Vraag & Antwoord

Beveiliging & privacy

veiligheidscertificaatproblemen (hijackthislog)

8 antwoorden
  • omdat ik problemen heb met het internet op mijn media center, een hijackthislogje. Ik krijg bij diverse sites een waarschuwing dat het veiligheidscertificaat niet klopt of geldig is, met een andere computer heb ik dat probleem niet. Tevens wilt msn me plotseling niet meer aanmelden. Soms verdwijnt het plotseling, maar enkele dagen later heb ik het dan weer. hijackthislogje: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:53:41, on 12-11-2006 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\TeamViewer3\TeamViewer_Host.exe C:\Program Files\TeamViewer3\TeamViewer.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\TVR\RecSche.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Kreatives.org\KRISTAL Audio Engine\KRISTAL.exe C:\Program Files\TVR\remote.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Remote] "C:\Program Files\TVR\remote.exe" O4 - HKLM\..\Run: [RecSche] "C:\Program Files\TVR\RecSche.exe" O4 - HKLM\..\Run: [WinDVRCtrl] C:\WINDOWS\WDVRCtrl.exe O4 - HKLM\..\Run: [StillImageMonitor] C:\W O4 - HKLM\..\Run: [ScanRegistry] C:\W O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1223930890109 O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 9663 bytes
  • geen reactie is niets aan de hand? of moet ik gaan vrezen voor het ergste?
  • Start Hijackthis op en kies voor 'Do a system scan only' Selecteer alleen de items die hieronder zijn genoemd: [b:5757251e92] O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O4 - HKLM\..\Run: [StillImageMonitor] C:\W O4 - HKLM\..\Run: [ScanRegistry] C:\W O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE [/b:5757251e92] Sluit alle vensters behalve Hijackthis Klik op 'Fix checked' om de items te verwijderen. Download [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:5757251e92][color=blue:5757251e92]Combofix[/color:5757251e92][/b:5757251e92][/url] naar je Bureaublad en gebruik het volgens [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden]deze handleiding[/url]. [i:5757251e92][color=Red:5757251e92]OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en [b:5757251e92]download Combofix opnieuw[/b:5757251e92]. Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen![/color:5757251e92][/i:5757251e92][list:5757251e92][*:5757251e92]Dubbelklik op [b:5757251e92]Combofix.exe[/b:5757251e92] om het te starten. [*:5757251e92][i:5757251e92]Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.[/i:5757251e92] [*:5757251e92]Klik op [b:5757251e92]OK[/b:5757251e92] in het "NirCmd" venstertje. [*:5757251e92][i:5757251e92]Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op [b:5757251e92]JA[/b:5757251e92] te klikken in het "Query - Recovery Console" venster.[/i:5757251e92] [*:5757251e92]Klik op [b:5757251e92]OK[/b:5757251e92] en [b:5757251e92]Ja[/b:5757251e92] om automatisch de Recovery Console te laten installeren. [*:5757251e92]Klik na afloop terug op [b:5757251e92]Ja[/b:5757251e92] om het scannen op malware te starten. [*:5757251e92]Tijdens het runnen van de fix, [b:5757251e92]NIET[/b:5757251e92] in het venster klikken, want dit zal je pc doen vasthangen. [*:5757251e92]Wanneer de fix voltooid is en na herstart, zal de log [b:5757251e92]Combofix.txt[/b:5757251e92] openen.[/list:u:5757251e92]Post dit logje in je volgende antwoord.
  • Combofix liep aanzienlijk sneller dan bij mijn laptop (mijn laptop is na opnieuw installeren nog steeds in bezit van een probleem overigens) logje: [b:93dbb4f386] ComboFix 09-04-21.A1 - Media Center 21-04-2008 13:08.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2047.1415 [GMT 2:00] Gestart vanuit: c:\documents and settings\Media Center\Mijn documenten\ComboFix.exe FW: ZoneAlarm Firewall *enabled* * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((( Bestanden Gemaakt van 2009-03-21 to 2009-04-21 )))))))))))))))))))))))))))))) . 2009-04-06 10:14 . 2006-11-12 15:00 -------- d-----w c:\program files\wmp11 2009-04-06 08:57 . 2009-04-06 08:57 -------- d--h--w c:\windows\PIF 2009-04-02 12:38 . 2009-04-02 12:38 -------- d-----w c:\documents and settings\All Users\Application Data\Adobe Systems 2009-04-02 12:38 . 2009-04-02 12:38 -------- d-----w c:\program files\Common Files\Adobe Systems Shared 2009-04-02 11:08 . 2008-04-14 20:32 219136 -c--a-w c:\windows\system32\dllcache\uxtheme.dll 2009-03-31 12:28 . 2009-01-15 10:19 23848 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys 2009-03-31 12:28 . 2008-04-17 10:12 107368 ----a-w c:\windows\system32\GEARAspi.dll 2009-03-31 12:27 . 2009-03-31 12:27 -------- d-----w c:\program files\iPod 2009-03-31 12:27 . 2009-03-31 12:28 -------- d-----w c:\program files\iTunes 2009-03-31 12:27 . 2009-03-31 12:28 -------- d-----w c:\documents and settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} 2009-03-31 12:27 . 2009-03-05 21:59 36864 ----a-w c:\windows\system32\drivers\usbaapl.sys 2009-03-31 12:27 . 2009-03-05 21:59 1900544 ----a-w c:\windows\system32\usbaaplrc.dll 2009-03-11 08:50 . 2009-03-11 08:50 -------- d-----w c:\program files\Common Files\Macrovision Shared 2009-03-09 17:34 . 2009-03-10 08:55 -------- d-----w c:\documents and settings\All Users\Application Data\NFS Underground 2009-03-09 10:09 . 2009-03-09 10:09 22032 ---ha-w c:\windows\system32\mlfcache.dat 2009-03-09 10:09 . 2009-03-09 10:09 -------- d-----w c:\program files\Safari 2009-03-09 10:08 . 2009-03-09 10:08 -------- d-----w c:\program files\QuickTime 2009-03-09 10:08 . 2009-03-31 12:27 -------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer 2009-03-09 10:07 . 2009-03-09 10:07 0 ----a-w c:\windows\nsreg.dat 2009-03-09 10:07 . 2009-03-09 10:07 -------- d-----w c:\documents and settings\Media Center\Local Settings\Application Data\Mozilla 2009-03-05 14:02 . 2009-03-05 14:02 -------- d--h--w c:\windows\$hf_mig$ 2009-03-03 12:41 . 2009-03-03 12:41 -------- d-----w c:\documents and settings\Media Center\Local Settings\Application Data\Help 2009-03-03 12:39 . 2009-03-03 12:39 -------- d-----w c:\program files\Maxis 2009-03-01 22:53 . 2009-03-01 22:53 -------- d-----w c:\program files\3D Xtreme Mega Rides - Devil Rock 2009-02-26 08:35 . 2009-02-26 08:35 22328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2009-02-26 08:35 . 2009-02-26 08:35 103736 ----a-w c:\windows\system32\PnkBstrB.exe 2009-02-26 08:35 . 2009-02-26 08:35 66872 ----a-w c:\windows\system32\PnkBstrA.exe 2009-02-26 08:35 . 2009-02-26 08:35 -------- d-----w c:\windows\system32\LogFiles 2009-02-26 08:35 . 2009-02-26 08:35 -------- d--h--r c:\documents and settings\Media Center\Application Data\SecuROM 2009-02-25 13:37 . 2009-02-25 13:37 -------- d-----w c:\program files\Kreatives.org 2009-02-22 17:25 . 2009-02-22 17:25 268 ---ha-w C:\sqmdata15.sqm 2009-02-22 17:25 . 2009-02-22 17:25 244 ---ha-w C:\sqmnoopt15.sqm 2009-02-21 23:55 . 2009-02-21 23:55 268 ---ha-w C:\sqmdata14.sqm 2009-02-21 23:55 . 2009-02-21 23:55 244 ---ha-w C:\sqmnoopt14.sqm 2009-02-19 15:28 . 2009-02-19 15:28 268 ---ha-w C:\sqmdata13.sqm 2009-02-19 15:28 . 2009-02-19 15:28 244 ---ha-w C:\sqmnoopt13.sqm 2009-02-19 13:57 . 2009-02-25 11:27 -------- d-----w c:\program files\Freebox V2 2009-02-19 10:34 . 2009-04-02 12:46 -------- d-----w c:\documents and settings\Media Center\Local Settings\Application Data\Adobe 2009-02-19 10:31 . 2009-02-19 10:33 -------- d-----w c:\documents and settings\All Users\Application Data\NOS 2009-02-19 10:31 . 2009-02-19 10:31 -------- d-----w c:\program files\NOS 2009-02-19 09:37 . 2009-02-19 09:37 268 ---ha-w C:\sqmdata12.sqm 2009-02-19 09:37 . 2009-02-19 09:37 244 ---ha-w C:\sqmnoopt12.sqm 2009-02-19 09:37 . 2007-11-14 14:18 553 ------r c:\windows\USetup.iss 2009-02-19 09:37 . 2006-01-04 14:41 1389056 ----a-w c:\windows\system32\drivers\Monfilt.sys 2009-02-19 09:37 . 2008-08-05 19:10 1684736 ----a-w c:\windows\system32\drivers\Ambfilt.sys 2009-02-19 09:37 . 2009-02-19 09:37 319488 ----a-w c:\windows\HideWin.exe 2009-02-19 09:25 . 2009-02-19 09:25 268 ---ha-w C:\sqmdata11.sqm 2009-02-19 09:25 . 2009-02-19 09:25 244 ---ha-w C:\sqmnoopt11.sqm 2009-02-17 16:08 . 2009-02-17 16:08 268 ---ha-w C:\sqmdata10.sqm 2009-02-17 16:08 . 2009-02-17 16:08 244 ---ha-w C:\sqmnoopt10.sqm 2009-02-16 16:09 . 2009-02-16 16:09 268 ---ha-w C:\sqmdata09.sqm 2009-02-16 16:09 . 2009-02-16 16:09 244 ---ha-w C:\sqmnoopt09.sqm 2009-02-16 09:56 . 2009-02-16 09:57 -------- d-----w c:\program files\URS Dancing Queen Simulation 2009-02-16 09:11 . 2009-02-16 09:11 268 ---ha-w C:\sqmdata08.sqm 2009-02-16 09:11 . 2009-02-16 09:11 244 ---ha-w C:\sqmnoopt08.sqm 2009-02-16 09:07 . 2008-11-13 14:18 1221008 ----a-w c:\windows\system32\zpeng25.dll 2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll 2009-02-02 10:08 . 2008-04-14 21:32 159232 ----a-w c:\windows\system32\ptpusd.dll 2009-02-02 10:08 . 2001-09-06 20:27 5632 ----a-w c:\windows\system32\ptpusb.dll 2009-02-02 10:08 . 2008-04-13 23:15 15104 -c--a-w c:\windows\system32\dllcache\usbscan.sys 2009-02-02 10:08 . 2008-04-13 23:15 15104 ----a-w c:\windows\system32\drivers\usbscan.sys 2009-01-17 19:38 . 2006-11-11 12:23 -------- d-----w C:\ADCDA2 2009-01-16 16:43 . 2009-03-31 13:44 -------- d-----w c:\documents and settings\Media Center\Application Data\Apple Computer 2009-01-16 16:40 . 2009-01-16 16:40 -------- d-----w c:\documents and settings\Media Center\Local Settings\Application Data\Apple 2009-01-16 16:40 . 2009-01-16 16:40 -------- d-----w c:\program files\Apple Software Update 2009-01-16 16:40 . 2009-01-16 16:40 -------- d-----w c:\documents and settings\All Users\Application Data\Apple 2009-01-16 16:40 . 2009-03-31 12:28 -------- d-----w c:\documents and settings\Media Center\Local Settings\Application Data\Apple Computer 2009-01-16 16:28 . 2009-01-16 16:28 -------- d-----w c:\windows\Sun 2009-01-16 16:28 . 2009-03-09 04:19 410984 ----a-w c:\windows\system32\deploytk.dll 2009-01-16 16:28 . 2009-03-09 01:53 73728 ----a-w c:\windows\system32\javacpl.cpl 2009-01-16 16:28 . 2006-11-12 09:28 -------- d-----w c:\program files\Java 2009-01-15 12:42 . 2006-11-20 15:32 -------- d-----w c:\documents and settings\Media Center\Local Settings\Application Data\NFS Underground 2 2009-01-15 12:38 . 2009-01-15 12:38 -------- d-----w c:\program files\Common Files\DirectX 2009-01-15 12:28 . 2009-03-09 17:26 -------- d-----w c:\program files\EA GAMES 2009-01-15 11:37 . 2009-01-15 11:37 2581 --sh--r c:\windows\PCGWIN32.LI5 2009-01-15 11:34 . 2009-01-15 11:34 528 --sh--r c:\windows\PCGWIN32.LI4 2009-01-15 11:33 . 2009-01-15 11:33 -------- d-----w c:\documents and settings\All Users\Application Data\Autodata Limited 2009-01-15 11:29 . 2009-01-15 11:29 -------- d-----w c:\program files\Common Files\Autodata Limited Shared 2009-01-15 11:22 . 2009-03-26 19:47 -------- d-----w c:\documents and settings\Media Center\Application Data\Ahead 2009-01-15 11:22 . 2009-01-15 11:22 -------- d-----w c:\documents and settings\Media Center\Local Settings\Application Data\Ahead 2009-01-15 11:16 . 2009-01-15 11:16 -------- d-----w C:\ADCDTEMP 2009-01-15 10:53 . 2004-08-04 13:23 50503 ------w c:\windows\UNNMP.cfg 2009-01-15 10:48 . 2009-01-15 10:48 0 ----a-w c:\windows\homeDVD-movies2.INI 2009-01-15 10:47 . 2001-11-19 10:33 94208 ----a-w c:\windows\system32\lmpgvd.ax 2009-01-15 10:47 . 2001-11-19 10:33 46592 ----a-w c:\windows\system32\lmpgad.ax 2009-01-15 10:47 . 2001-11-19 10:33 106496 ----a-w c:\windows\system32\lmpgspl.ax 2009-01-15 10:47 . 2001-10-31 09:14 77824 ----a-w c:\windows\system32\mplaw7.dll 2009-01-15 10:47 . 2001-10-31 09:14 77824 ----a-w c:\windows\system32\mplaa6.dll 2009-01-15 10:47 . 2001-10-31 09:14 65536 ----a-w c:\windows\system32\mplapx.dll 2009-01-15 10:47 . 2001-10-31 09:14 65536 ----a-w c:\windows\system32\mplam6.dll 2009-01-15 10:47 . 2001-10-31 09:14 1650688 ----a-w c:\windows\system32\mplva6.dll 2009-01-15 10:47 . 2001-10-31 09:14 1581056 ----a-w c:\windows\system32\mplvw7.dll 2009-01-15 10:47 . 2001-10-31 09:14 1552384 ----a-w c:\windows\system32\mplvm6.dll 2009-01-15 10:47 . 2001-10-31 09:14 1122304 ----a-w c:\windows\system32\mplvpx.dll 2009-01-15 10:47 . 2001-09-17 12:20 19968 ----a-w c:\windows\system32\cpuinf32.dll 2009-01-15 10:44 . 2002-09-20 23:33 1089536 ----a-w c:\windows\system32\ROBOEX32.DLL 2009-01-15 10:44 . 1999-01-28 13:44 49152 ----a-w c:\windows\system32\INETWH32.dll 2009-01-15 10:44 . 1998-10-15 16:28 85504 ----a-w c:\windows\system32\HtmlWH.dll 2009-01-15 10:43 . 2009-01-15 10:43 85 ----a-w c:\windows\magix.ini 2009-01-15 10:43 . 2004-06-11 11:19 979 ----a-w c:\windows\mgxoschk.ini 2009-01-15 10:43 . 2004-06-01 09:53 176128 ----a-w c:\windows\system32\mgxoschk.dll 2009-01-12 12:43 . 2006-11-12 10:21 -------- d-----w c:\program files\Common Files\Adobe 2009-01-10 10:43 . 2009-01-10 10:43 268 ---ha-w C:\sqmdata05.sqm 2009-01-10 10:43 . 2009-01-10 10:43 244 ---ha-w C:\sqmnoopt05.sqm 2009-01-08 10:15 . 2009-01-08 10:15 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\NVIDIA Corporation 2009-01-08 10:15 . 2009-01-08 10:15 -------- d-----w c:\documents and settings\Media Center\Local Settings\Application Data\NVIDIA Corporation 2009-01-08 10:15 . 2009-01-08 10:15 -------- d-----w c:\program files\NVIDIA Corporation 2009-01-08 10:15 . 2009-01-08 10:15 -------- d-----w c:\program files\NVIDIA nTune Performance Application 2009-01-07 22:31 . 2009-01-07 22:31 268 ---ha-w C:\sqmdata04.sqm 2009-01-07 22:31 . 2009-01-07 22:31 244 ---ha-w C:\sqmnoopt04.sqm 2009-01-07 13:02 . 2009-01-07 13:02 -------- d-----w c:\program files\Explorer-World Simulations 2009-01-07 13:01 . 2009-01-07 13:01 -------- d-----w c:\program files\DeadlyElectronics 2009-01-07 12:58 . 2009-02-22 13:54 -------- d-----w c:\program files\URS Magic -Circus Circus- (Bruch) 2009-01-07 12:57 . 2009-01-07 13:08 -------- d-----w c:\program files\EWS 2009-01-05 15:18 . 2009-01-05 15:18 90112 ----a-w c:\windows\system32\QuickTimeVR.qtx 2009-01-05 15:18 . 2009-01-05 15:18 57344 ----a-w c:\windows\system32\QuickTime.qts 2009-01-04 23:38 . 2009-01-04 23:38 268 ---ha-w C:\sqmdata03.sqm 2009-01-04 23:38 . 2009-01-04 23:38 244 ---ha-w C:\sqmnoopt03.sqm 2009-01-04 22:50 . 2009-01-04 22:50 -------- d-----w c:\program files\Kingdia Software 2009-01-04 22:37 . 2009-01-04 22:38 0 ----a-w c:\windows\system32\video.avs 2009-01-04 22:37 . 2009-01-04 22:37 -------- d-----w c:\documents and settings\Media Center\Application Data\dvdcss 2009-01-04 22:32 . 2001-05-11 12:18 420240 ----a-w c:\windows\system32\mpg4c32.dll 2009-01-04 22:32 . 2001-03-26 03:41 245760 ----a-w c:\windows\system32\mp4sds32.ax 2009-01-04 22:28 . 2009-01-04 22:28 0 ----a-w c:\windows\AoADVDRipper.INI 2009-01-04 22:28 . 2009-01-04 22:28 -------- d-----w c:\documents and settings\All Users\Application Data\TEMP . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-02 11:32 . 2009-02-19 10:37 -------- d-----w c:\documents and settings\Media Center\Application Data\Winamp 2009-03-31 12:27 . 2009-03-31 12:27 -------- d-----w c:\program files\Common Files\Apple 2009-03-31 12:27 . 2009-03-11 08:58 -------- d-----w c:\program files\Bonjour 2009-03-30 09:06 . 2009-03-30 08:45 -------- d-----w c:\program files\URS Maximum Speed (Deinert & Kracke Gbr) Simulation 2009-03-25 07:45 . 2009-03-01 20:53 2119347 ----a-w c:\windows\Internet Logs\tvDebug.Zip 2009-03-23 10:36 . 2009-03-23 10:36 -------- d-----w c:\program files\Microsoft 2009-03-23 10:35 . 2009-03-23 10:35 -------- d-----w c:\program files\Windows Live SkyDrive 2009-03-23 10:34 . 2009-03-23 10:34 -------- d-----w c:\program files\Common Files\Windows Live 2009-03-22 23:56 . 2002-03-25 17:02 12464 ----a-w c:\windows\system32\drivers\secdrv.sys 2009-03-16 12:47 . 2009-03-16 12:41 -------- d-----w c:\program files\LimeWire 2009-03-16 12:46 . 2009-03-16 12:41 -------- d-----w c:\documents and settings\Media Center\Application Data\LimeWire 2009-03-12 09:09 . 2009-03-12 09:11 561664 ----a-w c:\windows\Internet Logs\xDB1.tmp 2009-03-11 09:02 . 2009-03-11 09:02 -------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet 2009-03-11 08:59 . 2009-03-11 08:59 -------- d-----w c:\documents and settings\All Users\Application Data\ALM 2009-02-19 10:38 . 2009-02-19 10:37 -------- d-----w c:\program files\Winamp 2009-02-19 09:37 . 2008-10-13 16:19 -------- d-----w c:\program files\Realtek 2009-01-15 10:53 . 2009-01-15 10:49 -------- d-----w c:\program files\Ahead 2009-01-15 10:49 . 2009-01-15 10:49 -------- d-----w c:\documents and settings\All Users\Application Data\Ahead 2009-01-15 10:49 . 2009-01-15 10:49 -------- d-----w c:\program files\Common Files\Ahead 2009-01-08 10:15 . 2008-10-13 16:17 -------- d-----w c:\program files\Common Files\InstallShield 2009-01-04 22:32 . 2009-01-04 22:31 -------- d-----w c:\program files\Pando Networks 2009-01-04 22:31 . 2009-01-04 22:31 -------- d-----w c:\program files\SoftwareClub.ws 2009-01-04 22:31 . 2009-01-04 22:31 -------- d-----w c:\program files\PandoBar 2008-11-19 19:50 . 2008-11-19 19:50 -------- d-----w c:\program files\Zone Labs 2008-10-13 21:26 . 2008-10-13 15:56 86327 ----a-w c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat 2008-10-13 21:19 . 2002-08-28 23:05 251712 --sha-r C:\ntldr 2008-10-13 16:56 . 2008-10-13 16:55 -------- d-----w c:\documents and settings\All Users\Application Data\Symantec 2008-10-13 16:56 . 2008-10-13 16:55 -------- d-----w c:\program files\Common Files\Symantec Shared 2008-10-13 16:56 . 2008-10-13 16:55 -------- d-----w c:\program files\Symantec 2008-10-13 16:55 . 2008-10-13 16:55 -------- d-----w c:\program files\Symantec AntiVirus 2008-10-13 16:39 . 2008-10-13 16:39 -------- d-----w c:\program files\DIFX 2008-10-13 16:18 . 2008-10-13 16:18 -------- d-----w c:\program files\Teletext 2008-10-13 16:18 . 2008-10-13 16:18 -------- d-----w c:\program files\TVR 2008-10-13 15:57 . 2008-10-13 15:57 -------- d-----w c:\program files\microsoft frontpage 2008-10-13 15:54 . 2008-10-13 15:54 21748 ----a-w c:\windows\system32\emptyregdb.dat 2008-10-02 18:01 . 2008-10-13 16:19 4878336 ----a-w c:\windows\system32\drivers\RtkHDAud.sys 2008-09-30 17:01 . 2008-10-13 16:20 16864768 ----a-w c:\windows\RTHDCPL.EXE 2008-09-30 15:38 . 2008-10-13 16:19 2168320 ----a-w c:\windows\MicCal.exe 2008-09-19 16:48 . 2008-10-13 16:19 1200128 ----a-w c:\windows\RtlUpd.exe 2008-08-25 15:17 . 2008-10-13 16:19 528384 ------r c:\windows\RtlExUpd.dll 2008-08-22 08:16 . 2006-11-11 20:36 2078952 ----a-w c:\windows\system32\starburnx.dll 2008-08-19 12:26 . 2008-10-13 16:19 77824 ----a-w c:\windows\SOUNDMAN.EXE 2008-06-19 15:42 . 2008-10-13 16:19 2808832 ----a-w c:\windows\ALCWZRD.EXE 2008-06-19 15:27 . 2008-10-13 16:19 9715200 ----a-w c:\windows\RTLCPL.EXE 2008-06-19 15:20 . 2008-10-13 16:19 57344 ----a-w c:\windows\ALCMTR.EXE 2008-04-21 09:39 . 2008-04-14 10:22 1340 ----a-w C:\aaw7boot.log 2008-04-14 20:49 . 2002-09-09 12:21 1804 ----a-w c:\windows\system32\dcache.bin 2008-04-14 20:36 . 2002-09-09 12:11 332800 ----a-w c:\windows\system32\netsetup.exe 2008-04-14 20:32 . 2002-09-09 12:08 194560 ----a-w c:\windows\system32\eudcedit.exe 2008-04-14 20:31 . 2001-09-07 12:00 763904 ----a-w c:\windows\system32\winntbbu.dll 2008-04-14 20:30 . 2001-09-07 12:00 3584 ----a-w c:\windows\system32\icmp.dll 2008-04-14 20:30 . 2001-09-07 12:00 572928 ----a-w c:\windows\system32\gpedit.dll 2008-04-14 20:30 . 2002-09-09 12:06 9344 ----a-w c:\windows\system32\framebuf.dll 2008-04-14 20:30 . 2002-08-28 23:08 24064 ----a-w c:\windows\system32\pidgen.dll 2008-04-14 20:30 . 2001-09-07 12:00 3072 ----a-w c:\windows\system32\dpnlobby.dll 2008-04-14 20:30 . 2001-09-07 12:00 3072 ----a-w c:\windows\system32\dpnaddr.dll 2008-04-14 20:30 . 2001-09-07 12:00 16896 ----a-w c:\windows\system32\cfgmgr32.dll 2008-04-14 20:30 . 2001-09-07 12:00 285696 ----a-w c:\windows\system32\atmfd.dll 2008-04-14 20:13 . 2008-10-13 15:55 73472 ----a-w c:\windows\system32\drivers\sr.sys 2008-04-14 20:13 . 2002-09-09 11:20 120448 ----a-w c:\windows\system32\drivers\pcmcia.sys 2008-04-14 20:13 . 2002-09-09 11:20 68224 ----a-w c:\windows\system32\drivers\pci.sys 2008-04-14 20:13 . 2002-09-09 13:20 80256 ----a-w c:\windows\system32\drivers\parport.sys 2008-04-14 20:13 . 2002-09-09 13:20 46848 ----a-w c:\windows\system32\drivers\p3.sys 2008-04-14 20:11 . 2002-09-09 13:18 2028544 ----a-w c:\windows\system32\ntkrnlpa.exe 2008-04-14 20:11 . 2002-09-09 11:17 2149888 ----a-w c:\windows\system32\ntoskrnl.exe 2008-04-14 20:11 . 2002-09-09 11:32 4096 ----a-w c:\windows\system32\dsprpres.dll 2008-04-14 20:10 . 2001-09-07 12:00 153856 ----a-w c:\windows\system32\drivers\dmio.sys 2008-04-14 20:10 . 2001-09-07 12:00 800000 ----a-w c:\windows\system32\drivers\dmboot.sys 2008-04-14 20:09 . 2008-10-13 21:24 88064 ------w c:\windows\system32\msxml6r.dll 2008-04-14 20:09 . 2002-09-09 11:44 25088 ----a-w c:\windows\system32\drivers\kbdclass.sys 2008-04-14 20:08 . 2002-09-09 13:26 40832 ----a-w c:\windows\system32\drivers\crusoe.sys 2008-04-14 20:08 . 2008-10-13 21:24 78336 ------w c:\windows\system32\msshavmsg.dll 2008-04-14 20:08 . 2001-09-07 12:00 37760 ----a-w c:\windows\system32\drivers\isapnp.sys 2008-04-14 20:08 . 2002-09-09 12:04 2965504 ----a-w c:\windows\system32\wmploc.dll 2008-04-14 20:07 . 2008-10-13 16:32 40448 ------w c:\windows\system32\drivers\intelppm.sys 2008-04-14 20:07 . 2008-10-13 15:55 50176 ----a-w c:\windows\system32\inetres.dll 2008-04-14 20:07 . 2001-09-07 12:00 566784 ----a-w c:\windows\system32\shdoclc.dll 2008-04-14 20:06 . 2008-10-13 16:32 189952 ------w c:\windows\system32\wmerror.dll 2008-04-14 20:06 . 2002-09-09 11:26 65536 ----a-w c:\windows\system32\drivers\serial.sys 2008-04-14 20:05 . 2002-09-09 11:39 53504 ----a-w c:\windows\system32\drivers\i8042prt.sys 2008-04-14 20:05 . 2002-09-09 11:44 1845760 ----a-w c:\windows\system32\win32k.sys 2008-04-14 20:04 . 2008-10-13 16:32 25728 ------w c:\windows\system32\drivers\hidbth.sys 2008-04-14 20:04 . 2008-10-13 16:32 273536 ------w c:\windows\system32\drivers\bthport.sys 2008-04-14 20:04 . 2002-09-09 12:05 67584 ----a-w c:\windows\system32\browselc.dll 2008-04-14 20:04 . 2001-09-07 12:00 10240 ----a-w c:\windows\system32\gpkrsrc.dll 2008-04-14 20:04 . 2008-10-13 17:49 58112 ----a-w c:\windows\system32\drivers\redbook.sys 2008-04-14 20:03 . 2001-09-07 12:00 53504 ----a-w c:\windows\system32\drivers\volsnap.sys 2008-04-14 20:02 . 2001-09-07 12:00 44672 ----a-w c:\windows\system32\drivers\fips.sys 2008-04-14 20:02 . 2002-09-09 13:22 39936 ----a-w c:\windows\system32\drivers\processr.sys 2008-04-14 20:02 . 2002-09-09 12:05 8192 ----a-w c:\windows\system32\asferror.dll 2008-04-14 20:02 . 2002-09-09 13:20 41856 ----a-w c:\windows\system32\drivers\amdk7.sys 2008-04-14 20:01 . 2002-09-09 13:20 41472 ----a-w c:\windows\system32\drivers\amdk6.sys 2008-04-14 20:00 . 2002-09-09 13:51 23552 ----a-w c:\windows\system32\drivers\mouclass.sys 2008-04-14 20:00 . 2001-09-06 19:03 30336 ----a-w c:\windows\system32\drivers\modem.sys 2008-04-14 20:00 . 2002-09-09 11:18 188544 ----a-w c:\windows\system32\drivers\acpi.sys 2008-04-13 23:49 . 2004-03-16 08:58 146048 ----a-w c:\windows\system32\drivers\portcls.sys 2008-04-13 23:46 . 2008-10-13 16:20 141056 ----a-w c:\windows\system32\drivers\ks.sys 2008-04-13 23:15 . 2008-10-13 16:27 60160 ----a-w c:\windows\system32\drivers\drmk.sys 2008-04-13 23:15 . 2008-10-13 16:27 49408 ----a-w c:\windows\system32\drivers\stream.sys 2008-04-13 22:58 . 2002-08-28 23:58 175744 ----a-w c:\windows\system32\drivers\rdbss.sys . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] 2009-01-22 14:41 408448 ----a-w c:\program files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] 2009-03-04 12:50 251504 ----a-w c:\program files\Google\Google Toolbar\GoogleToolbar.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] 2009-03-04 12:52 657904 ----a-w c:\program files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] 2009-03-04 12:50 522224 ----a-w c:\program files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] 2009-03-09 04:18 35840 ----a-w c:\program files\Java\jre6\bin\jp2ssv.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] 2009-03-09 04:18 73728 ----a-w c:\program files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-28 68856] "NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Remote"="c:\program files\TVR\remote.exe" [2006-06-27 212992] "RecSche"="c:\program files\TVR\RecSche.exe" [2006-10-05 454656] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-10-13 95848] "vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-10-14 134856] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-11-13 981904] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2007-12-20 37376] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-12 342312] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2008-04-09 515416] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-06-28 1626112] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-09-30 16864768] c:\documents and settings\Media Center\Menu Start\Programma's\Opstarten\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"= {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - c:\windows\system32\webcheck.dll [2007-08-13 231424] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Symantec AntiVirus\\Rtvscan.exe"= "c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R2 OMSCAN;OMSCAN; [x] R3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752] R3 PciCon;PciCon; [x] R3 SavRoam;SavRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [2006-10-14 122056] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2008-04-09 64160] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2008-04-09 951632] S2 TeamViewer;TeamViewer 3;c:\program files\TeamViewer3\TeamViewer_Host.exe [2008-03-12 181544] S3 AVHybrid;AVHybrid service;c:\windows\system32\DRIVERS\AVHybrid.sys [2006-05-16 891776] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-03-01 101936] . Inhoud van de 'Gedeelde Taken' map 2008-04-16 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 12:14] . - - - - ORPHANS VERWIJDERD - - - - HKLM-Run-WinDVRCtrl - c:\windows\WDVRCtrl.exe ShellExecuteHooks-{AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll SSODL-CDBurn-{fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll . ------- Bijkomende Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 IE: {{e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {{FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\Messenger\msmsgs.exe Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - c:\windows\system32\urlmon.dll Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - c:\windows\system32\urlmon.dll Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - c:\windows\system32\urlmon.dll Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL Handler: http\[u:93dbb4f386]0[/u:93dbb4f386]x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\program files\Common Files\System\Ole DB\MSDAIPP.DLL Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - c:\program files\Common Files\System\Ole DB\MSDAIPP.DLL Handler: https\[u:93dbb4f386]0[/u:93dbb4f386]x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\program files\Common Files\System\Ole DB\MSDAIPP.DLL Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - c:\program files\Common Files\System\Ole DB\MSDAIPP.DLL Handler: ipp\[u:93dbb4f386]0[/u:93dbb4f386]x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\program files\Common Files\System\Ole DB\MSDAIPP.DLL Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - c:\windows\system32\itss.dll Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - c:\windows\system32\itss.dll Handler: msdaipp\[u:93dbb4f386]0[/u:93dbb4f386]x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\program files\Common Files\System\Ole DB\MSDAIPP.DLL Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - c:\program files\Common Files\System\Ole DB\MSDAIPP.DLL Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - c:\windows\system32\msvidctl.dll Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - c:\windows\system32\itss.dll DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game11.zylom.com/activex/zylomgamesplayer.cab DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab FF - ProfilePath - c:\documents and settings\Media Center\Application Data\Mozilla\Firefox\Profiles\8ad3hcsq.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-21 13:11 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OMSCAN] "ImagePath"="\Sys" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(1424) c:\windows\system32\ieframe.dll . Voltooingstijd: 2008-04-21 13:12 ComboFix-quarantined-files.txt 2008-04-21 11:11 Pre-Run: 27.524.964.352 bytes beschikbaar Post-Run: 28.667.838.464 bytes beschikbaar WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn /usepmtimer /numproc=2 377[/b:93dbb4f386]
  • Geen nieuw HJT logje ?
  • daar had je niet om gevraagd (problemen nog steeds aanwezig), komt ie: [b:c83175cdb0]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:18:09, on 22-4-2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\TeamViewer3\TeamViewer_Host.exe C:\Program Files\TeamViewer3\TeamViewer.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\TVR\RecSche.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\TVR\remote.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL (file missing) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Remote] "C:\Program Files\TVR\remote.exe" O4 - HKLM\..\Run: [RecSche] "C:\Program Files\TVR\RecSche.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1223930890109 O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 9307 bytes [/b:c83175cdb0]
  • Logjes zijn schoon, het kan aan je zone alarm liggen trouwens.
  • ik kan in zone alarm niks geks vinden, maar ik zal hem even opnieuw installen en melden of dat resultaat heeft geboden.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.