Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

popup internet explorer

Anoniem
None
40 antwoorden
  • Telkens als ik mijn pc opstart of als ik FIREFOX opstart, krijg ik een popup van Internet Explorer, meestal is deze popup van 888.com ofzo. Het curieuse vind ik dat het ook gebeurd op het moment dat ik firefox opstart, aangezien deze geen connectie heeft met internet explorer volgens mij.

    Ik heb zojuist al ad-aware SE pro en Spybot S&D gedraaid, en alle rozooi eraf laten halen. Dit had geen resultaten. Daarna met NOD32 gecontroleerd, en alles was veilig/schoon. Verder heb ik van IE ook alle cookies en tijdelijke internet bestanden (ook de off-line bestanden) verwijderd. Zo heb ik ook alle privé gegevens in firefox verwijderd (muv de wachtwoorden en gebruikersnamen)

    kan iemand mij nog iets aanraden?
    Alvast bedankt :)
  • Post even een hijackthis logje.
  • en draai deze aub.


    Download [b:458eba1883]Combofix[/b:458eba1883] naar je Bureaublad.[list:458eba1883]
    Dubbelklik [b:458eba1883]Combofix.exe[/b:458eba1883]
    Volg de instructies, aanvaard de disclaimer door "y" of "Y" te typen.
    Tijdens het runnen van de fix, [b:458eba1883]NIET[/b:458eba1883] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:458eba1883]
    Wanneer de fix voltooid is en na herstart, zal de log [b:458eba1883]combofix.txt[/b:458eba1883] openen.
    [i:458eba1883]Plaats deze log in je volgende post samen met een nieuw HijackThis log.[/i:458eba1883]

    NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.


    Juisterr
  • Hijack this:
    [code:1:a77accea31]Logfile of HijackThis v1.99.1
    Scan saved at 12:34:54, on 30-12-2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\Explorer.EXE
    D:\WINDOWS\system32\spoolsv.exe
    D:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
    D:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
    D:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
    D:\WINDOWS\CTHELPER.EXE
    D:\Program Files\Eset
    od32kui.exe
    D:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    D:\WINDOWS\system32\RUNDLL32.EXE
    D:\Program Files\Hewlett-Packard\HP OfficeJet T Series\bin\ktchnsnk.exe
    D:\Program Files\Common Files\Real\Update_OB\realsched.exe
    D:\WINDOWS\system32\rundll32.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\program files\steam\steam.exe
    D:\Program Files\Logitech\MouseWare\system\em_exec.exe
    D:\Program Files\Internet Explorer\iexplore.exe
    d:\progra~1\intern~1\iexplore.exe
    D:\WINDOWS\Microsoft.NET\Framework\v2.0.40607\aspnet_admin.exe
    D:\WINDOWS\ATKKBService.exe
    D:\Program Files\Eset
    od32krn.exe
    D:\WINDOWS\system32
    vsvc32.exe
    D:\Program Files\CyberLink\Shared files\RichVideo.exe
    D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    D:\Program Files\MSN Messenger\msnmsgr.exe
    D:\Program Files\Xfire\xfire.exe
    D:\WINDOWS\system32\svchost.exe
    D:\Program Files\Winamp\winamp.exe
    D:\Program Files\Internet Explorer\iexplore.exe
    D:\Documents and Settings\Administrator\Bureaublad\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [CTDVDDET] "D:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
    O4 - HKLM\..\Run: [CTSysVol] D:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe

    O4 - HKLM\..\Run: [RCSystem] "D:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
    O4 - HKLM\..\Run: [AudioDrvEmulator] "D:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "D:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [nod32kui] "D:\Program Files\Eset
    od32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HP OfficeJet T Series] "D:\Program Files\Hewlett-Packard\HP OfficeJet T Series\bin\ktchnsnk.exe" -reg "Software\Hewlett-Packard\OfficeJet T Series\Install"
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [webfordbookskip] D:\Documents and Settings\All Users\Application Data\platformplaywebford\01 Show.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] "d:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [GrimElse] D:\DOCUME~1\ADMINI~1\APPLIC~1\BLAHWE~1\Program Rect.exe
    O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Program Files\PartyGaming\PartyPoker\RunApp.exe
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - D:\WINDOWS\ATKKBService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset
    od32krn.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - D:\Program Files\CyberLink\Shared files\RichVideo.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe[/code:1:a77accea31]

    Combofix:

    [code:1:a77accea31]Administrator - 06-12-30 12:32:47,84 Service Pack 2
    ComboFix 06.11.27 - Running from: "D:\Documents and Settings\Administrator\Bureaublad"

    ((((((((((((((((((((((((((((((( Files Created from 2006-11-30 to 2006-12-30 ))))))))))))))))))))))))))))))))))


    2006-12-30 11:26 <DIR> d——– D:\Program Files\Spybot - Search & Destroy
    2006-12-30 11:26 <DIR> d——– D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2006-12-30 07:08 <DIR> d——– D:\Documents and Settings\All Users\Application Data\platformplaywebford
    2006-12-30 07:08 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\NetPumper
    2006-12-30 07:07 <DIR> d——– D:\Program Files\Blah Web
    2006-12-30 07:07 <DIR> d——– D:\Program Files\Anti-Leech
    2006-12-30 07:07 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Blah Web
    2006-12-30 07:05 <DIR> d——– D:\Program Files\NetPumper
    2006-12-29 17:58 <DIR> d——– D:\Program Files\Real
    2006-12-29 17:58 <DIR> d——– D:\Program Files\Common Files\xing shared
    2006-12-29 17:58 <DIR> d——– D:\Program Files\Common Files\Real
    2006-12-29 17:57 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Real
    2006-12-27 14:05 <DIR> d——– D:\Documents and Settings\All Users\Application Data\Messenger Plus!
    2006-12-27 13:58 <DIR> d——– D:\Program Files\Messenger Plus! Live
    2006-12-27 13:55 <DIR> d——– D:\Documents and Settings\Administrator\Contacts
    2006-12-27 13:54 <DIR> d—-c— D:\WINDOWS\system32\DRVSTORE
    2006-12-27 13:25 <DIR> d——– D:\Program Files\Photo Graffiti Demo
    2006-12-27 12:03 <DIR> d——– D:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2006-12-25 20:48 <DIR> d–h—– D:\Program Files\Zero G Registry
    2006-12-25 20:48 <DIR> d–h—– D:\Documents and Settings\Administrator\InstallAnywhere
    2006-12-25 20:48 <DIR> d——– D:\Program Files\JAlbum
    2006-12-24 11:59 <DIR> d——– D:\Program Files\Guitar Pro 5
    2006-12-22 13:26 <DIR> d——– D:\Program Files\TightVNC
    2006-12-22 12:42 8 –a—— D:\WINDOWS\system32\VGANGMJYMWVPD.SYS
    2006-12-22 12:42 <DIR> d——– D:\Program Files\D'Accord Music Software
    2006-12-18 09:49 <DIR> d—s—- D:\Documents and Settings\Administrator\UserData
    2006-12-17 15:59 <DIR> d——– D:\Documents and Settings\All Users\Application Data\Elaborate Bytes
    2006-12-17 13:08 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Skype
    2006-12-17 13:07 <DIR> d——– D:\Program Files\Skype
    2006-12-17 13:07 <DIR> d——– D:\Program Files\Common Files\Skype
    2006-12-17 13:07 <DIR> d——– D:\Documents and Settings\All Users\Application Data\Skype
    2006-12-16 13:23 <DIR> d——– D:\Program Files\ToniArts
    2006-12-16 11:39 <DIR> d——– D:\Program Files\PartyGaming
    2006-12-13 22:12 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Ulead Systems
    2006-12-13 21:53 <DIR> d——– D:\SmartSound Software
    2006-12-13 21:53 <DIR> d——– D:\Program Files\SmartSound Software
    2006-12-13 21:53 <DIR> d——– D:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
    2006-12-13 21:51 <DIR> d——– D:\Program Files\Windows Media Components
    2006-12-13 21:51 <DIR> d——– D:\Program Files\QuickTime
    2006-12-13 21:51 <DIR> d——– D:\Documents and Settings\All Users\Application Data\Apple Computer
    2006-12-13 21:50 <DIR> d——– D:\Program Files\Common Files\Ulead Systems
    2006-12-13 21:50 <DIR> d——– D:\Documents and Settings\All Users\Application Data\Ulead Systems
    2006-12-13 19:09 <DIR> d——– D:\Program Files\GIF Movie Gear
    2006-12-13 18:07 <DIR> d——– D:\Program Files\TagRename
    2006-12-13 16:57 49,152 -ra—— D:\WINDOWS\system32\hpomon05.dll
    2006-12-13 16:51 73,728 ——— D:\WINDOWS\system32\hpoidr07.dll
    2006-12-13 16:51 57,344 ——— D:\WINDOWS\system32\hpoipm07.exe
    2006-12-13 16:51 53,760 ——— D:\WINDOWS\system32\hpovcm05.dll
    2006-12-13 16:51 53,248 ——— D:\WINDOWS\system32\hpoipr07.dll
    2006-12-13 16:51 50,848 ——— D:\WINDOWS\system32\hpousd05.dll
    2006-12-13 16:51 40,960 ——— D:\WINDOWS\system32\HPOtap05.dll
    2006-12-13 16:51 40,960 ——— D:\WINDOWS\system32\hpoimn07.dll
    2006-12-13 16:51 40,448 ——— D:\WINDOWS\system32\hpomem05.dll
    2006-12-13 16:51 315,904 –a—— D:\WINDOWS\IsUninst.exe
    2006-12-13 16:51 28,672 ——— D:\WINDOWS\system32\HPOtax05.exe
    2006-12-13 16:51 118,784 ——— D:\WINDOWS\system32\hpocnt05.dll
    2006-12-13 16:51 <DIR> d——– D:\WINDOWS\system32\Color
    2006-12-13 16:51 <DIR> d——– D:\Program Files\Hewlett-Packard
    2006-12-13 16:51 <DIR> d——– D:\My Images
    2006-12-13 16:50 <DIR> d——– D:\Documents and Settings\Administrator\WINDOWS
    2006-12-12 19:58 <DIR> d——– D:\Program Files\EA GAMES
    2006-12-12 16:11 49,152 –a—— D:\WINDOWS\system32\INETWH32.dll
    2006-12-12 16:11 1,056,768 –a—— D:\WINDOWS\system32\ROBOEX32.DLL
    2006-12-12 16:11 <DIR> d——– D:\Program Files\Ulead Systems
    2006-12-12 15:31 <DIR> d——– D:\Program Files\Wolfenstein - Enemy Territory
    2006-12-12 08:34 <DIR> d——– D:\Program Files\MSXML 4.0
    2006-12-11 10:20 952 –ahs—- D:\WINDOWS\system32\KGyGaAvL.sys
    2006-12-11 10:20 <DIR> d——– D:\Documents and Settings\All Users\Application Data\InstallShield
    2006-12-11 10:20 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Corel
    2006-12-11 10:19 <DIR> d——– D:\Program Files\Corel
    2006-12-11 10:19 <DIR> d——– D:\Program Files\Common Files\Corel
    2006-12-11 10:16 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\InterVideo
    2006-12-11 10:15 204,800 –a—— D:\WINDOWS\system32\IVIresizeW7.dll
    2006-12-11 10:15 200,704 –a—— D:\WINDOWS\system32\IVIresizeA6.dll
    2006-12-11 10:15 20,480 –a—— D:\WINDOWS\system32\IVIresize.dll
    2006-12-11 10:15 192,512 –a—— D:\WINDOWS\system32\IVIresizeP6.dll
    2006-12-11 10:15 192,512 –a—— D:\WINDOWS\system32\IVIresizeM6.dll
    2006-12-11 10:15 188,416 –a—— D:\WINDOWS\system32\IVIresizePX.dll
    2006-12-11 10:15 <DIR> d——– D:\Program Files\InterActual
    2006-12-11 10:15 <DIR> d——– D:\Program Files\Common Files\InterVideo
    2006-12-11 10:14 122,880 –a—— D:\WINDOWS\system32\cddvdint.dll
    2006-12-11 10:14 <DIR> d——– D:\Program Files\InterVideo
    2006-12-11 10:09 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Sony
    2006-12-11 10:09 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Publish Providers
    2006-12-11 10:09 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\NetMedia Providers
    2006-12-11 10:07 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\CyberLink
    2006-12-11 10:06 <DIR> d——– D:\Program Files\Sony
    2006-12-11 10:05 <DIR> d——– D:\Documents and Settings\All Users\Application Data\CyberLink
    2006-12-11 10:04 499,712 ——— D:\WINDOWS\system32\msvcp71.dll
    2006-12-11 10:04 <DIR> d——– D:\Program Files\CyberLink
    2006-12-11 09:58 <DIR> d——– D:\Program Files\WinAVIVideoConverter
    2006-12-11 09:26 <DIR> d——– D:\Program Files\DAEMON Tools
    2006-12-11 09:24 639,224 –a—— D:\WINDOWS\system32\drivers\sptd.sys
    2006-12-10 21:36 <DIR> d——– D:\Program Files\UT2004
    2006-12-10 19:38 <DIR> d——– D:\Program Files\SmartFTP Client 2.0 Setup Files
    2006-12-10 19:38 <DIR> d——– D:\Program Files\SmartFTP Client 2.0
    2006-12-10 19:38 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\SmartFTP
    2006-12-10 17:12 <DIR> d——– D:\Program Files\Azureus
    2006-12-10 17:12 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Azureus
    2006-12-10 16:35 <DIR> d——– D:\WINDOWS\Sun
    2006-12-10 16:35 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Sun
    2006-12-10 13:57 <DIR> d——– D:\NVIDIA
    2006-12-10 13:47 221,184 –a—— D:\WINDOWS\system32\wmpns.dll
    2006-12-10 13:28 208,896 –a—— D:\WINDOWS\system32\NVUNINST.EXE
    2006-12-10 13:09 <DIR> d——– D:\Documents and Settings\All Users\Application Data
    View_Profiles
    2006-12-10 13:07 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Adobe
    2006-12-10 13:06 <DIR> d——– D:\Program Files\Adobe
    2006-12-10 13:06 <DIR> d——– D:\Documents and Settings\All Users\Application Data\Adobe
    2006-12-10 13:05 <DIR> d——– D:\Program Files\Common Files\Adobe
    2006-12-10 12:59 <DIR> d——– D:\WINDOWS\xp to vista (sound scheme)
    2006-12-10 12:24 22,752 –a—— D:\WINDOWS\system32\spupdsvc.exe
    2006-12-10 12:24 <DIR> d–h—– D:\WINDOWS\$hf_mig$
    2006-12-10 12:24 <DIR> d——– D:\WINDOWS\system32\PreInstall
    2006-12-10 12:12 <DIR> d——– D:\WINDOWS\system32\SoftwareDistribution
    2006-12-10 00:33 26,496 –a—— D:\WINDOWS\system32\drivers\USBSTOR.SYS
    2006-12-09 22:38 <DIR> d——– D:\Program Files\Microsoft Visual Studio
    2006-12-09 22:38 <DIR> d——– D:\Program Files\Common Files\Designer
    2006-12-09 22:36 <DIR> d——– D:\WINDOWS\ShellNew
    2006-12-09 22:36 <DIR> d——– D:\Program Files\Snapshot Viewer
    2006-12-09 22:34 <DIR> d——– D:\WINDOWS\Twain32
    2006-12-09 22:34 <DIR> d——– D:\Program Files\Microsoft Office
    2006-12-09 22:34 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Microsoft Web Folders
    2006-12-09 22:12 <DIR> d——– D:\WINDOWS\Minidump
    2006-12-09 21:55 <DIR> d–hs—- D:\WINDOWS\ftpcache
    2006-12-09 21:32 <DIR> d——– D:\Program Files\SpeedFan
    2006-12-09 21:29 <DIR> d——– D:\Program Files\Activision
    2006-12-09 20:57 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Elaborate Bytes
    2006-12-09 20:53 <DIR> d——– D:\Program Files\GoldEsel
    2006-12-09 20:52 364,544 ——— D:\WINDOWS\system32\TwnLib4.dll
    2006-12-09 20:52 24,064 ——— D:\WINDOWS\system32\msxml3a.dll
    2006-12-09 20:52 2,977,792 ——— D:\WINDOWS\UNNeroVision.exe
    2006-12-09 20:52 <DIR> d——– D:\Documents and Settings\All Users\Application Data\Ahead
    2006-12-09 20:51 5,504 ——— D:\WINDOWS\system32\drivers\imagedrv.sys
    2006-12-09 20:51 476,320 ——— D:\WINDOWS\system32\ImagXpr7.dll
    2006-12-09 20:51 471,040 ——— D:\WINDOWS\system32\ImagXRA7.dll
    2006-12-09 20:51 262,144 ——— D:\WINDOWS\system32\ImagXR7.dll
    2006-12-09 20:51 125,184 ——— D:\WINDOWS\system32\drivers\imagesrv.sys
    2006-12-09 20:51 1,568,768 ——— D:\WINDOWS\system32\ImagX7.dll
    2006-12-09 20:27 <DIR> d——– D:\Program Files\Western Digital Technologies
    2006-12-09 18:25 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\SlySoft
    2006-12-09 18:02 81,920 –a—— D:\Documents and Settings\Administrator\Application Data\ezpinst.exe
    2006-12-09 18:02 47,360 –a—— D:\WINDOWS\system32\drivers\pcouffin.sys
    2006-12-09 18:02 47,360 –a—— D:\Documents and Settings\Administrator\Application Data\pcouffin.sys
    2006-12-09 18:02 14,848 –a—— D:\WINDOWS\system32\BASSMOD.dll
    2006-12-09 18:02 <DIR> d——– D:\Program Files\vso
    2006-12-09 18:02 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Vso
    2006-12-09 17:52 <DIR> d——– D:\Documents and Settings\Administrator\Incomplete
    2006-12-09 17:33 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\LimeWire
    2006-12-09 17:30 <DIR> d——– D:\Program Files\Java
    2006-12-09 17:30 <DIR> d——– D:\Program Files\Common Files\Java
    2006-12-09 17:29 <DIR> d——– D:\Program Files\WinRAR
    2006-12-09 17:29 <DIR> d——– D:\Program Files\LimeWire
    2006-12-09 17:24 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Talkback
    2006-12-09 17:24 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Mozilla
    2006-12-09 17:23 <DIR> d——– D:\Program Files\Mozilla Firefox
    2006-12-09 17:12 36,528 ——— D:\WINDOWS\system32\drivers\PxHelp20.sys
    2006-12-09 17:12 2,560 ——— D:\WINDOWS\system32\drivers\cdralw2k.sys
    2006-12-09 17:12 2,432 ——— D:\WINDOWS\system32\drivers\cdr4_xp.sys
    2006-12-09 17:12 129,784 ——— D:\WINDOWS\system32\pxafs.dll
    2006-12-09 17:12 115,880 ——— D:\WINDOWS\system32\pxinsi64.exe
    2006-12-09 17:12 <DIR> d——– D:\Program Files\Winamp
    2006-12-09 17:10 <DIR> d——– D:\Program Files\SlySoft
    2006-12-09 17:10 <DIR> d——– D:\Program Files\Elaborate Bytes
    2006-12-09 16:45 <DIR> d——– D:\Program Files\RivaTuner v2.0 RC 15.8
    2006-12-09 16:44 <DIR> d——– D:\Guru3D.com
    2006-12-09 16:41 77,824 –a—— D:\WINDOWS\system32\mplaw7.dll
    2006-12-09 16:41 77,824 –a—— D:\WINDOWS\system32\mplaa6.dll
    2006-12-09 16:41 761,856 –a—— D:\WINDOWS\system32\xvidcore.dll
    2006-12-09 16:41 65,536 –a—— D:\WINDOWS\system32\mplapx.dll
    2006-12-09 16:41 65,536 –a—— D:\WINDOWS\system32\mplam6.dll
    2006-12-09 16:41 348,160 –a—— D:\WINDOWS\system32\MSVCR71.dll
    2006-12-09 16:41 19,968 –a—— D:\WINDOWS\system32\cpuinf32.dll
    2006-12-09 16:41 152,064 –a—— D:\WINDOWS\system32\unrar.dll
    2006-12-09 16:41 1,650,688 –a—— D:\WINDOWS\system32\mplva6.dll
    2006-12-09 16:41 1,581,056 –a—— D:\WINDOWS\system32\mplvw7.dll
    2006-12-09 16:41 1,552,384 –a—— D:\WINDOWS\system32\mplvm6.dll
    2006-12-09 16:41 1,122,304 –a—— D:\WINDOWS\system32\mplvpx.dll
    2006-12-09 16:41 <DIR> d——– D:\Program Files\ACE Mega CoDecS Pack
    2006-12-09 16:40 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Lavasoft
    2006-12-09 16:39 <DIR> d——– D:\Program Files\Lavasoft
    2006-12-09 15:51 <DIR> d——– D:\Program Files\Steam
    2006-12-09 12:50 502,368 –a—— D:\WINDOWS\system32\drivers\amon.sys
    2006-12-09 12:50 274,432 –a—— D:\WINDOWS\system32\imon.dll
    2006-12-09 12:46 <DIR> d——– D:\Program Files\ESET
    2006-12-09 12:33 3,072 –a—— D:\WINDOWS\system32\drivers\audstub.sys
    2006-12-09 12:33 21,504 –a—— D:\WINDOWS\system32\hidserv.dll
    2006-12-09 12:32 57,856 –a—— D:\WINDOWS\system32\drivers\redbook.sys
    2006-12-09 12:32 20,992 –a—— D:\WINDOWS\system32\drivers\RTL8139.sys
    2006-12-09 12:31 76,288 –a—— D:\WINDOWS\system32\usbui.dll
    2006-12-09 12:31 5,632 –a—— D:\WINDOWS\system32\drivers\intelide.sys
    2006-12-09 12:31 42,368 –a—— D:\WINDOWS\system32\drivers\AGP440.SYS
    2006-12-09 12:30 9,936 –a—— D:\WINDOWS\system\LZEXPAND.DLL
    2006-12-09 12:30 9,040 –a—— D:\WINDOWS\system\VER.DLL
    2006-12-09 12:30 86,556 –a—— D:\WINDOWS\system32\dgsetup.dll
    2006-12-09 12:30 82,944 –a—— D:\WINDOWS\system\OLECLI.DLL
    2006-12-09 12:30 8,704 –a—— D:\WINDOWS\system32\batt.dll
    2006-12-09 12:30 8,192 -ra—— D:\WINDOWS\system32\kbdhept.dll
    2006-12-09 12:30 76,288 –a—— D:\WINDOWS\system32\storprop.dll
    2006-12-09 12:30 70,192 –a—— D:\WINDOWS\system\MMSYSTEM.DLL
    2006-12-09 12:30 70,144 –a—— D:\WINDOWS\system\AVICAP.DLL
    2006-12-09 12:30 70,144 –a—— D:\WINDOWS\NOTEPAD.EXE
    2006-12-09 12:30 7,168 -ra—— D:\WINDOWS\system32\kbdcz.dll
    2006-12-09 12:30 6,656 -ra—— D:\WINDOWS\system32\kbdycl.dll
    2006-12-09 12:30 6,656 -ra—— D:\WINDOWS\system32\kbdsl1.dll
    2006-12-09 12:30 6,656 -ra—— D:\WINDOWS\system32\kbdsl.dll
    2006-12-09 12:30 6,656 -ra—— D:\WINDOWS\system32\kbdpl.dll
    2006-12-09 12:30 6,656 -ra—— D:\WINDOWS\system32\kbdhu.dll
    2006-12-09 12:30 6,656 -ra—— D:\WINDOWS\system32\kbdhela3.dll
    2006-12-09 12:30 6,656 -ra—— D:\WINDOWS\system32\kbdcz2.dll
    2006-12-09 12:30 6,656 -ra—— D:\WINDOWS\system32\kbdcz1.dll
    2006-12-09 12:30 6,656 -ra—— D:\WINDOWS\system32\kbdcr.dll
    2006-12-09 12:30 6,656 -ra—— D:\WINDOWS\system32\KBDAL.DLL
    2006-12-09 12:30 6,144 -ra—— D:\WINDOWS\system32\kbdtuq.dll
    2006-12-09 12:30 6,144 -ra—— D:\WINDOWS\system32\kbdtuf.dll
    2006-12-09 12:30 6,144 -ra—— D:\WINDOWS\system32\kbdlv1.dll
    2006-12-09 12:30 6,144 -ra—— D:\WINDOWS\system32\kbdlv.dll
    2006-12-09 12:30 6,144 -ra—— D:\WINDOWS\system32\kbdhela2.dll
    2006-12-09 12:30 6,144 -ra—— D:\WINDOWS\system32\kbdgkl.dll
    2006-12-09 12:30 6,144 -ra—— D:\WINDOWS\system32\kbdest.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdycc.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbduzb.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdur.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdtat.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdru1.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdru.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdro.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdpl1.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdmon.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdlt1.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdlt.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdkyr.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdkaz.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdhu1.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdhe319.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdhe220.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdhe.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdbu.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdblr.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdazel.dll
    2006-12-09 12:30 5,632 -ra—— D:\WINDOWS\system32\kbdaze.dll
    2006-12-09 12:30 5,120 –a—— D:\WINDOWS\system\SHELL.DLL
    2006-12-09 12:30 33,696 –a—— D:\WINDOWS\system\COMMDLG.DLL
    2006-12-09 12:30 24,661 –a—— D:\WINDOWS\system32\spxcoins.dll
    2006-12-09 12:30 24,064 –a—— D:\WINDOWS\system\OLESVR.DLL
    2006-12-09 12:30 19,200 –a—— D:\WINDOWS\system\TAPI.DLL
    2006-12-09 12:30 176,157 –a—— D:\WINDOWS\system32\dgrpsetu.dll
    2006-12-09 12:30 15,872 –a—— D:\WINDOWS\TASKMAN.EXE
    2006-12-09 12:30 13,312 –a—— D:\WINDOWS\system32\irclass.dll
    2006-12-09 12:30 126,976 –a—— D:\WINDOWS\system\MSVIDEO.DLL
    2006-12-09 12:30 11,264 –a—— D:\WINDOWS\system32\drivers\irenum.sys
    2006-12-09 12:30 109,552 –a—— D:\WINDOWS\system\AVIFILE.DLL
    2006-12-09 12:30 103,936 –a—— D:\WINDOWS\system32\EqnClass.Dll
    2006-12-09 12:30 <DIR> dr——- D:\Program Files\Common Files\..
    2006-12-09 12:30 <DIR> dr——- D:\Program Files\.
    2006-12-09 12:30 <DIR> dr——- D:\Program Files
    2006-12-09 12:30 <DIR> dr——- D:\Documents and Settings\All Users\Menu Start
    2006-12-09 12:30 <DIR> dr——- D:\Documents and Settings\All Users\Documenten
    2006-12-09 12:30 <DIR> d–hs—- D:\WINDOWS\Installer
    2006-12-09 12:30 <DIR> d–hs—- D:\Program Files\..
    2006-12-09 12:30 <DIR> d–h—– D:\Documents and Settings\All Users\Sjablonen
    2006-12-09 12:30 <DIR> d——– D:\Program Files\Common Files\SpeechEngines
    2006-12-09 12:30 <DIR> d——– D:\Program Files\Common Files\ODBC
    2006-12-09 12:30 <DIR> d——– D:\Program Files\Common Files\Microsoft Shared
    2006-12-09 12:30 <DIR> d——– D:\Program Files\Common Files\.
    2006-12-09 12:30 <DIR> d——– D:\Program Files\Common Files
    2006-12-09 12:30 <DIR> d——– D:\Documents and Settings\All Users\Favorieten
    2006-12-09 12:30 <DIR> d——– D:\Documents and Settings\All Users\Bureaublad
    2006-12-09 12:28 <DIR> dr-h—– D:\Documents and Settings\All Users\Application Data\.
    2006-12-09 12:28 <DIR> dr-h—– D:\Documents and Settings\All Users\Application Data
    2006-12-09 12:28 <DIR> d–hs—- D:\System Volume Information
    2006-12-09 12:28 <DIR> d—s—- D:\Documents and Settings\All Users\Application Data\Microsoft
    2006-12-09 12:28 <DIR> d——– D:\WINDOWS\system32\CatRoot2
    2006-12-09 12:28 <DIR> d——– D:\WINDOWS\system32\CatRoot
    2006-12-09 12:28 <DIR> d——– D:\Documents and Settings\All Users\Application Data\..
    2006-12-09 12:28 <DIR> d——– D:\Documents and Settings\All Users\..
    2006-12-09 12:28 <DIR> d——– D:\Documents and Settings\All Users\.
    2006-12-09 12:28 <DIR> d——– D:\Documents and Settings
    2006-12-09 12:24 97,792 –a—— D:\WINDOWS\system32\LGUICOM.DLL
    2006-12-09 12:24 94,208 –a—— D:\WINDOWS\system32\FEELIT.DLL
    2006-12-09 12:24 81,920 -r——- D:\WINDOWS\bwUnin-6.1.4.61-8876480L.exe
    2006-12-09 12:24 70,894 –a—— D:\WINDOWS\system32\drivers\LMouFlt2.Sys
    2006-12-09 12:24 51,582 ——— D:\WINDOWS\system32\drivers\L8042PR2.SYS
    2006-12-09 12:24 37,916 –a—— D:\WINDOWS\system32\drivers\LHidUsb.sys
    2006-12-09 12:24 3,568 –a—— D:\WINDOWS\system32\LMOUSE16.DLL
    2006-12-09 12:24 25,630 –a—— D:\WINDOWS\system32\drivers\LHidFlt2.Sys
    2006-12-09 12:24 23,372 ——— D:\WINDOWS\system32\LCOINST.DLL
    2006-12-09 12:24 20,992 ——— D:\WINDOWS\LOGI_MWX.EXE
    2006-12-09 12:24 16,896 –a—— D:\WINDOWS\system32\LMOUSE32.DLL
    2006-12-09 12:24 155,648 –a—— D:\WINDOWS\system32\ifc21.dll
    2006-12-09 12:24 152,064 ——— D:\WINDOWS\system32\lmoufrc.dll
    2006-12-09 12:24 14,092 ——— D:\WINDOWS\system32\drivers\LCCFLTR.SYS
    2006-12-09 12:24 104,960 –a—— D:\WINDOWS\system32\COMNCTR.DLL
    2006-12-09 12:24 <DIR> d—s—- D:\Program Files\Xfire
    2006-12-09 12:24 <DIR> d——– D:\Program Files\MSN Messenger
    2006-12-09 12:24 <DIR> d——– D:\Program Files\Logitech
    2006-12-09 12:24 <DIR> d——– D:\Program Files\Common Files\Logitech
    2006-12-09 12:24 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Xfire
    2006-12-09 12:23 <DIR> dr-hsc— D:\WINDOWS\system32\dllcache
    2006-12-09 12:23 <DIR> dr–s—- D:\WINDOWS\Fonts
    2006-12-09 12:23 <DIR> dr——- D:\WINDOWS\Web
    2006-12-09 12:23 <DIR> d–hs—- D:\WINDOWS\..
    2006-12-09 12:23 <DIR> d–h—– D:\WINDOWS\inf
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\WinSxS
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\twain_32
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\Temp
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\wins
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\wbem
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\usmt
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\spool
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\ShellExt
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\Setup
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\ras
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\oobe
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32
    pp
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\mui
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\inetsrv
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\IME
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\icsxml
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\ias
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\export
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\drivers\etc
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\drivers\disdn
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\drivers\..
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\drivers\.
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\drivers
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\dhcp
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\config
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\3com_dmi
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\3076
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\2052
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\1054
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\1043
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\1042
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\1041
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\1037
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\1033
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\1031
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\1028
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\1025
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\..
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32\.
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system32
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system\..
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system\.
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\system
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\security
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\Resources
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\repair
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\Provisioning
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\PeerNet
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\pchealth
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\mui
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\msapps
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\msagent
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\Media
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\java
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\ime
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\Help
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\ehome
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\Driver Cache
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\Debug
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\Cursors
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\Connection Wizard
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\Config
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\AppPatch
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\addins
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS\.
    2006-12-09 12:23 <DIR> d——– D:\WINDOWS
    2006-12-09 12:23 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Macromedia
    2006-12-09 12:19 569,344 ——— D:\WINDOWS\system32\imagr5.dll
    2006-12-09 12:19 544,768 ——— D:\WINDOWS\system32\imagx5.dll
    2006-12-09 12:19 38,912 ——— D:\WINDOWS\system32\picn20.dll
    2006-12-09 12:19 283,920 ——— D:\WINDOWS\system32\ImagXpr5.dll
    2006-12-09 12:19 155,648 –a—— D:\WINDOWS\system32\NeroCheck.exe
    2006-12-09 12:19 106,496 ——— D:\WINDOWS\system32\TwnLib20.dll
    2006-12-09 12:19 <DIR> d——– D:\Program Files\Common Files\Ahead
    2006-12-09 12:18 <DIR> d——– D:\Program Files\Ahead
    2006-12-09 12:13 41,984 ——— D:\WINDOWS\Ctregrun.exe
    2006-12-09 12:11 90,112 ——— D:\WINDOWS\Updreg.EXE
    2006-12-09 12:11 81,920 –a—— D:\WINDOWS\system32\OpenAL32.dll
    2006-12-09 12:11 6,400 –a—— D:\WINDOWS\system32\drivers\splitter.sys
    2006-12-09 12:11 233,472 –a—— D:\WINDOWS\system32\wrap_oal.dll
    2006-12-09 12:11 <DIR> d——– D:\WINDOWS\system32\Defaults
    2006-12-09 12:10 82,944 –a—— D:\WINDOWS\system32\drivers\wdmaud.sys
    2006-12-09 12:10 7,552 –a—— D:\WINDOWS\system32\drivers\MSKSSRV.sys
    2006-12-09 12:10 60,800 –a—— D:\WINDOWS\system32\drivers\sysaudio.sys
    2006-12-09 12:10 60,288 –a—— D:\WINDOWS\system32\drivers\drmk.sys
    2006-12-09 12:10 54,272 –a—— D:\WINDOWS\system32\drivers\swmidi.sys
    2006-12-09 12:10 52,864 –a—— D:\WINDOWS\system32\drivers\DMusic.sys
    2006-12-09 12:10 5,376 –a—— D:\WINDOWS\system32\drivers\MSPCLOCK.sys
    2006-12-09 12:10 4,992 –a—— D:\WINDOWS\system32\drivers\MSPQM.sys
    2006-12-09 12:10 4,096 –a—— D:\WINDOWS\system32\ksuser.dll
    2006-12-09 12:10 24,576 –a—— D:\WINDOWS\INRESDUT.DLL
    2006-12-09 12:10 2,944 –a—— D:\WINDOWS\system32\drivers\drmkaud.sys
    2006-12-09 12:10 172,416 –a—— D:\WINDOWS\system32\drivers\kmixer.sys
    2006-12-09 12:10 145,792 –a—— D:\WINDOWS\system32\drivers\portcls.sys
    2006-12-09 12:10 142,464 –a—— D:\WINDOWS\system32\drivers\aec.sys
    2006-12-09 12:10 10,752 –a—— D:\WINDOWS\CTDCRDUT.DLL
    2006-12-09 12:10 <DIR> d——– D:\WINDOWS\system32\Data
    2006-12-09 12:08 77,824 ——— D:\WINDOWS\system32\ctdvda32.dll
    2006-12-09 12:08 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Creative
    2006-12-09 12:07 <DIR> d——– D:\WINDOWS\RegisteredPackages
    2006-12-09 12:07 <DIR> d——– D:\Program Files\Creative
    2006-12-09 12:04 <DIR> d–hs—- D:\RECYCLER
    2006-12-09 11:59 <DIR> d——– D:\Program Files\ASUSTeK
    2006-12-09 11:58 90,112 –a—— D:\WINDOWS\ATKKBService.exe
    2006-12-09 11:58 8,704 –a—— D:\WINDOWS\system32\ATKOSDMini.DLL
    2006-12-09 11:58 45,056 –a—— D:\WINDOWS\system32\ATKOGL.dll
    2006-12-09 11:58 333,824 –a—— D:\WINDOWS\system32\ATKOSDX.dll
    2006-12-09 11:58 303,104 –a—— D:\WINDOWS\system32\ATKDispCPL.dll
    2006-12-09 11:58 208,896 –a—— D:\WINDOWS\system32
    vudisp.exe
    2006-12-09 11:58 20,096 –a—— D:\WINDOWS\system32\drivers\atkkbnt.sys
    2006-12-09 11:58 180,224 –a—— D:\WINDOWS\system32\ATKCheckDispIDs.dll
    2006-12-09 11:58 154,144 –a—— D:\WINDOWS\system32\ATKDISP.dll
    2006-12-09 11:58 <DIR> d——– D:\WINDOWS
    view
    2006-12-09 11:56 9,472 -ra—— D:\WINDOWS\system32\drivers\EIO.sys
    2006-12-09 11:52 <DIR> d–h—– D:\Program Files\InstallShield Installation Information
    2006-12-09 11:52 <DIR> d——– D:\WINDOWS\system32\ReinstallBackups
    2006-12-09 11:52 <DIR> d——– D:\Program Files\Intel
    2006-12-09 11:52 <DIR> d——– D:\Program Files\Common Files\InstallShield
    2006-12-09 11:51 5,824 –a—— D:\WINDOWS\system32\drivers\ASUSHWIO.SYS
    2006-12-09 11:46 <DIR> d–h—– D:\Program Files\Uninstall Information
    2006-12-09 11:46 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\Identities
    2006-12-09 11:42 <DIR> dr-h—– D:\Documents and Settings\Administrator\SendTo
    2006-12-09 11:42 <DIR> dr-h—– D:\Documents and Settings\Administrator\Onlangs geopend
    2006-12-09 11:42 <DIR> dr-h—– D:\Documents and Settings\Administrator\Application Data\.
    2006-12-09 11:42 <DIR> dr-h—– D:\Documents and Settings\Administrator\Application Data
    2006-12-09 11:42 <DIR> dr–s—- D:\WINDOWS\assembly
    2006-12-09 11:42 <DIR> dr——- D:\Documents and Settings\Administrator\Mijn documenten
    2006-12-09 11:42 <DIR> dr——- D:\Documents and Settings\Administrator\Menu Start
    2006-12-09 11:42 <DIR> dr——- D:\Documents and Settings\Administrator\Favorieten
    2006-12-09 11:42 <DIR> d–h—– D:\Documents and Settings\Administrator\Sjablonen
    2006-12-09 11:42 <DIR> d–h—– D:\Documents and Settings\Administrator\Netwerkprinteromgeving
    2006-12-09 11:42 <DIR> d–h—– D:\Documents and Settings\Administrator\NetHood
    2006-12-09 11:42 <DIR> d–h—– D:\Documents and Settings\Administrator\Local Settings
    2006-12-09 11:42 <DIR> d—s—- D:\Documents and Settings\Administrator\Cookies
    2006-12-09 11:42 <DIR> d—s—- D:\Documents and Settings\Administrator\Application Data\Microsoft
    2006-12-09 11:42 <DIR> d——– D:\WINDOWS\SoftwareDistribution
    2006-12-09 11:42 <DIR> d——– D:\WINDOWS\Microsoft.NET
    2006-12-09 11:42 <DIR> d——– D:\Documents and Settings\Administrator\Bureaublad
    2006-12-09 11:42 <DIR> d——– D:\Documents and Settings\Administrator\Application Data\..
    2006-12-09 11:42 <DIR> d——– D:\Documents and Settings\Administrator\..
    2006-12-09 11:42 <DIR> d——– D:\Documents and Settings\Administrator\.
    2006-12-09 11:41 <DIR> d—s—- D:\WINDOWS\system32\Microsoft
    2006-12-09 11:41 <DIR> d——– D:\WINDOWS\Prefetch
    2006-12-09 11:39 <DIR> d——– D:\WINDOWS\system32\xircom
    2006-12-09 11:39 <DIR> d——– D:\Program Files\xerox
    2006-12-09 11:39 <DIR> d——– D:\Program Files\msn gaming zone
    2006-12-09 11:39 <DIR> d——– D:\Program Files\microsoft frontpage
    2006-12-09 11:38 112,128 –a—— D:\WINDOWS\system32\mapi32.dll
    2006-12-09 11:37 <DIR> dr——- D:\WINDOWS\Offline Web Pages
    2006-12-09 11:37 <DIR> d–hs—- D:\Documents and Settings\All Users\DRM
    2006-12-09 11:37 <DIR> d–h—– D:\Program Files\WindowsUpdate
    2006-12-09 11:37 <DIR> d—s—- D:\WINDOWS\Downloaded Program Files
    2006-12-09 11:37 <DIR> d——– D:\Program Files\Online Services
    2006-12-09 11:36 86,016 –a—— D:\WINDOWS\system32\isign32.dll
    2006-12-09 11:36 81,920 –a—— D:\WINDOWS\system32\ils.dll
    2006-12-09 11:36 8,192 –a—— D:\WINDOWS\system32\bitsprx2.dll
    2006-12-09 11:36 73,728 –a—— D:\WINDOWS\system32\icwdial.dll
    2006-12-09 11:36 73,472 –a—— D:\WINDOWS\system32\drivers\sr.sys
    2006-12-09 11:36 7,168 –a—— D:\WINDOWS\system32\bitsprx3.dll
    2006-12-09 11:36 69,632 –a—— D:\WINDOWS\system32\msconf.dll
    2006-12-09 11:36 679,424 –a—— D:\WINDOWS\system32\inetcomm.dll
    2006-12-09 11:36 67,584 –a—— D:\WINDOWS\system32\srclient.dll
    2006-12-09 11:36 67,584 –a—— D:\WINDOWS\system32\acctres.dll
    2006-12-09 11:36 65,536 –a—— D:\WINDOWS\system32\icwphbk.dll
    2006-12-09 11:36 6,656 –a—— D:\WINDOWS\system32\wuauserv.dll
    2006-12-09 11:36 50,176 –a—— D:\WINDOWS\system32\inetres.dll
    2006-12-09 11:36 466,200 –a—— D:\WINDOWS\system32\wuapi.dll
    2006-12-09 11:36 45,568 –a—— D:\WINDOWS\system32\safrslv.dll
    2006-12-09 11:36 43,520 –a—— D:\WINDOWS\system32\safrcdlg.dll
    2006-12-09 11:36 43,520 –a—— D:\WINDOWS\system32\racpldlg.dll
    2006-12-09 11:36 41,240 –a—— D:\WINDOWS\system32\wups.dll
    2006-12-09 11:36 382,464 –a—— D:\WINDOWS\system32\qmgr.dll
    2006-12-09 11:36 34,560 –a—— D:\WINDOWS\system32\mnmdd.dll
    2006-12-09 11:36 32,768 –a—— D:\WINDOWS\system32\mnmsrvc.exe
    2006-12-09 11:36 32,768 –a—— D:\WINDOWS\system32\isrdbg32.dll
    2006-12-09 11:36 29,696 –a—— D:\WINDOWS\system32\safrdm.dll
    2006-12-09 11:36 28,672 –a—— D:\WINDOWS\system32
    mmkcert.dll
    2006-12-09 11:36 278,528 –a—— D:\WINDOWS\system32\mstask.dll
    2006-12-09 11:36 278,528 –a—— D:\WINDOWS\system32\inetcfg.dll
    2006-12-09 11:36 252,928 –a—— D:\WINDOWS\system32\msoeacct.dll
    2006-12-09 11:36 241,152 –a—— D:\WINDOWS\system32\srrstr.dll
    2006-12-09 11:36 23,040 –a—— D:\WINDOWS\system32\fltmc.exe
    2006-12-09 11:36 194,840 –a—— D:\WINDOWS\system32\wuaueng1.dll
    2006-12-09 11:36 192,000 –a—— D:\WINDOWS\system32\schedsvc.dll
    2006-12-09 11:36 18,944 –a—— D:\WINDOWS\system32\qmgrprxy.dll
    2006-12-09 11:36 174,360 –a—— D:\WINDOWS\system32\wuauclt1.exe
    2006-12-09 11:36 173,536 –a—— D:\WINDOWS\system32\wuweb.dll
    2006-12-09 11:36 170,496 –a—— D:\WINDOWS\system32\srsvc.dll
    2006-12-09 11:36 16,896 –a—— D:\WINDOWS\system32\fltlib.dll
    2006-12-09 11:36 16,384 –a—— D:\WINDOWS\system32\icfgnt5.dll
    2006-12-09 11:36 128,896 –a—— D:\WINDOWS\system32\drivers\fltmgr.sys
    2006-12-09 11:36 128,280 –a—— D:\WINDOWS\system32\wucltui.dll
    2006-12-09 11:36 125,208 –a—— D:\WINDOWS\system32\wuauclt.exe
    2006-12-09 11:36 12,288 –a—— D:\WINDOWS\system32
    mevtmsg.dll
    2006-12-09 11:36 12,288 –a—— D:\WINDOWS\system32\mstinit.exe
    2006-12-09 11:36 11,264 –a—— D:\WINDOWS\system32\atrace.dll
    2006-12-09 11:36 105,984 –a—— D:\WINDOWS\system32\msoert2.dll
    2006-12-09 11:36 1,343,768 –a—— D:\WINDOWS\system32\wuaueng.dll
    2006-12-09 11:36 <DIR> d—s—- D:\WINDOWS\Tasks
    2006-12-09 11:36 <DIR> d——– D:\WINDOWS\system32\Restore
    2006-12-09 11:36 <DIR> d——– D:\WINDOWS\system32\Macromed
    2006-12-09 11:36 <DIR> d——– D:\WINDOWS\system32\DirectX
    2006-12-09 11:36 <DIR> d——– D:\WINDOWS\srchasst
    2006-12-09 11:36 <DIR> d——– D:\Program Files\Outlook Express
    2006-12-09 11:36 <DIR> d——– D:\Program Files\NetMeeting
    2006-12-09 11:36 <DIR> d——– D:\Program Files\Movie Maker
    2006-12-09 11:36 <DIR> d——– D:\Program Files\Common Files\Services
    2006-12-09 11:36 <DIR> d——– D:\Program Files\Common Files\MSSoap
    2006-12-09 11:35 73,216 –a—— D:\WINDOWS\system32\avwav.dll
    2006-12-09 11:35 5,632 –a—— D:\WINDOWS\system32\write.exe
    2006-12-09 11:35 44,544 –a—— D:\WINDOWS\system32\hticons.dll
    2006-12-09 11:35 35,840 –a—— D:\WINDOWS\system32\winchat.exe
    2006-12-09 11:35 233,472 –a—— D:\WINDOWS\system32\avtapi.dll
    2006-12-09 11:35 16,384 –a—— D:\WINDOWS\system32\avmeter.dll
    2006-12-09 11:35 139,264 –a—— D:\WINDOWS\system32\sndvol32.exe
    2006-12-09 11:35 <DIR> d——– D:\WINDOWS\Registration
    2006-12-09 11:35 <DIR> d——– D:\Program Files\Windows Media Player
    2006-12-09 11:35 <DIR> d——– D:\Program Files\Internet Explorer
    2006-12-09 11:35 <DIR> d——– D:\Program Files\ComPlus Applications
    2006-12-09 11:35 <DIR> d——– D:\Program Files\Common Files\System
    2006-12-09 11:34 97,792 –a—— D:\WINDOWS\system32\comrepl.dll
    2006-12-09 11:34 956,416 –a—— D:\WINDOWS\system32\msdtctm.dll
    2006-12-09 11:34 94,208 –a—— D:\WINDOWS\system32\tscfgwmi.dll
    2006-12-09 11:34 91,136 –a—— D:\WINDOWS\system32\mtxoci.dll
    2006-12-09 11:34 9,728 –a—— D:\WINDOWS\system32\reset.exe
    2006-12-09 11:34 87,176 –a—— D:\WINDOWS\system32\rdpwsx.dll
    2006-12-09 11:34 85,504 –a—— D:\WINDOWS\system32\catsrvps.dll
    2006-12-09 11:34 80,896 –a—— D:\WINDOWS\system32\charmap.exe
    2006-12-09 11:34 67,072 –a—— D:\WINDOWS\system32\rdshost.exe
    2006-12-09 11:34 662,528 –a—— D:\WINDOWS\system32\getuname.dll
    2006-12-09 11:34 655,360 –a—— D:\WINDOWS\system32\mstscax.dll
    2006-12-09 11:34 625,152 –a—— D:\WINDOWS\system32\catsrvut.dll
    2006-12-09 11:34 62,464 –a—— D:\WINDOWS\system32\rdpclip.exe
    2006-12-09 11:34 61,440 –a—— D:\WINDOWS\system32\remotepg.dll
    2006-12-09 11:34 60,416 –a—— D:\WINDOWS\system32\colbact.dll
    2006-12-09 11:34 6,144 –a—— D:\WINDOWS\system32\msdtc.exe
    2006-12-09 11:34 58,880 –a—— D:\WINDOWS\system32\msdtclog.dll
    2006-12-09 11:34 58,880 –a—— D:\WINDOWS\system32\licwmi.dll
    2006-12-09 11:34 56,320 –a—— D:\WINDOWS\system32\servdeps.dll
    2006-12-09 11:34 540,160 –a—— D:\WINDOWS\system32\comuid.dll
    2006-12-09 11:34 54,272 –a—— D:\WINDOWS\system32\stclient.dll
    2006-12-09 11:34 5,120 –a—— D:\WINDOWS\system32\dcomcnfg.exe
    2006-12-09 11:34 498,688 –a—— D:\WINDOWS\system32\clbcatq.dll
    2006-12-09 11:34 44,544 –a—— D:\WINDOWS\system32\tscupgrd.exe
    2006-12-09 11:34 426,496 –a—— D:\WINDOWS\system32\msdtcprx.dll
    2006-12-09 11:34 412,160 –a—— D:\WINDOWS\system32\mstsc.exe
    2006-12-09 11:34 40,840 –a—— D:\WINDOWS\system32\drivers\termdd.sys
    2006-12-09 11:34 4,608 –a—— D:\WINDOWS\system32\rdpcfgex.dll
    2006-12-09 11:34 4,096 –a—— D:\WINDOWS\system32\mtxex.dll
    2006-12-09 11:34 39,424 –a—— D:\WINDOWS\system32\cfgbkend.dll
    2006-12-09 11:34 352,768 –a—— D:\WINDOWS\system32\hypertrm.dll
    2006-12-09 11:34 345,600 –a—— D:\WINDOWS\system32\mspaint.exe
    2006-12-09 11:34 33,792 –a—— D:\WINDOWS\system32\regini.exe
    2006-12-09 11:34 25,600 –a—— D:\WINDOWS\system32\comaddin.dll
    2006-12-09 11:34 25,088 –a—— D:\WINDOWS\system32\mtxlegih.dll
    2006-12-09 11:34 23,040 –a—— D:\WINDOWS\system32\qwinsta.exe
    2006-12-09 11:34 225,792 –a—— D:\WINDOWS\system32\catsrv.dll
    2006-12-09 11:34 22,016 –a—— D:\WINDOWS\system32\msg.exe
    2006-12-09 11:34 215,552 –a—— D:\WINDOWS\system32\termsrv.dll
    2006-12-09 11:34 21,896 –a—— D:\WINDOWS\system32\drivers\tdtcp.sys
    2006-12-09 11:34 20,480 –a—— D:\WINDOWS\system32\qprocess.exe
    2006-12-09 11:34 20,480 –a—— D:\WINDOWS\system32\mtxdm.dll
    2006-12-09 11:34 196,864 –a—— D:\WINDOWS\system32\drivers\rdpdr.sys
    2006-12-09 11:34 19,968 –a—— D:\WINDOWS\system32\rdpsnd.dll
    2006-12-09 11:34 188,928 –a—— D:\WINDOWS\system32\cmprops.dll
    2006-12-09 11:34 187,392 –a—— D:\WINDOWS\system32\accwiz.exe
    2006-12-09 11:34 17,920 –a—— D:\WINDOWS\system32\tsshutdn.exe
    2006-12-09 11:34 17,920 –a—— D:\WINDOWS\system32\mmfutil.dll
    2006-12-09 11:34 17,408 –a—— D:\WINDOWS\system32\qappsrv.exe
    2006-12-09 11:34 161,280 –a—— D:\WINDOWS\system32\msdtcuiu.dll
    2006-12-09 11:34 16,384 –a—— D:\WINDOWS\system32\tskill.exe
    2006-12-09 11:34 16,384 –a—— D:\WINDOWS\system32\rwinsta.exe
    2006-12-09 11:34 15,872 –a—— D:\WINDOWS\system32\cdmodem.dll
    2006-12-09 11:34 15,360 –a—— D:\WINDOWS\system32\tsdiscon.exe
    2006-12-09 11:34 15,360 –a—— D:\WINDOWS\system32\tscon.exe
    2006-12-09 11:34 15,360 –a—— D:\WINDOWS\system32\shadow.exe
    2006-12-09 11:34 15,360 –a—— D:\WINDOWS\system32\logoff.exe
    2006-12-09 11:34 147,968 –a—— D:\WINDOWS\system32\rdchost.dll
    2006-12-09 11:34 147,456 –a—— D:\WINDOWS\system32\comsnap.dll
    2006-12-09 11:34 142,336 –a—— D:\WINDOWS\system32\sessmgr.exe
    2006-12-09 11:34 139,528 –a—— D:\WINDOWS\system32\drivers\rdpwd.sys
    2006-12-09 11:34 132,608 –a—— D:\WINDOWS\system32\sndrec32.exe
    2006-12-09 11:34 13,824 –a—— D:\WINDOWS\system32\rdsaddin.exe
    2006-12-09 11:34 124,416 –a—— D:\WINDOWS\system32\mplay32.exe
    2006-12-09 11:34 12,040 –a—— D:\WINDOWS\system32\drivers\tdpipe.sys
    2006-12-09 11:34 114,688 –a—— D:\WINDOWS\system32\calc.exe
    2006-12-09 11:34 110,080 –a—— D:\WINDOWS\system32\clbcatex.dll
    2006-12-09 11:34 11,776 –a—— D:\WINDOWS\system32\xolehlp.dll
    2006-12-09 11:34 11,264 –a—— D:\WINDOWS\system32\icaapi.dll
    2006-12-09 11:34 104,448 –a—— D:\WINDOWS\system32\clipbrd.exe
    2006-12-09 11:34 1,267,200 –a—— D:\WINDOWS\system32\comsvcs.dll
    2006-12-09 11:34 1,161 –a—— D:\WINDOWS\system32\usrlogon.cmd
    2006-12-09 11:34 <DIR> d——– D:\WINDOWS\system32\MsDtc
    2006-12-09 11:34 <DIR> d——– D:\WINDOWS\system32\Com
    2006-12-09 11:34 <DIR> d——– D:\Program Files\Windows NT


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))




    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="D:\\WINDOWS\\system32\\ctfmon.exe"
    "Steam"="\"d:\\program files\\steam\\steam.exe\" -silent"
    "GrimElse"="D:\\DOCUME~1\\ADMINI~1\\APPLIC~1\\BLAHWE~1\\Program Rect.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "NvCplDaemon"="RUNDLL32.EXE D:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
    "nwiz"="nwiz.exe /install"
    "CTDVDDET"="\"D:\\Program Files\\Creative\\SBAudigy4\\DVDAudio\\CTDVDDET.EXE\""
    "CTSysVol"="D:\\Program Files\\Creative\\SBAudigy4\\Surround Mixer\\CTSysVol.exe
    "
    "RCSystem"="\"D:\\Program Files\\Creative\\Shared Files\\Module Loader\\DLLML.exe\" RCSystem * -Startup"
    "AudioDrvEmulator"="\"D:\\Program Files\\Creative\\Shared Files\\Module Loader\\DLLML.exe\" -1 AudioDrvEmulator \"D:\\Program Files\\Creative\\Shared Files\\Module Loader\\Audio Emulator\\AudDrvEm.dll\""
    "CTHelper"="CTHELPER.EXE"
    "UpdReg"="D:\\WINDOWS\\UpdReg.EXE"
    "NeroFilterCheck"="D:\\WINDOWS\\system32\\NeroCheck.exe"
    "Logitech Utility"="Logi_MwX.Exe"
    "nod32kui"="\"D:\\Program Files\\Eset\
    od32kui.exe\" /WAITSERVICE"
    "SunJavaUpdateSched"="\"D:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
    "NvMediaCenter"="RUNDLL32.EXE D:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
    "HP OfficeJet T Series"="\"D:\\Program Files\\Hewlett-Packard\\HP OfficeJet T Series\\bin\\ktchnsnk.exe\" -reg \"Software\\Hewlett-Packard\\OfficeJet T Series\\Install\""
    "QuickTime Task"="\"D:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "TkBellExe"="\"D:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
    "webfordbookskip"="D:\\Documents and Settings\\All Users\\Application Data\\platformplaywebford\\01 Show.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "NoChange"="1"
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000001
    "GeneralFlags"=dword:00000000

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Mijn huidige introductiepagina"
    "Flags"=dword:00000002
    "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
    00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
    "CurrentState"=hex:04,00,00,40
    "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
    ff,ff,04,00,00,00
    "RestoredStateInfo"=hex:18,00,00,00,f2,01,00,00,23,00,00,00,7c,00,00,00,72,00,\
    00,00,01,00,00,00

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="D:\\WINDOWS\\system32\\CTFMON.EXE"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="D:\\WINDOWS\\system32\\CTFMON.EXE"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
    "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui"
    "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091
    "NoLowDiskSpaceChecks"=dword:00000001

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091
    "NoLowDiskSpaceChecks"=dword:00000001

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091
    "NoLowDiskSpaceChecks"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


    Contents of the 'Scheduled Tasks' folder
    D:\WINDOWS\tasks\AEB37C679184ECE7.job

    Completion time: 06-12-30 12:33:44.37
    D:\ComboFix.txt … 06-12-30 12:33
    [/code:1:a77accea31]














  • Start HJT opnieuw en doe een systemscan only vink onderstaande regels aan sluit alle vensters behalve HJT en klik op fix checked.

    [code:1:918936274c]

    O4 - HKLM\..\Run: [webfordbookskip] D:\Documents and Settings\All Users\Application Data\platformplaywebford\01 Show.exe
    O4 - HKCU\..\Run: [GrimElse] D:\DOCUME~1\ADMINI~1\APPLIC~1\BLAHWE~1\Program Rect.exe
    [/code:1:918936274c]

    verwijder deze dikgedrukte items met behulp van verkenner
    D:\Documents and Settings\All Users\Application Data\[b:918936274c]platformplaywebford\01 Show.exe[/b:918936274c]
    D:\DOCUME~1\ADMINI~1\APPLIC~1\[b:918936274c]BLAHWE~1\Program Rect.exe[/b:918936274c]


    Open Kladblok, en kopieer en plak de vetgedrukte tekst in een leeg venster :[list:918936274c][list:918936274c][b:918936274c]@echo off
    attrib -h %windir%\tasks\*.job
    echo Lop Jobs deleted >logit.txt
    dir /B "%windir%\tasks\????????9???????.job" >>logit.txt
    del "%windir%\tasks\????????9???????.job"
    dir /B "%windir%\tasks\????????8???????.job" >>logit.txt
    del "%windir%\tasks\????????8???????.job"
    cls
    exit[/b:918936274c][/list:u:918936274c]
    Ga naar Bestand > Opslaan als, en sla het op met als naam [b:918936274c]fix.bat[/b:918936274c] op je Bureaublad,
    type: "alle typen", en klik op OK

    Sluit Kladblok, ga naar je Bureaublad en dubbelklik op [b:918936274c]fix.bat[/b:918936274c]
    Op je Bureaublad verschijnt een tekstbestandje (logit.txt)
    Post de inhoud daarvan straks hier.[/list:u:918936274c]

    Vertel eens of je problemen al over zijn,

    J
  • D:\Documents and Settings\All Users\Application Data\platformplaywebford\01 Show.exe
    kan niet verwijderd worden, het is in gebruik. De andere dingen zijn wel gelukt.

    [b:487867e857]logit:[/b:487867e857]
    Lop Jobs deleted
    AEB37C679184ECE7.job

    ik ga even resetten, en daarna kijken of ik het probleem nog steeds heb. Ik post de resultaten over enkele minuten
  • Probeer het een in veilige modus, http://users.telenet.be/marcvn/spyware/1378056.htm
  • zal ik doen. Verder heb ik zojuist de pc opnieuw opgestart, en ben het alles nog niet tegengekomen, dus dat is mooi :)
    Enig puntje: als ik de pc afsluit krijg ik wel een waarschuwing dat '01 show.exe niet kan worden uitgevoerd omdat het windows werk station zich afsluit'
  • [quote:f4b8c5fedb="Moist.Sun-Tzu"]zal ik doen. Verder heb ik zojuist de pc opnieuw opgestart, en ben het alles nog niet tegengekomen, dus dat is mooi :)
    Enig puntje: als ik de pc afsluit krijg ik wel een waarschuwing dat '01 show.exe niet kan worden uitgevoerd omdat het windows werk station zich afsluit'[/quote:f4b8c5fedb]

    da's logisch, de job is wel verwijderd maar het bestand nog niet, het bestand wil de job terug. Bestand dient verwijderd.
  • bestand is ondertussen verwijderd, bedankt!!! alle popups etc zijn verleden tijd :)

    danku :)
  • Jahoe, goed gedaan.

    prettig uiteinde gewenst en bedankt voor de reply.

    Juisterr
  • Nou, ik heb hetzelfde probleem met mijn pc..
    Zouden julliemij ook kunnen helpen?

    Hijack this:
    [code:1:d9f7343c42]Logfile of HijackThis v1.99.1
    Scan saved at 15:47:41, on 5-1-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Acer\Empowering Technology\admServ.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Acer\Acer Arcade\PCMService.exe
    C:\Program Files\Launch Manager\LaunchAp.exe
    C:\Program Files\Launch Manager\HotkeyApp.exe
    C:\Program Files\Launch Manager\OSDCtrl.exe
    C:\Program Files\Launch Manager\Wbutton.exe
    C:\acer\Empowering Technology\ePower\epm-dm.exe
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\Program Files\Softwin\BitDefender10\bdmcon.exe
    C:\Program Files\Softwin\BitDefender10\bdagent.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Softwin\BitDefender10\vsserv.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Documents and Settings\Katrien\Bureaublad\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
    O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
    O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
    O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
    O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
    O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [ScanRegistry] C:\W
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [Delete copy loud bore] C:\Documents and Settings\All Users\Application Data\peak stop delete copy\globalthe.exe
    O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe"
    eg
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" –force_start_minimized
    O4 - HKCU\..\Run: [TheFour] C:\DOCUME~1\Katrien\APPLIC~1\FORKGL~1\Tons stop memo.exe
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: PowerReg Scheduler V3.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

    [/code:1:d9f7343c42]

    ComboFix:
    [code:1:d9f7343c42]Katrien - 07-01-05 15:51:00,18 Service Pack 2
    ComboFix 06.11.27 - Running from: "C:\Documents and Settings\Katrien\Bureaublad"

    ((((((((((((((((((((((((((((((( Files Created from 2006-12-05 to 2007-01-05 ))))))))))))))))))))))))))))))))))


    2007-01-05 13:13 <DIR> d——– C:\Documents and Settings\All Users\Application Data\ParetoLogic Anti-Spyware
    2007-01-05 12:41 <DIR> d——– C:\WINDOWS\WBEM
    2007-01-05 12:41 <DIR> d——– C:\WINDOWS\system32
    l-nl
    2007-01-05 12:39 <DIR> d–h—– C:\WINDOWS\ie7
    2007-01-05 12:37 121,856 ——— C:\WINDOWS\system32\xmllite.dll
    2007-01-05 12:35 <DIR> d——– C:\WINDOWS
    etwork diagnostic
    2007-01-05 12:17 <DIR> dr-h—– C:\Documents and Settings\Katrien\Onlangs geopend
    2007-01-04 22:41 <DIR> d——– C:\WINDOWS\system32\DRM
    2007-01-04 16:07 <DIR> d——– C:\Documents and Settings\Katrien\Application Data\Bitdefender
    2007-01-04 15:55 <DIR> d——– C:\Documents and Settings\All Users\Application Data\BitDefender
    2007-01-03 20:39 <DIR> d——– C:\Documents and Settings\All Users\Application Data\peak stop delete copy
    2007-01-03 20:38 <DIR> d——– C:\My Downloads
    2007-01-03 20:38 <DIR> d——– C:\Documents and Settings\Katrien\Application Data\forkgluelink
    2007-01-03 20:38 <DIR> d——– C:\Documents and Settings\Katrien\Application Data\BitRoll
    2007-01-03 20:24 <DIR> d——– C:\Documents and Settings\Katrien\Application Data\BitTorrent
    2007-01-02 14:45 <DIR> d——– C:\Documents and Settings\Katrien\Application Data\Leadertech
    2007-01-02 14:33 639,224 –a—— C:\WINDOWS\system32\drivers\sptd.sys
    2006-12-24 23:13 <DIR> d——– C:\Program Files\Virtools Web Player 3.5
    2006-12-24 16:54 <DIR> d——– C:\Documents and Settings\Katrien\Application Data\PlayFirst
    2006-12-24 16:54 <DIR> d——– C:\Documents and Settings\All Users\Application Data\PlayFirst
    2006-12-23 13:20 <DIR> d——– C:\Documents and Settings\All Users\Application Data\HipSoft
    2006-12-20 19:59 13,312 –a—— C:\WINDOWS\system32\BASSMOD.dll
    2006-12-20 19:43 513,152 –a—— C:\WINDOWS\system32\drivers\WmaCDriverV32.sys
    2006-12-20 19:35 <DIR> d——– C:\Documents and Settings\Katrien\Application Data\tunebite
    2006-12-20 19:34 16,640 –a—— C:\WINDOWS\system32\drivers\tbhsd.sys
    2006-12-20 14:55 <DIR> d——– C:\Documents and Settings\Katrien\Incomplete
    2006-12-17 15:07 <DIR> d–hs—- C:\FOUND.001
    2006-12-07 20:02 <DIR> d——– C:\Documents and Settings\Katrien\Application Data\Ahead
    2006-12-07 19:59 <DIR> d——– C:\Program Files\Nero
    2006-12-07 19:59 <DIR> d——– C:\Program Files\Common Files\Ahead
    2006-12-07 19:59 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Nero


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2006-11-27 09:45 60416 ——— C:\WINDOWS\system32\tzchange.exe
    2006-11-26 11:52 41008 –a—— C:\Documents and Settings\Katrien\Application Data\GDIPFONTCACHEV1.DAT
    2006-11-08 06:07 679424 –a—— C:\WINDOWS\system32\inetcomm.dll
    2006-11-07 21:03 6049280 ——— C:\WINDOWS\system32\ieframe.dll
    2006-11-07 21:03 50688 ——— C:\WINDOWS\system32\msfeedsbs.dll
    2006-11-07 21:03 458752 ——— C:\WINDOWS\system32\msfeeds.dll
    2006-11-07 21:03 413696 –a—— C:\WINDOWS\system32\vbscript.dll
    2006-11-07 21:03 231424 –a—— C:\WINDOWS\system32\webcheck.dll
    2006-11-07 21:03 180736 ——— C:\WINDOWS\system32\ieui.dll
    2006-11-07 21:03 156160 –a—— C:\WINDOWS\system32\msls31.dll
    2006-11-07 03:27 382976 –a—— C:\WINDOWS\system32\iedkcs32.dll
    2006-11-07 03:27 229376 –a—— C:\WINDOWS\system32\ieaksie.dll
    2006-11-07 03:26 71680 –a—— C:\WINDOWS\system32\admparse.dll
    2006-11-07 03:26 55296 –a—— C:\WINDOWS\system32\iesetup.dll
    2006-11-07 03:26 54784 –a—— C:\WINDOWS\system32\ie4uinit.exe
    2006-11-07 03:26 43008 –a—— C:\WINDOWS\system32\iernonce.dll
    2006-11-07 03:26 152064 –a—— C:\WINDOWS\system32\ieakeng.dll
    2006-11-07 03:26 13312 –a—— C:\WINDOWS\system32\ieudinit.exe
    2006-11-07 03:26 123904 –a—— C:\WINDOWS\system32\advpack.dll
    2006-11-07 03:25 161792 –a—— C:\WINDOWS\system32\ieakui.dll
    2006-11-06 11:35 531568 –a—— C:\WINDOWS\system32\RmActivate_isv.exe
    2006-11-06 11:35 523376 –a—— C:\WINDOWS\system32\RmActivate.exe
    2006-11-06 11:35 519280 –a—— C:\WINDOWS\system32\SecProc_isv.dll
    2006-11-06 11:35 518768 –a—— C:\WINDOWS\system32\SecProc.dll
    2006-11-06 11:35 358000 –a—— C:\WINDOWS\system32\RmActivate_ssp.exe
    2006-11-06 11:35 354416 –a—— C:\WINDOWS\system32\RmActivate_ssp_isv.exe
    2006-11-06 11:35 323696 –a—— C:\WINDOWS\system32\msdrm.dll
    2006-11-06 11:35 192624 –a—— C:\WINDOWS\system32\SecProc_ssp_isv.dll
    2006-11-06 11:35 192624 –a—— C:\WINDOWS\system32\SecProc_ssp.dll
    2006-11-04 14:14 1245696 –a—— C:\WINDOWS\system32\msxml4.dll
    2006-11-02 23:35 8271872 –a—— C:\WINDOWS\system32\wmploc.dll
    2006-11-02 22:53 99840 –a—— C:\WINDOWS\system32\wmpshell.dll
    2006-11-02 22:52 257536 –a—— C:\WINDOWS\system32\wmerror.dll
    2006-11-02 22:50 7680 –a—— C:\WINDOWS\system32\asferror.dll
    2006-11-02 11:52 42496 ——— C:\WINDOWS\system32\wpdshextres.dll
    2006-10-20 02:39 714752 –a—— C:\WINDOWS\system32\sxs.dll
    2006-10-18 21:58 8704 ——— C:\WINDOWS\system32\WdfMgr.exe
    2006-10-18 21:58 8704 ——— C:\WINDOWS\system32\uWDF.exe
    2006-10-18 21:47 937984 –a—— C:\WINDOWS\system32\WMNetMgr.dll
    2006-10-18 21:47 767488 ——— C:\WINDOWS\system32\WMVSENCD.dll
    2006-10-18 21:47 757248 –a—— C:\WINDOWS\system32\wmadmod.dll
    2006-10-18 21:47 656896 ——— C:\WINDOWS\system32\WMVXENCD.dll
    2006-10-18 21:47 63488 ——— C:\WINDOWS\system32\wpdmtpus.dll
    2006-10-18 21:47 629760 ——— C:\WINDOWS\system32\wpd_ci.dll
    2006-10-18 21:47 613376 ——— C:\WINDOWS\system32\wmpmde.dll
    2006-10-18 21:47 603648 –a—— C:\WINDOWS\system32\WMSPDMOD.dll
    2006-10-18 21:47 542720 –a—— C:\WINDOWS\system32\blackbox.dll
    2006-10-18 21:47 535040 ——— C:\WINDOWS\system32\wmdrmsdk.dll
    2006-10-18 21:47 429056 ——— C:\WINDOWS\system32\wmdrmdev.dll
    2006-10-18 21:47 414208 –a—— C:\WINDOWS\system32\msscp.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmvdmoe2.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmvdmod.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmsdmoe2.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmsdmod.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\MPG4DMOD.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\MP4SDMOD.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\MP43DMOD.dll
    2006-10-18 21:47 4096 ——— C:\WINDOWS\system32\WMVADVE.DLL
    2006-10-18 21:47 4096 ——— C:\WINDOWS\system32\WMVADVD.dll
    2006-10-18 21:47 4096 ——— C:\WINDOWS\system32\wdfApi.dll
    2006-10-18 21:47 37376 –a—— C:\WINDOWS\system32\wmdmps.dll
    2006-10-18 21:47 35840 ——— C:\WINDOWS\system32\wpdconns.dll
    2006-10-18 21:47 356352 ——— C:\WINDOWS\system32\WPDSp.dll
    2006-10-18 21:47 348672 ——— C:\WINDOWS\system32\wmdrmnet.dll
    2006-10-18 21:47 33792 –a—— C:\WINDOWS\system32\wmdmlog.dll
    2006-10-18 21:47 321536 –a—— C:\WINDOWS\system32\mswmdm.dll
    2006-10-18 21:47 317440 ——— C:\WINDOWS\system32\MP4SDECD.dll
    2006-10-18 21:47 314880 –a—— C:\WINDOWS\system32\wmpdxm.dll
    2006-10-18 21:47 295936 –a—— C:\WINDOWS\system32\wmpeffects.dll
    2006-10-18 21:47 284160 –a—— C:\WINDOWS\system32\portabledeviceapi.dll
    2006-10-18 21:47 276992 ——— C:\WINDOWS\system32\Audiodev.dll
    2006-10-18 21:47 27136 –a—— C:\WINDOWS\system32\MsPMSNSv.dll
    2006-10-18 21:47 2603008 ——— C:\WINDOWS\system32\WpdShext.dll
    2006-10-18 21:47 259072 ——— C:\WINDOWS\system32\MPG4DECD.dll
    2006-10-18 21:47 259072 ——— C:\WINDOWS\system32\MP43DECD.dll
    2006-10-18 21:47 2450944 –a—— C:\WINDOWS\system32\wmvcore.dll
    2006-10-18 21:47 242688 –a—— C:\WINDOWS\system32\wmpasf.dll
    2006-10-18 21:47 229376 –a—— C:\WINDOWS\system32\cewmdm.dll
    2006-10-18 21:47 222208 –a—— C:\WINDOWS\system32\wmasf.dll
    2006-10-18 21:47 212992 –a—— C:\WINDOWS\system32\mfplat.dll
    2006-10-18 21:47 211456 –a—— C:\WINDOWS\system32\qasf.dll
    2006-10-18 21:47 204288 ——— C:\WINDOWS\system32\wmpsrcwp.dll
    2006-10-18 21:47 199168 ——— C:\WINDOWS\system32\PortableDeviceWMDRM.dll
    2006-10-18 21:47 179712 –a—— C:\WINDOWS\system32\msnetobj.dll
    2006-10-18 21:47 175616 –a—— C:\WINDOWS\system32\MsPMSP.dll
    2006-10-18 21:47 166912 –a—— C:\WINDOWS\system32\portabledevicetypes.dll
    2006-10-18 21:47 1661440 ——— C:\WINDOWS\system32\wmpencen.dll
    2006-10-18 21:47 1574912 ——— C:\WINDOWS\system32\WMVENCOD.dll
    2006-10-18 21:47 157184 –a—— C:\WINDOWS\system32\wmidx.dll
    2006-10-18 21:47 154624 ——— C:\WINDOWS\system32\wpdmtp.dll
    2006-10-18 21:47 1543680 ——— C:\WINDOWS\system32\WMVDECOD.dll
    2006-10-18 21:47 1382912 ——— C:\WINDOWS\system32\WMVSDECD.dll
    2006-10-18 21:47 133632 –a—— C:\WINDOWS\system32\wpdshserviceobj.dll
    2006-10-18 21:47 1329152 –a—— C:\WINDOWS\system32\WMSPDMOE.dll
    2006-10-18 21:47 132096 ——— C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
    2006-10-18 21:47 130048 –a—— C:\WINDOWS\system32\wmpps.dll
    2006-10-18 21:47 11264 –a—— C:\WINDOWS\system32\LAPRXY.dll
    2006-10-18 21:47 1117696 –a—— C:\WINDOWS\system32\WMADMOE.dll
    2006-10-18 21:47 101888 ——— C:\WINDOWS\system32\PortableDeviceClassExtension.dll
    2006-10-18 20:03 100864 –a—— C:\WINDOWS\system32\logagent.exe
    2006-10-18 20:00 17408 ——— C:\WINDOWS\system32\wpdshextautoplay.exe
    2006-10-17 12:06 78336 –a—— C:\WINDOWS\system32\ieencode.dll
    2006-10-17 12:05 40960 –a—— C:\WINDOWS\system32\licmgr10.dll
    2006-10-17 12:05 206336 ——— C:\WINDOWS\system32\WinFXDocObj.exe
    2006-10-17 12:05 105984 –a—— C:\WINDOWS\system32\url.dll
    2006-10-17 12:04 101376 –a—— C:\WINDOWS\system32\occache.dll
    2006-10-17 12:03 17408 –a—— C:\WINDOWS\system32\corpol.dll
    2006-10-17 11:58 61952 ——— C:\WINDOWS\system32\icardie.dll
    2006-10-17 11:58 12288 ——— C:\WINDOWS\system32\msfeedssync.exe
    2006-10-17 11:57 36352 –a—— C:\WINDOWS\system32\imgutil.dll
    2006-10-17 11:57 266752 ——— C:\WINDOWS\system32\iertutil.dll
    2006-10-17 11:56 45568 –a—— C:\WINDOWS\system32\mshta.exe
    2006-10-17 11:28 48128 –a—— C:\WINDOWS\system32\mshtmler.dll
    2006-10-17 11:27 380928 ——— C:\WINDOWS\system32\ieapfltr.dll
    2006-10-13 13:41 144384 –a—— C:\WINDOWS\system32
    wprovau.dll
    2006-10-11 17:26 58880 –a—— C:\WINDOWS\system32\pnrpnsp.dll
    2006-10-11 17:26 553984 –a—— C:\WINDOWS\system32\p2psvc.dll
    2006-10-11 17:26 313344 –a—— C:\WINDOWS\system32\p2pgraph.dll
    2006-10-11 17:26 153088 –a—— C:\WINDOWS\system32\p2p.dll
    2006-10-11 17:26 116224 –a—— C:\WINDOWS\system32\p2pnetsh.dll
    2006-10-11 17:26 104960 –a—— C:\WINDOWS\system32\p2pgasvc.dll


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""
    "BitTorrent"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" –force_start_minimized"
    "TheFour"="C:\\DOCUME~1\\Katrien\\APPLIC~1\\FORKGL~1\\Tons stop memo.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "preload"="C:\\Windows\\RUNXMLPL.exe"
    "IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
    "MSPY2002"="C:\\WINDOWS\\system32\\IME\\PINTLGNT\\ImScInst.exe /SYNC"
    "PHIME2002ASync"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
    "PHIME2002A"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
    "igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe"
    "igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe"
    "igfxpers"="C:\\WINDOWS\\system32\\igfxpers.exe"
    "SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
    "SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
    "SoundMan"="SOUNDMAN.EXE"
    "PCMService"="\"C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe\""
    "LaunchAp"="\"C:\\Program Files\\Launch Manager\\LaunchAp.exe\""
    "LManager"="\"C:\\Program Files\\Launch Manager\\HotkeyApp.exe\""
    "CtrlVol"="\"C:\\Program Files\\Launch Manager\\CtrlVol.exe\""
    "LMgrOSD"="\"C:\\Program Files\\Launch Manager\\OSDCtrl.exe\""
    "Wbutton"="\"C:\\Program Files\\Launch Manager\\Wbutton.exe\""
    "EPM-DM"="c:\\acer\\Empowering Technology\\ePower\\epm-dm.exe"
    "Acer ePower Management"="C:\\Acer\\Empowering Technology\\ePower\\Acer ePower Management.exe boot"
    "eRecoveryService"="C:\\Acer\\Empowering Technology\\eRecovery\\Monitor.exe"
    "ADMTray.exe"="\"C:\\Acer\\Empowering Technology\\admtray.exe\""
    "eDataSecurity Loader"="C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSloader.exe"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
    "ScanRegistry"="C:\\W"
    "Lexmark X1100 Series"="\"C:\\Program Files\\Lexmark X1100 Series\\lxbkbmgr.exe\""
    "NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
    "Delete copy loud bore"="C:\\Documents and Settings\\All Users\\Application Data\\peak stop delete copy\\globalthe.exe"
    "BDMCon"="\"C:\\Program Files\\Softwin\\BitDefender10\\bdmcon.exe\"
    eg"
    "BDAgent"="\"C:\\Program Files\\Softwin\\BitDefender10\\bdagent.exe\""

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    @=""
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    @=""
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    @=""
    "Installed"="1"

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000001
    "GeneralFlags"=dword:00000001

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Mijn huidige introductiepagina"
    "Flags"=dword:00000002
    "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,b2,02,00,00,00,\
    00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
    "CurrentState"=hex:04,00,00,40
    "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
    ff,ff,04,00,00,00
    "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
    00,00,01,00,00,00

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
    "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui"
    "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
    "{51C55F9E-C308-4c95-89AB-8858D8AFD819}"="ParetoLogic Anti-Spyware"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
    "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


    Contents of the 'Scheduled Tasks' folder
    C:\WINDOWS\tasks\AF8DA19691E253B6.job

    Completion time: 07-01-05 15:52:03.28
    C:\ComboFix.txt … 07-01-05 15:52
    [/code:1:d9f7343c42]

    Nou dit ware ze dus alle twee..
    Grtz




  • nou speedy,

    Fix deze regel met HJT,

    O4 - HKLM\..\Run: [Delete copy loud bore] C:\Documents and Settings\All Users\Application Data\peak stop delete copy\globalthe.exe

    Start verkenner en verwijder deze map
    C:\Documents and Settings\All Users\Application Data\[b:29b44f6a2a]peak[/b:29b44f6a2a]


    Open Kladblok, en kopieer en plak de vetgedrukte tekst in een leeg venster : [b:29b44f6a2a]
    @echo off
    attrib -h %windir%\tasks\*.job
    echo Lop Jobs deleted >logit.txt
    dir /B "%windir%\tasks\????????9???????.job" >>logit.txt
    del "%windir%\tasks\????????9???????.job"
    dir /B "%windir%\tasks\????????8???????.job" >>logit.txt
    del "%windir%\tasks\????????8???????.job"
    cls
    exit[/b:29b44f6a2a]

    Ga naar Bestand > Opslaan als, en sla het op met als naam fix.bat op je Bureaublad,
    type: "alle typen", en klik op OK

    Sluit Kladblok, ga naar je Bureaublad en dubbelklik op fix.bat
    Op je Bureaublad verschijnt een tekstbestandje (logit.txt)
    Post de inhoud daarvan straks hier.
  • Lop Jobs deleted
    AF8DA19691E253B6.job

    Heb veilige modus moeten opstarten net als Moist.Sun-Tzu om die map te verwijderen , voor de rest geen probleempjes gehad..
    Hopelijk is t nu van de baan…
    Bedankt!!
  • plaats nog even een nieuw HJT logje ter controle aub.
  • HJT:[code:1:7ae6dc8a2a]Logfile of HijackThis v1.99.1
    Scan saved at 19:51:01, on 5-1-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Acer\Empowering Technology\admServ.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Acer\Acer Arcade\PCMService.exe
    C:\Program Files\Launch Manager\LaunchAp.exe
    C:\Program Files\Launch Manager\HotkeyApp.exe
    C:\Program Files\Launch Manager\OSDCtrl.exe
    C:\Program Files\Launch Manager\Wbutton.exe
    C:\acer\Empowering Technology\ePower\epm-dm.exe
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\Program Files\Softwin\BitDefender10\bdmcon.exe
    C:\Program Files\Softwin\BitDefender10\bdagent.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Softwin\BitDefender10\vsserv.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Katrien\Bureaublad\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
    O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
    O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
    O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
    O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
    O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [ScanRegistry] C:\W
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe"
    eg
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" –force_start_minimized
    O4 - HKCU\..\Run: [TheFour] C:\DOCUME~1\Katrien\APPLIC~1\FORKGL~1\Tons stop memo.exe
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: PowerReg Scheduler V3.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

    [/code:1:7ae6dc8a2a]

    Kzie et ni dus t is wss gelukt..
    Merci!!
  • Heb je nog klachten??
  • Neen, tot nu toe is alles dik in orde, nog altyd geen popup gehad..
    Egt bedankt!!
  • mooi zo.
  • Hallo,

    Ik heb hetzelfdeprobleem met mijn pc.
    Ik zie iedereen steeds die 2 log's plaatsen, is er nog geen handigere manier om dit weer ongedaan te krijgen? Kanme voorstellen dat jullie die ook vervelend vinden om steeds te moeten uitzoeken….

    Hier in ieder geval de 2 log's:

    [b:7cce03da09]HJT[/b:7cce03da09]
    [quote:7cce03da09]Logfile of HijackThis v1.99.1
    Scan saved at 18:21:08, on 8-1-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    D:\Program Files\Nero 7\InCD\InCDsrv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton AntiVirus
    avapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\Cyberlink\Shared files\RichVideo.exe
    d:\Program Files\Photodex\CompuPicPro\ScsiAccess.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    D:\Program Files\Nero 7\InCD\InCD.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    D:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    D:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Documents and Settings\Arjen L\Bureaublad\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nu.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] D:\Program Files\Nero 7\InCD\InCD.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [RemoteControl] "d:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [LanguageShortcut] "d:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [AdminRoadTickIdol] C:\Documents and Settings\All Users\Application Data\mix each admin road\corn boob.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] d:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [BOOBGPL] C:\DOCUME~1\ARJENL~1\APPLIC~1\SECOND~1\LoveBatReadme.exe
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components
    l-nl\msntabres.dll.mui/229?f5743e2693774bcea6548b77b88dd7e8
    O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components
    l-nl\msntabres.dll.mui/230?f5743e2693774bcea6548b77b88dd7e8
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1157313868406
    O18 - Protocol: bw+0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero 7\InCD\InCDsrv.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
    avapsvc.exe
    O23 - Service: NBService - Nero AG - D:\Program Files\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScsiAccess - Unknown owner - d:\Program Files\Photodex\CompuPicPro\ScsiAccess.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    [/quote:7cce03da09]

    En dan [b:7cce03da09]Combofix[/b:7cce03da09]:
    [quote:7cce03da09]Arjen L - 07-01-08 18:14:18,31 Service Pack 2
    ComboFix 06.11.27 - Running from: "C:\Documents and Settings\Arjen L\Bureaublad"

    ((((((((((((((((((((((((((((((( Files Created from 2006-12-08 to 2007-01-08 ))))))))))))))))))))))))))))))))))


    2007-01-07 21:19 <DIR> d——– C:\Documents and Settings\Arjen L\Application Data\SecondFreeAim
    2007-01-07 11:09 <DIR> d——– C:\Program Files\SecondFreeAim
    2007-01-07 11:09 <DIR> d——– C:\Documents and Settings\All Users\Application Data\mix each admin road
    2007-01-05 00:52 <DIR> d——– C:\WINDOWS\WBEM
    2007-01-05 00:52 <DIR> d——– C:\WINDOWS\system32
    l-nl
    2007-01-05 00:51 <DIR> d–h-c— C:\WINDOWS\ie7
    2007-01-05 00:50 121,856 ——— C:\WINDOWS\system32\xmllite.dll
    2007-01-05 00:49 <DIR> d——– C:\WINDOWS
    etwork diagnostic
    2006-12-27 17:16 <DIR> d——– C:\Program Files\Common Files\PCSuite
    2006-12-27 17:16 <DIR> d——– C:\Program Files\Common Files\Nokia
    2006-12-27 17:14 <DIR> d–hs—- C:\Config.Msi
    2006-12-27 17:14 <DIR> d——– C:\Program Files\PC Connectivity Solution
    2006-12-27 17:12 9,216 –a—— C:\WINDOWS\system32\drivers
    mwcdc.sys
    2006-12-27 17:12 4,608 –a—— C:\WINDOWS\system32
    mwcdlog.dll
    2006-12-27 17:12 30,720 –a—— C:\WINDOWS\system32
    mwcdcocls.dll
    2006-12-27 17:12 138,240 –a—— C:\WINDOWS\system32\drivers
    mwcd.sys
    2006-12-27 17:12 12,800 –a—— C:\WINDOWS\system32\drivers
    mwcdcm.sys
    2006-12-27 17:12 <DIR> d——– C:\Program Files\Nokia
    2006-12-13 15:56 <DIR> d——– C:\Program Files\Common Files\Avery


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2007-01-05 00:57 ——– d——– C:\Program Files\Internet Explorer
    2006-12-30 19:10 ——– d——– C:\Documents and Settings\Arjen L\Application Data\Vso
    2006-12-29 15:09 12990 –a—— C:\Documents and Settings\Arjen L\Application Data\Microsoft Excel.CAL
    2006-12-27 17:16 ——– d——– C:\Program Files\Common Files
    2006-12-25 12:35 ——– d——– C:\Program Files\Java
    2006-12-22 04:21 48776 –a—— C:\WINDOWS\system32\S32EVNT1.DLL
    2006-12-22 04:21 115000 –a—— C:\WINDOWS\system32\drivers\SYMEVENT.SYS
    2006-12-22 04:21 ——– d——– C:\Program Files\Symantec
    2006-12-19 23:25 ——– d——– C:\Program Files\Common Files\Adobe
    2006-12-19 23:25 ——– d——– C:\Documents and Settings\Arjen L\Application Data\AdobeUM
    2006-12-18 21:44 ——– d——– C:\Program Files\Common Files\Symantec Shared
    2006-12-17 09:44 ——– d——– C:\Documents and Settings\Arjen L\Application Data\BitTorrent
    2006-12-13 16:19 ——– d——– C:\Program Files\Outlook Express
    2006-12-13 16:19 ——– d——– C:\Program Files\Common Files\System
    2006-12-13 16:12 ——– d—s—- C:\Documents and Settings\Arjen L\Application Data\Microsoft
    2006-12-13 14:05 ——– d——– C:\Documents and Settings\Arjen L\Application Data\Macromedia
    2006-12-12 16:34 ——– d–h—– C:\Program Files\InstallShield Installation Information
    2006-12-07 17:19 ——– d——– C:\Documents and Settings\Arjen L\Application Data\ATI
    2006-12-07 17:15 ——– d——– C:\Program Files\ATI Technologies
    2006-12-06 22:03 32768 –a—— C:\WINDOWS\vtrdrv.exe
    2006-12-06 04:49 ——– d——– C:\Program Files\Windows Media Player
    2006-12-06 04:49 ——– d——– C:\Program Files\Windows Media Connect 2
    2006-11-27 09:45 60416 ——— C:\WINDOWS\system32\tzchange.exe
    2006-11-23 20:22 ——– d——– C:\Program Files\MSN Messenger
    2006-11-17 16:54 ——– d——– C:\Program Files\Norton AntiVirus
    2006-11-15 10:57 ——– d——– C:\Program Files\MSXML 4.0
    2006-11-12 16:18 ——– d——– C:\Documents and Settings\Arjen L\Application Data\Apple Computer
    2006-11-11 20:38 ——– d——– C:\Program Files\iTunes
    2006-11-11 20:38 ——– d——– C:\Program Files\iPod
    2006-11-11 20:37 ——– d——– C:\Program Files\QuickTime
    2006-11-11 17:22 ——– d——– C:\Program Files\Adobe
    2006-11-11 17:22 ——– d——– C:\Documents and Settings\Arjen L\Application Data\Adobe
    2006-11-11 17:11 ——– d——– C:\Documents and Settings\Arjen L\Application Data\CyberLink
    2006-11-11 17:10 ——– d——– C:\Program Files\Cyberlink
    2006-11-08 06:07 679424 –a—— C:\WINDOWS\system32\inetcomm.dll
    2006-11-07 21:03 6049280 ——— C:\WINDOWS\system32\ieframe.dll
    2006-11-07 21:03 50688 ——— C:\WINDOWS\system32\msfeedsbs.dll
    2006-11-07 21:03 458752 ——— C:\WINDOWS\system32\msfeeds.dll
    2006-11-07 21:03 413696 –a—— C:\WINDOWS\system32\vbscript.dll
    2006-11-07 21:03 231424 –a—— C:\WINDOWS\system32\webcheck.dll
    2006-11-07 21:03 180736 ——— C:\WINDOWS\system32\ieui.dll
    2006-11-07 21:03 156160 –a—— C:\WINDOWS\system32\msls31.dll
    2006-11-07 03:27 382976 –a—— C:\WINDOWS\system32\iedkcs32.dll
    2006-11-07 03:27 229376 –a—— C:\WINDOWS\system32\ieaksie.dll
    2006-11-07 03:26 71680 –a—— C:\WINDOWS\system32\admparse.dll
    2006-11-07 03:26 55296 –a—— C:\WINDOWS\system32\iesetup.dll
    2006-11-07 03:26 54784 –a—— C:\WINDOWS\system32\ie4uinit.exe
    2006-11-07 03:26 43008 –a—— C:\WINDOWS\system32\iernonce.dll
    2006-11-07 03:26 152064 –a—— C:\WINDOWS\system32\ieakeng.dll
    2006-11-07 03:26 13312 –a—— C:\WINDOWS\system32\ieudinit.exe
    2006-11-07 03:26 123904 –a—— C:\WINDOWS\system32\advpack.dll
    2006-11-07 03:25 161792 –a—— C:\WINDOWS\system32\ieakui.dll
    2006-11-06 11:35 531568 –a—— C:\WINDOWS\system32\RmActivate_isv.exe
    2006-11-06 11:35 523376 –a—— C:\WINDOWS\system32\RmActivate.exe
    2006-11-06 11:35 519280 –a—— C:\WINDOWS\system32\SecProc_isv.dll
    2006-11-06 11:35 518768 –a—— C:\WINDOWS\system32\SecProc.dll
    2006-11-06 11:35 358000 –a—— C:\WINDOWS\system32\RmActivate_ssp.exe
    2006-11-06 11:35 354416 –a—— C:\WINDOWS\system32\RmActivate_ssp_isv.exe
    2006-11-06 11:35 323696 –a—— C:\WINDOWS\system32\msdrm.dll
    2006-11-06 11:35 192624 –a—— C:\WINDOWS\system32\SecProc_ssp_isv.dll
    2006-11-06 11:35 192624 –a—— C:\WINDOWS\system32\SecProc_ssp.dll
    2006-11-04 14:14 1245696 –a—— C:\WINDOWS\system32\msxml4.dll
    2006-11-02 23:35 8271872 –a—— C:\WINDOWS\system32\wmploc.dll
    2006-11-02 22:53 99840 –a—— C:\WINDOWS\system32\wmpshell.dll
    2006-11-02 22:52 257536 –a—— C:\WINDOWS\system32\wmerror.dll
    2006-11-02 22:50 7680 –a—— C:\WINDOWS\system32\asferror.dll
    2006-11-02 11:52 42496 ——— C:\WINDOWS\system32\wpdshextres.dll
    2006-11-01 17:52 81920 –a—— C:\Documents and Settings\Arjen L\Application Data\ezpinst.exe
    2006-11-01 17:52 7176 –a—— C:\Documents and Settings\Arjen L\Application Data\pcouffin.cat
    2006-11-01 17:52 47360 –a—— C:\Documents and Settings\Arjen L\Application Data\pcouffin.sys
    2006-11-01 17:52 34 –a—— C:\Documents and Settings\Arjen L\Application Data\pcouffin.log
    2006-11-01 17:52 1144 –a—— C:\Documents and Settings\Arjen L\Application Data\pcouffin.inf
    2006-10-26 11:06 13029 –a—— C:\Documents and Settings\Arjen L\Application Data\Door lijstscheidingstekens gescheiden waarden (Windows).CAL
    2006-10-23 10:19 51060 –a—— C:\WINDOWS\system32\pdf995mon.dll
    2006-10-23 10:19 118784 –a—— C:\WINDOWS\system32\pdfmona.dll
    2006-10-20 02:39 714752 –a—— C:\WINDOWS\system32\sxs.dll
    2006-10-19 20:38 831048 –a—— C:\WINDOWS\system32\WudfUpdate_01005.dll
    2006-10-19 19:59 33977 –a—— C:\Documents and Settings\Arjen L\Application Data\PatchUpdate_HP_CounterReport_Update_HPSU.log
    2006-10-19 19:58 2128 –a—— C:\Documents and Settings\Arjen L\Application Data\HPSU_48BitScanUpdate.log
    2006-10-19 19:57 361 –a—— C:\Documents and Settings\Arjen L\Application Data\HelpFilesUpdatePatch_PRINTHELPWRAPPER.log
    2006-10-19 19:57 2472 –a—— C:\Documents and Settings\Arjen L\Application Data\PatchUpdate_HP_ISRegionListUpdatelog_HPSU.log
    2006-10-19 19:57 0 –a—— C:\Documents and Settings\Arjen L\Application Data\HelpFilesUpdatePatch_HELPFILEREPLACE.log
    2006-10-19 19:54 3704 –a—— C:\Documents and Settings\Arjen L\Application Data\PatchUpdate_IZClosingDiscError.log
    2006-10-19 19:54 2896 –a—— C:\Documents and Settings\Arjen L\Application Data\PatchUpdate_InstantShareJPG.log
    2006-10-19 19:53 84698 –a—— C:\Documents and Settings\Arjen L\Application Data\Update_HP_RedboxHprblog_HPSU.log
    2006-10-19 19:50 139264 –a—— C:\WINDOWS\system32\hpzjrd01.dll
    2006-10-18 21:58 8704 –a—— C:\WINDOWS\system32\wdfmgr.exe
    2006-10-18 21:58 8704 –a—— C:\WINDOWS\system32\uwdf.exe
    2006-10-18 21:47 991744 –a—— C:\WINDOWS\system32\drmv2clt.dll
    2006-10-18 21:47 937984 –a—— C:\WINDOWS\system32\WMNetMgr.dll
    2006-10-18 21:47 767488 ——— C:\WINDOWS\system32\WMVSENCD.dll
    2006-10-18 21:47 757248 –a—— C:\WINDOWS\system32\WMADMOD.dll
    2006-10-18 21:47 656896 ——— C:\WINDOWS\system32\WMVXENCD.dll
    2006-10-18 21:47 63488 –a—— C:\WINDOWS\system32\wpdmtpus.dll
    2006-10-18 21:47 629760 –a—— C:\WINDOWS\system32\wpd_ci.dll
    2006-10-18 21:47 613376 ——— C:\WINDOWS\system32\wmpmde.dll
    2006-10-18 21:47 603648 –a—— C:\WINDOWS\system32\WMSPDMOD.dll
    2006-10-18 21:47 542720 –a—— C:\WINDOWS\system32\blackbox.dll
    2006-10-18 21:47 535040 ——— C:\WINDOWS\system32\wmdrmsdk.dll
    2006-10-18 21:47 429056 –a—— C:\WINDOWS\system32\wmdrmdev.dll
    2006-10-18 21:47 414208 –a—— C:\WINDOWS\system32\msscp.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmvdmoe2.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmvdmod.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\WMVADVE.DLL
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\WMVADVD.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmsdmoe2.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmsdmod.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wdfapi.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\MPG4DMOD.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\MP4SDMOD.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\MP43DMOD.dll
    2006-10-18 21:47 37376 –a—— C:\WINDOWS\system32\wmdmps.dll
    2006-10-18 21:47 35840 –a—— C:\WINDOWS\system32\wpdconns.dll
    2006-10-18 21:47 356352 –a—— C:\WINDOWS\system32\wpdsp.dll
    2006-10-18 21:47 348672 –a—— C:\WINDOWS\system32\wmdrmnet.dll
    2006-10-18 21:47 33792 –a—— C:\WINDOWS\system32\wmdmlog.dll
    2006-10-18 21:47 321536 –a—— C:\WINDOWS\system32\mswmdm.dll
    2006-10-18 21:47 317440 ——— C:\WINDOWS\system32\MP4SDECD.dll
    2006-10-18 21:47 314880 –a—— C:\WINDOWS\system32\wmpdxm.dll
    2006-10-18 21:47 295936 ——— C:\WINDOWS\system32\wmpeffects.dll
    2006-10-18 21:47 284160 ——— C:\WINDOWS\system32\PortableDeviceApi.dll
    2006-10-18 21:47 276992 –a—— C:\WINDOWS\system32\audiodev.dll
    2006-10-18 21:47 27136 –a—— C:\WINDOWS\system32\mspmsnsv.dll
    2006-10-18 21:47 2603008 ——— C:\WINDOWS\system32\WpdShext.dll
    2006-10-18 21:47 259072 ——— C:\WINDOWS\system32\MPG4DECD.dll
    2006-10-18 21:47 259072 ——— C:\WINDOWS\system32\MP43DECD.dll
    2006-10-18 21:47 2450944 –a—— C:\WINDOWS\system32\wmvcore.dll
    2006-10-18 21:47 242688 –a—— C:\WINDOWS\system32\wmpasf.dll
    2006-10-18 21:47 229376 –a—— C:\WINDOWS\system32\cewmdm.dll
    2006-10-18 21:47 222208 –a—— C:\WINDOWS\system32\WMASF.dll
    2006-10-18 21:47 212992 ——— C:\WINDOWS\system32\MFPLAT.dll
    2006-10-18 21:47 211456 –a—— C:\WINDOWS\system32\qasf.dll
    2006-10-18 21:47 204288 –a—— C:\WINDOWS\system32\wmpsrcwp.dll
    2006-10-18 21:47 199168 ——— C:\WINDOWS\system32\PortableDeviceWMDRM.dll
    2006-10-18 21:47 179712 –a—— C:\WINDOWS\system32\msnetobj.dll
    2006-10-18 21:47 175616 –a—— C:\WINDOWS\system32\mspmsp.dll
    2006-10-18 21:47 166912 ——— C:\WINDOWS\system32\PortableDeviceTypes.dll
    2006-10-18 21:47 1661440 –a—— C:\WINDOWS\system32\wmpencen.dll
    2006-10-18 21:47 1574912 ——— C:\WINDOWS\system32\WMVENCOD.dll
    2006-10-18 21:47 157184 –a—— C:\WINDOWS\system32\wmidx.dll
    2006-10-18 21:47 154624 –a—— C:\WINDOWS\system32\wpdmtp.dll
    2006-10-18 21:47 1543680 ——— C:\WINDOWS\system32\WMVDECOD.dll
    2006-10-18 21:47 1382912 ——— C:\WINDOWS\system32\WMVSDECD.dll
    2006-10-18 21:47 133632 ——— C:\WINDOWS\system32\WPDShServiceObj.dll
    2006-10-18 21:47 1329152 –a—— C:\WINDOWS\system32\WMSPDMOE.dll
    2006-10-18 21:47 132096 ——— C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
    2006-10-18 21:47 130048 ——— C:\WINDOWS\system32\wmpps.dll
    2006-10-18 21:47 11264 –a—— C:\WINDOWS\system32\LAPRXY.dll
    2006-10-18 21:47 1117696 –a—— C:\WINDOWS\system32\WMADMOE.dll
    2006-10-18 21:47 101888 ——— C:\WINDOWS\system32\PortableDeviceClassExtension.dll
    2006-10-18 20:03 100864 –a—— C:\WINDOWS\system32\logagent.exe
    2006-10-18 20:00 249856 ——— C:\WINDOWS\system32\drmupgds.exe
    2006-10-18 20:00 17408 ——— C:\WINDOWS\system32\wpdshextautoplay.exe
    2006-10-17 12:06 78336 –a—— C:\WINDOWS\system32\ieencode.dll
    2006-10-17 12:05 40960 –a—— C:\WINDOWS\system32\licmgr10.dll
    2006-10-17 12:05 206336 ——— C:\WINDOWS\system32\WinFXDocObj.exe
    2006-10-17 12:05 105984 –a—— C:\WINDOWS\system32\url.dll
    2006-10-17 12:04 101376 –a—— C:\WINDOWS\system32\occache.dll
    2006-10-17 12:03 17408 –a—— C:\WINDOWS\system32\corpol.dll
    2006-10-17 11:58 61952 ——— C:\WINDOWS\system32\icardie.dll
    2006-10-17 11:58 12288 ——— C:\WINDOWS\system32\msfeedssync.exe
    2006-10-17 11:57 36352 –a—— C:\WINDOWS\system32\imgutil.dll
    2006-10-17 11:57 266752 ——— C:\WINDOWS\system32\iertutil.dll
    2006-10-17 11:56 45568 –a—— C:\WINDOWS\system32\mshta.exe
    2006-10-17 11:28 48128 –a—— C:\WINDOWS\system32\mshtmler.dll
    2006-10-17 11:27 380928 ——— C:\WINDOWS\system32\ieapfltr.dll
    2006-10-13 13:41 144384 –a—— C:\WINDOWS\system32
    wprovau.dll
    2006-10-12 02:47 307200 –a—— C:\WINDOWS\system32\atiiiexx.dll
    2006-10-12 02:44 260608 –a—— C:\WINDOWS\system32\ati2dvag.dll
    2006-10-12 02:38 90112 –a—— C:\WINDOWS\system32\ati2evxx.dll
    2006-10-12 02:38 41984 –a—— C:\WINDOWS\system32\ati2edxx.dll
    2006-10-12 02:38 26112 –a—— C:\WINDOWS\system32\Ati2mdxx.exe
    2006-10-12 02:38 118784 –a—— C:\WINDOWS\system32\atipdlxx.dll
    2006-10-12 02:38 106496 –a—— C:\WINDOWS\system32\Oemdspif.dll
    2006-10-12 02:37 430080 –a—— C:\WINDOWS\system32\ati2evxx.exe
    2006-10-12 02:36 53248 –a—— C:\WINDOWS\system32\ATIDDC.DLL
    2006-10-12 02:31 2518336 –a—— C:\WINDOWS\system32\ati3duag.dll
    2006-10-12 02:26 1092960 –a—— C:\WINDOWS\system32\ativvaxx.dll
    2006-10-12 02:22 6684672 –a—— C:\WINDOWS\system32\atioglx1.dll
    2006-10-12 02:22 303104 –a—— C:\WINDOWS\system32\ATIDEMGR.dll
    2006-10-12 02:20 5148672 –a—— C:\WINDOWS\system32\atioglxx.dll
    2006-10-12 02:15 221184 –a—— C:\WINDOWS\system32\atikvmag.dll
    2006-10-12 02:14 17408 –a—— C:\WINDOWS\system32\atitvo32.dll
    2006-10-12 02:10 294912 –a—— C:\WINDOWS\system32\ati2cqag.dll
    2006-10-11 21:05 520192 ——— C:\WINDOWS\system32\ati2sgag.exe
    2006-10-11 17:26 58880 –a—— C:\WINDOWS\system32\pnrpnsp.dll
    2006-10-11 17:26 553984 –a—— C:\WINDOWS\system32\p2psvc.dll
    2006-10-11 17:26 313344 –a—— C:\WINDOWS\system32\p2pgraph.dll
    2006-10-11 17:26 153088 –a—— C:\WINDOWS\system32\p2p.dll
    2006-10-11 17:26 116224 –a—— C:\WINDOWS\system32\p2pnetsh.dll
    2006-10-11 17:26 104960 –a—— C:\WINDOWS\system32\p2pgasvc.dll
    2006-10-11 15:56 118784 -r——- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
    2006-10-10 08:54 50688 –a—— C:\WINDOWS\system32
    mwcdcls.dll


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
    "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "LDM"="d:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
    "WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"
    "BOOBGPL"="C:\\DOCUME~1\\ARJENL~1\\APPLIC~1\\SECOND~1\\LoveBatReadme.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "SoundMAXPnP"="C:\\Program Files\\Analog Devices\\SoundMAX\\SMax4PNP.exe"
    "SoundMAX"="\"C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe\" /tray"
    "ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
    "Logitech Utility"="Logi_MwX.Exe"
    "zBrowser Launcher"="C:\\Program Files\\Logitech\\iTouch\\iTouch.exe"
    "HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb04.exe"
    "NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
    "InCD"="D:\\Program Files\\Nero 7\\InCD\\InCD.exe"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
    "Adobe Photo Downloader"="\"D:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
    "HP Software Update"="D:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
    "RemoteControl"="\"d:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
    "LanguageShortcut"="\"d:\\Program Files\\CyberLink\\PowerDVD\\Language\\Language.exe\""
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
    "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""
    "PCSuiteTrayApplication"="D:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -startup"
    "AdminRoadTickIdol"="C:\\Documents and Settings\\All Users\\Application Data\\mix each admin road\\corn boob.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000001
    "GeneralFlags"=dword:00000004

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
    "PcSync"="D:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
    "PcSync"="D:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
    "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui"
    "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
    "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


    Contents of the 'Scheduled Tasks' folder
    C:\WINDOWS\tasks\81405E019DFFDA79.job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\Controleren op updates voor Windows Live Toolbar.job
    C:\WINDOWS\tasks\HPpromotions journeysoftware.job
    C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Arjen L.job
    C:\WINDOWS\tasks\XoftSpySE.job

    Completion time: 07-01-08 18:16:29.00
    C:\ComboFix.txt … 07-01-08 18:16
    [/quote:7cce03da09]

    Alvast bedankt!

    Arjen












Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.