Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Weer last van Trojan.Vundo virus

None
16 antwoorden
  • Hallo,

    Bah, ik weer last van het Trojan.Vundo virus en allerlei irritante adware pop-ups. Wie o wie kan me helpen?

    Dit heb ik al gedaan:

    [b:ada56e553a]HiJack logfile vóór:[/b:ada56e553a]
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:55:08, on 12-6-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Network ICE\BlackICE\blackd.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Norton AntiVirus
    avapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\Spyware Doctor\pctsAuxs.exe
    C:\Program Files\Spyware Doctor\pctsSvc.exe
    C:\Program Files\Spyware Doctor\pctsTray.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Trust\302KS\Keyboard\KbdAp32A.exe
    C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
    C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    C:\Program Files\ASUS\Probe\AsusProb.exe
    C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\TomTom HOME\TomTomHOME.exe
    C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Network ICE\BlackICE\blackice.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\VIA\RAID\raid_tool.exe
    C:\HiJack\HijackThis.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe
    C:\Program Files\Messenger\msmsgs.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Trust\302KS\Keyboard\MMKEYBD.EXE
    O4 - HKLM\..\Run: [FLMBROWSEMOUSE] C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
    O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
    O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
    O4 - HKLM\..\Run: [XMetaL 48] C:\Program Files\Corel\XMetaL 4\Author\registration.exe /title="XMetaL 4" /date=062508 serial=XA04WRD-0010630-MTS
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
    O4 - HKLM\..\Run: [acb588aa] rundll32.exe "C:\WINDOWS\system32\qgwpfgrb.dll",b
    O4 - HKLM\..\Run: [BMaf86bb36] Rundll32.exe "C:\WINDOWS\system32\exbetrre.dll",s
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: BlackICE Utility.lnk = ?
    O4 - Global Startup: Exif Launcher.lnk.disabled
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.blackboard.ru.nl
    O15 - Trusted Zone: www.dimo.nl
    O15 - Trusted Zone: www.doggynet.nl
    O15 - Trusted Zone: art.ebay.com
    O15 - Trusted Zone: art.listings.ebay.com
    O15 - Trusted Zone: cgi.ebay.com
    O15 - Trusted Zone: feedback.ebay.com
    O15 - Trusted Zone: my.ebay.com
    O15 - Trusted Zone: pages.ebay.com
    O15 - Trusted Zone: search.ebay.com
    O15 - Trusted Zone: signin.ebay.com
    O15 - Trusted Zone: www.ebay.com
    O15 - Trusted Zone: www.funda.nl
    O15 - Trusted Zone: images.google.nl
    O15 - Trusted Zone: www.google.nl
    O15 - Trusted Zone: www.huisinhelmond.nl
    O15 - Trusted Zone: www.kieskeurig.nl
    O15 - Trusted Zone: www.let.ru.nl
    O15 - Trusted Zone: www.marktplaats.nl
    O15 - Trusted Zone: *.marktplaats.nl
    O15 - Trusted Zone: www.rabomakelaardijdepeel.nl
    O15 - Trusted Zone: www.rabomakelaardijzuid.nl
    O15 - Trusted Zone: www.sosstrays.be
    O15 - Trusted Zone: www.stichtingaai.nl
    O15 - Trusted Zone: www.student.ru.nl
    O15 - Trusted Zone: securityresponse.symantec.com
    O15 - Trusted Zone: www.twanpoels.nl
    O15 - Trusted Zone: www.vkampen.nl
    O15 - Trusted Zone: *.www.ns.nl
    O15 - Trusted Zone: *.www.ru.nl
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: BlackICE - Internet Security Systems, Inc. - C:\Program Files\Network ICE\BlackICE\blackd.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
    avapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: RapApp - Internet Security Systems, Inc. - C:\Program Files\Network ICE\BlackICE\rapapp.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O24 - Desktop Component 0: (no name) - http://akomed.nl/Pictures/top2.jpg
    O24 - Desktop Component 1: (no name) - http://ebay0.ipixmedia.com/abc/M28/_EBAY_7836be91b2f85b5ad844154187ed287f/i-1.JPG
    O24 - Desktop Component 10: (no name) - http://doggy.net/pups/clipart/aai-logo.gif
    O24 - Desktop Component 11: (no name) - http://www.dierenthuis.nl/nieuws/habikat/pics/habikat.jpg
    O24 - Desktop Component 12: (no name) - http://pictures.autotrader.nl/PICTURES/NLDE/CARS/200x150/6735169215814200x150x1x0.jpg
    O24 - Desktop Component 13: (no name) - http://www.drink.nl/REAL_A/ag.gif
    O24 - Desktop Component 14: (no name) - http://www.why.nl/graphics/nieuwefront_01.jpg
    O24 - Desktop Component 15: (no name) - http://www.vlooienmarkten.nl/images/grotekerkdenhaag.jpg
    O24 - Desktop Component 2: (no name) - http://images.google.com/images?q=tbn:_-DfWjwd4doC:www.hondkopen.nl/foto%27s/jachthonden8/AmCockers/puppies%2520met%2520pompoen.JPG
    O24 - Desktop Component 3: (no name) - http://www.hondkopen.nl/foto's/jachthonden8/AmCockers/puppies%20met%20pompoen.JPG
    O24 - Desktop Component 4: (no name) - http://home.quicknet.nl/mw/prive/blackmask/Luna7-140902.jpg
    O24 - Desktop Component 5: (no name) - http://images.google.com/images?q=tbn:o_cZqkNNymcC:home.planet.nl/~katna000/images/post.gif
    O24 - Desktop Component 6: (no name) - http://doggy.net/pups/messages/286/22206.jpg
    O24 - Desktop Component 7: (no name) - http://doggy.net/pups/messages/286/22569.jpg
    O24 - Desktop Component 8: (no name) - http://www.telefoongids.nl/pix/telgids.gif
    O24 - Desktop Component 9: (no name) - http://us.f804.mail.yahoo.com/ym/ShowLetter/Image5.jpg?box=Inbox&MsgId=5941_1933083_33779_1391_237394_0_8966_307682_894583483&bodyPart=2&filename=Image5.jpg&tnef=&YY=26537&order=down&sort=date&pos=0


    End of file - 12922 bytes

    [b:ada56e553a]Combofix:[/b:ada56e553a]
    ComboFix 08-06-10.5 - Den - Man 2008-06-12 18:31:34.8 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.162 [GMT 2:00]
    Gestart vanuit: C:\Documents and Settings\Den - Man\Bureaublad\ComboFix.exe
    * Nieuw herstelpunt werd aangemaakt



  • Nogmaals Combofix (bericht was te lang):

    ComboFix 08-06-10.5 - Den - Man 2008-06-12 18:31:34.8 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.162 [GMT 2:00]
    Gestart vanuit: C:\Documents and Settings\Den - Man\Bureaublad\ComboFix.exe
    * Nieuw herstelpunt werd aangemaakt

  • Vervolg Combofix:


    + 2008-03-25 04:51:56 183,072 -c—-w C:\WINDOWS\system32\dllcache\msjint40.dll
    + 2008-03-25 04:50:42 60,192 -c—-w C:\WINDOWS\system32\dllcache\msjter40.dll
    + 2008-03-25 04:50:42 248,608 -c—-w C:\WINDOWS\system32\dllcache\msjtes40.dll
    + 2008-03-25 04:50:44 219,936 -c—-w C:\WINDOWS\system32\dllcache\msltus40.dll
    + 2008-03-25 04:50:45 355,104 -c—-w C:\WINDOWS\system32\dllcache\mspbde40.dll
    - 2007-08-22 13:19:18 146,432 -c—-w C:\WINDOWS\system32\dllcache\msrating.dll
    + 2008-02-16 09:05:47 146,432 -c—-w C:\WINDOWS\system32\dllcache\msrating.dll
    + 2008-03-25 04:50:47 432,928 -c—-w C:\WINDOWS\system32\dllcache\msrd2x40.dll
    + 2008-03-25 04:50:49 322,336 -c—-w C:\WINDOWS\system32\dllcache\msrd3x40.dll
    + 2008-03-25 04:50:52 559,904 -c—-w C:\WINDOWS\system32\dllcache\msrepl40.dll
    + 2008-03-25 04:50:55 264,992 -c—-w C:\WINDOWS\system32\dllcache\mstext40.dll
    - 2007-08-22 13:19:18 532,480 -c—-w C:\WINDOWS\system32\dllcache\mstime.dll
    + 2008-02-16 09:05:48 532,480 -c—-w C:\WINDOWS\system32\dllcache\mstime.dll
    + 2008-03-25 04:50:57 838,432 -c—-w C:\WINDOWS\system32\dllcache\mswdat10.dll
    + 2008-03-25 04:51:56 621,344 -c—-w C:\WINDOWS\system32\dllcache\mswstr10.dll
    + 2008-03-25 04:50:58 355,104 -c—-w C:\WINDOWS\system32\dllcache\msxbde40.dll
    + 2004-08-04 09:03:16 17,408 -c–a-w C:\WINDOWS\system32\dllcache\msyuv.dll
    - 2007-05-17 11:30:23 549,376 -c—-w C:\WINDOWS\system32\dllcache\oleaut32.dll
    + 2007-12-04 18:42:03 550,912 -c—-w C:\WINDOWS\system32\dllcache\oleaut32.dll
    - 2007-08-22 13:19:18 39,424 -c—-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    + 2008-02-16 09:05:48 39,424 -c—-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    + 2007-10-29 22:45:24 1,291,776 -c—-w C:\WINDOWS\system32\dllcache\quartz.dll
    - 2007-08-22 13:19:19 1,494,528 -c—-w C:\WINDOWS\system32\dllcache\shdocvw.dll
    + 2008-02-16 09:05:50 1,494,528 -c—-w C:\WINDOWS\system32\dllcache\shdocvw.dll
    - 2007-08-22 13:19:19 474,624 -c—-w C:\WINDOWS\system32\dllcache\shlwapi.dll
    + 2008-02-16 09:05:51 474,624 -c—-w C:\WINDOWS\system32\dllcache\shlwapi.dll
    + 2001-09-07 12:00:00 18,944 -c–a-w C:\WINDOWS\system32\dllcache\simptcp.dll
    + 2004-08-04 08:03:35 236,544 -c–a-w C:\WINDOWS\system32\dllcache\smi2smir.exe
    + 2001-09-07 12:00:00 15,872 -c–a-w C:\WINDOWS\system32\dllcache\smierrsm.dll
    + 2001-09-07 12:00:00 5,632 -c–a-w C:\WINDOWS\system32\dllcache\smierrsy.dll
    + 2001-09-07 12:00:00 5,632 -c–a-w C:\WINDOWS\system32\dllcache\smimsgif.dll
    + 2004-08-04 08:03:35 32,768 -c–a-w C:\WINDOWS\system32\dllcache\snmp.exe
    + 2004-08-04 08:03:21 259,072 -c–a-w C:\WINDOWS\system32\dllcache\snmpcl.dll
    + 2004-08-04 08:03:21 358,400 -c–a-w C:\WINDOWS\system32\dllcache\snmpincl.dll
    + 2004-08-04 08:03:21 6,144 -c–a-w C:\WINDOWS\system32\dllcache\snmpmib.dll
    + 2004-08-04 08:03:21 188,416 -c–a-w C:\WINDOWS\system32\dllcache\snmpsmir.dll
    + 2001-09-07 12:00:00 10,240 -c–a-w C:\WINDOWS\system32\dllcache\snmpstup.dll
    + 2004-08-04 08:03:21 40,448 -c–a-w C:\WINDOWS\system32\dllcache\snmpthrd.dll
    + 2004-08-04 08:03:35 8,704 -c–a-w C:\WINDOWS\system32\dllcache\snmptrap.exe
    + 2004-08-04 07:08:02 48,640 -c–a-w C:\WINDOWS\system32\dllcache\stream.sys
    + 2007-10-30 17:20:55 360,064 -c—-w C:\WINDOWS\system32\dllcache\tcpip.sys
    + 2001-09-06 20:27:04 8,192 -c–a-w C:\WINDOWS\system32\dllcache\tsbyuv.dll
    - 2007-08-22 13:19:19 616,960 -c—-w C:\WINDOWS\system32\dllcache\urlmon.dll
    + 2008-02-16 09:05:52 617,472 -c—-w C:\WINDOWS\system32\dllcache\urlmon.dll
    + 2007-12-18 14:43:07 417,792 -c—-w C:\WINDOWS\system32\dllcache\vbscript.dll
    + 2004-08-04 09:03:24 54,272 -c–a-w C:\WINDOWS\system32\dllcache\vfwwdm32.dll
    + 2008-03-20 08:10:47 1,845,376 -c—-w C:\WINDOWS\system32\dllcache\win32k.sys
    - 2007-08-22 13:19:19 662,016 -c—-w C:\WINDOWS\system32\dllcache\wininet.dll
    + 2008-02-16 09:05:53 662,528 -c—-w C:\WINDOWS\system32\dllcache\wininet.dll
    + 2007-10-25 08:28:30 222,720 -c—-w C:\WINDOWS\system32\dllcache\wmasf.dll
    - 2006-06-26 17:45:39 148,480 —-a-w C:\WINDOWS\system32\dnsapi.dll
    + 2008-02-20 05:39:05 148,992 —-a-w C:\WINDOWS\system32\dnsapi.dll
    - 2004-08-04 08:03:07 45,568 —-a-w C:\WINDOWS\system32\dnsrslvr.dll
    + 2008-02-20 05:39:05 45,568 —-a-w C:\WINDOWS\system32\dnsrslvr.dll
    + 2006-10-05 02:42:42 2,432 ——w C:\WINDOWS\system32\drivers\cdr4_xp.sys
    + 2006-10-05 02:42:42 2,560 ——w C:\WINDOWS\system32\drivers\cdralw2k.sys
    + 2004-08-04 06:07:57 2,944 —-a-w C:\WINDOWS\system32\drivers\drmkaud.sys
    - 2007-10-04 15:10:52 41,288 —-a-w C:\WINDOWS\system32\drivers\ikfilesec.sys
    + 2008-02-01 11:55:52 42,376 —-a-w C:\WINDOWS\system32\drivers\ikfilesec.sys
    - 2007-10-04 15:10:54 62,280 —-a-w C:\WINDOWS\system32\drivers\iksysflt.sys
    + 2007-12-10 13:53:28 66,952 —-a-w C:\WINDOWS\system32\drivers\iksysflt.sys
    - 2007-10-04 15:10:58 79,688 —-a-w C:\WINDOWS\system32\drivers\iksyssec.sys
    + 2007-12-10 13:53:28 81,288 —-a-w C:\WINDOWS\system32\drivers\iksyssec.sys
    - 2007-10-04 15:11:00 29,000 —-a-w C:\WINDOWS\system32\drivers\kcom.sys
    + 2007-12-10 13:53:30 29,576 —-a-w C:\WINDOWS\system32\drivers\kcom.sys
    - 2004-08-04 05:58:20 72,960 —-a-w C:\WINDOWS\system32\drivers\mqac.sys
    + 2007-07-06 10:05:47 72,960 —-a-w C:\WINDOWS\system32\drivers\mqac.sys
    - 2004-08-04 06:00:56 181,248 —-a-w C:\WINDOWS\system32\drivers\mrxdav.sys
    + 2007-12-18 09:51:35 179,584 —-a-w C:\WINDOWS\system32\drivers\mrxdav.sys
    + 2001-08-17 22:00:04 2,944 —-a-w C:\WINDOWS\system32\drivers\msmpu401.sys
    + 2001-09-07 12:00:00 2,944 —-a-w C:\WINDOWS\system32\drivers
    ull.sys
    - 2006-09-27 21:53:22 36,560 —-a-w C:\WINDOWS\system32\drivers\pxhelp20.sys
    + 2008-02-23 02:38:33 43,872 —-a-w C:\WINDOWS\system32\drivers\pxhelp20.sys
    - 2001-09-07 12:00:00 27,440 —-a-w C:\WINDOWS\system32\drivers\secdrv.sys
    + 2007-11-13 10:25:55 20,480 —-a-w C:\WINDOWS\system32\drivers\secdrv.sys
    + 2006-06-27 07:56:50 31,872 —-a-w C:\WINDOWS\system32\drivers\superwebcam.sys
    - 2006-04-20 11:51:50 359,808 —-a-w C:\WINDOWS\system32\drivers\tcpip.sys
    + 2007-10-30 17:20:55 360,064 —-a-w C:\WINDOWS\system32\drivers\tcpip.sys
    - 2007-08-22 13:19:17 357,888 —-a-w C:\WINDOWS\system32\dxtmsft.dll
    + 2008-02-16 09:05:41 357,888 —-a-w C:\WINDOWS\system32\dxtmsft.dll
    - 2007-08-22 13:19:17 205,312 —-a-w C:\WINDOWS\system32\dxtrans.dll
    + 2008-02-16 09:05:41 205,312 —-a-w C:\WINDOWS\system32\dxtrans.dll
    + 2004-08-04 08:03:09 106,496 —-a-w C:\WINDOWS\system32\evntagnt.dll
    + 2004-08-04 08:03:28 25,600 —-a-w C:\WINDOWS\system32\evntcmd.exe
    + 2004-08-04 08:03:28 94,208 —-a-w C:\WINDOWS\system32\evntwin.exe
    - 2007-08-22 13:19:17 55,808 ——w C:\WINDOWS\system32\extmgr.dll
    + 2008-02-16 09:05:41 55,808 ——w C:\WINDOWS\system32\extmgr.dll
    - 1999-01-12 16:54:26 1,109,264 —-a-w C:\WINDOWS\system32\FM20.DLL
    + 2006-10-26 12:10:08 1,190,688 —-a-w C:\WINDOWS\system32\FM20.DLL
    + 2006-10-26 11:10:06 33,088 —-a-w C:\WINDOWS\system32\FM20ENU.DLL
    - 1999-04-06 10:46:46 29,456 —-a-w C:\WINDOWS\system32\FM20NLD.DLL
    + 2006-11-13 00:07:00 36,160 —-a-w C:\WINDOWS\system32\FM20NLD.DLL
    - 2007-04-04 09:49:36 157,160 —-a-w C:\WINDOWS\system32\FNTCACHE.DAT
    + 2008-04-13 20:29:08 228,800 —-a-w C:\WINDOWS\system32\FNTCACHE.DAT
    - 2007-06-19 13:33:12 282,112 —-a-w C:\WINDOWS\system32\gdi32.dll
    + 2008-02-20 06:51:59 282,624 —-a-w C:\WINDOWS\system32\gdi32.dll
    + 2005-06-10 13:05:30 31,744 —-a-w C:\WINDOWS\system32\hlp95en.dll
    + 2004-08-04 08:03:10 39,936 —-a-w C:\WINDOWS\system32\hostmib.dll
    - 2007-08-22 13:19:17 251,392 —-a-w C:\WINDOWS\system32\iepeers.dll
    + 2008-02-16 09:05:42 251,392 —-a-w C:\WINDOWS\system32\iepeers.dll
    + 2006-10-26 11:45:04 207,360 —-a-w C:\WINDOWS\system32\INKED.DLL
    - 2007-08-22 13:19:17 96,768 —-a-w C:\WINDOWS\system32\inseng.dll
    + 2008-02-16 09:05:42 96,768 —-a-w C:\WINDOWS\system32\inseng.dll
    + 2004-08-04 08:03:11 35,840 —-a-w C:\WINDOWS\system32\iprip.dll
    - 2004-08-04 08:03:12 47,616 —-a-w C:\WINDOWS\system32\iyuv_32.dll
    + 2004-08-04 09:03:12 47,616 —-a-w C:\WINDOWS\system32\iyuv_32.dll
    - 2006-05-18 05:41:41 450,560 —-a-w C:\WINDOWS\system32\jscript.dll
    + 2007-12-18 14:43:07 450,560 —-a-w C:\WINDOWS\system32\jscript.dll
    - 2007-08-22 13:19:17 16,384 —-a-w C:\WINDOWS\system32\jsproxy.dll
    + 2008-02-16 09:05:42 16,384 —-a-w C:\WINDOWS\system32\jsproxy.dll
    + 2007-06-10 19:29:10 37,057 —-a-w C:\WINDOWS\system32\kbpDinput.dll
    + 2001-09-07 12:00:00 2,000 —-a-w C:\WINDOWS\system32\keyboard.drv
    + 2001-09-07 12:00:00 223,536 —-a-w C:\WINDOWS\system32\lanman.drv
    + 2004-08-04 08:03:12 33,792 —-a-w C:\WINDOWS\system32\lmmib2.dll
    - 2006-08-17 12:30:16 727,040 —-a-w C:\WINDOWS\system32\lsasrv.dll
    + 2007-11-07 09:30:24 727,040 —-a-w C:\WINDOWS\system32\lsasrv.dll
    + 2001-09-07 12:00:00 2,560 —-a-w C:\WINDOWS\system32\lz32.dll
    + 2008-01-07 10:26:46 181,672 —-a-w C:\WINDOWS\system32\Macromed\Director\swdir.dll
    + 2008-01-07 10:27:04 54,696 —-a-w C:\WINDOWS\system32\Macromed\Director\SwDnld.exe
    + 2007-11-21 00:04:14 218,496 —-a-r C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe
    + 2008-03-22 00:48:56 74,649 —-a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    - 2004-05-27 21:22:42 499,712 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll
    + 2008-01-03 17:19:34 581,632 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll
    - 2004-05-27 20:19:18 1,490,944 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\dirapi.dll
    + 2008-01-03 17:01:46 1,490,944 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\dirapi.dll
    - 2004-05-27 21:22:46 24,576 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\DynaPlayer.dll
    + 2008-01-03 17:20:14 24,576 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\DynaPlayer.dll
    + 2008-01-03 17:39:06 1,113,600 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gi.dll
    + 2008-01-03 16:46:46 52,288 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gtapi.dll
    - 2004-05-27 20:08:36 630,784 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\iml32.dll
    + 2008-01-03 16:59:14 606,208 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\iml32.dll
    - 2004-05-27 21:20:38 249,856 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Plugin.dll
    + 2008-01-03 17:18:56 339,968 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Plugin.dll
    - 2004-05-27 21:21:16 397,312 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\PluginPing.dll
    + 2008-01-03 17:19:06 475,136 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\PluginPing.dll
    - 2004-05-27 21:03:40 151,552 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Proj.dll
    + 2008-01-03 17:11:48 180,224 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Proj.dll
    + 2008-01-07 10:26:28 390,568 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwHelper_1030024.exe
    - 2004-05-27 21:26:36 77,824 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe
    + 2008-01-03 17:22:06 77,824 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe
    - 2004-05-27 21:20:18 86,016 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwMenu.dll
    + 2008-01-03 17:18:50 86,016 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwMenu.dll
    - 2004-05-27 21:26:38 98,304 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
    + 2008-01-03 17:22:08 98,304 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
    + 2008-01-03 16:46:44 50,808 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SYMCCHECKER.DLL
    - 1999-06-25 08:55:30 149,504 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE
    + 1999-06-25 09:55:30 149,504 —-a-w C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE
    + 2001-09-07 12:00:00 73,632 —-a-w C:\WINDOWS\system32\mciavi.drv
    + 2001-09-07 12:00:00 25,280 —-a-w C:\WINDOWS\system32\mciseq.drv
    + 2001-09-07 12:00:00 28,160 —-a-w C:\WINDOWS\system32\mciwave.drv
    + 2001-09-07 12:00:00 2,032 —-a-w C:\WINDOWS\system32\mouse.drv
    - 2004-08-04 08:03:13 138,240 —-a-w C:\WINDOWS\system32\mqad.dll
    + 2007-07-06 12:52:21 138,240 —-a-w C:\WINDOWS\system32\mqad.dll
    - 2004-08-04 08:03:13 47,104 —-a-w C:\WINDOWS\system32\mqdscli.dll
    + 2007-07-06 12:52:21 47,104 —-a-w C:\WINDOWS\system32\mqdscli.dll
    - 2004-08-04 08:03:13 16,896 —-a-w C:\WINDOWS\system32\mqise.dll
    + 2007-07-06 12:52:21 16,896 —-a-w C:\WINDOWS\system32\mqise.dll
    - 2004-08-04 08:03:14 660,992 —-a-w C:\WINDOWS\system32\mqqm.dll
    + 2007-07-06 12:52:21 660,992 —-a-w C:\WINDOWS\system32\mqqm.dll
    - 2004-08-04 08:03:14 177,152 —-a-w C:\WINDOWS\system32\mqrt.dll
    + 2007-07-06 12:52:21 177,152 —-a-w C:\WINDOWS\system32\mqrt.dll
    - 2004-08-04 08:03:14 95,744 —-a-w C:\WINDOWS\system32\mqsec.dll
    + 2007-07-06 12:52:22 95,744 —-a-w C:\WINDOWS\system32\mqsec.dll
    - 2004-08-04 08:03:14 48,640 —-a-w C:\WINDOWS\system32\mqupgrd.dll
    + 2007-07-06 12:52:22 48,640 —-a-w C:\WINDOWS\system32\mqupgrd.dll
    - 2004-08-04 08:03:14 504,832 —-a-w C:\WINDOWS\system32\mqutil.dll
    + 2007-07-06 12:52:22 504,832 —-a-w C:\WINDOWS\system32\mqutil.dll
    - 2007-11-02 07:12:57 18,238,072 —-a-w C:\WINDOWS\system32\MRT.exe
    + 2008-05-09 21:35:04 16,863,864 —-a-w C:\WINDOWS\system32\MRT.exe
    + 2001-09-07 12:00:00 20,992 —-a-w C:\WINDOWS\system32\msacm32.drv
    - 2003-02-20 17:06:24 155,648 —-a-w C:\WINDOWS\system32\mscoree.dll
    + 2006-12-22 11:28:14 271,360 —-a-w C:\WINDOWS\system32\mscoree.dll
    - 2003-02-20 16:43:38 16,896 —-a-w C:\WINDOWS\system32\mscorier.dll
    + 2004-07-14 22:34:06 16,896 —-a-w C:\WINDOWS\system32\mscorier.dll
    - 2004-08-04 08:03:15 512,029 —-a-w C:\WINDOWS\system32\msexch40.dll
    + 2008-03-25 04:50:28 518,944 —-a-w C:\WINDOWS\system32\msexch40.dll
    - 2004-08-04 08:03:15 319,517 —-a-w C:\WINDOWS\system32\msexcl40.dll
    + 2008-03-25 04:50:30 326,432 —-a-w C:\WINDOWS\system32\msexcl40.dll
    + 2004-08-04 08:03:38 192,512 —-a-w C:\WINDOWS\system32\msh261.drv
    + 2004-08-04 09:03:38 299,008 —-a-w C:\WINDOWS\system32\msh263.drv
    - 2007-08-22 13:19:18 3,079,168 —-a-w C:\WINDOWS\system32\mshtml.dll
    + 2008-02-16 22:35:48 3,080,704 —-a-w C:\WINDOWS\system32\mshtml.dll
    - 2007-08-22 13:19:18 449,024 —-a-w C:\WINDOWS\system32\mshtmled.dll
    + 2008-02-16 09:05:47 449,024 —-a-w C:\WINDOWS\system32\mshtmled.dll
    - 2004-08-04 08:03:15 1,507,356 —-a-w C:\WINDOWS\system32\msjet40.dll
    + 2008-03-25 04:50:34 1,516,568 —-a-w C:\WINDOWS\system32\msjet40.dll
    - 2004-07-17 18:34:46 358,976 —-a-w C:\WINDOWS\system32\msjetoledb40.dll
    + 2008-03-25 04:50:40 355,112 —-a-w C:\WINDOWS\system32\msjetoledb40.dll
    - 2004-08-04 08:03:15 53,279 —-a-w C:\WINDOWS\system32\msjter40.dll
    + 2008-03-25 04:50:42 60,192 —-a-w C:\WINDOWS\system32\msjter40.dll
    - 2004-08-04 08:03:15 241,693 —-a-w C:\WINDOWS\system32\msjtes40.dll
    + 2008-03-25 04:50:42 248,608 —-a-w C:\WINDOWS\system32\msjtes40.dll
    + 2003-11-21 14:45:06 91,136 —-a-r C:\WINDOWS\system32\msls2.dll
    - 2004-08-04 08:03:15 213,023 —-a-w C:\WINDOWS\system32\msltus40.dll
    + 2008-03-25 04:50:44 219,936 —-a-w C:\WINDOWS\system32\msltus40.dll
    - 2004-08-04 08:03:16 348,189 —-a-w C:\WINDOWS\system32\mspbde40.dll
    + 2008-03-25 04:50:45 355,104 —-a-w C:\WINDOWS\system32\mspbde40.dll
    - 2007-08-22 13:19:18 146,432 —-a-w C:\WINDOWS\system32\msrating.dll
    + 2008-02-16 09:05:47 146,432 —-a-w C:\WINDOWS\system32\msrating.dll
    - 2004-08-04 08:03:16 421,919 —-a-w C:\WINDOWS\system32\msrd2x40.dll
    + 2008-03-25 04:50:47 432,928 —-a-w C:\WINDOWS\system32\msrd2x40.dll
    - 2004-08-04 08:03:16 315,423 —-a-w C:\WINDOWS\system32\msrd3x40.dll
    + 2008-03-25 04:50:49 322,336 —-a-w C:\WINDOWS\system32\msrd3x40.dll
    - 2004-08-04 08:03:16 552,989 —-a-w C:\WINDOWS\system32\msrepl40.dll
    + 2008-03-25 04:50:52 559,904 —-a-w C:\WINDOWS\system32\msrepl40.dll
    - 2004-08-04 08:03:16 258,077 —-a-w C:\WINDOWS\system32\mstext40.dll
    + 2008-03-25 04:50:55 264,992 —-a-w C:\WINDOWS\system32\mstext40.dll
    - 2007-08-22 13:19:18 532,480 —-a-w C:\WINDOWS\system32\mstime.dll
    + 2008-02-16 09:05:48 532,480 —-a-w C:\WINDOWS\system32\mstime.dll
    - 2004-08-04 08:03:16 831,519 —-a-w C:\WINDOWS\system32\mswdat10.dll
    + 2008-03-25 04:50:57 838,432 —-a-w C:\WINDOWS\system32\mswdat10.dll
    - 2004-08-04 08:03:16 348,189 —-a-w C:\WINDOWS\system32\msxbde40.dll
    + 2008-03-25 04:50:58 355,104 —-a-w C:\WINDOWS\system32\msxbde40.dll
    + 2007-05-08 14:03:04 1,275,392 —-a-w C:\WINDOWS\system32\msxml4.dll
    + 2003-04-18 16:29:26 82,432 —-a-w C:\WINDOWS\system32\msxml4r.dll
    - 2004-08-04 08:03:16 17,408 —-a-w C:\WINDOWS\system32\msyuv.dll
    + 2004-08-04 09:03:16 17,408 —-a-w C:\WINDOWS\system32\msyuv.dll
    + 2007-07-30 17:19:10 271,224 —-a-w C:\WINDOWS\system32\mucltui.dll
    + 2006-12-22 12:02:36 6,144 —-a-w C:\WINDOWS\system32\mui\[u:c783598386]0[/u:c783598386]409\mscorees.dll
    + 2007-07-30 17:19:04 207,736 —-a-w C:\WINDOWS\system32\muweb.dll
    + 2001-09-07 12:00:00 2,656 —-a-w C:\WINDOWS\system32
    etware.drv
    - 2007-05-17 11:30:23 549,376 —-a-w C:\WINDOWS\system32\oleaut32.dll
    + 2007-12-04 18:42:03 550,912 —-a-w C:\WINDOWS\system32\oleaut32.dll
    - 2007-10-28 18:14:05 52,764 —-a-w C:\WINDOWS\system32\perfc009.dat
    + 2008-06-11 10:01:23 52,764 —-a-w C:\WINDOWS\system32\perfc009.dat
    - 2007-10-28 18:14:05 69,380 —-a-w C:\WINDOWS\system32\perfc013.dat
    + 2008-06-11 10:01:23 69,380 —-a-w C:\WINDOWS\system32\perfc013.dat
    - 2007-10-28 18:14:05 380,350 —-a-w C:\WINDOWS\system32\perfh009.dat
    + 2008-06-11 10:01:23 380,350 —-a-w C:\WINDOWS\system32\perfh009.dat
    - 2007-10-28 18:14:05 442,004 —-a-w C:\WINDOWS\system32\perfh013.dat
    + 2008-06-11 10:01:23 442,004 —-a-w C:\WINDOWS\system32\perfh013.dat
    - 2007-08-22 13:19:18 39,424 —-a-w C:\WINDOWS\system32\pngfilt.dll
    + 2008-02-16 09:05:48 39,424 —-a-w C:\WINDOWS\system32\pngfilt.dll
    - 2005-08-30 03:56:40 1,291,264 —-a-w C:\WINDOWS\system32\quartz.dll
    + 2007-10-29 22:45:24 1,291,776 —-a-w C:\WINDOWS\system32\quartz.dll
    + 2004-08-04 08:03:38 23,552 —-a-w C:\WINDOWS\system32\ReinstallBackups\[u:c783598386]0[/u:c783598386]005\DriverFiles\i386\wdmaud.drv
    - 2007-08-22 13:19:19 1,494,528 —-a-w C:\WINDOWS\system32\shdocvw.dll
    + 2008-02-16 09:05:50 1,494,528 —-a-w C:\WINDOWS\system32\shdocvw.dll
    - 2007-08-22 13:19:19 474,624 —-a-w C:\WINDOWS\system32\shlwapi.dll
    + 2008-02-16 09:05:51 474,624 —-a-w C:\WINDOWS\system32\shlwapi.dll
    + 2001-09-07 12:00:00 18,944 —-a-w C:\WINDOWS\system32\simptcp.dll
    + 2004-08-04 08:03:35 32,768 —-a-w C:\WINDOWS\system32\snmp.exe
    + 2004-08-04 08:03:21 6,144 —-a-w C:\WINDOWS\system32\snmpmib.dll
    + 2004-08-04 08:03:35 8,704 —-a-w C:\WINDOWS\system32\snmptrap.exe
    + 2001-09-07 12:00:00 1,744 —-a-w C:\WINDOWS\system32\sound.drv
    + 2001-09-07 12:00:00 3,360 —-a-w C:\WINDOWS\system32\system.drv
    + 2001-09-07 12:00:00 4,112 —-a-w C:\WINDOWS\system32\timer.drv
    - 2001-09-06 19:27:04 8,192 —-a-w C:\WINDOWS\system32\tsbyuv.dll
    + 2001-09-06 20:27:04 8,192 —-a-w C:\WINDOWS\system32\tsbyuv.dll
    - 2007-07-18 12:42:22 60,416 ——w C:\WINDOWS\system32\tzchange.exe
    + 2007-11-13 11:31:11 60,416 ——w C:\WINDOWS\system32\tzchange.exe
    - 2007-08-22 13:19:19 616,960 —-a-w C:\WINDOWS\system32\urlmon.dll
    + 2008-02-16 09:05:52 617,472 —-a-w C:\WINDOWS\system32\urlmon.dll
    - 2004-08-04 08:03:23 417,792 —-a-w C:\WINDOWS\system32\vbscript.dll
    + 2007-12-18 14:43:07 417,792 —-a-w C:\WINDOWS\system32\vbscript.dll
    - 2004-08-04 08:03:23 54,272 —-a-w C:\WINDOWS\system32\vfwwdm32.dll
    + 2004-08-04 09:03:24 54,272 —-a-w C:\WINDOWS\system32\vfwwdm32.dll
    + 2001-09-07 12:00:00 2,176 —-a-w C:\WINDOWS\system32\vga.drv
    + 2003-12-22 06:20:26 2,272 —-a-w C:\WINDOWS\system32\W95INF16.DLL
    + 2004-08-04 08:03:35 236,544 —-a-w C:\WINDOWS\system32\wbem\snmp\smi2smir.exe
    + 2001-09-07 12:00:00 15,872 —-a-w C:\WINDOWS\system32\wbem\snmp\smierrsm.dll
    + 2001-09-07 12:00:00 5,632 —-a-w C:\WINDOWS\system32\wbem\snmp\smierrsy.dll
    + 2001-09-07 12:00:00 5,632 —-a-w C:\WINDOWS\system32\wbem\snmp\smimsgif.dll
    + 2004-08-04 08:03:21 259,072 —-a-w C:\WINDOWS\system32\wbem\snmpcl.dll
    + 2004-08-04 08:03:21 358,400 —-a-w C:\WINDOWS\system32\wbem\snmpincl.dll
    + 2004-08-04 08:03:21 188,416 —-a-w C:\WINDOWS\system32\wbem\snmpsmir.dll
    + 2001-09-07 12:00:00 10,240 —-a-w C:\WINDOWS\system32\wbem\snmpstup.dll
    + 2004-08-04 08:03:21 40,448 —-a-w C:\WINDOWS\system32\wbem\snmpthrd.dll
    + 2004-08-04 08:03:38 23,552 —-a-w C:\WINDOWS\system32\wdmaud.drv
    + 2001-09-07 12:00:00 13,600 —-a-w C:\WINDOWS\system32\wfwnet.drv
    - 2007-08-22 13:19:19 662,016 —-a-w C:\WINDOWS\system32\wininet.dll
    + 2008-02-16 09:05:53 662,528 —-a-w C:\WINDOWS\system32\wininet.dll
    + 2001-09-07 12:00:00 2,864 —-a-w C:\WINDOWS\system32\winsock.dll
    + 2004-08-04 08:03:38 146,944 —-a-w C:\WINDOWS\system32\winspool.drv
    + 2001-09-07 12:00:00 2,112 —-a-w C:\WINDOWS\system32\winspool.exe
    + 2006-10-26 11:45:04 293,376 —-a-w C:\WINDOWS\system32\WISPTIS.EXE
    - 2006-10-18 20:47:18 222,208 —-a-w C:\WINDOWS\system32\WMASF.dll
    + 2007-10-25 08:28:30 222,720 —-a-w C:\WINDOWS\system32\wmasf.dll
    + 2001-09-07 12:00:00 2,736 —-a-w C:\WINDOWS\system32\wowdeb.exe
    - 2007-10-29 15:35:20 122,880 —-a-w C:\WINDOWS\system32\xpsp3res.dll
    + 2008-02-15 23:03:22 370,176 —-a-w C:\WINDOWS\system32\xpsp3res.dll
    + 2008-06-12 16:47:25 16,384 —-atw C:\WINDOWS\TEMP\Perflib_Perfdata_65c.dat
    + 2000-08-31 06:00:00 49,152 —-a-w C:\WINDOWS\VFind.exe
    + 2008-01-11 23:35:35 1,233,920 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
    + 2007-05-08 14:06:44 1,275,392 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll
    + 2008-01-11 23:35:36 82,432 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
    + 2006-10-26 11:40:34 95,744 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
    - 2006-06-05 12:14:28 479,232 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll
    + 2006-06-05 13:14:28 479,232 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll
    - 2006-06-05 12:14:28 548,864 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
    + 2006-06-05 13:14:28 548,864 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
    - 2006-06-05 12:14:28 626,688 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
    + 2006-06-05 13:14:28 626,688 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
    + 2006-10-26 11:40:36 479,232 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
    + 2006-10-26 11:40:36 548,864 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
    + 2006-10-26 11:40:36 626,688 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
    + 2006-10-26 11:40:36 1,093,632 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
    + 2006-10-26 11:40:36 1,079,808 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
    + 2006-10-26 11:40:36 69,632 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
    + 2006-10-26 11:40:36 57,344 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
    + 2006-10-26 11:40:36 40,960 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
    + 2006-10-26 11:40:36 45,056 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
    + 2006-10-26 11:40:36 65,536 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
    + 2006-10-26 11:40:36 57,344 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
    + 2006-10-26 11:40:36 61,440 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
    + 2006-10-26 11:40:36 61,440 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
    + 2006-10-26 11:40:36 61,440 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
    + 2006-10-26 11:40:36 49,152 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
    + 2006-10-26 11:40:36 49,152 —-a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
    + 2000-08-31 06:00:00 68,096 —-a-w C:\WINDOWS\zip.exe
    .
    – Snapshot reset to current date –
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8B00DB6A-EBE0-4873-921D-A6B787E5FAFE}]
    2008-06-12 18:49 282112 –a—— C:\WINDOWS\system32\efcBsTNG.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A0B4FFEA-D466-49A8-9BB0-B7BBD2FCB449}]
    2008-06-10 13:05 30208 ——— C:\WINDOWS\system32\yayxvSKe.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DDA1B30C-8CBF-4062-BEF3-09B099533292}]
    2008-06-10 13:10 281088 –a—— C:\WINDOWS\system32\qoMeDTnL.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ffb28989-a52e-484b-aa50-2e3905b3ba9b}]
    2008-06-12 18:59 97792 –a—— C:\WINDOWS\system32\befnlnvb.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-03-30 16:00 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "FLMK08KB"="C:\Program Files\Trust\302KS\Keyboard\MMKEYBD.EXE" [2004-07-31 01:25 202752]
    "FLMBROWSEMOUSE"="C:\Program Files\Trust\302KS\Mouse\mouse32a.exe" [2004-07-31 01:26 356352]
    "Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 09:57 143360]
    "ASUS Probe"="C:\Program Files\ASUS\Probe\AsusProb.exe" [2002-12-06 17:07 617984]
    "SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2005-01-24 19:58 81920]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-06-14 16:24 278528]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 00:08 282624]
    "TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" [2007-03-14 17:52 3770024]
    "XMetaL 48"="C:\Program Files\Corel\XMetaL 4\Author\registration.exe" [2002-07-03 15:03 315392]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 18:32 58984]
    "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-11-14 00:31 100056]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "BMaf86bb36"="C:\WINDOWS\system32\finifblx.dll" [2008-06-12 18:54 91136]
    "acb588aa"="C:\WINDOWS\system32\eodrcfrc.dll" [2008-06-12 18:56 82944]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 10:03 15360]

    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
    Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2004-06-05 11:54:24 110592]
    BlackICE Utility.lnk - C:\Program Files\Network ICE\BlackICE\blackice.exe [2002-09-25 12:10:27 770048]
    Exif Launcher.lnk.disabled [2003-09-22 09:53:06 1609]
    Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-03-26 22:41:22 124912]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 20:05:56 65588]
    VIA RAID TOOL.lnk - C:\Program Files\VIA\RAID\raid_tool.exe [2005-11-12 17:57:54 565248]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= C:\Program Files\Qualcomm\Eudora\EuShlExt.dll [2002-09-30 18:36 86016]
    "{A0B4FFEA-D466-49A8-9BB0-B7BBD2FCB449}"= C:\WINDOWS\system32\yayxvSKe.dll [2008-06-10 13:05 30208]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\yayxvSKe]
    yayxvSKe.dll 2008-06-10 13:05 30208 C:\WINDOWS\system32\yayxvSKe.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.SP54"= SP5X_32.DLL
    "VIDC.SP55"= SP5X_32.DLL
    "VIDC.SP56"= SP5X_32.DLL
    "VIDC.SP57"= SP5X_32.DLL
    "VIDC.SP58"= SP5X_32.DLL
    "msacm.sl_anet"= C:\PROGRA~1\ACEMEG~1\SystemS\sl_anet.acm
    "vidc.yv12"= C:\PROGRA~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL
    "vidc.divx"= C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivX520.dll
    "msacm.msaudio1"= C:\PROGRA~1\ACEMEG~1\SystemS\MICROS~1\msaud32.acm

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\efcBsTNG

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
    "InstantAccess"=C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE /h
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
    "InCD"=C:\Program Files\ahead\InCD\InCD.exe
    "RealTray"=C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    "REGSHAVE"=C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    "NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe
    "RegisterDropHandler"=C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
    "HPDJ Taskbar Utility"=C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
    "winactive"=C:\Program Files\Window Active\winactive.exe
    "Diskstart"=C:\WINDOWS\System32\code.exe
    "CloneCDElbyCDFL"="C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001
    "AntiVirusOverride"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3587:TCP"= 3587:TCP:Windows Peer-to-Peer-groepering
    "3540:UDP"= 3540:UDP:PNRP (Peer Name Resolution Protocol)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
    "AllowInboundEchoRequest"= 1 (0x1)

    R0 BsStor;InCD Storage Helper Driver;C:\WINDOWS\system32\DRIVERS\bsstor.sys [2002-05-09 09:21]
    R0 viasraid;viasraid;C:\WINDOWS\system32\DRIVERS\viasraid.sys [2003-10-31 05:22]
    R1 RapDrv;RapDrv;C:\WINDOWS\System32\drivers\RapDrv.sys [2002-07-11 12:47]
    R1 RapFile;RapFile;C:\WINDOWS\System32\drivers\RapFile.sys [2002-07-11 12:47]
    R1 RapNet;RapNet;C:\WINDOWS\System32\drivers\RapNet.sys [2002-07-11 12:48]
    R2 BsUDF;InCD UDF Driver;C:\WINDOWS\system32\drivers\BsUDF.sys [2002-05-09 09:21]
    S3 ASUSHWIO;ASUSHWIO;C:\WINDOWS\system32\drivers\ASUSHWIO.sys []
    S3 CA504AV;FAMILYC@M 500 FLASH, WDM Video Capture;C:\WINDOWS\system32\Drivers\CA504AV.SYS [2002-01-30 23:08]
    S3 p2pgasvc;Groepsverificatie van peer-netwerken;C:\WINDOWS\System32\svchost.exe [2004-08-04 10:03]
    S3 p2pimsvc;Identiteitsbeheer van peer-netwerken;C:\WINDOWS\System32\svchost.exe [2004-08-04 10:03]
    S3 p2psvc;Peer-netwerken;C:\WINDOWS\System32\svchost.exe [2004-08-04 10:03]
    S3 PNRPSvc;Naamomzettingsprotocol van peer-netwerken;C:\WINDOWS\System32\svchost.exe [2004-08-04 10:03]
    S3 QDFSDRV;QDFSDRV;C:\WINDOWS\system32\drivers\qdfsdrv.sys []
    S3 sonypvs1;Sony Digital Imaging Video2;C:\WINDOWS\system32\DRIVERS\sonypvs1.sys [2002-10-15 22:41]
    S3 Sunplus;FAMILYC@M 500 FLASH Still Image Capture, Sunplus Version 1.00;C:\WINDOWS\system32\Drivers\Bulk504.sys [2001-10-05 17:33]
    S3 SUPERWEBCAM;SuperWebcam, WDM Virtual Video Capture Device;C:\WINDOWS\system32\DRIVERS\superwebcam.sys [2006-06-27 09:56]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

    .
    Inhoud van de 'Gedeelde Taken' map
    "2008-04-04 20:46:21 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - Den - Man.job"
    - C:\PROGRA~1\NORTON~1\Navw32.exeh/task:
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-12 18:47:27
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————

    PROCESS: C:\WINDOWS\system32\winlogon.exe
    -> C:\WINDOWS\system32\yayxvSKe.dll

    PROCESS: C:\WINDOWS\explorer.exe
    -> C:\WINDOWS\system32\eodrcfrc.dll
    -> C:\WINDOWS\system32\finifblx.dll
    -> C:\WINDOWS\system32\efcBsTNG.dll
    .
    ———————— Other Running Processes ————————
    .
    C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\Trust\302KS\Keyboard\KBDAP32A.EXE
    C:\Program Files\Network ICE\BlackICE\blackd.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Norton AntiVirus\NAVAPSVC.EXE
    C:\Program Files\Norton AntiVirus\IWP\NPFMNTOR.EXE
    C:\WINDOWS\system32\tcpsvcs.exe
    C:\WINDOWS\system32\snmp.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Messenger\msmsgs.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2008-06-12 19:59:29 - machine was rebooted
    ComboFix-quarantined-files.txt 2008-06-12 17:58:39

    Pre-Run: 4,331,696,128 bytes beschikbaar
    Post-Run: 4,419,547,136 bytes beschikbaar

    1188 — E O F — 2008-05-16 09:07:00


  • HiJack logfile na:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:09:43, on 12-6-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Trust\302KS\Keyboard\KbdAp32A.exe
    C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
    C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    C:\Program Files\ASUS\Probe\AsusProb.exe
    C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\TomTom HOME\TomTomHOME.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Network ICE\BlackICE\blackd.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Norton AntiVirus
    avapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\Network ICE\BlackICE\blackice.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\VIA\RAID\raid_tool.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32
    otepad.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\HiJack\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Trust\302KS\Keyboard\MMKEYBD.EXE
    O4 - HKLM\..\Run: [FLMBROWSEMOUSE] C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
    O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
    O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
    O4 - HKLM\..\Run: [XMetaL 48] C:\Program Files\Corel\XMetaL 4\Author\registration.exe /title="XMetaL 4" /date=062508 serial=XA04WRD-0010630-MTS
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BMaf86bb36] Rundll32.exe "C:\WINDOWS\system32\pfgcnwwy.dll",s
    O4 - HKLM\..\Run: [acb588aa] rundll32.exe "C:\WINDOWS\system32\tfjgcodh.dll",b
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: BlackICE Utility.lnk = ?
    O4 - Global Startup: Exif Launcher.lnk.disabled
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.blackboard.ru.nl
    O15 - Trusted Zone: www.dimo.nl
    O15 - Trusted Zone: www.doggynet.nl
    O15 - Trusted Zone: art.ebay.com
    O15 - Trusted Zone: art.listings.ebay.com
    O15 - Trusted Zone: cgi.ebay.com
    O15 - Trusted Zone: feedback.ebay.com
    O15 - Trusted Zone: my.ebay.com
    O15 - Trusted Zone: pages.ebay.com
    O15 - Trusted Zone: search.ebay.com
    O15 - Trusted Zone: signin.ebay.com
    O15 - Trusted Zone: www.ebay.com
    O15 - Trusted Zone: www.funda.nl
    O15 - Trusted Zone: images.google.nl
    O15 - Trusted Zone: www.google.nl
    O15 - Trusted Zone: www.huisinhelmond.nl
    O15 - Trusted Zone: www.kieskeurig.nl
    O15 - Trusted Zone: www.let.ru.nl
    O15 - Trusted Zone: www.marktplaats.nl
    O15 - Trusted Zone: *.marktplaats.nl
    O15 - Trusted Zone: www.rabomakelaardijdepeel.nl
    O15 - Trusted Zone: www.rabomakelaardijzuid.nl
    O15 - Trusted Zone: www.sosstrays.be
    O15 - Trusted Zone: www.stichtingaai.nl
    O15 - Trusted Zone: www.student.ru.nl
    O15 - Trusted Zone: securityresponse.symantec.com
    O15 - Trusted Zone: www.twanpoels.nl
    O15 - Trusted Zone: www.vkampen.nl
    O15 - Trusted Zone: *.www.ns.nl
    O15 - Trusted Zone: *.www.ru.nl
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: BlackICE - Internet Security Systems, Inc. - C:\Program Files\Network ICE\BlackICE\blackd.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
    avapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: RapApp - Internet Security Systems, Inc. - C:\Program Files\Network ICE\BlackICE\rapapp.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O24 - Desktop Component 0: (no name) - http://akomed.nl/Pictures/top2.jpg
    O24 - Desktop Component 1: (no name) - http://ebay0.ipixmedia.com/abc/M28/_EBAY_7836be91b2f85b5ad844154187ed287f/i-1.JPG
    O24 - Desktop Component 10: (no name) - http://doggy.net/pups/clipart/aai-logo.gif
    O24 - Desktop Component 11: (no name) - http://www.dierenthuis.nl/nieuws/habikat/pics/habikat.jpg
    O24 - Desktop Component 12: (no name) - http://pictures.autotrader.nl/PICTURES/NLDE/CARS/200x150/6735169215814200x150x1x0.jpg
    O24 - Desktop Component 13: (no name) - http://www.drink.nl/REAL_A/ag.gif
    O24 - Desktop Component 14: (no name) - http://www.why.nl/graphics/nieuwefront_01.jpg
    O24 - Desktop Component 15: (no name) - http://www.vlooienmarkten.nl/images/grotekerkdenhaag.jpg
    O24 - Desktop Component 2: (no name) - http://images.google.com/images?q=tbn:_-DfWjwd4doC:www.hondkopen.nl/foto%27s/jachthonden8/AmCockers/puppies%2520met%2520pompoen.JPG
    O24 - Desktop Component 3: (no name) - http://www.hondkopen.nl/foto's/jachthonden8/AmCockers/puppies%20met%20pompoen.JPG
    O24 - Desktop Component 4: (no name) - http://home.quicknet.nl/mw/prive/blackmask/Luna7-140902.jpg
    O24 - Desktop Component 5: (no name) - http://images.google.com/images?q=tbn:o_cZqkNNymcC:home.planet.nl/~katna000/images/post.gif
    O24 - Desktop Component 6: (no name) - http://doggy.net/pups/messages/286/22206.jpg
    O24 - Desktop Component 7: (no name) - http://doggy.net/pups/messages/286/22569.jpg
    O24 - Desktop Component 8: (no name) - http://www.telefoongids.nl/pix/telgids.gif
    O24 - Desktop Component 9: (no name) - http://us.f804.mail.yahoo.com/ym/ShowLetter/Image5.jpg?box=Inbox&MsgId=5941_1933083_33779_1391_237394_0_8966_307682_894583483&bodyPart=2&filename=Image5.jpg&tnef=&YY=26537&order=down&sort=date&pos=0


    End of file - 12979 bytes


  • Ik had precies het zelfde probleem en ik heb win XP opnieuw geinstaleerd.
  • Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:
    [b:4d8c1392c9]
    O4 - HKLM\..\Run: [BMaf86bb36] Rundll32.exe "C:\WINDOWS\system32\pfgcnwwy.dll",s
    O4 - HKLM\..\Run: [acb588aa] rundll32.exe "C:\WINDOWS\system32\tfjgcodh.dll",b
    [/b:4d8c1392c9]
    Klik op 'Fix checked' om de items te verwijderen.



    Download [b:4d8c1392c9]DelDomains.inf[/b:4d8c1392c9], plaats het op je bureaublad.
    Ga naar je bureaublad, klik met de [u:4d8c1392c9]rechter[/u:4d8c1392c9]muisknop op DelDomains.inf en kies "Installeren".

    NB: Heb je handmatig sites in de "Vertrouwde zone" gezet of IE-SpyAd gebruikt om sites in de "Websites met beperkte toegang" te zetten, dan zijn die er nu uit verwijderd.


    Download Malwarebytes' Anti-Malware via [b:4d8c1392c9]hier[/b:4d8c1392c9] of [b:4d8c1392c9]hier[/b:4d8c1392c9].

    Dubbelklik mbam-setup.exe om het programma te installeren.[list:4d8c1392c9]
    [*:4d8c1392c9]Zorg ervoor dat er een vinkje geplaatst is voor [b:4d8c1392c9]Update Malwarebytes' Anti-Malware[/b:4d8c1392c9] en [b:4d8c1392c9]Launch Malwarebytes' Anti-Malware[/b:4d8c1392c9], Klik daarna op "finish".
    [*:4d8c1392c9]Indien een update gevonden werd, zal het die downloaden en de laatste versie installeren.
    [*:4d8c1392c9]Wanneer het programma volledig up to date is, selecteer "[b:4d8c1392c9]Perform Quick Scan[/b:4d8c1392c9]", daarna klik [b:4d8c1392c9]Scan[/b:4d8c1392c9].
    [*:4d8c1392c9]Het scannen kan een tijdje duren, dus wees geduldig.
    [*:4d8c1392c9]Wanneer de scan voltooid is, klik OK, daarna "Show Results" om de resultaten te zien.
    [*:4d8c1392c9]Zorg ervoor dat daar [b:4d8c1392c9]alles aangevinkt is[/b:4d8c1392c9], daarna klik: [b:4d8c1392c9]Remove Selected[/b:4d8c1392c9].
    [*:4d8c1392c9]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie extra nota onderaan)
    [*:4d8c1392c9]De log wordt automatisch bewaard door MBAM die je kan zien door de "Logs" tab te klikken in MBAM.
    [*:4d8c1392c9]Kopieer en plak de resultaten van de log in je volgend antwoord, samen met een nieuw HijackThislog.
    [/list:u:4d8c1392c9]
    Extra opmerking:
    [b:4d8c1392c9]Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de Computer opnieuw op te starten… dus sta toe dat MBAM de computer opnieuw opstart.[/b:4d8c1392c9]
    Herstart de computer en plaats ook een nieuw HJT logje
  • Bedankt dat je me wil helpen juisterr!

    Heb gedaan wat je gevraagd had. Ik krijg nu wel het volgende bericht bij het opstarten: Cannot create shell notification (Asus Probe).

    [b:0b9709b334]Nieuwe HiJack logfile:[/b:0b9709b334]
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:57:29, on 13-6-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
    C:\Program Files\Trust\302KS\Keyboard\KbdAp32A.exe
    C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    C:\Program Files\ASUS\Probe\AsusProb.exe
    C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\TomTom HOME\TomTomHOME.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Network ICE\BlackICE\blackice.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Network ICE\BlackICE\blackd.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Norton AntiVirus
    avapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\VIA\RAID\raid_tool.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\HiJack\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: {d676611f-a84f-b3bb-07f4-2ff1e9650f17} - {71f0569e-1ff2-4f70-bb3b-f48af116676d} - C:\WINDOWS\system32\srpoibxp.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Trust\302KS\Keyboard\MMKEYBD.EXE
    O4 - HKLM\..\Run: [FLMBROWSEMOUSE] C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
    O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
    O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
    O4 - HKLM\..\Run: [XMetaL 48] C:\Program Files\Corel\XMetaL 4\Author\registration.exe /title="XMetaL 4" /date=062508 serial=XA04WRD-0010630-MTS
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: BlackICE Utility.lnk = ?
    O4 - Global Startup: Exif Launcher.lnk.disabled
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: BlackICE - Internet Security Systems, Inc. - C:\Program Files\Network ICE\BlackICE\blackd.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
    avapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: RapApp - Internet Security Systems, Inc. - C:\Program Files\Network ICE\BlackICE\rapapp.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O24 - Desktop Component 0: (no name) - http://akomed.nl/Pictures/top2.jpg
    O24 - Desktop Component 1: (no name) - http://ebay0.ipixmedia.com/abc/M28/_EBAY_7836be91b2f85b5ad844154187ed287f/i-1.JPG
    O24 - Desktop Component 10: (no name) - http://doggy.net/pups/clipart/aai-logo.gif
    O24 - Desktop Component 11: (no name) - http://www.dierenthuis.nl/nieuws/habikat/pics/habikat.jpg
    O24 - Desktop Component 12: (no name) - http://pictures.autotrader.nl/PICTURES/NLDE/CARS/200x150/6735169215814200x150x1x0.jpg
    O24 - Desktop Component 13: (no name) - http://www.drink.nl/REAL_A/ag.gif
    O24 - Desktop Component 14: (no name) - http://www.why.nl/graphics/nieuwefront_01.jpg
    O24 - Desktop Component 15: (no name) - http://www.vlooienmarkten.nl/images/grotekerkdenhaag.jpg
    O24 - Desktop Component 2: (no name) - http://images.google.com/images?q=tbn:_-DfWjwd4doC:www.hondkopen.nl/foto%27s/jachthonden8/AmCockers/puppies%2520met%2520pompoen.JPG
    O24 - Desktop Component 3: (no name) - http://www.hondkopen.nl/foto's/jachthonden8/AmCockers/puppies%20met%20pompoen.JPG
    O24 - Desktop Component 4: (no name) - http://home.quicknet.nl/mw/prive/blackmask/Luna7-140902.jpg
    O24 - Desktop Component 5: (no name) - http://images.google.com/images?q=tbn:o_cZqkNNymcC:home.planet.nl/~katna000/images/post.gif
    O24 - Desktop Component 6: (no name) - http://doggy.net/pups/messages/286/22206.jpg
    O24 - Desktop Component 7: (no name) - http://doggy.net/pups/messages/286/22569.jpg
    O24 - Desktop Component 8: (no name) - http://www.telefoongids.nl/pix/telgids.gif
    O24 - Desktop Component 9: (no name) - http://us.f804.mail.yahoo.com/ym/ShowLetter/Image5.jpg?box=Inbox&MsgId=5941_1933083_33779_1391_237394_0_8966_307682_894583483&bodyPart=2&filename=Image5.jpg&tnef=&YY=26537&order=down&sort=date&pos=0


    End of file - 11764 bytes

  • Ik had trouwens 23 Trojan meldingen bij Mbam! Nu lijkt het er op dat mijn pc geen last meer heeft van virussen en pop-ups. Moet ik trouwens nog iets doen met Combofix of is Mbam een alternatief voor Combofix?

    [b:4be13bc9b9]MBAM log:[/b:4be13bc9b9]
    Malwarebytes' Anti-Malware 1.17
    Database versie: 851

    14:38:40 13-6-2008
    mbam-log-6-13-2008 (14-38-40).txt

    Scan type: Snelle Scan
    Objecten gescand: 37143
    Verstreken tijd: 9 minute(s), 35 second(s)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 3
    Registersleutels geïnfecteerd: 15
    Registerwaarden geïnfecteerd: 2
    Registerdata bestanden geïnfecteerd: 2
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 8

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Geheugenmodulen geïnfecteerd:
    C:\WINDOWS\system32\qoMeDTnL.dll (Trojan.Vundo) -> Unloaded module successfully.
    C:\WINDOWS\system32\tfjgcodh.dll (Trojan.Vundo) -> Unloaded module successfully.
    C:\WINDOWS\system32\yayxvSKe.dll (Trojan.Vundo) -> Unloaded module successfully.

    Registersleutels geïnfecteerd:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49d82d6c-4199-4b55-91de-afb2ff688e5f} (Trojan.Vundo) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{49d82d6c-4199-4b55-91de-afb2ff688e5f} (Trojan.Vundo) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{a0b4ffea-d466-49a8-9bb0-b7bbd2fcb449} (Trojan.Vundo) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a0b4ffea-d466-49a8-9bb0-b7bbd2fcb449} (Trojan.Vundo) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\yayxvske (Trojan.Vundo) -> Delete on reboot.
    HKEY_CLASSES_ROOT\pe2detect.pe2detect (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\pe2detect.pe2detect.1 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\toolbarbesttoolbarstoolbar.besttoolbarstoolbarobject (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\toolbarbesttoolbarstoolbar.besttoolbarstoolbarobject.1 (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\MsSC2 (Trojan.Downloader) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\MediaLoads (Adware.Medload) -> Quarantined and deleted successfully.

    Registerwaarden geïnfecteerd:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{a0b4ffea-d466-49a8-9bb0-b7bbd2fcb449} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BMaf86bb36 (Trojan.Agent) -> Quarantined and deleted successfully.

    Registerdata bestanden geïnfecteerd:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\qomedtnl -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\qomedtnl -> Delete on reboot.

    Mappen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Bestanden geïnfecteerd:
    C:\WINDOWS\system32\qoMeDTnL.dll (Trojan.Vundo) -> Delete on reboot.
    C:\WINDOWS\system32\LnTDeMoq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\LnTDeMoq.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\tfjgcodh.dll (Trojan.Vundo) -> Delete on reboot.
    C:\WINDOWS\system32\hdocgjft.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\yayxvSKe.dll (Trojan.Vundo) -> Delete on reboot.
    C:\WINDOWS\system32\pfgcnwwy.dll (Trojan.Agent) -> Delete on reboot.
    C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
  • Nou er staat delete on reboot, ik neem aan dat je herstart hebt ?

    Mag ik een heel nieuw gemaakt HJT logje zien aub.
  • Dag,

    Ja, ik heb herstart. De Trojan virussen lijken verdwenen te zijn, maar ik heb nog wel last van adware pop-ups.

    Bij deze een nieuwe HiJack logfile:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:12:09, on 18-6-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
    C:\Program Files\Trust\302KS\Keyboard\KbdAp32A.exe
    C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    C:\Program Files\ASUS\Probe\AsusProb.exe
    C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\TomTom HOME\TomTomHOME.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Network ICE\BlackICE\blackice.exe
    C:\Program Files\Network ICE\BlackICE\blackd.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Norton AntiVirus
    avapsvc.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\VIA\RAID\raid_tool.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\HiJack\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: {d676611f-a84f-b3bb-07f4-2ff1e9650f17} - {71f0569e-1ff2-4f70-bb3b-f48af116676d} - C:\WINDOWS\system32\srpoibxp.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Trust\302KS\Keyboard\MMKEYBD.EXE
    O4 - HKLM\..\Run: [FLMBROWSEMOUSE] C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
    O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
    O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
    O4 - HKLM\..\Run: [XMetaL 48] C:\Program Files\Corel\XMetaL 4\Author\registration.exe /title="XMetaL 4" /date=062508 serial=XA04WRD-0010630-MTS
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: BlackICE Utility.lnk = ?
    O4 - Global Startup: Exif Launcher.lnk.disabled
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: BlackICE - Internet Security Systems, Inc. - C:\Program Files\Network ICE\BlackICE\blackd.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
    avapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: RapApp - Internet Security Systems, Inc. - C:\Program Files\Network ICE\BlackICE\rapapp.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O24 - Desktop Component 0: (no name) - http://akomed.nl/Pictures/top2.jpg
    O24 - Desktop Component 1: (no name) - http://ebay0.ipixmedia.com/abc/M28/_EBAY_7836be91b2f85b5ad844154187ed287f/i-1.JPG
    O24 - Desktop Component 10: (no name) - http://doggy.net/pups/clipart/aai-logo.gif
    O24 - Desktop Component 11: (no name) - http://www.dierenthuis.nl/nieuws/habikat/pics/habikat.jpg
    O24 - Desktop Component 12: (no name) - http://pictures.autotrader.nl/PICTURES/NLDE/CARS/200x150/6735169215814200x150x1x0.jpg
    O24 - Desktop Component 13: (no name) - http://www.drink.nl/REAL_A/ag.gif
    O24 - Desktop Component 14: (no name) - http://www.why.nl/graphics/nieuwefront_01.jpg
    O24 - Desktop Component 15: (no name) - http://www.vlooienmarkten.nl/images/grotekerkdenhaag.jpg
    O24 - Desktop Component 2: (no name) - http://images.google.com/images?q=tbn:_-DfWjwd4doC:www.hondkopen.nl/foto%27s/jachthonden8/AmCockers/puppies%2520met%2520pompoen.JPG
    O24 - Desktop Component 3: (no name) - http://www.hondkopen.nl/foto's/jachthonden8/AmCockers/puppies%20met%20pompoen.JPG
    O24 - Desktop Component 4: (no name) - http://home.quicknet.nl/mw/prive/blackmask/Luna7-140902.jpg
    O24 - Desktop Component 5: (no name) - http://images.google.com/images?q=tbn:o_cZqkNNymcC:home.planet.nl/~katna000/images/post.gif
    O24 - Desktop Component 6: (no name) - http://doggy.net/pups/messages/286/22206.jpg
    O24 - Desktop Component 7: (no name) - http://doggy.net/pups/messages/286/22569.jpg
    O24 - Desktop Component 8: (no name) - http://www.telefoongids.nl/pix/telgids.gif
    O24 - Desktop Component 9: (no name) - http://us.f804.mail.yahoo.com/ym/ShowLetter/Image5.jpg?box=Inbox&MsgId=5941_1933083_33779_1391_237394_0_8966_307682_894583483&bodyPart=2&filename=Image5.jpg&tnef=&YY=26537&order=down&sort=date&pos=0


    End of file - 11715 bytes

  • Jongens heel erg bedankt voor het oplossen van dit probleem Nu kan ik eindelijk weer zonder reclame computeren. P.S. Hitman PRO schijnt ook te werken.
  • hmp werkt dus niet.


    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:
    [b:688b53a39c]
    O2 - BHO: {d676611f-a84f-b3bb-07f4-2ff1e9650f17} - {71f0569e-1ff2-4f70-bb3b-f48af116676d} - C:\WINDOWS\system32\srpoibxp.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
    O24 - Desktop Component 0: (no name) - http://akomed.nl/Pictures/top2.jpg
    O24 - Desktop Component 10: (no name) - http://doggy.net/pups/clipart/aai-logo.gif
    O24 - Desktop Component 11: (no name) - http://www.dierenthuis.nl/nieuws/habikat/pics/habikat.jpg
    O24 - Desktop Component 12: (no name) - http://pictures.autotrader.nl/PICTURES/NLDE/CARS/200x150/6735169215814200x150x1x0.jpg
    O24 - Desktop Component 13: (no name) - http://www.drink.nl/REAL_A/ag.gif
    O24 - Desktop Component 14: (no name) - http://www.why.nl/graphics/nieuwefront_01.jpg
    O24 - Desktop Component 15: (no name) - http://www.vlooienmarkten.nl/images/grotekerkdenhaag.jpg
    O24 - Desktop Component 2: (no name) - http://images.google.com/images?q=tbn:_-DfWjwd4doC:www.hondkopen.nl/foto%27s/jachthonden8/AmCockers/puppies%2520met%2520pompoen.JPG
    O24 - Desktop Component 3: (no name) - http://www.hondkopen.nl/foto's/jachthonden8/AmCockers/puppies%20met%20pompoen.JPG
    O24 - Desktop Component 4: (no name) - http://home.quicknet.nl/mw/prive/blackmask/Luna7-140902.jpg
    O24 - Desktop Component 5: (no name) - http://images.google.com/images?q=tbn:o_cZqkNNymcC:home.planet.nl/~katna000/images/post.gif
    O24 - Desktop Component 6: (no name) - http://doggy.net/pups/messages/286/22206.jpg
    O24 - Desktop Component 7: (no name) - http://doggy.net/pups/messages/286/22569.jpg
    O24 - Desktop Component 8: (no name) - http://www.telefoongids.nl/pix/telgids.gif
    O24 - Desktop Component 9: (no name) - http://us.f804.mail.yahoo.com/ym/ShowLetter/Image5.jpg?box=Inbox&MsgId=5941_1933083_33779_1391_237394_0_8966_307682_894583483&bodyPart=2&filename=Image5.jpg&tnef=&YY=26537&order=down&sort=date&pos=0
    [/b:688b53a39c]
    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.

    start opnieuw op en plaats even een nieuw HJT logje aub.
  • Okay, gedaan. Bij deze een nieuwe HiJack logfile:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:48:25, on 20-6-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
    C:\Program Files\Trust\302KS\Keyboard\KbdAp32A.exe
    C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    C:\Program Files\ASUS\Probe\AsusProb.exe
    C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\TomTom HOME\TomTomHOME.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
    C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
    C:\Program Files\Network ICE\BlackICE\blackd.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    C:\Program Files\Norton AntiVirus
    avapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\Network ICE\BlackICE\blackice.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\VIA\RAID\raid_tool.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\HiJack\HijackThis.exe
    C:\Program Files\Messenger\msmsgs.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Trust\302KS\Keyboard\MMKEYBD.EXE
    O4 - HKLM\..\Run: [FLMBROWSEMOUSE] C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
    O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
    O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
    O4 - HKLM\..\Run: [XMetaL 48] C:\Program Files\Corel\XMetaL 4\Author\registration.exe /title="XMetaL 4" /date=062508 serial=XA04WRD-0010630-MTS
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: BlackICE Utility.lnk = ?
    O4 - Global Startup: Exif Launcher.lnk.disabled
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: BlackICE - Internet Security Systems, Inc. - C:\Program Files\Network ICE\BlackICE\blackd.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
    avapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: RapApp - Internet Security Systems, Inc. - C:\Program Files\Network ICE\BlackICE\rapapp.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O24 - Desktop Component 1: (no name) - http://ebay0.ipixmedia.com/abc/M28/_EBAY_7836be91b2f85b5ad844154187ed287f/i-1.JPG
    O24 - Desktop Component 10: (no name) - http://doggy.net/pups/clipart/aai-logo.gif
    O24 - Desktop Component 11: (no name) - http://www.dierenthuis.nl/nieuws/habikat/pics/habikat.jpg
    O24 - Desktop Component 12: (no name) - http://pictures.autotrader.nl/PICTURES/NLDE/CARS/200x150/6735169215814200x150x1x0.jpg
    O24 - Desktop Component 13: (no name) - http://www.drink.nl/REAL_A/ag.gif
    O24 - Desktop Component 14: (no name) - http://www.why.nl/graphics/nieuwefront_01.jpg
    O24 - Desktop Component 15: (no name) - http://www.vlooienmarkten.nl/images/grotekerkdenhaag.jpg


    End of file - 11112 bytes

  • Hoe gaat het nu ?
  • Het gaat goed! Geen last meer van virussen en pop-ups. Ik heb weer een stabiel systeem. Enorm bedankt juisterr!

    Ik krijg alleen wel het volgende bericht bij het opstarten: Asus: "cannot create shell notification icon"

    Weet jij wat dit betekent?
  • http://www.google.nl/search?hl=nl&q=%22cannot+create+shell+notification+icon%22+&btnG=Google+zoeken&meta=

    Hoe is je engels ?

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.