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Steam"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Steam\\Steam.exe\" -silent"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="jusched"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="MSASCui"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "WZCSVC"=dword:00000002
    "Schedule"=dword:00000002
    "SCardSvr"=dword:00000003
    "RDSessMgr"=dword:00000003
    "RasMan"=dword:00000003
    "RasAuto"=dword:00000003
    "ImapiService"=dword:00000003
    "iPod Service"=dword:00000003
    "idsvc"=dword:00000003
    "gusvc"=dword:00000003
    "FAH@F:+Firefox Downloads+FAH502-Console.exe"=dword:00000002


    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"
    "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
    "{7F5FFCB8-4838-43CD-80EA-A7EC9C744281}"=""

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "DisableCAD"=dword:00000000

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoLowDiskSpaceChecks"=dword:00000001

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoLowDiskSpaceChecks"=dword:00000001

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer\run]

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoLowDiskSpaceChecks"=dword:00000001

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer\run]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
    Authentication Packages REG_MULTI_SZ msv1_0\0\0
    Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
    Notification Packages REG_MULTI_SZ scecli\0\0

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0


    [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e38cb437-c296-11db-9d8a-806d6172696f}]
    Shell\AutoRun\command I:\setup.exe
    Shell\dinstall\command I:\directx\dxsetup.exe


    Contents of the 'Scheduled Tasks' folder
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\MP Scheduled Scan.job


    ********************************************************************

    catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
    http://www.gmer.net

    scanning hidden processes …

    scanning hidden services …

    scanning hidden autostart entries …

    scanning hidden files …

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    ********************************************************************

    Completion time: 07-04-12 0:00:11
    C:\ComboFix-quarantined-files.txt … 07-04-12 00:00
    C:\ComboFix2.txt … 07-04-11 23:54
    C:\ComboFix3.txt … 07-04-10 22:05


    [size=24:9ff7e7bedc][b:9ff7e7bedc]Hijackthis[/b:9ff7e7bedc][/size:9ff7e7bedc]

    Logfile of HijackThis v1.99.1
    Scan saved at 0:00:48, on 12-4-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Lavasoft\Ad-Aware Pro\aawservice.exe
    C:\ComboFix\TSF\18731.cfexe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Eset
    od32krn.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Eset
    od32kui.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\ATI Tray Tools\atitray.exe
    C:\Program Files\United Devices\UD.EXE
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\United Devices\ud_7174683.exe
    C:\Program Files\United Devices\ud_7174683_0.dir\ud_ligfit_Release.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Program Files\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    O2 - BHO: (no name) - {1050BCB7-8D99-422E-8EC8-7F0F210B66A5} - C:\WINDOWS\system32\ssqrq.dll (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: (no name) - {7F5FFCB8-4838-43CD-80EA-A7EC9C744281} - C:\WINDOWS\system32\gebcaaa.dll (file missing)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset
    od32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\ATI Tray Tools\atitray.exe"
    O4 - HKCU\..\Run: [µTorrent] "C:\Program Files\uTorrent\utorrent.exe"
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\utorrent.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
    O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com
    esource/download/scanner/wlscbase8300.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware Pro\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset
    od32krn.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe





























  • Sluit alle open vensters, run HijackThis nog een keer en plaats een vinkje bij de volgende items:

    [b:844a26c3e7]O2 - BHO: (no name) - {1050BCB7-8D99-422E-8EC8-7F0F210B66A5} - C:\WINDOWS\system32\ssqrq.dll (file missing)
    O2 - BHO: (no name) - {7F5FFCB8-4838-43CD-80EA-A7EC9C744281} - C:\WINDOWS\system32\gebcaaa.dll (file missing)[/b:844a26c3e7]

    Klik daarna op "Fix checked" en sluit HijackThis af.

    Download ATF cleaner (gemaakt door Atribune)
    Dubbelklik op ATF cleaner om het programma te starten.
    In het venster "Main", plaats je een vinkje bij [b:844a26c3e7]Select All[/b:844a26c3e7].
    Klik op de knop [b:844a26c3e7]Empty Selected[/b:844a26c3e7].

    Gebruik je ook Firefox als browser:
    Klik op het tabblad "Firefox" en plaats een vinkje bij [b:844a26c3e7]Select All[/b:844a26c3e7].
    Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    (dit haalt het vinkje weer weg bij "Firefox saved passwords";)
    Klik op de knop [b:844a26c3e7]Empty Selected[/b:844a26c3e7].

    Gebruik je ook Opera als browser:
    Klik op het tabblad "Opera" en plaats een vinkje bij [b:844a26c3e7]Select All[/b:844a26c3e7].
    Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    Klik op de knop [b:844a26c3e7]Empty Selected[/b:844a26c3e7].

    Ga naar het menu "Main" en klik op de knop [b:844a26c3e7]Exit[/b:844a26c3e7] om het programma af te sluiten.

    Download en installeer [b:844a26c3e7]AVG Anti-Spyware[/b:844a26c3e7].
    Na de installatie open je AVG Anti-Spyware:
    - onder 'Status' klik je naast 'Resident shield' op [b:844a26c3e7]Change state[/b:844a26c3e7]. (deze moet op 'Inactive' komen te staan)
    - onder 'Update' klik je bij 'Manual update' op de knop [b:844a26c3e7]Start update[/b:844a26c3e7].
    - onder 'Scanner' ga je naar de tab 'Settings' en wijzig je het volgende: [list:844a26c3e7]- onder 'How to act?', klik je op 'Recommended actions' en selecteer je [b:844a26c3e7]Quarantine[/b:844a26c3e7].
    - Onder 'Reports', selecteer je [b:844a26c3e7]Automatically generate report after every scan[/b:844a26c3e7] en verwijder je het vinkje bij [b:844a26c3e7]Only if threats were found[/b:844a26c3e7].
    - Sluit AVG Anti-Spyware. Laat het [b:844a26c3e7]nog niet[/b:844a26c3e7] scannen.[/list:u:844a26c3e7]
    Start de computer op in veilige modus. Hoe je dit doet kan je hier lezen.
    Start AVG Anti-Spyware.
    - Klik op 'Scanner'.
    - Klik op 'Complete system scan'.
    AVG Anti-Spyware gaat nu je volledige computersysteem scannen.
    - Als de scan beëindigd is, klik je onderaan op de knop [b:844a26c3e7]Apply all Actions[/b:844a26c3e7].
    - Wanneer je de melding krijgt 'All actions have been applied', klik je onderaan op de knop 'Save Report'. Het rapport van de scan wordt nu opgeslagen in de map C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Reports
    Klik je op de knop 'Save report as' dan krijg je de mogelijkheid om het rapportje op een andere plaats op te slaan. (bv je bureaublad)
    - Sluit AVG Anti-Spyware af.

    Herstart de computer in normale modus en post het rapport van AVG Anti-Spyware.
  • ———————————————————
    AVG Anti-Spyware - Scan Report
    ———————————————————

    + Created at: 11:39:01 15-4-2007

    + Scan result:



    Nothing found.


    ::Report end
  • Ziet er goed uit.
    Zijn er nog problemen?
  • Nee ik heb de laatste dagen geen last meer gehad. Voor de zekerheid nog een Hijackthis logje:

    Logfile of HijackThis v1.99.1
    Scan saved at 13:07:00, on 15-4-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Lavasoft\Ad-Aware Pro\aawservice.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Eset
    od32krn.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\Program Files\Spyware Doctor\SDTrayApp.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Eset
    od32kui.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\United Devices\UD.EXE
    C:\Program Files\United Devices\ud_7174683.exe
    C:\Program Files\United Devices\ud_7174683_0.dir\ud_ligfit_Release.exe
    C:\WINDOWS\system32\mmc.exe
    C:\WINDOWS\system32\DfrgNtfs.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\foobar2000\foobar2000.exe
    C:\Program Files\Last.fm\LastFM.exe
    C:\WINDOWS\system32\DfrgNtfs.exe
    C:\WINDOWS\system32\DfrgNtfs.exe
    C:\WINDOWS\system32\DfrgNtfs.exe
    C:\WINDOWS\system32\DfrgNtfs.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset
    od32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com
    esource/download/scanner/wlscbase8300.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware Pro\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset
    od32krn.exe
    O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe




  • Logje ziet er goed uit.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.