Nieuwe poging ,


1 )
Uninstal HITMANPRO met alle componenten aub.

2 )

Download [b:4adbfe65d1] naar je Bureaublad:[list:4adbfe65d1][*:4adbfe65d1]Dubbelklik [b:4adbfe65d1]drweb-cureit.exe[/b:4adbfe65d1] Klik op udate
[*:4adbfe65d1]Na de update verschijnt er een nieuw icoontje op je buroblad "CureIt.exe" dubbelklik het en klik op Scan, sta het toe om de express scan te starten.
[*:4adbfe65d1]Dit zal de bestanden scannen die momenteel in het geheugen geladen zijn en wanneer er iets gevonden wordt,
klik de [b:4adbfe65d1]Yes to all[/b:4adbfe65d1] knop bij de vraag 'cure it?'. Dit is enkel een korte scan.
[*:4adbfe65d1]Eenmaal de korte scan is beëindigd, kan je de drives selecteren die je wilt laten scannen.
[*:4adbfe65d1]Selecteer hier [b:4adbfe65d1]alle drives[/b:4adbfe65d1]. Een rood bolletje zal dan tevoorschijn komen op de drives die je laat scannen.
[*:4adbfe65d1]Klik daarna de [b:4adbfe65d1]groene pijl[/b:4adbfe65d1] rechts om de scan te starten.
[*:4adbfe65d1]Klik [b:4adbfe65d1]Yes to all[/b:4adbfe65d1] wanneer er gevraagd wordt om cure of move uit te voeren.
[*:4adbfe65d1]Wanneer de scan beëindigd is, kijk of je kunt op het icoontje naast de gevonden bestanden klikken: [img:4adbfe65d1]http://users.telenet.be/bluepatchy/miekiemoes/images/check.gif[/img:4adbfe65d1]
[*:4adbfe65d1]Indien ja,klik er op en klik vervolgens op het icoontje er juist onder en selecteer [b:4adbfe65d1]Move incurable[/b:4adbfe65d1] zoals je hier ziet:
[img:4adbfe65d1]http://users.telenet.be/bluepatchy/miekiemoes/images/move.gif[/img:4adbfe65d1]
Dit verplaatst gevonden bestanden naar de "%userprofile%\DoctorWeb\quarantaine-map" indien herstel niet mogelijk is.
[*:4adbfe65d1]Nadat de scan gedaan is, in het menu bovenaan, klik [b:4adbfe65d1]File[/b:4adbfe65d1] en kies [b:4adbfe65d1]Save report List[/b:4adbfe65d1]. Bewaar het op je Bureaublad.
[*:4adbfe65d1]Sluit daarna Dr.Web Cureit.
[*:4adbfe65d1][b:4adbfe65d1]Herstart[/b:4adbfe65d1] je computer!! [i:4adbfe65d1]Belangrijke stap, want het kan zijn dat Dr.Web Cureit bestanden zal verplaatsen/verwijderen tijdens herstart[/i:4adbfe65d1].
[*:4adbfe65d1]Na het herstarten, [b:4adbfe65d1]kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post[/b:4adbfe65d1].
[/list:u:4adbfe65d1]

Negeer popups over Buy of 50% korting
Installeer hijackthis.exe bijv. in C:\Program Files\[b:4adbfe65d1]Hijackthis[/b:4adbfe65d1]
Dit in verband met de backups die dit programma maakt. <<<<<<<<<<<< belangrijk

3 )
Start HJT opnieuw op en doe weer een systemscan only, vink onderstaande regel aan sluit alle vensters behalve HJT en klik op fix checked.


[b:4adbfe65d1]O4 - HKCU\..\Run: [CSIM] C:\PROGRA~1\CSIM\aim.exe -cnetwait.odl[/b:4adbfe65d1]




4 )
Download [b:4adbfe65d1] naar je bureaublad.[list:4adbfe65d1]

[*:4adbfe65d1]Sluit alle vensters voordat je verdergaat
[*:4adbfe65d1]Dubbelklik [b:4adbfe65d1]Look2Me-Destroyer.exe[/b:4adbfe65d1]
*Je krijgt het volgende bericht: [i:4adbfe65d1]Look2Me-Destroyer will close and re-open in approximately 10 seconds[/i:4adbfe65d1]. Klik “OK”
[*:4adbfe65d1]Als Look2Me-Destroyer opent, klik de [b:4adbfe65d1]Scan for L2M button[/b:4adbfe65d1], je bureaubladiconen zullen verdwijnen, dat is normaal.
[*:4adbfe65d1]Als het scannen is afgelopen klik [b:4adbfe65d1]Remove L2M button[/b:4adbfe65d1]
[*:4adbfe65d1]Je krijgt een bericht [b:4adbfe65d1]Done Scanning message[/b:4adbfe65d1], klik “OK”
[*:4adbfe65d1]Als alles klaar is verschijnt een bericht :[i:4adbfe65d1] Done removing infected files! Look2Me-Destroyer will now shutdown your computer[/i:4adbfe65d1], klik “OK”
[*:4adbfe65d1]De computer zal nu afsluiten
[*:4adbfe65d1]Start je computer opnieuw
[*:4adbfe65d1]Kopieer de inhoud van [b:4adbfe65d1]C:\Look2Me-Destroyer.txt[/b:4adbfe65d1] and maak een nieuw HJT logje. [/list:u:4adbfe65d1]

Run combofix nogmaals.

plaats een nieuw HJT logje aub

[b:319b6e0d96]Dr.Web Cureit[/b:319b6e0d96]
A0070563.exe;C:\System Volume Information\_restore{37828249-A19A-4AC4-880E-638E698D0AF1}\RP42;Adware.SafeSearch;Incurable.Moved.;
A0070564.exe;C:\System Volume Information\_restore{37828249-A19A-4AC4-880E-638E698D0AF1}\RP42;Adware.SafeSearch;Incurable.Moved.;

[b:319b6e0d96]Look2Me-Destroyer[/b:319b6e0d96]

Look2Me-Destroyer V1.0.12

Scanning for infected files…..
Scan started at 17-1-2007 16:01:16


Attempting to delete infected files…

Making registry repairs.


Restoring Windows certificates.

Replaced hosts file with default windows hosts file


Restoring SeDebugPrivilege for Administrators - Succeeded

[b:319b6e0d96]ComboFix[/b:319b6e0d96]
"Timo Dubbeldam" - 07-01-17 16:08:50 Service Pack 2
ComboFix 07-01-16.2 - Running from: "C:\Documents and Settings\Timo Dubbeldam\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-12-17 to 2007-01-17 ))))))))))))))))))))))))))))))))))


2007-01-17 15:59 <DIR> d——– C:\Program Files\backups
2007-01-17 15:58 218,112 –a—— C:\Program Files\HijackThis.exe
2007-01-17 15:11 <DIR> d——– C:\DOCUME~1\TIMODU~1\DoctorWeb
2007-01-16 20:01 <DIR> d——– C:\Program Files\MSN Messenger
2007-01-16 19:33 <DIR> d——– C:\Program Files\Common Files\Java
2007-01-16 16:37 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Lavasoft
2007-01-16 16:25 <DIR> d-a—— C:\DOCUME~1\ALLUSE~1\Application Data\TEMP
2007-01-16 16:23 <DIR> d——– C:\DOCUME~1\LOCALS~1\Application Data\Webroot
2007-01-16 16:22 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy
2007-01-16 16:21 118,784 –a—— C:\WINDOWS\system32\MSSTDFMT.DLL
2007-01-16 16:10 <DIR> d——– C:\WINDOWS\system32\GroupPolicy
2007-01-16 16:09 <DIR> d——– C:\Program Files\Hitman Pro
2007-01-16 15:27 <DIR> d——– C:\Program Files\CCleaner
2007-01-14 17:16 <DIR> d——– C:\Program Files\Uniblue
2007-01-14 17:16 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Uniblue
2007-01-14 17:09 45,321 –a—— C:\WINDOWS\system32\CAUnst.exe
2007-01-14 17:09 36,864 –a—— C:\WINDOWS\system32\wbhlkwjx.exe
2007-01-14 17:04 <DIR> d——– C:\WINDOWS\system32\appmgmt
2007-01-14 15:47 76,560 –a—— C:\WINDOWS\system32\drivers\tmcomm.sys
2007-01-14 15:46 <DIR> d——– C:\DOCUME~1\TIMODU~1\.housecall6.6
2007-01-14 00:06 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Nokia
2007-01-14 00:06 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\PC Suite
2007-01-14 00:05 50,688 –a—— C:\WINDOWS\system32\nmwcdcls.dll
2007-01-14 00:05 <DIR> d——– C:\Program Files\PC Connectivity Solution
2007-01-14 00:05 <DIR> d——– C:\Program Files\Nokia
2007-01-14 00:05 <DIR> d——– C:\Program Files\DIFX
2007-01-14 00:05 <DIR> d——– C:\Program Files\Common Files\PCSuite
2007-01-14 00:05 <DIR> d——– C:\Program Files\Common Files\Nokia
2007-01-14 00:05 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\PC Suite
2007-01-13 10:11 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Jasc
2007-01-13 09:01 <DIR> d——– C:\Program Files\Security Task Manager
2007-01-13 09:01 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\SecTaskMan
2007-01-13 09:00 <DIR> d——– C:\WINDOWS\ie7updates
2007-01-12 22:09 <DIR> d——– C:\Program Files\Jasc Software Inc
2007-01-10 16:47 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\RadLight Company
2007-01-10 16:46 <DIR> d——– C:\Program Files\RadLight Company
2007-01-09 19:56 <DIR> d——– C:\DOCUME~1\TIMODU~1\.gimp-2.2
2007-01-08 15:45 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\DivX
2007-01-08 15:44 <DIR> d——– C:\Program Files\DivX
2007-01-05 16:12 4,682 –a—— C:\WINDOWS\system32\npptNT2.sys
2007-01-05 16:05 <DIR> d——– C:\Program Files\NEXON
2007-01-05 13:41 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Adobe
2007-01-05 13:38 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\Adobe
2007-01-05 13:32 <DIR> d——– C:\Program Files\Common Files\Adobe
2007-01-04 10:25 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Apple Computer
2007-01-04 10:21 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\Apple Computer
2007-01-04 10:17 <DIR> d——– C:\Program Files\QuickTime
2007-01-03 23:17 <DIR> d——– C:\WINDOWS\aim95
2007-01-03 23:17 <DIR> d——– C:\Program Files\CSIM
2007-01-03 11:24 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\InterVideo
2007-01-02 19:08 9,600 –a—— C:\WINDOWS\system32\drivers\hidusb.sys
2007-01-02 19:08 12,160 –a—— C:\WINDOWS\system32\drivers\mouhid.sys
2007-01-02 18:48 <DIR> d——– C:\WINDOWS\Sun
2007-01-02 18:48 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Sun
2007-01-02 12:04 <DIR> d——– C:\ATI
2007-01-02 11:43 43,520 –a—— C:\WINDOWS\system32\CmdLineExt03.dll
2007-01-01 17:54 <DIR> d——– C:\Program Files\BitTorrent
2007-01-01 17:54 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\BitTorrent
2007-01-01 03:03 24 –a—— C:\WINDOWS\system32\sysogg.dll
2006-12-30 20:04 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Google
2006-12-30 13:02 233,472 –a—— C:\WINDOWS\system32\lame_enc.dll
2006-12-30 13:02 1,703,936 –a—— C:\WINDOWS\system32\NCTAudioFile.dll
2006-12-30 13:02 <DIR> d——– C:\Program Files\MP3 Converter Simple
2006-12-29 23:54 <DIR> d——– C:\Program Files\Audacity
2006-12-27 21:28 <DIR> d——– C:\WINDOWS\system32\LogFiles
2006-12-26 20:17 <DIR> d——– C:\Program Files\DAEMON Tools
2006-12-26 20:06 639,224 –a—— C:\WINDOWS\system32\drivers\sptd.sys
2006-12-26 15:01 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Mijn Battle for Middle-earth bestanden
2006-12-26 14:50 <DIR> d——– C:\DOCUME~1\LOCALS~1\Application Data\Symantec
2006-12-26 14:47 <DIR> d——– C:\Games
2006-12-26 12:18 <DIR> d——– C:\Program Files\XoftSpySE
2006-12-26 12:01 <DIR> d——– C:\Program Files\Enigma Software Group
2006-12-26 11:49 <DIR> d——– C:\Program Files\SymNetDrv
2006-12-26 11:40 928 –a—— C:\WINDOWS\system32\winpfz32.sys
2006-12-26 11:40 36,864 –a—— C:\WINDOWS\system32\slimusfg.exe
2006-12-26 11:40 24,576 –a—— C:\WINDOWS\system32\msxml3a.dll
2006-12-26 09:49 <DIR> d——– C:\WINDOWS\system32\PreInstall
2006-12-26 04:29 <DIR> d–hs—- C:\System Volume Information
2006-12-26 00:07 <DIR> d——– C:\DOCUME~1\TIMODU~1\Shared
2006-12-26 00:07 <DIR> d——– C:\DOCUME~1\TIMODU~1\Incomplete
2006-12-25 23:37 <DIR> d——– C:\Program Files\LimeWire
2006-12-25 23:36 <DIR> d——– C:\DOCUME~1\TIMODU~1\.limewire
2006-12-25 22:10 <DIR> d——– C:\WINDOWS\WBEM
2006-12-25 22:10 <DIR> d——– C:\WINDOWS\system32\en-US
2006-12-25 22:08 <DIR> d–h-c— C:\WINDOWS\ie7
2006-12-25 22:07 23,856 –a—— C:\WINDOWS\system32\spupdsvc.exe
2006-12-25 22:07 121,856 ——— C:\WINDOWS\system32\xmllite.dll
2006-12-25 22:06 <DIR> d–h—– C:\WINDOWS\$hf_mig$
2006-12-25 22:06 <DIR> d——– C:\WINDOWS\network diagnostic
2006-12-25 21:58 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\Windows Genuine Advantage
2006-12-25 21:54 <DIR> d——– C:\DOCUME~1\TIMODU~1\Contacts
2006-12-25 21:53 3,072 –a—— C:\WINDOWS\system32\drivers\audstub.sys
2006-12-25 21:53 <DIR> d—-c— C:\WINDOWS\system32\DRVSTORE
2006-12-25 21:52 87,424 –a—— C:\WINDOWS\system32\drivers\irda.sys
2006-12-25 21:52 8,192 –a—— C:\WINDOWS\system32\wshirda.dll
2006-12-25 21:52 57,472 –a—— C:\WINDOWS\system32\drivers\redbook.sys
2006-12-25 21:52 46,080 –a—— C:\WINDOWS\system32\drivers\smcirda.sys
2006-12-25 21:52 27,136 –a—— C:\WINDOWS\system32\irmon.dll
2006-12-25 21:52 19,584 –a—— C:\WINDOWS\system32\drivers\rasirda.sys
2006-12-25 21:52 152,576 –a—— C:\WINDOWS\system32\irftp.exe
2006-12-25 21:51 8,832 –a—— C:\WINDOWS\system32\drivers\wmiacpi.sys
2006-12-25 21:51 74,240 –a—— C:\WINDOWS\system32\usbui.dll
2006-12-25 21:51 6,400 –a—— C:\WINDOWS\system32\drivers\enum1394.sys
2006-12-25 21:51 5,504 –a—— C:\WINDOWS\system32\drivers\intelide.sys
2006-12-25 21:50 9,344 –a—— C:\WINDOWS\system32\drivers\compbatt.sys
2006-12-25 21:50 14,080 –a—— C:\WINDOWS\system32\drivers\CmBatt.sys
2006-12-25 21:50 14,080 –a—— C:\WINDOWS\system32\drivers\battc.sys
2006-12-25 21:49 9,936 –a—— C:\WINDOWS\system\LZEXPAND.DLL
2006-12-25 21:49 9,008 –a—— C:\WINDOWS\system\VER.DLL
2006-12-25 21:49 85,020 –a—— C:\WINDOWS\system32\dgsetup.dll
2006-12-25 21:49 82,944 –a—— C:\WINDOWS\system\OLECLI.DLL
2006-12-25 21:49 8,704 –a—— C:\WINDOWS\system32\batt.dll
2006-12-25 21:49 8,192 -ra—— C:\WINDOWS\system32\kbdhept.dll
2006-12-25 21:49 74,752 –a—— C:\WINDOWS\system32\storprop.dll
2006-12-25 21:49 7,168 -ra—— C:\WINDOWS\system32\kbdcz.dll
2006-12-25 21:49 69,584 –a—— C:\WINDOWS\system\AVICAP.DLL
2006-12-25 21:49 69,120 –a—— C:\WINDOWS\NOTEPAD.EXE
2006-12-25 21:49 68,768 –a—— C:\WINDOWS\system\MMSYSTEM.DLL
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdycl.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdsl1.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdsl.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdpl.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdhu.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdhela3.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdcz2.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdcz1.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdcr.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\KBDAL.DLL
2006-12-25 21:49 6,144 -ra—— C:\WINDOWS\system32\kbdtuq.dll
2006-12-25 21:49 6,144 -ra—— C:\WINDOWS\system32\kbdtuf.dll
2006-12-25 21:49 6,144 -ra—— C:\WINDOWS\system32\kbdlv1.dll
2006-12-25 21:49 6,144 -ra—— C:\WINDOWS\system32\kbdlv.dll
2006-12-25 21:49 6,144 -ra—— C:\WINDOWS\system32\kbdhela2.dll
2006-12-25 21:49 6,144 -ra—— C:\WINDOWS\system32\kbdgkl.dll
2006-12-25 21:49 6,144 -ra—— C:\WINDOWS\system32\kbdest.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdro.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdpl1.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdmon.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdlt1.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdlt.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdkyr.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdhu1.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdhe319.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdhe220.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdhe.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdazel.dll
2006-12-25 21:49 5,120 –a—— C:\WINDOWS\system\SHELL.DLL
2006-12-25 21:49 32,816 –a—— C:\WINDOWS\system\COMMDLG.DLL
2006-12-25 21:49 24,661 –a—— C:\WINDOWS\system32\spxcoins.dll
2006-12-25 21:49 24,064 –a—— C:\WINDOWS\system\OLESVR.DLL
2006-12-25 21:49 19,200 –a—— C:\WINDOWS\system\TAPI.DLL
2006-12-25 21:49 176,157 –a—— C:\WINDOWS\system32\dgrpsetu.dll
2006-12-25 21:49 15,360 –a—— C:\WINDOWS\TASKMAN.EXE
2006-12-25 21:49 13,312 –a—— C:\WINDOWS\system32\irclass.dll
2006-12-25 21:49 126,912 –a—— C:\WINDOWS\system\MSVIDEO.DLL
2006-12-25 21:49 11,264 –a—— C:\WINDOWS\system32\drivers\irenum.sys
2006-12-25 21:49 109,456 –a—— C:\WINDOWS\system\AVIFILE.DLL
2006-12-25 21:49 103,424 –a—— C:\WINDOWS\system32\EqnClass.Dll
2006-12-25 21:49 <DIR> dr——- C:\Program Files
2006-12-25 21:49 <DIR> d–hs—- C:\WINDOWS\Installer
2006-12-25 21:49 <DIR> d——– C:\Program Files\Common Files\SpeechEngines
2006-12-25 21:49 <DIR> d——– C:\Program Files\Common Files\ODBC
2006-12-25 21:48 <DIR> dr——- C:\DOCUME~1\ALLUSE~1\Documents
2006-12-25 21:48 <DIR> d——– C:\WINDOWS\system32\CatRoot2
2006-12-25 21:48 <DIR> d——– C:\WINDOWS\system32\CatRoot
2006-12-25 21:48 <DIR> d——– C:\Documents and Settings
2006-12-25 21:41 <DIR> d——– C:\WINDOWS\system32\SoftwareDistribution
2006-12-25 21:40 <DIR> dr-hsc— C:\WINDOWS\system32\dllcache
2006-12-25 21:40 <DIR> dr–s—- C:\WINDOWS\Fonts
2006-12-25 21:40 <DIR> dr——- C:\WINDOWS\Web
2006-12-25 21:40 <DIR> d–hs—- C:\RECYCLER
2006-12-25 21:40 <DIR> d–h—– C:\WINDOWS\inf
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\WinSxS
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\twain_32
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\wins
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\wbem
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\usmt
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\spool
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\ShellExt
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\Setup
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\ras
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\oobe
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\npp
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\mui
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\inetsrv
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\IME
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\icsxml
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\ias
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\export
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\drivers\etc
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\drivers\disdn
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\drivers
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\dhcp
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\config
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\3com_dmi
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\3076
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\2052
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\1054
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\1042
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\1041
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\1037
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\1033
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\1031
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\1028
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\1025
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\security
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Resources
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\repair
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Provisioning
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\PeerNet
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\pchealth
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\mui
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\msapps
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\msagent
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Media
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\java
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\ime
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Help
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\ehome
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Driver Cache
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Debug
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Cursors
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Connection Wizard
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Config
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\AppPatch
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\addins
2006-12-25 21:40 <DIR> d——– C:\WINDOWS
2006-12-25 21:32 <DIR> d——– C:\Program Files\Norton AntiVirus
2006-12-25 21:31 91,904 –a—— C:\WINDOWS\system32\S32EVNT1.DLL
2006-12-25 21:31 124,016 –a—— C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2006-12-25 21:31 <DIR> d——– C:\Program Files\Symantec
2006-12-25 21:31 <DIR> d——– C:\Program Files\Common Files\Symantec Shared
2006-12-25 21:31 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Symantec
2006-12-25 21:31 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\Symantec
2006-12-25 21:30 204,800 –a—— C:\WINDOWS\system32\IVIresizeW7.dll
2006-12-25 21:30 200,704 –a—— C:\WINDOWS\system32\IVIresizeA6.dll
2006-12-25 21:30 20,480 –a—— C:\WINDOWS\system32\IVIresize.dll
2006-12-25 21:30 192,512 –a—— C:\WINDOWS\system32\IVIresizeP6.dll
2006-12-25 21:30 192,512 –a—— C:\WINDOWS\system32\IVIresizeM6.dll
2006-12-25 21:30 188,416 –a—— C:\WINDOWS\system32\IVIresizePX.dll
2006-12-25 21:30 <DIR> d——– C:\Program Files\InterVideo
2006-12-25 21:29 344,064 -ra—— C:\WINDOWS\system32\msvcr70.dll
2006-12-25 21:29 221,184 –a—— C:\WINDOWS\system32\wmpns.dll
2006-12-25 21:29 <DIR> d——– C:\Program Files\Fingerprint Sensor
2006-12-25 21:29 <DIR> d——– C:\Program Files\AuthenTec
2006-12-25 21:28 <DIR> d——– C:\WINDOWS\RegisteredPackages
2006-12-25 21:28 <DIR> d——– C:\Program Files\Windows Media Connect
2006-12-25 21:27 <DIR> d——– C:\Program Files\Java
2006-12-25 21:26 32,356 ——— C:\WINDOWS\system32\pusbfd1.sys
2006-12-25 21:25 <DIR> d——– C:\Program Files\Common Files\Sonic
2006-12-25 21:25 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Sonic
2006-12-25 21:24 7,432 –a—— C:\WINDOWS\system32\drivers\eabfiltr.sys
2006-12-25 21:24 65,536 –a—— C:\WINDOWS\system32\hpqactn.dll
2006-12-25 21:24 5,220 –a—— C:\WINDOWS\system32\drivers\EabUsb.sys
2006-12-25 21:24 425,984 –a—— C:\WINDOWS\system32\hpqPres.dll
2006-12-25 21:24 32,768 –a—— C:\WINDOWS\system32\eabhbrn8.dll
2006-12-25 21:24 225,280 –a—— C:\WINDOWS\system32\cpqinfo.dll
2006-12-25 21:24 109,568 ——— C:\WINDOWS\system32\pxinsi64.exe
2006-12-25 21:24 108,544 ——— C:\WINDOWS\system32\pxcpyi64.exe
2006-12-25 21:24 <DIR> d——– C:\Program Files\Sonic
2006-12-25 21:24 <DIR> d——– C:\Program Files\Common Files\SureThing Shared
2006-12-25 21:24 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\hpqwmi
2006-12-25 21:23 94,274 -ra—— C:\WINDOWS\system32\HPBHEALR.DLL
2006-12-25 21:23 69,632 -ra—— C:\WINDOWS\system32\HPMBTPMS.DLL
2006-12-25 21:23 58,368 -ra—— C:\WINDOWS\system32\HPDOMON.DLL
2006-12-25 21:23 49,252 -ra—— C:\WINDOWS\system32\NovPMQueue.DLL
2006-12-25 21:23 49,250 -ra—— C:\WINDOWS\system32\NovPMNdps.DLL
2006-12-25 21:23 40,960 -ra—— C:\WINDOWS\system32\hpmbtppw.dll
2006-12-25 21:23 40,960 -ra—— C:\WINDOWS\system32\HPBMMON.DLL
2006-12-25 21:23 155,648 -ra—— C:\WINDOWS\system32\HPMystPM.DLL
2006-12-25 21:23 135,168 -ra—— C:\WINDOWS\system32\hpmbtprw.dll
2006-12-25 21:23 126,976 -ra—— C:\WINDOWS\system32\hprdvtcp.dll
2006-12-25 21:23 118,784 -ra—— C:\WINDOWS\system32\HPMPMW.DLL
2006-12-25 21:23 <DIR> d——– C:\WINDOWS\Downloaded Installations
2006-12-25 21:23 <DIR> d——– C:\Program Files\HP Accessories Product Tour
2006-12-25 21:19 <DIR> dr–s—- C:\WINDOWS\assembly
2006-12-25 21:19 <DIR> d——– C:\WINDOWS\system32\URTTemp
2006-12-25 21:19 <DIR> d——– C:\WINDOWS\Microsoft.NET
2006-12-25 21:18 59,044 -ra—— C:\WINDOWS\system32\drivers\clntmgmt.sys
2006-12-25 21:18 32,768 ——— C:\WINDOWS\biwlandrvxpver.dll
2006-12-25 21:17 458,752 –a—— C:\WINDOWS\system32\w29NCPA.dll
2006-12-25 21:17 3,222,784 –a—— C:\WINDOWS\system32\drivers\w29n51.sys
2006-12-25 21:17 1,654,784 –a—— C:\WINDOWS\system32\W29MLRES.DLL
2006-12-25 21:17 <DIR> d——– C:\SWSetup
2006-12-25 21:17 <DIR> d——– C:\Program Files\Intel
2006-12-25 21:16 294,912 -ra—— C:\WINDOWS\system32\atiiiexx.dll
2006-12-25 21:16 28,672 -ra—— C:\WINDOWS\cttib1.dll
2006-12-25 21:16 <DIR> d——– C:\Program Files\ATI Technologies
2006-12-25 21:15 90,202 –a—— C:\WINDOWS\system32\SynTPAPI.dll
2006-12-25 21:15 81,920 –a—— C:\WINDOWS\system32\SynTPCo2.dll
2006-12-25 21:15 77,917 –a—— C:\WINDOWS\system32\SynCOM.dll
2006-12-25 21:15 69,722 –a—— C:\WINDOWS\system32\SynTPFcs.dll
2006-12-25 21:15 186,016 –a—— C:\WINDOWS\system32\drivers\SynTP.sys
2006-12-25 21:15 114,688 –a—— C:\WINDOWS\system32\SynCtrl.dll
2006-12-25 21:15 <DIR> d——– C:\WINDOWS\system32\ReinstallBackups
2006-12-25 21:15 <DIR> d——– C:\Program Files\Synaptics
2006-12-25 21:14 <DIR> d——– C:\WINDOWS\tiinst
2006-12-25 21:13 88,363 -ra—— C:\WINDOWS\AGRSMMSG.exe
2006-12-25 21:13 64,512 -ra—— C:\WINDOWS\agrsmdel.exe
2006-12-25 21:13 1,268,204 -ra—— C:\WINDOWS\system32\drivers\AGRSM.sys
2006-12-25 21:13 <DIR> d——– C:\WINDOWS\Options
2006-12-25 21:13 <DIR> d——– C:\Program Files\HPQ
2006-12-25 21:13 <DIR> d——– C:\DOCUME~1\TIMODU~1\Bluetooth Software
2006-12-25 21:12 <DIR> d——– C:\Program Files\WIDCOMM
2006-12-25 21:11 82,944 –a—— C:\WINDOWS\system32\drivers\wdmaud.sys
2006-12-25 21:11 7,552 –a—— C:\WINDOWS\system32\drivers\MSKSSRV.sys
2006-12-25 21:11 60,800 –a—— C:\WINDOWS\system32\drivers\sysaudio.sys
2006-12-25 21:11 6,400 –a—— C:\WINDOWS\system32\drivers\splitter.sys
2006-12-25 21:11 54,272 –a—— C:\WINDOWS\system32\drivers\swmidi.sys
2006-12-25 21:11 52,864 –a—— C:\WINDOWS\system32\drivers\DMusic.sys
2006-12-25 21:11 5,376 –a—— C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2006-12-25 21:11 4,992 –a—— C:\WINDOWS\system32\drivers\MSPQM.sys
2006-12-25 21:11 2,944 –a—— C:\WINDOWS\system32\drivers\drmkaud.sys
2006-12-25 21:11 172,416 –a—— C:\WINDOWS\system32\drivers\kmixer.sys
2006-12-25 21:11 142,464 –a—— C:\WINDOWS\system32\drivers\aec.sys
2006-12-25 21:11 <DIR> d——– C:\Program Files\Broadcom
2006-12-25 21:10 60,288 –a—— C:\WINDOWS\system32\drivers\drmk.sys
2006-12-25 21:10 49,152 –a—— C:\WINDOWS\system32\DSndUp.exe
2006-12-25 21:10 45,056 –a—— C:\WINDOWS\system32\CleanUp.exe
2006-12-25 21:10 4,096 –a—— C:\WINDOWS\system32\ksuser.dll
2006-12-25 21:10 30,208 –a—— C:\WINDOWS\system32\wdmioctl.dll
2006-12-25 21:10 259,840 –a—— C:\WINDOWS\system32\drivers\smwdm.sys
2006-12-25 21:10 145,792 –a—— C:\WINDOWS\system32\drivers\portcls.sys
2006-12-25 21:10 127,744 -ra—— C:\WINDOWS\system32\drivers\aeaudio.sys
2006-12-25 21:10 1,285,632 –a—— C:\WINDOWS\system32\SMMedia.dll
2006-12-25 21:10 <DIR> d–h—– C:\Program Files\InstallShield Installation Information
2006-12-25 21:10 <DIR> d——– C:\Program Files\Common Files\InstallShield
2006-12-25 21:10 <DIR> d——– C:\Program Files\Analog Devices
2006-12-25 21:09 <DIR> d——– C:\SYSTEM.SAV
2006-12-25 21:05 <DIR> d——– C:\WINDOWS\SoftwareDistribution
2006-12-25 21:05 <DIR> d——– C:\WINDOWS\Prefetch
2006-12-25 21:01 0 -rahs—- C:\MSDOS.SYS
2006-12-25 21:01 0 -rahs—- C:\IO.SYS
2006-12-25 21:01 0 –a—— C:\CONFIG.SYS
2006-12-25 21:01 0 –a—— C:\AUTOEXEC.BAT
2006-12-25 21:01 <DIR> d——– C:\WINDOWS\system32\xircom
2006-12-25 21:01 <DIR> d——– C:\Program Files\microsoft frontpage
2006-12-25 21:00 112,128 –a—— C:\WINDOWS\system32\mapi32.dll
2006-12-25 21:00 <DIR> d–hs—- C:\DOCUME~1\ALLUSE~1\DRM
2006-12-25 20:59 11,264 –a—— C:\WINDOWS\system32\atrace.dll
2006-12-25 20:59 <DIR> dr——- C:\WINDOWS\Offline Web Pages
2006-12-25 20:59 <DIR> d–h—– C:\Program Files\WindowsUpdate
2006-12-25 20:59 <DIR> d—s—- C:\WINDOWS\Downloaded Program Files
2006-12-25 20:59 <DIR> d——– C:\WINDOWS\system32\DirectX
2006-12-25 20:58 81,920 –a—— C:\WINDOWS\system32\isign32.dll
2006-12-25 20:58 81,920 –a—— C:\WINDOWS\system32\ils.dll
2006-12-25 20:58 8,192 –a—— C:\WINDOWS\system32\bitsprx2.dll
2006-12-25 20:58 73,728 –a—— C:\WINDOWS\system32\icwdial.dll
2006-12-25 20:58 73,472 –a—— C:\WINDOWS\system32\drivers\sr.sys
2006-12-25 20:58 7,168 –a—— C:\WINDOWS\system32\bitsprx3.dll
2006-12-25 20:58 69,632 –a—— C:\WINDOWS\system32\msconf.dll
2006-12-25 20:58 679,424 –a—— C:\WINDOWS\system32\inetcomm.dll
2006-12-25 20:58 67,584 –a—— C:\WINDOWS\system32\srclient.dll
2006-12-25 20:58 65,536 –a—— C:\WINDOWS\system32\icwphbk.dll
2006-12-25 20:58 64,512 –a—— C:\WINDOWS\system32\acctres.dll
2006-12-25 20:58 6,656 –a—— C:\WINDOWS\system32\wuauserv.dll
2006-12-25 20:58 48,128 –a—— C:\WINDOWS\system32\inetres.dll
2006-12-25 20:58 465,176 –a—— C:\WINDOWS\system32\wuapi.dll
2006-12-25 20:58 45,568 –a—— C:\WINDOWS\system32\safrslv.dll
2006-12-25 20:58 43,520 –a—— C:\WINDOWS\system32\safrcdlg.dll
2006-12-25 20:58 43,520 –a—— C:\WINDOWS\system32\racpldlg.dll
2006-12-25 20:58 41,240 –a—— C:\WINDOWS\system32\wups.dll
2006-12-25 20:58 382,464 –a—— C:\WINDOWS\system32\qmgr.dll
2006-12-25 20:58 34,560 –a—— C:\WINDOWS\system32\mnmdd.dll
2006-12-25 20:58 32,768 –a—— C:\WINDOWS\system32\mnmsrvc.exe
2006-12-25 20:58 32,768 –a—— C:\WINDOWS\system32\isrdbg32.dll
2006-12-25 20:58 29,696 –a—— C:\WINDOWS\system32\safrdm.dll
2006-12-25 20:58 28,672 –a—— C:\WINDOWS\system32\nmmkcert.dll
2006-12-25 20:58 274,944 –a—— C:\WINDOWS\system32\mstask.dll
2006-12-25 20:58 274,432 –a—— C:\WINDOWS\system32\inetcfg.dll
2006-12-25 20:58 252,928 –a—— C:\WINDOWS\system32\msoeacct.dll
2006-12-25 20:58 239,104 –a—— C:\WINDOWS\system32\srrstr.dll
2006-12-25 20:58 23,040 –a—— C:\WINDOWS\system32\fltmc.exe
2006-12-25 20:58 194,328 –a—— C:\WINDOWS\system32\wuaueng1.dll
2006-12-25 20:58 190,976 –a—— C:\WINDOWS\system32\schedsvc.dll
2006-12-25 20:58 18,944 –a—— C:\WINDOWS\system32\qmgrprxy.dll
2006-12-25 20:58 173,536 –a—— C:\WINDOWS\system32\wuweb.dll
2006-12-25 20:58 172,312 –a—— C:\WINDOWS\system32\wuauclt1.exe
2006-12-25 20:58 170,496 –a—— C:\WINDOWS\system32\srsvc.dll
2006-12-25 20:58 16,896 –a—— C:\WINDOWS\system32\fltlib.dll
2006-12-25 20:58 16,384 –a—— C:\WINDOWS\system32\icfgnt5.dll
2006-12-25 20:58 128,896 –a—— C:\WINDOWS\system32\drivers\fltmgr.sys
2006-12-25 20:58 127,256 –a—— C:\WINDOWS\system32\wucltui.dll
2006-12-25 20:58 124,184 –a—— C:\WINDOWS\system32\wuauclt.exe
2006-12-25 20:58 12,288 –a—— C:\WINDOWS\system32\nmevtmsg.dll
2006-12-25 20:58 12,288 –a—— C:\WINDOWS\system32\mstinit.exe
2006-12-25 20:58 105,984 –a—— C:\WINDOWS\system32\msoert2.dll
2006-12-25 20:58 1,343,768 –a—— C:\WINDOWS\system32\wuaueng.dll
2006-12-25 20:58 <DIR> d—s—- C:\WINDOWS\Tasks
2006-12-25 20:58 <DIR> d——– C:\WINDOWS\system32\Restore
2006-12-25 20:58 <DIR> d——– C:\WINDOWS\system32\Macromed
2006-12-25 20:58 <DIR> d——– C:\WINDOWS\srchasst
2006-12-25 20:58 <DIR> d——– C:\Program Files\Movie Maker
2006-12-25 20:58 <DIR> d——– C:\Program Files\Common Files\MSSoap
2006-12-25 20:57 <DIR> d——– C:\WINDOWS\Registration
2006-12-25 20:57 <DIR> d——– C:\Program Files\Online Services
2006-12-25 20:56 97,792 –a—— C:\WINDOWS\system32\comrepl.dll
2006-12-25 20:56 956,416 –a—— C:\WINDOWS\system32\msdtctm.dll
2006-12-25 20:56 93,696 –a—— C:\WINDOWS\system32\tscfgwmi.dll
2006-12-25 20:56 91,136 –a—— C:\WINDOWS\system32\mtxoci.dll
2006-12-25 20:56 9,728 –a—— C:\WINDOWS\system32\reset.exe
2006-12-25 20:56 87,176 –a—— C:\WINDOWS\system32\rdpwsx.dll
2006-12-25 20:56 85,504 –a—— C:\WINDOWS\system32\catsrvps.dll
2006-12-25 20:56 80,384 –a—— C:\WINDOWS\system32\charmap.exe
2006-12-25 20:56 73,216 –a—— C:\WINDOWS\system32\avwav.dll
2006-12-25 20:56 67,072 –a—— C:\WINDOWS\system32\rdshost.exe
2006-12-25 20:56 655,360 –a—— C:\WINDOWS\system32\mstscax.dll
2006-12-25 20:56 625,152 –a—— C:\WINDOWS\system32\catsrvut.dll
2006-12-25 20:56 62,464 –a—— C:\WINDOWS\system32\rdpclip.exe
2006-12-25 20:56 605,696 –a—— C:\WINDOWS\system32\getuname.dll
2006-12-25 20:56 60,416 –a—— C:\WINDOWS\system32\remotepg.dll
2006-12-25 20:56 60,416 –a—— C:\WINDOWS\system32\colbact.dll
2006-12-25 20:56 6,144 –a—— C:\WINDOWS\system32\msdtc.exe
2006-12-25 20:56 58,880 –a—— C:\WINDOWS\system32\msdtclog.dll
2006-12-25 20:56 56,832 –a—— C:\WINDOWS\system32\sol.exe
2006-12-25 20:56 55,296 –a—— C:\WINDOWS\system32\freecell.exe
2006-12-25 20:56 540,160 –a—— C:\WINDOWS\system32\comuid.dll
2006-12-25 20:56 54,272 –a—— C:\WINDOWS\system32\stclient.dll
2006-12-25 20:56 538,624 –a—— C:\WINDOWS\system32\spider.exe
2006-12-25 20:56 5,632 –a—— C:\WINDOWS\system32\write.exe
2006-12-25 20:56 5,120 –a—— C:\WINDOWS\system32\dcomcnfg.exe
2006-12-25 20:56 498,688 –a—— C:\WINDOWS\system32\clbcatq.dll
2006-12-25 20:56 44,544 –a—— C:\WINDOWS\system32\tscupgrd.exe
2006-12-25 20:56 44,544 –a—— C:\WINDOWS\system32\hticons.dll
2006-12-25 20:56 426,496 –a—— C:\WINDOWS\system32\msdtcprx.dll
2006-12-25 20:56 407,552 –a—— C:\WINDOWS\system32\mstsc.exe
2006-12-25 20:56 4,096 –a—— C:\WINDOWS\system32\rdpcfgex.dll
2006-12-25 20:56 4,096 –a—— C:\WINDOWS\system32\mtxex.dll
2006-12-25 20:56 38,912 –a—— C:\WINDOWS\system32\cfgbkend.dll
2006-12-25 20:56 35,328 –a—— C:\WINDOWS\system32\winchat.exe
2006-12-25 20:56 347,136 –a—— C:\WINDOWS\system32\hypertrm.dll
2006-12-25 20:56 343,040 –a—— C:\WINDOWS\system32\mspaint.exe
2006-12-25 20:56 33,792 –a—— C:\WINDOWS\system32\regini.exe
2006-12-25 20:56 295,424 –a—— C:\WINDOWS\system32\termsrv.dll
2006-12-25 20:56 25,600 –a—— C:\WINDOWS\system32\comaddin.dll
2006-12-25 20:56 25,088 –a—— C:\WINDOWS\system32\mtxlegih.dll
2006-12-25 20:56 227,840 –a—— C:\WINDOWS\system32\avtapi.dll
2006-12-25 20:56 225,792 –a—— C:\WINDOWS\system32\catsrv.dll
2006-12-25 20:56 22,016 –a—— C:\WINDOWS\system32\qwinsta.exe
2006-12-25 20:56 21,896 –a—— C:\WINDOWS\system32\drivers\tdtcp.sys
2006-12-25 20:56 20,992 –a—— C:\WINDOWS\system32\msg.exe
2006-12-25 20:56 20,480 –a—— C:\WINDOWS\system32\qprocess.exe
2006-12-25 20:56 20,480 –a—— C:\WINDOWS\system32\mtxdm.dll
2006-12-25 20:56 19,968 –a—— C:\WINDOWS\system32\rdpsnd.dll
2006-12-25 20:56 183,808 –a—— C:\WINDOWS\system32\accwiz.exe
2006-12-25 20:56 161,280 –a—— C:\WINDOWS\system32\msdtcuiu.dll
2006-12-25 20:56 16,896 –a—— C:\WINDOWS\system32\tsshutdn.exe
2006-12-25 20:56 16,896 –a—— C:\WINDOWS\system32\qappsrv.exe
2006-12-25 20:56 16,384 –a—— C:\WINDOWS\system32\tskill.exe
2006-12-25 20:56 16,384 –a—— C:\WINDOWS\system32\avmeter.dll
2006-12-25 20:56 15,872 –a—— C:\WINDOWS\system32\rwinsta.exe
2006-12-25 20:56 15,872 –a—— C:\WINDOWS\system32\cdmodem.dll
2006-12-25 20:56 15,360 –a—— C:\WINDOWS\system32\logoff.exe
2006-12-25 20:56 147,968 –a—— C:\WINDOWS\system32\rdchost.dll
2006-12-25 20:56 147,456 –a—— C:\WINDOWS\system32\comsnap.dll
2006-12-25 20:56 140,800 –a—— C:\WINDOWS\system32\sessmgr.exe
2006-12-25 20:56 14,848 –a—— C:\WINDOWS\system32\tsdiscon.exe
2006-12-25 20:56 14,848 –a—— C:\WINDOWS\system32\tscon.exe
2006-12-25 20:56 14,848 –a—— C:\WINDOWS\system32\shadow.exe
2006-12-25 20:56 139,528 –a—— C:\WINDOWS\system32\drivers\rdpwd.sys
2006-12-25 20:56 138,752 –a—— C:\WINDOWS\system32\sndvol32.exe
2006-12-25 20:56 131,584 –a—— C:\WINDOWS\system32\sndrec32.exe
2006-12-25 20:56 13,824 –a—— C:\WINDOWS\system32\rdsaddin.exe
2006-12-25 20:56 126,976 –a—— C:\WINDOWS\system32\mshearts.exe
2006-12-25 20:56 123,392 –a—— C:\WINDOWS\system32\mplay32.exe
2006-12-25 20:56 12,040 –a—— C:\WINDOWS\system32\drivers\tdpipe.sys
2006-12-25 20:56 119,808 –a—— C:\WINDOWS\system32\winmine.exe
2006-12-25 20:56 114,688 –a—— C:\WINDOWS\system32\calc.exe
2006-12-25 20:56 110,080 –a—— C:\WINDOWS\system32\clbcatex.dll
2006-12-25 20:56 11,776 –a—— C:\WINDOWS\system32\xolehlp.dll
2006-12-25 20:56 11,264 –a—— C:\WINDOWS\system32\icaapi.dll
2006-12-25 20:56 102,912 –a—— C:\WINDOWS\system32\clipbrd.exe
2006-12-25 20:56 1,267,200 –a—— C:\WINDOWS\system32\comsvcs.dll
2006-12-25 20:56 1,161 –a—— C:\WINDOWS\system32\usrlogon.cmd
2006-12-25 20:56 <DIR> d——– C:\WINDOWS\system32\MsDtc
2006-12-25 20:56 <DIR> d——– C:\WINDOWS\system32\Com
2006-12-25 20:56 <DIR> d——– C:\Program Files\Windows NT
2006-12-25 20:56 <DIR> d——– C:\Program Files\MSN Gaming Zone
2006-12-25 20:56 <DIR> d——– C:\Program Files\Messenger
2006-12-25 20:55 58,880 –a—— C:\WINDOWS\system32\licwmi.dll
2006-12-25 20:55 56,320 –a—— C:\WINDOWS\system32\servdeps.dll
2006-12-25 20:55 40,840 –a—— C:\WINDOWS\system32\drivers\termdd.sys
2006-12-25 20:55 196,864 –a—— C:\WINDOWS\system32\drivers\rdpdr.sys
2006-12-25 20:55 185,344 –a—— C:\WINDOWS\system32\cmprops.dll
2006-12-25 20:55 17,408 –a—— C:\WINDOWS\system32\mmfutil.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-01-14 17:06 ——– d—s—- C:\DOCUME~1\TIMODU~1\Application Data\microsoft
2006-12-26 11:40 299 –a—— C:\DOCUME~1\TIMODU~1\Application Data\internaldb1942.dat
2006-12-26 11:40 23 –a—— C:\DOCUME~1\TIMODU~1\Application Data\inifile41.ini
2006-12-25 21:48 62 –ahs—- C:\DOCUME~1\TIMODU~1\Application Data\desktop.ini
2006-12-25 21:43 ——– d——– C:\DOCUME~1\TIMODU~1\Application Data\macromedia
2006-12-25 21:06 ——– d——– C:\DOCUME~1\TIMODU~1\Application Data\identities
2006-12-12 17:30 520192 –a—— C:\WINDOWS\system32\divxsm.exe
2006-12-12 17:30 3596288 –a—— C:\WINDOWS\system32\qt-dx331.dll
2006-12-12 17:30 20640 ——— C:\WINDOWS\system32\drivers\pxhelp20.sys
2006-12-12 17:30 200704 –a—— C:\WINDOWS\system32\ssldivx.dll
2006-12-12 17:30 1044480 –a—— C:\WINDOWS\system32\libdivx.dll
2006-12-12 17:25 806912 –a—— C:\WINDOWS\system32\divx_xx0c.dll
2006-12-12 17:25 806912 –a—— C:\WINDOWS\system32\divx_xx07.dll
2006-12-12 17:25 790528 –a—— C:\WINDOWS\system32\divx_xx11.dll
2006-12-12 17:25 73728 –a—— C:\WINDOWS\system32\dpl100.dll
2006-12-12 17:25 635486 –a—— C:\WINDOWS\system32\divx.dll
2006-12-12 17:25 593920 –a—— C:\WINDOWS\system32\dpugui11.dll
2006-12-12 17:25 57344 –a—— C:\WINDOWS\system32\dpv11.dll
2006-12-12 17:25 53248 –a—— C:\WINDOWS\system32\dpugui10.dll
2006-12-12 17:25 344064 –a—— C:\WINDOWS\system32\dpus11.dll
2006-12-12 17:25 294912 –a—— C:\WINDOWS\system32\dpu11.dll
2006-12-12 17:25 294912 –a—— C:\WINDOWS\system32\dpu10.dll
2006-12-12 17:25 196608 –a—— C:\WINDOWS\system32\dtu100.dll
2006-12-12 17:24 12288 –a—— C:\WINDOWS\system32\divxwmpexttype.dll
2006-12-12 17:24 118784 –a—— C:\WINDOWS\system32\divxcodecupdatechecker.exe
2006-12-07 07:40 2362184 –a—— C:\WINDOWS\system32\wmvcore.dll
2006-11-07 21:03 6049280 ——— C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50688 ——— C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458752 ——— C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 413696 –a—— C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 –a—— C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 180736 ——— C:\WINDOWS\system32\ieui.dll
2006-11-07 21:03 156160 –a—— C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 –a—— C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 –a—— C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 –a—— C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 –a—— C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 –a—— C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 –a—— C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 –a—— C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 13312 –a—— C:\WINDOWS\system32\ieudinit.exe
2006-11-07 03:26 123904 –a—— C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 –a—— C:\WINDOWS\system32\ieakui.dll
2006-10-24 12:30 716288 ——— C:\WINDOWS\system32\windowscodecs.dll
2006-10-24 12:30 412160 ——— C:\WINDOWS\system32\photometadatahandler.dll
2006-10-24 12:30 276992 ——— C:\WINDOWS\system32\wmphoto.dll
2006-10-24 12:29 352256 ——— C:\WINDOWS\system32\windowscodecsext.dll
2006-10-19 14:56 713216 –a—— C:\WINDOWS\system32\sxs.dll
2006-10-17 12:06 78336 –a—— C:\WINDOWS\system32\ieencode.dll
2006-10-17 12:05 40960 –a—— C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 206336 ——— C:\WINDOWS\system32\winfxdocobj.exe
2006-10-17 12:05 105984 –a—— C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 –a—— C:\WINDOWS\system32\occache.dll
2006-10-17 12:03 17408 –a—— C:\WINDOWS\system32\corpol.dll
2006-10-17 11:58 61952 ——— C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 ——— C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 36352 –a—— C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:57 266752 ——— C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:56 45568 –a—— C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 –a—— C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:27 380928 ——— C:\WINDOWS\system32\ieapfltr.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"Uniblue Registry Booster"="C:\\Program Files\\Uniblue\\Registry Booster\\RegistryBooster.exe /S"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMAXPnP"="C:\\Program Files\\Analog Devices\\SoundMAX\\SMax4PNP.exe"
"SoundMAX"="C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe /tray"
"AGRSMMSG"="AGRSMMSG.exe"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe"
"eabconfg.cpl"="C:\\Program Files\\HPQ\\Quick Launch Buttons\\EabServr.exe /Start"
"UpdateManager"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"
"hpWirelessAssistant"="C:\\Program Files\\hpq\\HP Wireless Assistant\\HP Wireless Assistant.exe"
"CognizanceTS"="rundll32.exe C:\\PROGRA~1\\HPQ\\IAM\\Bin\\AsTsVcc.dll,RegisterModule"
"WatchDog"="C:\\Program Files\\InterVideo\\DVD Check\\DVDCheck.exe"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"PCSuiteTrayApplication"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -startup"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0\\bin\\jusched.exe\""

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
Cognizance REG_MULTI_SZ ASChannel\0\0
Usnsvc REG_MULTI_SZ usnsvc\0\0


[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac9e4c10-9515-11db-baed-0012f0a740b5}]
Shell\AutoRun\command E:\autorun.exe


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Norton AntiVirus - Mijn computer scannen - Timo Dubbeldam.job
C:\WINDOWS\tasks\XoftSpySE.job

Completion time: 07-01-17 16:10:14
C:\ComboFix2.txt … 07-01-16 19:17


[b:319b6e0d96]Hijack This[/b:319b6e0d96]
Logfile of HijackThis v1.99.1
Scan saved at 16:13:59, on 17-1-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

Oke zal ik doen.
En ik wil juist dat msn gelijk opstart, en als ik dat niet doe, en em dan later open, gebeurt der precies hetzelfde

even hierheen gemoved; kijk even naar de hjt log pls.

t.

Installeer hijackthis.exe bijv. in C:\Program Files\[b:fd0d1f6c03]Hijackthis[/b:fd0d1f6c03]
Dit in verband met de backups die dit programma maakt.

Download [b:fd0d1f6c03]Combofix[/b:fd0d1f6c03] naar je Bureaublad.[list:fd0d1f6c03]
Dubbelklik [b:fd0d1f6c03]Combofix.exe[/b:fd0d1f6c03]
Volg de instructies, aanvaard de disclaimer door "y" of "Y" te typen.
Tijdens het runnen van de fix, [b:fd0d1f6c03]NIET[/b:fd0d1f6c03] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:fd0d1f6c03]
Wanneer de fix voltooid is en na herstart, zal de log [b:fd0d1f6c03]combofix.txt[/b:fd0d1f6c03] openen.
[i:fd0d1f6c03]Plaats deze log in je volgende post samen met een nieuw HijackThis log.[/i:fd0d1f6c03]

NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.



Daarna http://www.greyknight17.com/spy/DelO15Domains.inf
met rechts aanklikken en kiezen voor doel opslaan als.
Zet hem maar op je bureaublad onder de naam DelO15Domains.inf

Klik nu met rechts op het bestand 'DelO15Domains.inf' en kies Installeren.
(van de installatie merk je verder niets!)

Start Hijackthis op en kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:
[b:fd0d1f6c03]
O2 - BHO: RunBus Class - {4865F155-CE00-4E93-A414-147844D7C81A} - C:\WINDOWS\system32\tcblioty.dll (file missing)
O2 - BHO: Hoja Class - {C07F60AC-688D-4F3E-89EC-30B281BDD2CC} - C:\WINDOWS\system32\asclwtfy.dll
O4 - HKCU\..\Run: [Chckup] C:\WINDOWS\system32\Netverchk.exe
O4 - HKCU\..\Run: [LifeCU] C:\WINDOWS\system32\BastaYa.exe
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\mwinkoeb.exe
O20 - AppInit_DLLs: ASAPHook
[/b:fd0d1f6c03]
Sluit alle vensters behalve Hijackthis
Klik op 'Fix checked' om de items te verwijderen.

Start je verkenner en zoek naar de dikgedrukte mappen/bestanden.(indien nog aanwezig) en verwijder die.
C:\WINDOWS\system32\[b:fd0d1f6c03]tcblioty.dll[/b:fd0d1f6c03]
C:\WINDOWS\system32\[b:fd0d1f6c03]asclwtfy.dll[/b:fd0d1f6c03]
C:\WINDOWS\system32\[b:fd0d1f6c03]Netverchk.exe[/b:fd0d1f6c03]
C:\WINDOWS\system32\[b:fd0d1f6c03]BastaYa.exe[/b:fd0d1f6c03]
C:\WINDOWS\system32\[b:fd0d1f6c03]dwdsregt.exe[/b:fd0d1f6c03]
C:\WINDOWS\system32\[b:fd0d1f6c03]mwinkoeb.exe[/b:fd0d1f6c03]


[b:fd0d1f6c03]

[b:e4e859bcef]Nog steeds is msn ZOOO langzaam om op te starten en nog steeds loopt me pc dan vast[/b:e4e859bcef]

[b:e4e859bcef]COMBOFIX LOG[/b:e4e859bcef]
"Timo Dubbeldam" - 07-01-16 19:15:34 Service Pack 2
ComboFix 07-01-16.2 - Running from: "C:\Documents and Settings\Timo Dubbeldam\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-12-16 to 2007-01-16 ))))))))))))))))))))))))))))))))))


2007-01-16 16:37 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Lavasoft
2007-01-16 16:25 51,072 –a—— C:\WINDOWS\system32\drivers\ikhlayer.sys
2007-01-16 16:25 30,592 –a—— C:\WINDOWS\system32\drivers\ikhfile.sys
2007-01-16 16:25 <DIR> d-a—— C:\DOCUME~1\ALLUSE~1\Application Data\TEMP
2007-01-16 16:25 <DIR> d——– C:\Program Files\Spyware Doctor
2007-01-16 16:25 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\PC Tools
2007-01-16 16:23 78,336 –a—— C:\WINDOWS\system32\drivers\ssi.sys
2007-01-16 16:23 102,912 –a—— C:\WINDOWS\system32\islzma.dll
2007-01-16 16:23 <DIR> d——– C:\Program Files\Webroot
2007-01-16 16:23 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Webroot
2007-01-16 16:23 <DIR> d——– C:\DOCUME~1\LOCALS~1\Application Data\Webroot
2007-01-16 16:22 <DIR> d——– C:\Program Files\Lavasoft
2007-01-16 16:22 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy
2007-01-16 16:21 118,784 –a—— C:\WINDOWS\system32\MSSTDFMT.DLL
2007-01-16 16:21 <DIR> d——– C:\Program Files\SpywareBlaster
2007-01-16 16:20 502,368 –a—— C:\WINDOWS\system32\drivers\amon.sys
2007-01-16 16:20 274,432 –a—— C:\WINDOWS\system32\imon.dll
2007-01-16 16:10 <DIR> d——– C:\WINDOWS\system32\GroupPolicy
2007-01-16 16:09 <DIR> d——– C:\Program Files\Hitman Pro
2007-01-16 15:27 <DIR> d——– C:\Program Files\CCleaner
2007-01-14 17:16 <DIR> d——– C:\Program Files\Uniblue
2007-01-14 17:16 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Uniblue
2007-01-14 17:09 45,321 –a—— C:\WINDOWS\system32\CAUnst.exe
2007-01-14 17:09 421,888 –a—— C:\WINDOWS\system32\asclwtfy.dll
2007-01-14 17:09 36,864 –a—— C:\WINDOWS\system32\wbhlkwjx.exe
2007-01-14 17:04 <DIR> d——– C:\WINDOWS\system32\appmgmt
2007-01-14 16:32 <DIR> d——– C:\Program Files\MSN Messenger
2007-01-14 15:47 76,560 –a—— C:\WINDOWS\system32\drivers\tmcomm.sys
2007-01-14 15:46 <DIR> d——– C:\DOCUME~1\TIMODU~1\.housecall6.6
2007-01-14 00:06 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Nokia
2007-01-14 00:06 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\PC Suite
2007-01-14 00:05 50,688 –a—— C:\WINDOWS\system32\nmwcdcls.dll
2007-01-14 00:05 <DIR> d——– C:\Program Files\PC Connectivity Solution
2007-01-14 00:05 <DIR> d——– C:\Program Files\Nokia
2007-01-14 00:05 <DIR> d——– C:\Program Files\DIFX
2007-01-14 00:05 <DIR> d——– C:\Program Files\Common Files\PCSuite
2007-01-14 00:05 <DIR> d——– C:\Program Files\Common Files\Nokia
2007-01-14 00:05 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\PC Suite
2007-01-13 10:11 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Jasc
2007-01-13 09:01 <DIR> d——– C:\Program Files\Security Task Manager
2007-01-13 09:01 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\SecTaskMan
2007-01-13 09:00 <DIR> d——– C:\WINDOWS\ie7updates
2007-01-12 22:09 <DIR> d——– C:\Program Files\Jasc Software Inc
2007-01-10 16:47 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\RadLight Company
2007-01-10 16:46 <DIR> d——– C:\Program Files\RadLight Company
2007-01-09 19:56 <DIR> d——– C:\DOCUME~1\TIMODU~1\.gimp-2.2
2007-01-08 15:45 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\DivX
2007-01-08 15:44 <DIR> d——– C:\Program Files\DivX
2007-01-05 16:12 4,682 –a—— C:\WINDOWS\system32\npptNT2.sys
2007-01-05 16:05 <DIR> d——– C:\Program Files\NEXON
2007-01-05 13:41 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Adobe
2007-01-05 13:38 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\Adobe
2007-01-05 13:32 <DIR> d——– C:\Program Files\Common Files\Adobe
2007-01-04 10:25 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Apple Computer
2007-01-04 10:21 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\Apple Computer
2007-01-04 10:17 <DIR> d——– C:\Program Files\QuickTime
2007-01-03 23:17 <DIR> d——– C:\WINDOWS\aim95
2007-01-03 23:17 <DIR> d——– C:\Program Files\CSIM
2007-01-03 11:24 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\InterVideo
2007-01-02 19:08 9,600 –a—— C:\WINDOWS\system32\drivers\hidusb.sys
2007-01-02 19:08 12,160 –a—— C:\WINDOWS\system32\drivers\mouhid.sys
2007-01-02 18:48 <DIR> d——– C:\WINDOWS\Sun
2007-01-02 18:48 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Sun
2007-01-02 12:04 <DIR> d——– C:\ATI
2007-01-02 11:43 43,520 –a—— C:\WINDOWS\system32\CmdLineExt03.dll
2007-01-01 17:54 <DIR> d——– C:\Program Files\BitTorrent
2007-01-01 17:54 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\BitTorrent
2007-01-01 03:03 24 –a—— C:\WINDOWS\system32\sysogg.dll
2006-12-30 20:04 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Google
2006-12-30 13:02 233,472 –a—— C:\WINDOWS\system32\lame_enc.dll
2006-12-30 13:02 1,703,936 –a—— C:\WINDOWS\system32\NCTAudioFile.dll
2006-12-30 13:02 <DIR> d——– C:\Program Files\MP3 Converter Simple
2006-12-29 23:54 <DIR> d——– C:\Program Files\Audacity
2006-12-27 21:28 <DIR> d——– C:\WINDOWS\system32\LogFiles
2006-12-26 20:17 <DIR> d——– C:\Program Files\DAEMON Tools
2006-12-26 20:06 639,224 –a—— C:\WINDOWS\system32\drivers\sptd.sys
2006-12-26 15:01 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Mijn Battle for Middle-earth bestanden
2006-12-26 14:50 <DIR> d——– C:\DOCUME~1\LOCALS~1\Application Data\Symantec
2006-12-26 14:47 <DIR> d——– C:\Games
2006-12-26 12:18 <DIR> d——– C:\Program Files\XoftSpySE
2006-12-26 12:01 <DIR> d——– C:\Program Files\Enigma Software Group
2006-12-26 11:49 <DIR> d——– C:\Program Files\SymNetDrv
2006-12-26 11:40 928 –a—— C:\WINDOWS\system32\winpfz32.sys
2006-12-26 11:40 36,864 –a—— C:\WINDOWS\system32\slimusfg.exe
2006-12-26 11:40 24,576 –a—— C:\WINDOWS\system32\msxml3a.dll
2006-12-26 09:49 <DIR> d——– C:\WINDOWS\system32\PreInstall
2006-12-26 04:29 <DIR> d–hs—- C:\System Volume Information
2006-12-26 00:07 <DIR> d——– C:\DOCUME~1\TIMODU~1\Shared
2006-12-26 00:07 <DIR> d——– C:\DOCUME~1\TIMODU~1\Incomplete
2006-12-25 23:37 <DIR> d——– C:\Program Files\LimeWire
2006-12-25 23:36 <DIR> d——– C:\DOCUME~1\TIMODU~1\.limewire
2006-12-25 22:10 <DIR> d——– C:\WINDOWS\WBEM
2006-12-25 22:10 <DIR> d——– C:\WINDOWS\system32\en-US
2006-12-25 22:08 <DIR> d–h-c— C:\WINDOWS\ie7
2006-12-25 22:07 23,856 –a—— C:\WINDOWS\system32\spupdsvc.exe
2006-12-25 22:07 121,856 ——— C:\WINDOWS\system32\xmllite.dll
2006-12-25 22:06 <DIR> d–h—– C:\WINDOWS\$hf_mig$
2006-12-25 22:06 <DIR> d——– C:\WINDOWS\network diagnostic
2006-12-25 21:58 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\Windows Genuine Advantage
2006-12-25 21:54 <DIR> d——– C:\DOCUME~1\TIMODU~1\Contacts
2006-12-25 21:53 3,072 –a—— C:\WINDOWS\system32\drivers\audstub.sys
2006-12-25 21:53 <DIR> d—-c— C:\WINDOWS\system32\DRVSTORE
2006-12-25 21:52 87,424 –a—— C:\WINDOWS\system32\drivers\irda.sys
2006-12-25 21:52 8,192 –a—— C:\WINDOWS\system32\wshirda.dll
2006-12-25 21:52 57,472 –a—— C:\WINDOWS\system32\drivers\redbook.sys
2006-12-25 21:52 46,080 –a—— C:\WINDOWS\system32\drivers\smcirda.sys
2006-12-25 21:52 27,136 –a—— C:\WINDOWS\system32\irmon.dll
2006-12-25 21:52 19,584 –a—— C:\WINDOWS\system32\drivers\rasirda.sys
2006-12-25 21:52 152,576 –a—— C:\WINDOWS\system32\irftp.exe
2006-12-25 21:51 8,832 –a—— C:\WINDOWS\system32\drivers\wmiacpi.sys
2006-12-25 21:51 74,240 –a—— C:\WINDOWS\system32\usbui.dll
2006-12-25 21:51 6,400 –a—— C:\WINDOWS\system32\drivers\enum1394.sys
2006-12-25 21:51 5,504 –a—— C:\WINDOWS\system32\drivers\intelide.sys
2006-12-25 21:50 9,344 –a—— C:\WINDOWS\system32\drivers\compbatt.sys
2006-12-25 21:50 14,080 –a—— C:\WINDOWS\system32\drivers\CmBatt.sys
2006-12-25 21:50 14,080 –a—— C:\WINDOWS\system32\drivers\battc.sys
2006-12-25 21:49 9,936 –a—— C:\WINDOWS\system\LZEXPAND.DLL
2006-12-25 21:49 9,008 –a—— C:\WINDOWS\system\VER.DLL
2006-12-25 21:49 85,020 –a—— C:\WINDOWS\system32\dgsetup.dll
2006-12-25 21:49 82,944 –a—— C:\WINDOWS\system\OLECLI.DLL
2006-12-25 21:49 8,704 –a—— C:\WINDOWS\system32\batt.dll
2006-12-25 21:49 8,192 -ra—— C:\WINDOWS\system32\kbdhept.dll
2006-12-25 21:49 74,752 –a—— C:\WINDOWS\system32\storprop.dll
2006-12-25 21:49 7,168 -ra—— C:\WINDOWS\system32\kbdcz.dll
2006-12-25 21:49 69,584 –a—— C:\WINDOWS\system\AVICAP.DLL
2006-12-25 21:49 69,120 –a—— C:\WINDOWS\NOTEPAD.EXE
2006-12-25 21:49 68,768 –a—— C:\WINDOWS\system\MMSYSTEM.DLL
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdycl.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdsl1.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdsl.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdpl.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdhu.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdhela3.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdcz2.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdcz1.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\kbdcr.dll
2006-12-25 21:49 6,656 -ra—— C:\WINDOWS\system32\KBDAL.DLL
2006-12-25 21:49 6,144 -ra—— C:\WINDOWS\system32\kbdtuq.dll
2006-12-25 21:49 6,144 -ra—— C:\WINDOWS\system32\kbdtuf.dll
2006-12-25 21:49 6,144 -ra—— C:\WINDOWS\system32\kbdlv1.dll
2006-12-25 21:49 6,144 -ra—— C:\WINDOWS\system32\kbdlv.dll
2006-12-25 21:49 6,144 -ra—— C:\WINDOWS\system32\kbdhela2.dll
2006-12-25 21:49 6,144 -ra—— C:\WINDOWS\system32\kbdgkl.dll
2006-12-25 21:49 6,144 -ra—— C:\WINDOWS\system32\kbdest.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdro.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdpl1.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdmon.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdlt1.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdlt.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdkyr.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdhu1.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdhe319.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdhe220.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdhe.dll
2006-12-25 21:49 5,632 -ra—— C:\WINDOWS\system32\kbdazel.dll
2006-12-25 21:49 5,120 –a—— C:\WINDOWS\system\SHELL.DLL
2006-12-25 21:49 32,816 –a—— C:\WINDOWS\system\COMMDLG.DLL
2006-12-25 21:49 24,661 –a—— C:\WINDOWS\system32\spxcoins.dll
2006-12-25 21:49 24,064 –a—— C:\WINDOWS\system\OLESVR.DLL
2006-12-25 21:49 19,200 –a—— C:\WINDOWS\system\TAPI.DLL
2006-12-25 21:49 176,157 –a—— C:\WINDOWS\system32\dgrpsetu.dll
2006-12-25 21:49 15,360 –a—— C:\WINDOWS\TASKMAN.EXE
2006-12-25 21:49 13,312 –a—— C:\WINDOWS\system32\irclass.dll
2006-12-25 21:49 126,912 –a—— C:\WINDOWS\system\MSVIDEO.DLL
2006-12-25 21:49 11,264 –a—— C:\WINDOWS\system32\drivers\irenum.sys
2006-12-25 21:49 109,456 –a—— C:\WINDOWS\system\AVIFILE.DLL
2006-12-25 21:49 103,424 –a—— C:\WINDOWS\system32\EqnClass.Dll
2006-12-25 21:49 <DIR> dr——- C:\Program Files
2006-12-25 21:49 <DIR> d–hs—- C:\WINDOWS\Installer
2006-12-25 21:49 <DIR> d——– C:\Program Files\Common Files\SpeechEngines
2006-12-25 21:49 <DIR> d——– C:\Program Files\Common Files\ODBC
2006-12-25 21:48 <DIR> dr——- C:\DOCUME~1\ALLUSE~1\Documents
2006-12-25 21:48 <DIR> d——– C:\WINDOWS\system32\CatRoot2
2006-12-25 21:48 <DIR> d——– C:\WINDOWS\system32\CatRoot
2006-12-25 21:48 <DIR> d——– C:\Documents and Settings
2006-12-25 21:41 <DIR> d——– C:\WINDOWS\system32\SoftwareDistribution
2006-12-25 21:40 <DIR> dr-hsc— C:\WINDOWS\system32\dllcache
2006-12-25 21:40 <DIR> dr–s—- C:\WINDOWS\Fonts
2006-12-25 21:40 <DIR> dr——- C:\WINDOWS\Web
2006-12-25 21:40 <DIR> d–hs—- C:\RECYCLER
2006-12-25 21:40 <DIR> d–h—– C:\WINDOWS\inf
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\WinSxS
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\twain_32
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\wins
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\wbem
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\usmt
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\spool
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\ShellExt
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\Setup
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\ras
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\oobe
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\npp
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\mui
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\inetsrv
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\IME
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\icsxml
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\ias
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\export
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\drivers\etc
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\drivers\disdn
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\drivers
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\dhcp
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\config
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\3com_dmi
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\3076
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\2052
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\1054
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\1042
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\1041
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\1037
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\1033
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\1031
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\1028
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32\1025
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system32
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\system
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\security
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Resources
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\repair
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Provisioning
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\PeerNet
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\pchealth
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\mui
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\msapps
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\msagent
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Media
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\java
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\ime
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Help
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\ehome
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Driver Cache
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Debug
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Cursors
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Connection Wizard
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\Config
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\AppPatch
2006-12-25 21:40 <DIR> d——– C:\WINDOWS\addins
2006-12-25 21:40 <DIR> d——– C:\WINDOWS
2006-12-25 21:32 <DIR> d——– C:\Program Files\Norton AntiVirus
2006-12-25 21:31 91,904 –a—— C:\WINDOWS\system32\S32EVNT1.DLL
2006-12-25 21:31 124,016 –a—— C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2006-12-25 21:31 <DIR> d——– C:\Program Files\Symantec
2006-12-25 21:31 <DIR> d——– C:\Program Files\Common Files\Symantec Shared
2006-12-25 21:31 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Symantec
2006-12-25 21:31 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\Symantec
2006-12-25 21:30 204,800 –a—— C:\WINDOWS\system32\IVIresizeW7.dll
2006-12-25 21:30 200,704 –a—— C:\WINDOWS\system32\IVIresizeA6.dll
2006-12-25 21:30 20,480 –a—— C:\WINDOWS\system32\IVIresize.dll
2006-12-25 21:30 192,512 –a—— C:\WINDOWS\system32\IVIresizeP6.dll
2006-12-25 21:30 192,512 –a—— C:\WINDOWS\system32\IVIresizeM6.dll
2006-12-25 21:30 188,416 –a—— C:\WINDOWS\system32\IVIresizePX.dll
2006-12-25 21:30 <DIR> d——– C:\Program Files\InterVideo
2006-12-25 21:29 344,064 -ra—— C:\WINDOWS\system32\msvcr70.dll
2006-12-25 21:29 221,184 –a—— C:\WINDOWS\system32\wmpns.dll
2006-12-25 21:29 <DIR> d——– C:\Program Files\Fingerprint Sensor
2006-12-25 21:29 <DIR> d——– C:\Program Files\AuthenTec
2006-12-25 21:28 <DIR> d——– C:\WINDOWS\RegisteredPackages
2006-12-25 21:28 <DIR> d——– C:\Program Files\Windows Media Connect
2006-12-25 21:27 <DIR> d——– C:\Program Files\Java
2006-12-25 21:27 <DIR> d——– C:\Program Files\Common Files\Java
2006-12-25 21:26 32,356 ——— C:\WINDOWS\system32\pusbfd1.sys
2006-12-25 21:25 <DIR> d——– C:\Program Files\Common Files\Sonic
2006-12-25 21:25 <DIR> d——– C:\DOCUME~1\TIMODU~1\Application Data\Sonic
2006-12-25 21:24 7,432 –a—— C:\WINDOWS\system32\drivers\eabfiltr.sys
2006-12-25 21:24 65,536 –a—— C:\WINDOWS\system32\hpqactn.dll
2006-12-25 21:24 5,220 –a—— C:\WINDOWS\system32\drivers\EabUsb.sys
2006-12-25 21:24 425,984 –a—— C:\WINDOWS\system32\hpqPres.dll
2006-12-25 21:24 32,768 –a—— C:\WINDOWS\system32\eabhbrn8.dll
2006-12-25 21:24 225,280 –a—— C:\WINDOWS\system32\cpqinfo.dll
2006-12-25 21:24 109,568 ——— C:\WINDOWS\system32\pxinsi64.exe
2006-12-25 21:24 108,544 ——— C:\WINDOWS\system32\pxcpyi64.exe
2006-12-25 21:24 <DIR> d——– C:\Program Files\Sonic
2006-12-25 21:24 <DIR> d——– C:\Program Files\Common Files\SureThing Shared
2006-12-25 21:24 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\hpqwmi
2006-12-25 21:23 94,274 -ra—— C:\WINDOWS\system32\HPBHEALR.DLL
2006-12-25 21:23 69,632 -ra—— C:\WINDOWS\system32\HPMBTPMS.DLL
2006-12-25 21:23 58,368 -ra—— C:\WINDOWS\system32\HPDOMON.DLL
2006-12-25 21:23 49,252 -ra—— C:\WINDOWS\system32\NovPMQueue.DLL
2006-12-25 21:23 49,250 -ra—— C:\WINDOWS\system32\NovPMNdps.DLL
2006-12-25 21:23 40,960 -ra—— C:\WINDOWS\system32\hpmbtppw.dll
2006-12-25 21:23 40,960 -ra—— C:\WINDOWS\system32\HPBMMON.DLL
2006-12-25 21:23 155,648 -ra—— C:\WINDOWS\system32\HPMystPM.DLL
2006-12-25 21:23 135,168 -ra—— C:\WINDOWS\system32\hpmbtprw.dll
2006-12-25 21:23 126,976 -ra—— C:\WINDOWS\system32\hprdvtcp.dll
2006-12-25 21:23 118,784 -ra—— C:\WINDOWS\system32\HPMPMW.DLL
2006-12-25 21:23 <DIR> d——– C:\WINDOWS\Downloaded Installations
2006-12-25 21:23 <DIR> d——– C:\Program Files\HP Accessories Product Tour
2006-12-25 21:19 <DIR> dr–s—- C:\WINDOWS\assembly
2006-12-25 21:19 <DIR> d——– C:\WINDOWS\system32\URTTemp
2006-12-25 21:19 <DIR> d——– C:\WINDOWS\Microsoft.NET
2006-12-25 21:18 59,044 -ra—— C:\WINDOWS\system32\drivers\clntmgmt.sys
2006-12-25 21:18 32,768 ——— C:\WINDOWS\biwlandrvxpver.dll
2006-12-25 21:17 458,752 –a—— C:\WINDOWS\system32\w29NCPA.dll
2006-12-25 21:17 3,222,784 –a—— C:\WINDOWS\system32\drivers\w29n51.sys
2006-12-25 21:17 1,654,784 –a—— C:\WINDOWS\system32\W29MLRES.DLL
2006-12-25 21:17 <DIR> d——– C:\SWSetup
2006-12-25 21:17 <DIR> d——– C:\Program Files\Intel
2006-12-25 21:16 294,912 -ra—— C:\WINDOWS\system32\atiiiexx.dll
2006-12-25 21:16 28,672 -ra—— C:\WINDOWS\cttib1.dll
2006-12-25 21:16 <DIR> d——– C:\Program Files\ATI Technologies
2006-12-25 21:15 90,202 –a—— C:\WINDOWS\system32\SynTPAPI.dll
2006-12-25 21:15 81,920 –a—— C:\WINDOWS\system32\SynTPCo2.dll
2006-12-25 21:15 77,917 –a—— C:\WINDOWS\system32\SynCOM.dll
2006-12-25 21:15 69,722 –a—— C:\WINDOWS\system32\SynTPFcs.dll
2006-12-25 21:15 186,016 –a—— C:\WINDOWS\system32\drivers\SynTP.sys
2006-12-25 21:15 114,688 –a—— C:\WINDOWS\system32\SynCtrl.dll
2006-12-25 21:15 <DIR> d——– C:\WINDOWS\system32\ReinstallBackups
2006-12-25 21:15 <DIR> d——– C:\Program Files\Synaptics
2006-12-25 21:14 <DIR> d——– C:\WINDOWS\tiinst
2006-12-25 21:13 88,363 -ra—— C:\WINDOWS\AGRSMMSG.exe
2006-12-25 21:13 64,512 -ra—— C:\WINDOWS\agrsmdel.exe
2006-12-25 21:13 1,268,204 -ra—— C:\WINDOWS\system32\drivers\AGRSM.sys
2006-12-25 21:13 <DIR> d——– C:\WINDOWS\Options
2006-12-25 21:13 <DIR> d——– C:\Program Files\HPQ
2006-12-25 21:13 <DIR> d——– C:\DOCUME~1\TIMODU~1\Bluetooth Software
2006-12-25 21:12 <DIR> d——– C:\Program Files\WIDCOMM
2006-12-25 21:11 82,944 –a—— C:\WINDOWS\system32\drivers\wdmaud.sys
2006-12-25 21:11 7,552 –a—— C:\WINDOWS\system32\drivers\MSKSSRV.sys
2006-12-25 21:11 60,800 –a—— C:\WINDOWS\system32\drivers\sysaudio.sys
2006-12-25 21:11 6,400 –a—— C:\WINDOWS\system32\drivers\splitter.sys
2006-12-25 21:11 54,272 –a—— C:\WINDOWS\system32\drivers\swmidi.sys
2006-12-25 21:11 52,864 –a—— C:\WINDOWS\system32\drivers\DMusic.sys
2006-12-25 21:11 5,376 –a—— C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2006-12-25 21:11 4,992 –a—— C:\WINDOWS\system32\drivers\MSPQM.sys
2006-12-25 21:11 2,944 –a—— C:\WINDOWS\system32\drivers\drmkaud.sys
2006-12-25 21:11 172,416 –a—— C:\WINDOWS\system32\drivers\kmixer.sys
2006-12-25 21:11 142,464 –a—— C:\WINDOWS\system32\drivers\aec.sys
2006-12-25 21:11 <DIR> d——– C:\Program Files\Broadcom
2006-12-25 21:10 60,288 –a—— C:\WINDOWS\system32\drivers\drmk.sys
2006-12-25 21:10 49,152 –a—— C:\WINDOWS\system32\DSndUp.exe
2006-12-25 21:10 45,056 –a—— C:\WINDOWS\system32\CleanUp.exe
2006-12-25 21:10 4,096 –a—— C:\WINDOWS\system32\ksuser.dll
2006-12-25 21:10 30,208 –a—— C:\WINDOWS\system32\wdmioctl.dll
2006-12-25 21:10 259,840 –a—— C:\WINDOWS\system32\drivers\smwdm.sys
2006-12-25 21:10 145,792 –a—— C:\WINDOWS\system32\drivers\portcls.sys
2006-12-25 21:10 127,744 -ra—— C:\WINDOWS\system32\drivers\aeaudio.sys
2006-12-25 21:10 1,285,632 –a—— C:\WINDOWS\system32\SMMedia.dll
2006-12-25 21:10 <DIR> d–h—– C:\Program Files\InstallShield Installation Information
2006-12-25 21:10 <DIR> d——– C:\Program Files\Common Files\InstallShield
2006-12-25 21:10 <DIR> d——– C:\Program Files\Analog Devices
2006-12-25 21:09 <DIR> d——– C:\SYSTEM.SAV
2006-12-25 21:05 <DIR> d——– C:\WINDOWS\SoftwareDistribution
2006-12-25 21:05 <DIR> d——– C:\WINDOWS\Prefetch
2006-12-25 21:01 0 -rahs—- C:\MSDOS.SYS
2006-12-25 21:01 0 -rahs—- C:\IO.SYS
2006-12-25 21:01 0 –a—— C:\CONFIG.SYS
2006-12-25 21:01 0 –a—— C:\AUTOEXEC.BAT
2006-12-25 21:01 <DIR> d——– C:\WINDOWS\system32\xircom
2006-12-25 21:01 <DIR> d——– C:\Program Files\microsoft frontpage
2006-12-25 21:00 112,128 –a—— C:\WINDOWS\system32\mapi32.dll
2006-12-25 21:00 <DIR> d–hs—- C:\DOCUME~1\ALLUSE~1\DRM
2006-12-25 20:59 11,264 –a—— C:\WINDOWS\system32\atrace.dll
2006-12-25 20:59 <DIR> dr——- C:\WINDOWS\Offline Web Pages
2006-12-25 20:59 <DIR> d–h—– C:\Program Files\WindowsUpdate
2006-12-25 20:59 <DIR> d—s—- C:\WINDOWS\Downloaded Program Files
2006-12-25 20:59 <DIR> d——– C:\WINDOWS\system32\DirectX
2006-12-25 20:58 81,920 –a—— C:\WINDOWS\system32\isign32.dll
2006-12-25 20:58 81,920 –a—— C:\WINDOWS\system32\ils.dll
2006-12-25 20:58 8,192 –a—— C:\WINDOWS\system32\bitsprx2.dll
2006-12-25 20:58 73,728 –a—— C:\WINDOWS\system32\icwdial.dll
2006-12-25 20:58 73,472 –a—— C:\WINDOWS\system32\drivers\sr.sys
2006-12-25 20:58 7,168 –a—— C:\WINDOWS\system32\bitsprx3.dll
2006-12-25 20:58 69,632 –a—— C:\WINDOWS\system32\msconf.dll
2006-12-25 20:58 679,424 –a—— C:\WINDOWS\system32\inetcomm.dll
2006-12-25 20:58 67,584 –a—— C:\WINDOWS\system32\srclient.dll
2006-12-25 20:58 65,536 –a—— C:\WINDOWS\system32\icwphbk.dll
2006-12-25 20:58 64,512 –a—— C:\WINDOWS\system32\acctres.dll
2006-12-25 20:58 6,656 –a—— C:\WINDOWS\system32\wuauserv.dll
2006-12-25 20:58 48,128 –a—— C:\WINDOWS\system32\inetres.dll
2006-12-25 20:58 465,176 –a—— C:\WINDOWS\system32\wuapi.dll
2006-12-25 20:58 45,568 –a—— C:\WINDOWS\system32\safrslv.dll
2006-12-25 20:58 43,520 –a—— C:\WINDOWS\system32\safrcdlg.dll
2006-12-25 20:58 43,520 –a—— C:\WINDOWS\system32\racpldlg.dll
2006-12-25 20:58 41,240 –a—— C:\WINDOWS\system32\wups.dll
2006-12-25 20:58 382,464 –a—— C:\WINDOWS\system32\qmgr.dll
2006-12-25 20:58 34,560 –a—— C:\WINDOWS\system32\mnmdd.dll
2006-12-25 20:58 32,768 –a—— C:\WINDOWS\system32\mnmsrvc.exe
2006-12-25 20:58 32,768 –a—— C:\WINDOWS\system32\isrdbg32.dll
2006-12-25 20:58 29,696 –a—— C:\WINDOWS\system32\safrdm.dll
2006-12-25 20:58 28,672 –a—— C:\WINDOWS\system32\nmmkcert.dll
2006-12-25 20:58 274,944 –a—— C:\WINDOWS\system32\mstask.dll
2006-12-25 20:58 274,432 –a—— C:\WINDOWS\system32\inetcfg.dll
2006-12-25 20:58 252,928 –a—— C:\WINDOWS\system32\msoeacct.dll
2006-12-25 20:58 239,104 –a—— C:\WINDOWS\system32\srrstr.dll
2006-12-25 20:58 23,040 –a—— C:\WINDOWS\system32\fltmc.exe
2006-12-25 20:58 194,328 –a—— C:\WINDOWS\system32\wuaueng1.dll
2006-12-25 20:58 190,976 –a—— C:\WINDOWS\system32\schedsvc.dll
2006-12-25 20:58 18,944 –a—— C:\WINDOWS\system32\qmgrprxy.dll
2006-12-25 20:58 173,536 –a—— C:\WINDOWS\system32\wuweb.dll
2006-12-25 20:58 172,312 –a—— C:\WINDOWS\system32\wuauclt1.exe
2006-12-25 20:58 170,496 –a—— C:\WINDOWS\system32\srsvc.dll
2006-12-25 20:58 16,896 –a—— C:\WINDOWS\system32\fltlib.dll
2006-12-25 20:58 16,384 –a—— C:\WINDOWS\system32\icfgnt5.dll
2006-12-25 20:58 128,896 –a—— C:\WINDOWS\system32\drivers\fltmgr.sys
2006-12-25 20:58 127,256 –a—— C:\WINDOWS\system32\wucltui.dll
2006-12-25 20:58 124,184 –a—— C:\WINDOWS\system32\wuauclt.exe
2006-12-25 20:58 12,288 –a—— C:\WINDOWS\system32\nmevtmsg.dll
2006-12-25 20:58 12,288 –a—— C:\WINDOWS\system32\mstinit.exe
2006-12-25 20:58 105,984 –a—— C:\WINDOWS\system32\msoert2.dll
2006-12-25 20:58 1,343,768 –a—— C:\WINDOWS\system32\wuaueng.dll
2006-12-25 20:58 <DIR> d—s—- C:\WINDOWS\Tasks
2006-12-25 20:58 <DIR> d——– C:\WINDOWS\system32\Restore
2006-12-25 20:58 <DIR> d——– C:\WINDOWS\system32\Macromed
2006-12-25 20:58 <DIR> d——– C:\WINDOWS\srchasst
2006-12-25 20:58 <DIR> d——– C:\Program Files\Movie Maker
2006-12-25 20:58 <DIR> d——– C:\Program Files\Common Files\MSSoap
2006-12-25 20:57 <DIR> d——– C:\WINDOWS\Registration
2006-12-25 20:57 <DIR> d——– C:\Program Files\Online Services
2006-12-25 20:56 97,792 –a—— C:\WINDOWS\system32\comrepl.dll
2006-12-25 20:56 956,416 –a—— C:\WINDOWS\system32\msdtctm.dll
2006-12-25 20:56 93,696 –a—— C:\WINDOWS\system32\tscfgwmi.dll
2006-12-25 20:56 91,136 –a—— C:\WINDOWS\system32\mtxoci.dll
2006-12-25 20:56 9,728 –a—— C:\WINDOWS\system32\reset.exe
2006-12-25 20:56 87,176 –a—— C:\WINDOWS\system32\rdpwsx.dll
2006-12-25 20:56 85,504 –a—— C:\WINDOWS\system32\catsrvps.dll
2006-12-25 20:56 80,384 –a—— C:\WINDOWS\system32\charmap.exe
2006-12-25 20:56 73,216 –a—— C:\WINDOWS\system32\avwav.dll
2006-12-25 20:56 67,072 –a—— C:\WINDOWS\system32\rdshost.exe
2006-12-25 20:56 655,360 –a—— C:\WINDOWS\system32\mstscax.dll
2006-12-25 20:56 625,152 –a—— C:\WINDOWS\system32\catsrvut.dll
2006-12-25 20:56 62,464 –a—— C:\WINDOWS\system32\rdpclip.exe
2006-12-25 20:56 605,696 –a—— C:\WINDOWS\system32\getuname.dll
2006-12-25 20:56 60,416 –a—— C:\WINDOWS\system32\remotepg.dll
2006-12-25 20:56 60,416 –a—— C:\WINDOWS\system32\colbact.dll
2006-12-25 20:56 6,144 –a—— C:\WINDOWS\system32\msdtc.exe
2006-12-25 20:56 58,880 –a—— C:\WINDOWS\system32\msdtclog.dll
2006-12-25 20:56 56,832 –a—— C:\WINDOWS\system32\sol.exe
2006-12-25 20:56 55,296 –a—— C:\WINDOWS\system32\freecell.exe
2006-12-25 20:56 540,160 –a—— C:\WINDOWS\system32\comuid.dll
2006-12-25 20:56 54,272 –a—— C:\WINDOWS\system32\stclient.dll
2006-12-25 20:56 538,624 –a—— C:\WINDOWS\system32\spider.exe
2006-12-25 20:56 5,632 –a—— C:\WINDOWS\system32\write.exe
2006-12-25 20:56 5,120 –a—— C:\WINDOWS\system32\dcomcnfg.exe
2006-12-25 20:56 498,688 –a—— C:\WINDOWS\system32\clbcatq.dll
2006-12-25 20:56 44,544 –a—— C:\WINDOWS\system32\tscupgrd.exe
2006-12-25 20:56 44,544 –a—— C:\WINDOWS\system32\hticons.dll
2006-12-25 20:56 426,496 –a—— C:\WINDOWS\system32\msdtcprx.dll
2006-12-25 20:56 407,552 –a—— C:\WINDOWS\system32\mstsc.exe
2006-12-25 20:56 4,096 –a—— C:\WINDOWS\system32\rdpcfgex.dll
2006-12-25 20:56 4,096 –a—— C:\WINDOWS\system32\mtxex.dll
2006-12-25 20:56 38,912 –a—— C:\WINDOWS\system32\cfgbkend.dll
2006-12-25 20:56 35,328 –a—— C:\WINDOWS\system32\winchat.exe
2006-12-25 20:56 347,136 –a—— C:\WINDOWS\system32\hypertrm.dll
2006-12-25 20:56 343,040 –a—— C:\WINDOWS\system32\mspaint.exe
2006-12-25 20:56 33,792 –a—— C:\WINDOWS\system32\regini.exe
2006-12-25 20:56 295,424 –a—— C:\WINDOWS\system32\termsrv.dll
2006-12-25 20:56 25,600 –a—— C:\WINDOWS\system32\comaddin.dll
2006-12-25 20:56 25,088 –a—— C:\WINDOWS\system32\mtxlegih.dll
2006-12-25 20:56 227,840 –a—— C:\WINDOWS\system32\avtapi.dll
2006-12-25 20:56 225,792 –a—— C:\WINDOWS\system32\catsrv.dll
2006-12-25 20:56 22,016 –a—— C:\WINDOWS\system32\qwinsta.exe
2006-12-25 20:56 21,896 –a—— C:\WINDOWS\system32\drivers\tdtcp.sys
2006-12-25 20:56 20,992 –a—— C:\WINDOWS\system32\msg.exe
2006-12-25 20:56 20,480 –a—— C:\WINDOWS\system32\qprocess.exe
2006-12-25 20:56 20,480 –a—— C:\WINDOWS\system32\mtxdm.dll
2006-12-25 20:56 19,968 –a—— C:\WINDOWS\system32\rdpsnd.dll
2006-12-25 20:56 183,808 –a—— C:\WINDOWS\system32\accwiz.exe
2006-12-25 20:56 161,280 –a—— C:\WINDOWS\system32\msdtcuiu.dll
2006-12-25 20:56 16,896 –a—— C:\WINDOWS\system32\tsshutdn.exe
2006-12-25 20:56 16,896 –a—— C:\WINDOWS\system32\qappsrv.exe
2006-12-25 20:56 16,384 –a—— C:\WINDOWS\system32\tskill.exe
2006-12-25 20:56 16,384 –a—— C:\WINDOWS\system32\avmeter.dll
2006-12-25 20:56 15,872 –a—— C:\WINDOWS\system32\rwinsta.exe
2006-12-25 20:56 15,872 –a—— C:\WINDOWS\system32\cdmodem.dll
2006-12-25 20:56 15,360 –a—— C:\WINDOWS\system32\logoff.exe
2006-12-25 20:56 147,968 –a—— C:\WINDOWS\system32\rdchost.dll
2006-12-25 20:56 147,456 –a—— C:\WINDOWS\system32\comsnap.dll
2006-12-25 20:56 140,800 –a—— C:\WINDOWS\system32\sessmgr.exe
2006-12-25 20:56 14,848 –a—— C:\WINDOWS\system32\tsdiscon.exe
2006-12-25 20:56 14,848 –a—— C:\WINDOWS\system32\tscon.exe
2006-12-25 20:56 14,848 –a—— C:\WINDOWS\system32\shadow.exe
2006-12-25 20:56 139,528 –a—— C:\WINDOWS\system32\drivers\rdpwd.sys
2006-12-25 20:56 138,752 –a—— C:\WINDOWS\system32\sndvol32.exe
2006-12-25 20:56 131,584 –a—— C:\WINDOWS\system32\sndrec32.exe
2006-12-25 20:56 13,824 –a—— C:\WINDOWS\system32\rdsaddin.exe
2006-12-25 20:56 126,976 –a—— C:\WINDOWS\system32\mshearts.exe
2006-12-25 20:56 123,392 –a—— C:\WINDOWS\system32\mplay32.exe
2006-12-25 20:56 12,040 –a—— C:\WINDOWS\system32\drivers\tdpipe.sys
2006-12-25 20:56 119,808 –a—— C:\WINDOWS\system32\winmine.exe
2006-12-25 20:56 114,688 –a—— C:\WINDOWS\system32\calc.exe
2006-12-25 20:56 110,080 –a—— C:\WINDOWS\system32\clbcatex.dll
2006-12-25 20:56 11,776 –a—— C:\WINDOWS\system32\xolehlp.dll
2006-12-25 20:56 11,264 –a—— C:\WINDOWS\system32\icaapi.dll
2006-12-25 20:56 102,912 –a—— C:\WINDOWS\system32\clipbrd.exe
2006-12-25 20:56 1,267,200 –a—— C:\WINDOWS\system32\comsvcs.dll
2006-12-25 20:56 1,161 –a—— C:\WINDOWS\system32\usrlogon.cmd
2006-12-25 20:56 <DIR> d——– C:\WINDOWS\system32\MsDtc
2006-12-25 20:56 <DIR> d——– C:\WINDOWS\system32\Com
2006-12-25 20:56 <DIR> d——– C:\Program Files\Windows NT
2006-12-25 20:56 <DIR> d——– C:\Program Files\MSN Gaming Zone
2006-12-25 20:56 <DIR> d——– C:\Program Files\Messenger
2006-12-25 20:55 58,880 –a—— C:\WINDOWS\system32\licwmi.dll
2006-12-25 20:55 56,320 –a—— C:\WINDOWS\system32\servdeps.dll
2006-12-25 20:55 40,840 –a—— C:\WINDOWS\system32\drivers\termdd.sys
2006-12-25 20:55 196,864 –a—— C:\WINDOWS\system32\drivers\rdpdr.sys
2006-12-25 20:55 185,344 –a—— C:\WINDOWS\system32\cmprops.dll
2006-12-25 20:55 17,408 –a—— C:\WINDOWS\system32\mmfutil.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-01-14 17:06 ——– d—s—- C:\DOCUME~1\TIMODU~1\Application Data\microsoft
2006-12-26 11:40 299 –a—— C:\DOCUME~1\TIMODU~1\Application Data\internaldb1942.dat
2006-12-26 11:40 23 –a—— C:\DOCUME~1\TIMODU~1\Application Data\inifile41.ini
2006-12-25 21:48 62 –ahs—- C:\DOCUME~1\TIMODU~1\Application Data\desktop.ini
2006-12-25 21:43 ——– d——– C:\DOCUME~1\TIMODU~1\Application Data\macromedia
2006-12-25 21:06 ——– d——– C:\DOCUME~1\TIMODU~1\Application Data\identities
2006-12-12 17:30 520192 –a—— C:\WINDOWS\system32\divxsm.exe
2006-12-12 17:30 3596288 –a—— C:\WINDOWS\system32\qt-dx331.dll
2006-12-12 17:30 20640 ——— C:\WINDOWS\system32\drivers\pxhelp20.sys
2006-12-12 17:30 200704 –a—— C:\WINDOWS\system32\ssldivx.dll
2006-12-12 17:30 1044480 –a—— C:\WINDOWS\system32\libdivx.dll
2006-12-12 17:25 806912 –a—— C:\WINDOWS\system32\divx_xx0c.dll
2006-12-12 17:25 806912 –a—— C:\WINDOWS\system32\divx_xx07.dll
2006-12-12 17:25 790528 –a—— C:\WINDOWS\system32\divx_xx11.dll
2006-12-12 17:25 73728 –a—— C:\WINDOWS\system32\dpl100.dll
2006-12-12 17:25 635486 –a—— C:\WINDOWS\system32\divx.dll
2006-12-12 17:25 593920 –a—— C:\WINDOWS\system32\dpugui11.dll
2006-12-12 17:25 57344 –a—— C:\WINDOWS\system32\dpv11.dll
2006-12-12 17:25 53248 –a—— C:\WINDOWS\system32\dpugui10.dll
2006-12-12 17:25 344064 –a—— C:\WINDOWS\system32\dpus11.dll
2006-12-12 17:25 294912 –a—— C:\WINDOWS\system32\dpu11.dll
2006-12-12 17:25 294912 –a—— C:\WINDOWS\system32\dpu10.dll
2006-12-12 17:25 196608 –a—— C:\WINDOWS\system32\dtu100.dll
2006-12-12 17:24 12288 –a—— C:\WINDOWS\system32\divxwmpexttype.dll
2006-12-12 17:24 118784 –a—— C:\WINDOWS\system32\divxcodecupdatechecker.exe
2006-12-07 07:40 2362184 –a—— C:\WINDOWS\system32\wmvcore.dll
2006-11-07 21:03 6049280 ——— C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50688 ——— C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458752 ——— C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 413696 –a—— C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 –a—— C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 180736 ——— C:\WINDOWS\system32\ieui.dll
2006-11-07 21:03 156160 –a—— C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 –a—— C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 –a—— C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 –a—— C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 –a—— C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 –a—— C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 –a—— C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 –a—— C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 13312 –a—— C:\WINDOWS\system32\ieudinit.exe
2006-11-07 03:26 123904 –a—— C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 –a—— C:\WINDOWS\system32\ieakui.dll
2006-10-24 12:30 716288 ——— C:\WINDOWS\system32\windowscodecs.dll
2006-10-24 12:30 412160 ——— C:\WINDOWS\system32\photometadatahandler.dll
2006-10-24 12:30 276992 ——— C:\WINDOWS\system32\wmphoto.dll
2006-10-24 12:29 352256 ——— C:\WINDOWS\system32\windowscodecsext.dll
2006-10-19 14:56 713216 –a—— C:\WINDOWS\system32\sxs.dll
2006-10-17 12:06 78336 –a—— C:\WINDOWS\system32\ieencode.dll
2006-10-17 12:05 40960 –a—— C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 206336 ——— C:\WINDOWS\system32\winfxdocobj.exe
2006-10-17 12:05 105984 –a—— C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 –a—— C:\WINDOWS\system32\occache.dll
2006-10-17 12:03 17408 –a—— C:\WINDOWS\system32\corpol.dll
2006-10-17 11:58 61952 ——— C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 ——— C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 36352 –a—— C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:57 266752 ——— C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:56 45568 –a—— C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 –a—— C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:27 380928 ——— C:\WINDOWS\system32\ieapfltr.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"CSIM"="C:\\PROGRA~1\\CSIM\\aim.exe -cnetwait.odl"
"Uniblue Registry Booster"="C:\\Program Files\\Uniblue\\Registry Booster\\RegistryBooster.exe /S"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMAXPnP"="C:\\Program Files\\Analog Devices\\SoundMAX\\SMax4PNP.exe"
"SoundMAX"="C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe /tray"
"AGRSMMSG"="AGRSMMSG.exe"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe"
"eabconfg.cpl"="C:\\Program Files\\HPQ\\Quick Launch Buttons\\EabServr.exe /Start"
"UpdateManager"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0\\bin\\jusched.exe"
"hpWirelessAssistant"="C:\\Program Files\\hpq\\HP Wireless Assistant\\HP Wireless Assistant.exe"
"CognizanceTS"="rundll32.exe C:\\PROGRA~1\\HPQ\\IAM\\Bin\\AsTsVcc.dll,RegisterModule"
"WatchDog"="C:\\Program Files\\InterVideo\\DVD Check\\DVDCheck.exe"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"PCSuiteTrayApplication"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -startup"
"Hitman Pro Expiration Helper"="\"C:\\Program Files\\Hitman Pro\\xphelper.exe\""

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"
"Spyware Doctor"=""

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"
"Spyware Doctor"=""

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
Cognizance REG_MULTI_SZ ASChannel\0\0
Usnsvc REG_MULTI_SZ usnsvc\0\0



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Norton AntiVirus - Mijn computer scannen - Timo Dubbeldam.job
C:\WINDOWS\tasks\XoftSpySE.job

Completion time: 07-01-16 19:17:22



[b:e4e859bcef]HIJACK THIS LOG[/b:e4e859bcef]
Logfile of HijackThis v1.99.1
Scan saved at 20:14:04, on 16-1-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\CSIM\aim.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\TIMODU~1\LOCALS~1\Temp\Rar$EX00.484\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Hitman Pro Expiration Helper] "C:\Program Files\Hitman Pro\xphelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CSIM] C:\PROGRA~1\CSIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe



En ojah, nog hardstikke bedankt dat jullie de tijd nemen mij te helpen. Nu nog een oplossing en ik ben helemaal blij =D!!

Elke keer als ik msn opstart en 2 seconden wacht loopt het hele systeem vast. Hoe komt dat? Ik heb al geprobeerd msn te herinstalleren. Helaas niet gelukt

Het zou in ieder geval handig zijn om wat meer info te geven over je systeem, dan kunnen andere forum´ers met je mee denken…op deze manier vrees ik dat je geen antwoord krijgt

Nou ik weet niet zoveel over me systeem. Maar vroeger deed Msn het makkelijk. Sinds vanavond doet hij het niet meer.

Zodra ik me aanmeld (wachtwoord ingevoerd) duurt het 6:34 minuten voordat ik weer normaal op de computer kan. Want me muis kan ik gewoon bewegen maar iets selecteren lukt niet . Als ik 2 seconden nadat ik me aangemeld heb, op CTRL+ALT+DELETE druk, en msn afsluit doet hij het gewoon na een paar seconden.


-> VRoeger was dit nog nooit gebeurt <-

1. Welke versie van Windows gebruik je? (Start, uitvoeren, winver, OK)
2. Heb je onlangs wat veranderd aan je computer (instellingen, nieuw programma, programma/hardware verwijderd, etc)
3. Heb je systeemherstel al geprobeerd?
4. Een HijackThis log zou handig zijn.

1. Xp pro
2. Niet zover ik weet
3. Ja

4.

Logfile of HijackThis v1.99.1
Scan saved at 16:34:45, on 15-1-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\CSIM\aim.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\TIMODU~1\LOCALS~1\Temp\Rar$EX00.781\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RunBus Class - {4865F155-CE00-4E93-A414-147844D7C81A} - C:\WINDOWS\system32\tcblioty.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Hoja Class - {C07F60AC-688D-4F3E-89EC-30B281BDD2CC} - C:\WINDOWS\system32\asclwtfy.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Chckup] C:\WINDOWS\system32\Netverchk.exe
O4 - HKCU\..\Run: [CSIM] C:\PROGRA~1\CSIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [LifeCU] C:\WINDOWS\system32\BastaYa.exe
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\mwinkoeb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://www.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - AppInit_DLLs: ASAPHook
O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

klopt me log dan?

Even een paar verdachte items:
[quote:8352ef44c1]O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKCU\..\Run: [LifeCU] C:\WINDOWS\system32\BastaYa.exe
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\mwinkoeb.exe[/quote:8352ef44c1]Verdacht omdat ik ze niet ken. Heb geen tijd om ze te onderzoeken


[quote:8352ef44c1]Deze twee zijn sowieso nutteloos als je al MSN messenger gebruikt:
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe[/quote:8352ef44c1]
Dit gaat over de Windows messenger, en ik naam aan dat je die niet gebruikt als je MSN messenger gebruikt, of wel?

Verder heb je Norton van Symantec, dat wil ook nog wel eens problemen geven heb ik gemerkt. Een iets té enthousiaste beveiliger. Problemen door Norton met MSN heb ik echter nog niet meegemaakt, behalve dat de toegang tot internet geblokeerd werd, maar da's wat anders natuurlijk.

Misschien staat er nog wel meer tussen, maar zoals gezegd heb ik nu geen tijd. Misschien is het handig om een keer crapcleaner te draaien, zie www.ccleaner.com . Zal eea aan rommel voor je weghalen.

Start je computer eens op in de veilige modus (tijdens het opstarten op F8 drukken), en stel dan MSN zo in dat het niet automatisch opstart als je Windows opstart.

Tog wou ik nog even zeggen dat het MSN is wat mijn computer bijna laat vastlopen. Alles werkt verder prima hoor!

Al geprobeerd deze helemaal van je pc te doen, en dan opnieuw opstarten .

meerdere keren

Download [b:52cd167710] naar je Bureaublad:[list:52cd167710][*:52cd167710]Dubbelklik [b:52cd167710]drweb-cureit.exe[/b:52cd167710] Klik op udate
[*:52cd167710]Na de update verschijnt er een nieuw icoontje op je buroblad "CureIt.exe" dubbelklik het en klik op Scan, sta het toe om de express scan te starten.
[*:52cd167710]Dit zal de bestanden scannen die momenteel in het geheugen geladen zijn en wanneer er iets gevonden wordt,
klik de [b:52cd167710]Yes to all[/b:52cd167710] knop bij de vraag 'cure it?'. Dit is enkel een korte scan.
[*:52cd167710]Eenmaal de korte scan is beëindigd, kan je de drives selecteren die je wilt laten scannen.
[*:52cd167710]Selecteer hier [b:52cd167710]alle drives[/b:52cd167710]. Een rood bolletje zal dan tevoorschijn komen op de drives die je laat scannen.
[*:52cd167710]Klik daarna de [b:52cd167710]groene pijl[/b:52cd167710] rechts om de scan te starten.
[*:52cd167710]Klik [b:52cd167710]Yes to all[/b:52cd167710] wanneer er gevraagd wordt om cure of move uit te voeren.
[*:52cd167710]Wanneer de scan beëindigd is, kijk of je kunt op het icoontje naast de gevonden bestanden klikken: [img:52cd167710]http://users.telenet.be/bluepatchy/miekiemoes/images/check.gif[/img:52cd167710]
[*:52cd167710]Indien ja,klik er op en klik vervolgens op het icoontje er juist onder en selecteer [b:52cd167710]Move incurable[/b:52cd167710] zoals je hier ziet:
[img:52cd167710]http://users.telenet.be/bluepatchy/miekiemoes/images/move.gif[/img:52cd167710]
Dit verplaatst gevonden bestanden naar de "%userprofile%\DoctorWeb\quarantaine-map" indien herstel niet mogelijk is.
[*:52cd167710]Nadat de scan gedaan is, in het menu bovenaan, klik [b:52cd167710]File[/b:52cd167710] en kies [b:52cd167710]Save report List[/b:52cd167710]. Bewaar het op je Bureaublad.
[*:52cd167710]Sluit daarna Dr.Web Cureit.
[*:52cd167710][b:52cd167710]Herstart[/b:52cd167710] je computer!! [i:52cd167710]Belangrijke stap, want het kan zijn dat Dr.Web Cureit bestanden zal verplaatsen/verwijderen tijdens herstart[/i:52cd167710].
[*:52cd167710]Na het herstarten, [b:52cd167710]kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post[/b:52cd167710].
[/list:u:52cd167710]

Negeer popups over Buy of 50% korting

Plaats ook een nieuw HJT logje.

J