Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Internet Sluit af

Anoniem
juisterr
8 antwoorden
  • Als ik meer Internet pagina heb geopend of zit er een time limit erbij ik weet niet zeker maar Internetpagina sluit af

    Alvast Bedankt

    Logfile of HijackThis v1.99.1
    Scan saved at 17:32:18, on 28-8-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Jevithan\Bureaublad\TAMIL° ZONE\Setup\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ig?hl=nl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: (no name) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5BC2C76A-8B74-4403-ADDE-5DEF8D3FE4DB} - C:\WINDOWS\system32\ir50_32d.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O4 - HKLM\..\Run: [Absolute StartUp monitor] C:\Program Files\F-Group\Absolute StartUp\ASMon.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [Azureus] C:\Documents and Settings\Jevithan\Bureaublad\Azureus.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEGetAll.htm
    O8 - Extra context menu item: Download with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEExt.htm
    O8 - Extra context menu item: Ontvang alle bestanden door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
    O8 - Extra context menu item: Ontvangst door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152987549625
    O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://filelodge.bolt.com/ImageUploader3.cab
    O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: sockspy.dll,
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O23 - Service: Atheros-clienthulpprogramma (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  • Ik heb het idee dat er een anti-ad of popupblokker bezig is.

    Zet die allemaal eens uit.
  • momentje
  • Hallo,

    Start HJT opnieuw en doe een systemscan only, vink onderstaande regels aan en klik op fix checked.
    [b:80ec8d8895]R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:
    O2 - BHO: (no name) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file)
    [/b:80ec8d8895]


    Download [b:80ec8d8895]Combofix[/b:80ec8d8895] naar je Bureaublad.[list:80ec8d8895]
    Dubbelklik [b:80ec8d8895]Combofix.exe[/b:80ec8d8895]
    Volg de instructies, aanvaard de disclaimer door "y" of "Y" te typen.
    Tijdens het runnen van de fix, [b:80ec8d8895]NIET[/b:80ec8d8895] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:80ec8d8895]
    Wanneer de fix voltooid is en na herstart, zal de log [b:80ec8d8895]combofix.txt[/b:80ec8d8895] openen.
    [i:80ec8d8895]Plaats deze log in je volgende post samen met een nieuw HijackThis log.[/i:80ec8d8895]

    NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
  • - 06-08-30 20:51:10,90
    ComboFix 06.08.30BT - Running from: C:\Documents and Settings\\Bureaublad

    ((((((((((((((((((((((((((((((( Files Created from 2006-07-30 to 2006-08-30 ))))))))))))))))))))))))))))))))))


    2006-08-28 18:57 57,344 –a—— C:\WINDOWS\system32\v3thk32.dll
    2006-08-28 18:57 49,152 –a—— C:\WINDOWS\system32\v3w32se2.dll
    2006-08-28 18:57 4,544 –a—— C:\WINDOWS\system32\v3thk16.dll
    2006-08-28 18:57 36,864 –a—— C:\WINDOWS\system32\v3w32se1.dll
    2006-08-26 19:45 57,384 –a—— C:\WINDOWS\system32\avsda.dll
    2006-08-25 23:19 32,205 –a—— C:\WINDOWS\system32\ir50_32d.dll
    2006-08-19 22:18 45,056 –a—— C:\WINDOWS\system32\WNASPI32.DLL
    2006-08-16 16:42 73,216 –a—— C:\WINDOWS\system32\avwav.dll
    2006-08-16 16:42 5,632 –a—— C:\WINDOWS\system32\write.exe
    2006-08-16 16:42 44,544 –a—— C:\WINDOWS\system32\hticons.dll
    2006-08-16 16:42 16,384 –a—— C:\WINDOWS\system32\avmeter.dll
    2006-08-16 16:42 139,264 –a—— C:\WINDOWS\system32\sndvol32.exe
    2006-08-16 16:41 94,208 –a—— C:\WINDOWS\system32\evntwin.exe
    2006-08-16 16:41 80,896 –a—— C:\WINDOWS\system32\charmap.exe
    2006-08-16 16:41 8,704 –a—— C:\WINDOWS\system32\snmptrap.exe
    2006-08-16 16:41 8,704 –a—— C:\WINDOWS\system32\fxsperf.dll
    2006-08-16 16:41 72,192 –a—— C:\WINDOWS\system32\fxscom.dll
    2006-08-16 16:41 662,528 –a—— C:\WINDOWS\system32\getuname.dll
    2006-08-16 16:41 61,952 –a—— C:\WINDOWS\system32\fxsevent.dll
    2006-08-16 16:41 6,656 –a—— C:\WINDOWS\system32\fxsres.dll
    2006-08-16 16:41 6,144 –a—— C:\WINDOWS\system32\snmpmib.dll
    2006-08-16 16:41 57,344 –a—— C:\WINDOWS\system32\sol.exe
    2006-08-16 16:41 562,688 –a—— C:\WINDOWS\system32\fxsst.dll
    2006-08-16 16:41 55,808 –a—— C:\WINDOWS\system32\freecell.exe
    2006-08-16 16:41 539,136 –a—— C:\WINDOWS\system32\spider.exe
    2006-08-16 16:41 452,096 –a—— C:\WINDOWS\system32\fxsapi.dll
    2006-08-16 16:41 400,896 –a—— C:\WINDOWS\system32\fxsxp32.dll
    2006-08-16 16:41 397,312 –a—— C:\WINDOWS\system32\fxstiff.dll
    2006-08-16 16:41 39,936 –a—— C:\WINDOWS\system32\hostmib.dll
    2006-08-16 16:41 352,768 –a—— C:\WINDOWS\system32\hypertrm.dll
    2006-08-16 16:41 35,840 –a—— C:\WINDOWS\system32\winchat.exe
    2006-08-16 16:41 35,840 –a—— C:\WINDOWS\system32\iprip.dll
    2006-08-16 16:41 345,600 –a—— C:\WINDOWS\system32\mspaint.exe
    2006-08-16 16:41 33,792 –a—— C:\WINDOWS\system32\lmmib2.dll
    2006-08-16 16:41 32,768 –a—— C:\WINDOWS\system32\snmp.exe
    2006-08-16 16:41 31,744 –a—— C:\WINDOWS\system32\fxsroute.dll
    2006-08-16 16:41 285,184 –a—— C:\WINDOWS\system32\fxscomex.dll
    2006-08-16 16:41 27,136 –a—— C:\WINDOWS\system32\fxsdrv.dll
    2006-08-16 16:41 268,288 –a—— C:\WINDOWS\system32\fxssvc.exe
    2006-08-16 16:41 25,600 –a—— C:\WINDOWS\system32\evntcmd.exe
    2006-08-16 16:41 246,272 –a—— C:\WINDOWS\system32\fxst30.dll
    2006-08-16 16:41 236,032 –a—— C:\WINDOWS\system32\fxscover.exe
    2006-08-16 16:41 233,472 –a—— C:\WINDOWS\system32\avtapi.dll
    2006-08-16 16:41 23,552 –a—— C:\WINDOWS\system32\fxsmon.dll
    2006-08-16 16:41 23,552 –a—— C:\WINDOWS\system32\fxsext32.dll
    2006-08-16 16:41 23,040 –a—— C:\WINDOWS\system32\lpdsvc.dll
    2006-08-16 16:41 194,560 –a—— C:\WINDOWS\system32\fxswzrd.dll
    2006-08-16 16:41 19,456 –a—— C:\WINDOWS\system32\lprmon.dll
    2006-08-16 16:41 187,392 –a—— C:\WINDOWS\system32\accwiz.exe
    2006-08-16 16:41 18,944 –a—— C:\WINDOWS\system32\simptcp.dll
    2006-08-16 16:41 155,648 –a—— C:\WINDOWS\system32\fxsui.dll
    2006-08-16 16:41 143,360 –a—— C:\WINDOWS\system32\fxsclnt.exe
    2006-08-16 16:41 139,264 –a—— C:\WINDOWS\system32\fxsclntR.dll
    2006-08-16 16:41 132,608 –a—— C:\WINDOWS\system32\sndrec32.exe
    2006-08-16 16:41 128,000 –a—— C:\WINDOWS\system32\mshearts.exe
    2006-08-16 16:41 124,416 –a—— C:\WINDOWS\system32\mplay32.exe
    2006-08-16 16:41 119,808 –a—— C:\WINDOWS\system32\winmine.exe
    2006-08-16 16:41 114,688 –a—— C:\WINDOWS\system32\calc.exe
    2006-08-16 16:41 112,128 –a—— C:\WINDOWS\system32\fxscfgwz.dll
    2006-08-16 16:41 11,264 –a—— C:\WINDOWS\system32\fxssend.exe
    2006-08-16 16:41 106,496 –a—— C:\WINDOWS\system32\evntagnt.dll
    2006-08-16 16:41 104,448 –a—— C:\WINDOWS\system32\clipbrd.exe
    2006-08-14 19:57 90,112 –a—— C:\WINDOWS\system32\NCTAudioFormatSettings3.dll
    2006-08-14 19:57 877,568 –a—— C:\WINDOWS\system32\NCTAudioFile2.dll
    2006-08-14 19:57 81,920 –a—— C:\WINDOWS\system32\viscomwave.dll
    2006-08-14 19:57 780,288 –a—— C:\WINDOWS\system32\NCTVideoCompress.dll
    2006-08-14 19:57 778,240 –a—— C:\WINDOWS\system32\NCTAudioCompress2.dll
    2006-08-14 19:57 764,416 –a—— C:\WINDOWS\system32\NCTRMFile.dll
    2006-08-14 19:57 495,104 –a—— C:\WINDOWS\system32\NCTVideoCoreM.dll
    2006-08-14 19:57 475,136 –a—— C:\WINDOWS\system32\SkinCrafter.dll
    2006-08-14 19:57 467,456 –a—— C:\WINDOWS\system32\NCTAudioPlayer2.dll
    2006-08-14 19:57 382,464 –a—— C:\WINDOWS\system32\NCTAVIFile.dll
    2006-08-14 19:57 249,856 –a—— C:\WINDOWS\system32\NCTQuickTimeFile.dll
    2006-08-14 19:57 215,552 –a—— C:\WINDOWS\system32\NCTWMVFile.dll
    2006-08-14 19:57 201,216 –a—— C:\WINDOWS\system32\NCTVideoPlayer.dll
    2006-08-14 19:57 2,846,720 –a—— C:\WINDOWS\system32\NCTAudioCompress3.dll
    2006-08-14 19:57 188,416 –a—— C:\WINDOWS\system32\NCTVideoFile.dll
    2006-08-14 19:57 147,456 –a—— C:\WINDOWS\system32\viscomqtenc.dll
    2006-08-14 19:57 139,264 –a—— C:\WINDOWS\system32\viscomqtde.dll
    2006-08-11 20:58 666,624 –a—— C:\WINDOWS\is-7DAPH.exe
    2006-08-10 19:37 8 –a—— C:\WINDOWS\system32\lssexp.dll
    2006-08-10 18:38 56,832 –a—— C:\WINDOWS\Unwash6.exe
    2006-08-09 20:22 626,688 –a—— C:\WINDOWS\system32\vkbd.exe
    2006-07-31 19:12 309,616 –a—— C:\WINDOWS\system32\wmv8dmod.dll
    2006-07-30 23:02 761,856 –a—— C:\WINDOWS\system32\xvidcore.dll
    2006-07-30 23:02 413,760 –a—— C:\WINDOWS\system32\mpg4c32.dll
    2006-07-30 23:02 261,632 –a—— C:\WINDOWS\system32\mcdvd_32.dll
    2006-07-30 23:02 24,576 –a—— C:\WINDOWS\system32\msxml3a.dll
    2006-07-30 23:02 180,224 –a—— C:\WINDOWS\system32\xvidvfw.dll


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2006-08-30 20:35 ——– d——– C:\Documents and Settings\Jevithan\Application Data\Azureus
    2006-08-30 14:54 ——– d——– C:\Program Files\MSN Messenger Password Recovery
    2006-08-30 13:11 ——– d——– C:\Program Files\WinRAR
    2006-08-30 13:07 ——– d——– C:\Documents and Settings\Jevithan\Application Data\dvdcss
    2006-08-29 00:47 1257783 –a—— C:\WINDOWS\system32\drivers\v3engine.sys
    2006-08-28 21:19 ——– d——– C:\Program Files\Common Files\Softwin
    2006-08-28 21:11 ——– d——– C:\Program Files\EA Games
    2006-08-28 20:57 ——– d——– C:\Program Files\eMule
    2006-08-28 20:32 ——– d——– C:\Program Files\Windows Media Player
    2006-08-28 20:14 ——– d——– C:\Program Files\Movie Joiner
    2006-08-28 18:53 ——– d——– C:\Program Files\Internet Explorer
    2006-08-28 18:13 ——– d——– C:\Program Files\AntiVir PersonalEdition Classic
    2006-08-28 17:41 ——– d——– C:\Program Files\DC++
    2006-08-26 22:59 ——– d——– C:\Program Files\Lavasoft
    2006-08-26 22:59 ——– d——– C:\Documents and Settings\Jevithan\Application Data\Lavasoft
    2006-08-26 20:05 ——– d——– C:\Program Files\F-Group
    2006-08-24 18:09 ——– d——– C:\Program Files\Innovatools
    2006-08-24 17:25 12464 –a—— C:\WINDOWS\system32\drivers\secdrv.sys
    2006-08-24 17:25 ——– d–h—– C:\Program Files\InstallShield Installation Information
    2006-08-24 17:05 ——– d——– C:\Program Files\D-Tools
    2006-08-24 16:10 ——– d——– C:\Program Files\Witcobber
    2006-08-22 20:24 ——– d——– C:\Program Files\ATI Technologies
    2006-08-21 14:11 ——– d—s—- C:\Documents and Settings\Jevithan\Application Data\Microsoft
    2006-08-21 14:11 ——– d——– C:\Program Files\MSN Messenger
    2006-08-21 14:11 ——– d——– C:\Program Files\Common Files\Microsoft Shared
    2006-08-20 18:35 ——– d——– C:\Program Files\Allok Video Splitter
    2006-08-20 17:26 14848 –a—— C:\WINDOWS\system32\BASSMOD.dll
    2006-08-19 22:07 ——– d——– C:\Documents and Settings\Jevithan\Application Data\Vso
    2006-08-19 19:54 5680 –a—— C:\WINDOWS\system32\drivers\psntkd20.sys
    2006-08-17 19:13 ——– d——– C:\Program Files\Common Files\Wise Installation Wizard
    2006-08-16 16:42 ——– d——– C:\Program Files\Windows NT
    2006-08-16 16:10 5632 –ahs—- C:\Program Files\Thumbs.db
    2006-08-15 13:13 ——– d——– C:\Program Files\Bucek
    2006-08-15 13:02 ——– d——– C:\Program Files\AVI MPEG RM WMV Joiner
    2006-08-14 19:57 ——– d——– C:\Program Files\A-one Video Joiner
    2006-08-14 19:32 ——– d——– C:\Program Files\Easy Video Joiner
    2006-08-14 08:53 ——– d——– C:\Program Files\XoftSpy
    2006-08-13 19:36 ——– d——– C:\Program Files\Google
    2006-08-13 18:16 ——– d——– C:\Documents and Settings\Jevithan\Application Data\Google
    2006-08-13 16:54 ——– d——– C:\Documents and Settings\Jevithan\Application Data\Skype
    2006-08-12 17:00 ——– d——– C:\Program Files\Womble MPEG Editor
    2006-08-12 16:59 ——– d——– C:\Program Files\Xara
    2006-08-12 15:47 ——– d——– C:\Program Files\XviD
    2006-08-12 15:47 ——– d——– C:\Program Files\AviSynth 2.5
    2006-08-12 15:46 ——– d——– C:\Documents and Settings\Jevithan\Application Data\uTorrent
    2006-08-11 20:58 ——– d——– C:\Program Files\Common Files\Agnitum Shared
    2006-08-11 20:58 ——– d——– C:\Program Files\Common Files
    2006-08-10 22:54 ——– d——– C:\Program Files\Common Files\Webroot Shared
    2006-08-10 19:02 ——– d——– C:\Program Files\FileDeleter
    2006-08-09 22:34 ——– d——– C:\Program Files\Amara - Flash Menu Builder
    2006-08-09 22:24 ——– d——– C:\Program Files\Azureus
    2006-08-09 22:02 ——– d——– C:\Program Files\Web Page Maker V2
    2006-08-09 22:02 ——– d——– C:\Program Files\FORTUNE3 Wizard
    2006-08-09 22:02 ——– d——– C:\Documents and Settings\Jevithan\Application Data\LimeWire
    2006-08-09 22:02 ——– d——– C:\Documents and Settings\Jevithan\Application Data\DMCache
    2006-08-09 22:02 ——– d——– C:\Documents and Settings\Jevithan\Application Data\CoreFTP
    2006-08-09 22:02 ——– d——– C:\Documents and Settings\Jevithan\Application Data\.Tribler
    2006-08-07 22:34 ——– d——– C:\Program Files\TuneUp Utilities 2006
    2006-08-07 22:32 ——– d——– C:\Documents and Settings\Jevithan\Application Data\TuneUp Software
    2006-08-07 17:47 ——– d——– C:\Documents and Settings\Jevithan\Application Data\BitTorrent
    2006-08-07 15:26 ——– d——– C:\Program Files\AVI MPEG Splitter
    2006-08-03 19:15 ——– d——– C:\Documents and Settings\Jevithan\Application Data\STOIK
    2006-08-02 18:47 ——– d——– C:\Program Files\GIF Movie Gear
    2006-08-01 21:16 ——– d——– C:\Documents and Settings\Jevithan\Application Data\Newsbin
    2006-08-01 20:23 ——– d——– C:\Program Files\Common Files\AVSMedia
    2006-08-01 19:19 ——– d——– C:\Program Files\CCleaner
    2006-07-31 19:31 ——– d——– C:\Program Files\vv
    2006-07-30 19:46 ——– d——– C:\Program Files\Deskshare
    2006-07-30 19:46 ——– d——– C:\Program Files\Common Files\DeskShare Shared
    2006-07-29 19:32 48936 –a—— C:\WINDOWS\system32\sirenacm.dll
    2006-07-28 21:31 ——– d——– C:\Program Files\Easy Video Splitter
    2006-07-27 15:26 679424 –a—— C:\WINDOWS\system32\inetcomm.dll
    2006-07-25 22:50 ——– d——– C:\Documents and Settings\Jevithan\Application Data\vlc
    2006-07-25 14:29 ——– d——– C:\Documents and Settings\Jevithan\Application Data\FreeCall
    2006-07-25 14:22 ——– d——– C:\Program Files\FreeCall.com
    2006-07-24 18:42 64512 –a—— C:\WINDOWS\system32\drivers\bdfndisf.sys
    2006-07-23 21:19 ——– d——– C:\Documents and Settings\Jevithan\Application Data\RipIt4Me
    2006-07-21 22:24 ——– d——– C:\Documents and Settings\Jevithan\Application Data\PC Tools
    2006-07-21 13:38 ——– d——– C:\Program Files\Gabest
    2006-07-21 10:29 72704 –a—— C:\WINDOWS\system32\hlink.dll
    2006-07-20 22:24 286720 –a—— C:\WINDOWS\iun506.exe
    2006-07-20 19:27 ——– d——– C:\Documents and Settings\Jevithan\Application Data\GlobalSCAPE
    2006-07-20 19:20 ——– d——– C:\Program Files\GlobalSCAPE
    2006-07-20 12:12 ——– d——– C:\Program Files\ShopFactory V6
    2006-07-19 10:51 ——– d——– C:\Documents and Settings\Jevithan\Application Data\Macromedia
    2006-07-18 22:01 ——– d——– C:\Program Files\ShopInsite MMI
    2006-07-18 20:45 46 –a—— C:\WINDOWS\system32\w3c985va.dll
    2006-07-17 20:31 ——– d——– C:\Program Files\A4Desk
    2006-07-17 20:26 ——– d——– C:\Program Files\CoffeeCup Software
    2006-07-17 18:40 ——– d——– C:\Program Files\Mozilla Firefox
    2006-07-17 17:40 ——– d——– C:\Program Files\BitLord
    2006-07-16 22:55 ——– d——– C:\Program Files\Icecast2 Win32
    2006-07-16 22:10 784 –a—— C:\Documents and Settings\Jevithan\Application Data\mpauth.dat
    2006-07-16 20:29 ——– d——– C:\Program Files\Common Files\Macromedia
    2006-07-16 19:54 ——– d——– C:\Program Files\Macromedia
    2006-07-16 17:17 ——– d——– C:\Program Files\WinAVI VideoConverter
    2006-07-16 17:15 ——– d——– C:\Documents and Settings\Jevithan\Application Data\Apple Computer
    2006-07-16 16:23 73216 –a—— C:\WINDOWS\ST6UNST.EXE
    2006-07-16 14:34 ——– d——– C:\Documents and Settings\Jevithan\Application Data\Mozilla
    2006-07-15 21:46 ——– d——– C:\Program Files\DirectVobSub
    2006-07-14 21:15 ——– d——– C:\Program Files\XAudioTools
    2006-07-12 22:50 ——– d——– C:\Documents and Settings\Jevithan\Application Data\Xara
    2006-07-12 21:14 ——– d——– C:\Program Files\Skype
    2006-07-11 21:34 ——– d——– C:\Program Files\PhotoFiltre
    2006-07-11 20:48 ——– d——– C:\Documents and Settings\Jevithan\Application Data\Sony
    2006-07-11 17:11 ——– d——– C:\Program Files\IMSI
    2006-07-10 16:23 ——– d——– C:\Program Files\ATITool
    2006-07-10 13:04 ——– d——– C:\Program Files\Fast Video Splitter
    2006-07-10 12:40 3400 –a—— C:\WINDOWS\system32\windset.dll
    2006-07-06 18:17 ——– d——– C:\Program Files\PowerISO
    2006-07-04 18:15 39424 –a—— C:\WINDOWS\zipinst.exe
    2006-07-03 21:18 ——– d——– C:\Program Files\PAS
    2006-07-03 20:51 ——– d——– C:\Documents and Settings\Jevithan\Application Data\VoipStunt
    2006-07-03 20:50 ——– d——– C:\Program Files\VoipStunt.com
    2006-07-03 15:41 ——– d——– C:\Program Files\AVI MPEG RM WMV Splitter
    2006-07-02 19:50 ——– d——– C:\Documents and Settings\Jevithan\Application Data\IDM
    2006-07-02 18:49 ——– d——– C:\Program Files\Common Files\Ahead
    2006-07-02 18:49 ——– d——– C:\Program Files\Ahead
    2006-07-01 23:50 ——– d——– C:\Documents and Settings\Jevithan\Application Data\SmartFTP
    2006-07-01 19:44 ——– d——– C:\Documents and Settings\Jevithan\Application Data\Kazaa Lite
    2006-07-01 19:09 ——– d——– C:\Program Files\Common Files\NSV
    2006-06-30 23:33 ——– d——– C:\Program Files\ffdshow
    2006-06-30 22:00 ——– d——– C:\Documents and Settings\Jevithan\Application Data\Real
    2006-06-30 21:58 ——– d——– C:\Program Files\Common Files\xing shared
    2006-06-30 21:58 ——– d——– C:\Program Files\Common Files\Real
    2006-06-30 21:57 ——– d——– C:\Program Files\Real
    2006-06-30 21:35 352256 –a—— C:\WINDOWS\eSellerateEngine.dll
    2006-06-30 20:34 ——– d——– C:\Program Files\Common Files\Nullsoft


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
    "Toshiba Hotkey Utility"="\"C:\\Program Files\\Toshiba\\Windows Utilities\\Hotkey.exe\" /lang NL"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TOSCDSPD"="\"C:\\Program Files\\TOSHIBA\\TOSCDSPD\\toscdspd.exe\""
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce\Setup]
    "Registrando Panda ActiveX"="C:\\WINDOWS\\system32\\regsvr32.exe /s C:\\WINDOWS\\system32\\ActiveScan\\as.dll"
    "Registrando Panda Almacen"="C:\\WINDOWS\\system32\\regsvr32.exe /s C:\\WINDOWS\\system32\\ActiveScan\\pavpz.dll"
    "Registering ActiveScan controles"="C:\\WINDOWS\\system32\\regsvr32.exe /s C:\\WINDOWS\\system32\\ActiveScan\\ascontrol.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001
    "DisableTaskMgr"=dword:00000000

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-]
    "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091
    "NoChangeStartMenu"=dword:00000000
    "NoClose"=dword:00000000
    "NoLogOff"=dword:00000000
    "NoRun"=dword:00000000

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000000
    "GeneralFlags"=dword:00000000

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"=""
    "hkey"="HKLM"
    "command"=""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\APVXDWIN]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="APVXDWIN"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Panda Software\\Panda Antivirus Platinum\\APVXDWIN.EXE\" /s"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BDMCon]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="bdmcon"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdmcon.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BDNewsAgent]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="bdnagent"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdnagent.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BDOESRV]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="bdoesrv"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdoesrv.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BDSwitchAgent]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="bdswitch"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdswitch.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\BitTorrent]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="bittorrent"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" –force_start_minimized"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\CaISSDT]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="caissdt"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\CA\\eTrust Internet Security Suite\\caissdt.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\CTFMON.EXE]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="ctfmon"
    "hkey"="HKCU"
    "command"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\DAEMON Tools-1033]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="daemon"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\eTrustPPAP]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="PPActiveDetection"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\CA\\eTrust Internet Security Suite\\eTrust PestPatrol Anti-Spyware\\PPActiveDetection.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\FreeCall]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="FreeCall"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe\" -nosplash -minimized"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\FSWebServer]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="fsws"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\Easy File Sharing Web Server\\fsws.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\IDMan]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="IDMan"
    "hkey"="HKCU"
    "command"="C:\\Program Files\\eMule\\Incoming\\Internet Download Manager v5.03.02 Multilangages Incl-Crack\\Crack\\IDMan.exe /onboot"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\KernelFaultCheck]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="dumprep 0 -k"
    "hkey"="HKLM"
    "command"="%systemroot%\\system32\\dumprep 0 -k"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\kis]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="avp"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 6.0\\avp.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\MacroVirus]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="MacroVirus"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\MacroVirus\\MacroVirus.exe -boot"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\MessengerPlus3]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="MsgPlus"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\MessengerPlus! 3\\MsgPlus.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\MSMSGS]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="msmsgs"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\MsnMsgr]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="msnmsgr"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\NeroFilterCheck]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="NeroCheck"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\NI.UWA6PM_0001_N91M2107]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="UWA6PM_0001_N91M2107NetInstaller"
    "hkey"="HKLM"
    "command"="\"C:\\WINDOWS\\Downloaded Program Files\\UWA6PM_0001_N91M2107NetInstaller.exe\" -nag "
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Outpost Firewall]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="outpost"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Agnitum\\Outpost Firewall\\outpost.exe\" /waitservice"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\OutpostFeedBack]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="feedback"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\Agnitum\\Outpost Firewall\\feedback.exe /dump:os_startup"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\PadTouch]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="PadExe"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\TOSHIBA\\Touch and Launch\\PadExe.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\PrivacyKeyboard]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="PrivacyKeyboard"
    "hkey"="HKLM"
    "command"="C:\\KAV5.0\\PrivacyKeyboard\\PrivacyKeyboard.exe /autorun"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\PWRISOVM.EXE]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="PWRISOVM"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\PowerISO\\PWRISOVM.EXE"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\QuickTime Task]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="qttask"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SCANINICIO]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Inicio"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Panda Software\\Panda Antivirus Platinum\\Inicio.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Skype]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="Skype"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SmoothView]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="SmoothView"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\TOSHIBA\\TOSHIBA-zoomutility\\SmoothView.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SpyEmergency]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="SpyEmergency"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Netgate\\Spy Emergency 2006\\SpyEmergency.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SpySweeper]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="SpySweeper"
    "hkey"="HKCU"
    "command"="C:\\Program Files\\Webroot\\Spy Sweeper\\SpySweeper.exe /0"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SynTPEnh]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="SynTPEnh"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\TkBellExe]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="realsched"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\TPSMain]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="TPSMain"
    "hkey"="HKLM"
    "command"="TPSMain.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\VoipStunt]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="VoipStunt"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\VoipStunt.com\\VoipStunt\\VoipStunt.exe\" -nosplash -minimized"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Zone Labs Client]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="zlclient"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\services]
    "PAVSRV"=dword:00000002
    "PAVFIRES"=dword:00000002
    "SDhelper"=dword:00000002
    "XCOMM"=dword:00000002
    "wampmysqld"=dword:00000003
    "wampapache"=dword:00000003
    "VSSERV"=dword:00000002
    "LIVESRV"=dword:00000002
    "bdss"=dword:00000002
    "TUWinStylerThemeSvc"=dword:00000003
    "AVP"=dword:00000002

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-]
    "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"



    Contents of the 'Scheduled Tasks' folder
    C:\WINDOWS\tasks\1-Click Maintenance.job
    C:\WINDOWS\tasks\XoftSpy.job

    Completion time: Wed 30-08-2006 20:52:18.60
    ComboFix.txt


    Logfile of HijackThis v1.99.1
    Scan saved at 20:54:03, on 30-8-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Jevithan\Bureaublad\TAMIL° ZONE\Setup\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ig?hl=nl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ig?hl=nl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang NL
    O4 - HKCU\..\Run: [TOSCDSPD] "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEGetAll.htm
    O8 - Extra context menu item: Download with IDM - C:\Program Files\eMule\Incoming\Internet Download Manager v5.03.02 Multilangages Incl-Crack\Crack\IEExt.htm
    O8 - Extra context menu item: Ontvang alle bestanden door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
    O8 - Extra context menu item: Ontvangst door Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5DD731E6-D4F0-11D3-BE3F-00105A6FDA50} (V3ProX Control) - http://ahnlabdownload.nefficient.co.kr/plugin/myv3/myv3.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152987549625
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://filelodge.bolt.com/ImageUploader3.cab
    O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: sockspy.dll,
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (file missing)
    O23 - Service: Atheros-clienthulpprogramma (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
  • Ik heb me bericht gepost kunt u die hierboven even checken.
  • ik ga me best doen, maar dat word wel vanavond hoor.
    er staat een berg info
  • Hmmm, bijna klaar met tellen….

    Ja, ik vermoedde al zoiets: heb jij ELK programma dat je maar tegenkwam, op je pc geinstalleerd ?.

    Hoeveel p2p kom ik tegen ?, zeker al 3.

    C:\Program Files\MSN Messenger Password Recovery
    gelokt door het feit dat je wachtwoorden van anderen kunt achterhalen ?. Niet wetende dat ze juist JOUW wachtwoord doorsturen ?. En dan later klagen dat je gehackt bent.

    Doe eens een grondige opruimiing en verwijder alles wat je zéker NIET nodig hebt!. Dus dat je nog gewoon adem blijft halen , ook nadat je iets van je pc hebt verwijderd.

    Sommige programma's zitten elkaar dwars en dan krijg je inderdaad rare dingen.

    Jaag er eens een goede spykiller overheen, zoals spysweeper, of softspy.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.