Vraag & Antwoord

Beveiliging & privacy

Hijackthis log

Anoniem
juisterr
4 antwoorden
  • Hallo,

    Ik heb vrij veel verstand van computers, maar hier weet ik echt geen raad mee. De familiecomputer van ons gezin loopt telkens vast nadat er 5 minuten niks mee wordt gedaan. Ik heb windows opnieuw geinstalleerd, maar het probleem blijft zich voordoen. Ik kwam er 2 dagen geleden achter dat de oude C: schijf helemaal vol virussen zat. Tevens weigert mijn F: schijf geformateerd te worden. Mijn theorie: Virus of SpyWare.

    Ik heb na het lezen van een aantal artikelen in de Computer!Totaal de maatregel getroffen een Hijackthis log te maken.

    http://tcusniper.phpnet.us/hijackthis.log
  • Logfile of HijackThis v1.99.1
    Scan saved at 17:18:07, on 22-1-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
    C:\Program Files\NoAdware5.0\NoAdware5.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Ares\Ares.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\Fedox\LOCALS~1\Temp\Rar$EX00.469\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
    O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [NoAdware5] "C:\Program Files\NoAdware5.0\NoAdware5.exe" :Min:
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - Global Startup: SMCWUSB-G 802.11g Wireless USB Utility.lnk = C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
    O4 - Global Startup: Statusvenster.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
  • TeaTimer is actief
    Deze moet tijdelijk worden gestopt om de wijzigingen van hijackthis aan het register door te kunnen voeren.'

    Kijk hier hoe je deze moet uitzetten: Disable TeaTimer

    Installeer hijackthis.exe bijv. in C:\Program Files\[b:fe21b122c7]Hijackthis[/b:fe21b122c7]
    Dit in verband met de backups die dit programma maakt.

    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:
    [b:fe21b122c7]
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
    [/b:fe21b122c7]
    Klik op 'Fix checked' om de items te verwijderen.


    Download [b:fe21b122c7]Combofix[/b:fe21b122c7] naar je Bureaublad.[list:fe21b122c7]
    Dubbelklik [b:fe21b122c7]Combofix.exe[/b:fe21b122c7]
    Volg de instructies, aanvaard de disclaimer door "y" of "Y" te typen.
    Tijdens het runnen van de fix, [b:fe21b122c7]NIET[/b:fe21b122c7] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:fe21b122c7]
    Wanneer de fix voltooid is en na herstart, zal de log [b:fe21b122c7]combofix.txt[/b:fe21b122c7] openen.
    [i:fe21b122c7]Plaats deze log in je volgende post samen met een nieuw HijackThis log.[/i:fe21b122c7]

    NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
  • [quote:ad2fc78bf6]Combofix Log:
    "Fedox" - 07-01-23 15:43:14 Service Pack 2
    ComboFix 07-01-23.2 - Running from: "C:\Program Files\Mozilla Firefox"

    (((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\WINDOWS\system32\SVKP.sys


    ((((((((((((((((((((((((((((((( Files Created from 2006-12-23 to 2007-01-23 ))))))))))))))))))))))))))))))))))


    2007-01-23 15:40 <DIR> d——– C:\Program Files\HijackThis
    2007-01-21 14:42 <DIR> d——– C:\Program Files\NoAdware5.0
    2007-01-21 14:38 <DIR> d——– C:\Program Files\Nero
    2007-01-21 14:38 <DIR> d——– C:\Program Files\Common Files\Ahead
    2007-01-21 14:33 2,194,560 –a—— C:\WINDOWS\system32\kernel1.exe
    2007-01-21 14:30 <DIR> d——– C:\Program Files\TGTSoft
    2007-01-19 15:47 <DIR> d——– C:\DOCUME~1\Fedox\Contacts
    2007-01-16 14:52 <DIR> d——– C:\DOCUME~1\Fedox\Application Data\Nvu
    2007-01-16 14:48 <DIR> dr——- C:\DOCUME~1\Fedox\Application Data\Brother
    2007-01-16 14:42 81,920 ——— C:\WINDOWS\system32\BrWebIns.dll
    2007-01-16 14:42 65,536 ——— C:\WINDOWS\system32\BRWEBUP.EXE
    2007-01-16 14:42 57,344 –a—— C:\WINDOWS\system32\brsvc01a.exe
    2007-01-16 14:42 45,056 –a—— C:\WINDOWS\system32\brss01a.exe
    2007-01-16 14:42 37,888 –a—— C:\WINDOWS\system32\BrUSi05a.dll
    2007-01-16 14:42 258,048 –a—— C:\WINDOWS\system32\bsplmf01.dll
    2007-01-16 14:42 188,416 ——— C:\WINDOWS\system32\PDRVINST.DLL
    2007-01-16 14:42 15,295 –a—— C:\WINDOWS\system32\drivers\BrScnUsb.sys
    2007-01-16 14:42 131,072 –a—— C:\WINDOWS\system32\bsplmf01.exe
    2007-01-16 14:42 121,856 –a—— C:\WINDOWS\system32\BrWia05a.dll
    2007-01-16 14:32 53,248 ——— C:\WINDOWS\system32\BrNetSti.dll
    2007-01-16 14:32 34,816 ——— C:\WINDOWS\system32\BrWiaNCp.dll
    2007-01-16 14:32 31,744 ——— C:\WINDOWS\system32\Brnsplg.dll
    2007-01-16 14:32 163,840 ——— C:\WINDOWS\system32\NSSearch.dll
    2007-01-16 14:32 106,496 ——— C:\WINDOWS\system32\BrMuSNMP.dll
    2007-01-15 17:28 <DIR> d——– C:\Program Files\Brother
    2007-01-15 16:49 54,272 ——— C:\WINDOWS\system32\brinsstr.dll
    2007-01-15 16:49 147,456 ——— C:\WINDOWS\brunin03.dll
    2007-01-15 16:46 <DIR> d——– C:\DOCUME~1\ALLUSE~1.WIN\Application Data\ScanSoft
    2007-01-15 16:46 <DIR> d——– C:\DOCUME~1\ALLUSE~1.WIN\Application Data\InstallShield
    2007-01-15 16:44 <DIR> d——– C:\DOCUME~1\ALLUSE~1.WIN\Application Data\Brother
    2007-01-14 19:01 221,184 –a—— C:\WINDOWS\system32\wmpns.dll
    2007-01-14 12:46 17,920 –a—— C:\WINDOWS\system32\mdimon.dll
    2007-01-14 12:44 <DIR> d——– C:\Program Files\Microsoft.NET
    2007-01-13 21:59 22,752 –a—— C:\WINDOWS\system32\spupdsvc.exe
    2007-01-13 20:05 <DIR> d——– C:\DOCUME~1\Fedox\Application Data\Sun
    2007-01-13 19:21 82,944 –a—— C:\WINDOWS\system32\drivers\wdmaud.sys
    2007-01-13 19:21 7,552 –a—— C:\WINDOWS\system32\drivers\MSKSSRV.sys
    2007-01-13 19:21 60,800 –a—— C:\WINDOWS\system32\drivers\sysaudio.sys
    2007-01-13 19:21 6,400 –a—— C:\WINDOWS\system32\drivers\splitter.sys
    2007-01-13 19:21 54,272 –a—— C:\WINDOWS\system32\drivers\swmidi.sys
    2007-01-13 19:21 52,864 –a—— C:\WINDOWS\system32\drivers\DMusic.sys
    2007-01-13 19:21 5,376 –a—— C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    2007-01-13 19:21 49,152 –a—— C:\WINDOWS\system32\ChCfg.exe
    2007-01-13 19:21 4,992 –a—— C:\WINDOWS\system32\drivers\MSPQM.sys
    2007-01-13 19:21 2,944 –a—— C:\WINDOWS\system32\drivers\drmkaud.sys
    2007-01-13 19:21 172,416 –a—— C:\WINDOWS\system32\drivers\kmixer.sys
    2007-01-13 19:21 142,464 –a—— C:\WINDOWS\system32\drivers\aec.sys
    2007-01-13 19:20 60,288 –a—— C:\WINDOWS\system32\drivers\drmk.sys
    2007-01-13 19:20 577,536 –a—— C:\WINDOWS\soundman.exe
    2007-01-13 19:20 4,096 –a—— C:\WINDOWS\system32\ksuser.dll
    2007-01-13 19:20 4,026,112 -ra—— C:\WINDOWS\system32\drivers\alcxwdm.sys
    2007-01-13 19:20 315,392 –a—— C:\WINDOWS\alcupd.exe
    2007-01-13 19:20 217,088 –a—— C:\WINDOWS\Alcrmv.exe
    2007-01-13 19:20 147,456 –a—— C:\WINDOWS\system32\RtlCPAPI.dll
    2007-01-13 19:20 145,792 –a—— C:\WINDOWS\system32\drivers\portcls.sys
    2007-01-13 19:20 10,528,768 –a—— C:\WINDOWS\system32\RTLCPL.exe
    2007-01-13 19:20 <DIR> d——– C:\Program Files\Realtek AC97
    2007-01-13 19:20 <DIR> d——– C:\DOCUME~1\ALLUSE~1.WIN\Application Data\SwiftSwitch
    2007-01-13 19:20 <DIR> d——– C:\DOCUME~1\ALLUSE~1.WIN\Application Data\Spybot - Search & Destroy
    2007-01-13 19:16 3,072 –a—— C:\WINDOWS\system32\drivers\audstub.sys
    2007-01-13 19:16 21,504 –a—— C:\WINDOWS\system32\hidserv.dll
    2007-01-13 19:15 57,856 –a—— C:\WINDOWS\system32\drivers\redbook.sys
    2007-01-13 19:15 53,760 –a—— C:\WINDOWS\system32\drivers\i8042prt.sys
    2007-01-13 19:15 4,274,816 –a—— C:\WINDOWS\system32\nv4_disp.dll
    2007-01-13 19:15 25,856 –a—— C:\WINDOWS\system32\drivers\usbprint.sys
    2007-01-13 19:15 20,992 –a—— C:\WINDOWS\system32\drivers\RTL8139.sys
    2007-01-13 19:15 1,897,408 –a—— C:\WINDOWS\system32\drivers\nv4_mini.sys
    2007-01-13 19:14 76,288 –a—— C:\WINDOWS\system32\usbui.dll
    2007-01-13 19:12 9,936 –a—— C:\WINDOWS\system\LZEXPAND.DLL
    2007-01-13 19:12 9,040 –a—— C:\WINDOWS\system\VER.DLL
    2007-01-13 19:12 86,556 –a—— C:\WINDOWS\system32\dgsetup.dll
    2007-01-13 19:12 82,944 –a—— C:\WINDOWS\system\OLECLI.DLL
    2007-01-13 19:12 8,704 –a—— C:\WINDOWS\system32\batt.dll
    2007-01-13 19:12 8,192 -ra—— C:\WINDOWS\system32\kbdhept.dll
    2007-01-13 19:12 76,288 –a—— C:\WINDOWS\system32\storprop.dll
    2007-01-13 19:12 70,192 –a—— C:\WINDOWS\system\MMSYSTEM.DLL
    2007-01-13 19:12 70,144 –a—— C:\WINDOWS\system\AVICAP.DLL
    2007-01-13 19:12 70,144 –a—— C:\WINDOWS\NOTEPAD.EXE
    2007-01-13 19:12 7,168 -ra—— C:\WINDOWS\system32\kbdcz.dll
    2007-01-13 19:12 6,656 -ra—— C:\WINDOWS\system32\kbdycl.dll
    2007-01-13 19:12 6,656 -ra—— C:\WINDOWS\system32\kbdsl1.dll
    2007-01-13 19:12 6,656 -ra—— C:\WINDOWS\system32\kbdsl.dll
    2007-01-13 19:12 6,656 -ra—— C:\WINDOWS\system32\kbdpl.dll
    2007-01-13 19:12 6,656 -ra—— C:\WINDOWS\system32\kbdhu.dll
    2007-01-13 19:12 6,656 -ra—— C:\WINDOWS\system32\kbdhela3.dll
    2007-01-13 19:12 6,656 -ra—— C:\WINDOWS\system32\kbdcz2.dll
    2007-01-13 19:12 6,656 -ra—— C:\WINDOWS\system32\kbdcz1.dll
    2007-01-13 19:12 6,656 -ra—— C:\WINDOWS\system32\kbdcr.dll
    2007-01-13 19:12 6,656 -ra—— C:\WINDOWS\system32\KBDAL.DLL
    2007-01-13 19:12 6,144 -ra—— C:\WINDOWS\system32\kbdtuq.dll
    2007-01-13 19:12 6,144 -ra—— C:\WINDOWS\system32\kbdtuf.dll
    2007-01-13 19:12 6,144 -ra—— C:\WINDOWS\system32\kbdlv1.dll
    2007-01-13 19:12 6,144 -ra—— C:\WINDOWS\system32\kbdlv.dll
    2007-01-13 19:12 6,144 -ra—— C:\WINDOWS\system32\kbdhela2.dll
    2007-01-13 19:12 6,144 -ra—— C:\WINDOWS\system32\kbdgkl.dll
    2007-01-13 19:12 6,144 -ra—— C:\WINDOWS\system32\kbdest.dll
    2007-01-13 19:12 5,632 -ra—— C:\WINDOWS\system32\kbdro.dll
    2007-01-13 19:12 5,632 -ra—— C:\WINDOWS\system32\kbdpl1.dll
    2007-01-13 19:12 5,632 -ra—— C:\WINDOWS\system32\kbdmon.dll
    2007-01-13 19:12 5,632 -ra—— C:\WINDOWS\system32\kbdlt1.dll
    2007-01-13 19:12 5,632 -ra—— C:\WINDOWS\system32\kbdlt.dll
    2007-01-13 19:12 5,632 -ra—— C:\WINDOWS\system32\kbdkyr.dll
    2007-01-13 19:12 5,632 -ra—— C:\WINDOWS\system32\kbdhu1.dll
    2007-01-13 19:12 5,632 -ra—— C:\WINDOWS\system32\kbdhe319.dll
    2007-01-13 19:12 5,632 -ra—— C:\WINDOWS\system32\kbdhe220.dll
    2007-01-13 19:12 5,632 -ra—— C:\WINDOWS\system32\kbdhe.dll
    2007-01-13 19:12 5,632 -ra—— C:\WINDOWS\system32\kbdazel.dll
    2007-01-13 19:12 5,120 –a—— C:\WINDOWS\system\SHELL.DLL
    2007-01-13 19:12 33,696 –a—— C:\WINDOWS\system\COMMDLG.DLL
    2007-01-13 19:12 24,661 –a—— C:\WINDOWS\system32\spxcoins.dll
    2007-01-13 19:12 24,064 –a—— C:\WINDOWS\system\OLESVR.DLL
    2007-01-13 19:12 19,200 –a—— C:\WINDOWS\system\TAPI.DLL
    2007-01-13 19:12 176,157 –a—— C:\WINDOWS\system32\dgrpsetu.dll
    2007-01-13 19:12 15,872 –a—— C:\WINDOWS\TASKMAN.EXE
    2007-01-13 19:12 13,312 –a—— C:\WINDOWS\system32\irclass.dll
    2007-01-13 19:12 126,976 –a—— C:\WINDOWS\system\MSVIDEO.DLL
    2007-01-13 19:12 11,264 –a—— C:\WINDOWS\system32\drivers\irenum.sys
    2007-01-13 19:12 109,552 –a—— C:\WINDOWS\system\AVIFILE.DLL
    2007-01-13 19:12 103,936 –a—— C:\WINDOWS\system32\EqnClass.Dll
    2007-01-13 19:12 <DIR> dr——- C:\DOCUME~1\DEFAUL~1.WIN\Menu Start
    2007-01-13 19:12 <DIR> dr——- C:\DOCUME~1\ALLUSE~1.WIN\Menu Start
    2007-01-13 19:12 <DIR> dr——- C:\DOCUME~1\ALLUSE~1.WIN\Documenten
    2007-01-13 19:12 <DIR> d–h—– C:\DOCUME~1\DEFAUL~1.WIN\Sjablonen
    2007-01-13 19:12 <DIR> d–h—– C:\DOCUME~1\DEFAUL~1.WIN\Onlangs geopend
    2007-01-13 19:12 <DIR> d–h—– C:\DOCUME~1\DEFAUL~1.WIN\Netwerkprinteromgeving
    2007-01-13 19:12 <DIR> d–h—– C:\DOCUME~1\ALLUSE~1.WIN\Sjablonen
    2007-01-13 19:12 <DIR> d——– C:\DOCUME~1\DEFAUL~1.WIN\Mijn documenten
    2007-01-13 19:12 <DIR> d——– C:\DOCUME~1\DEFAUL~1.WIN\Favorieten
    2007-01-13 19:12 <DIR> d——– C:\DOCUME~1\DEFAUL~1.WIN\Bureaublad
    2007-01-13 19:12 <DIR> d——– C:\DOCUME~1\ALLUSE~1.WIN\Favorieten
    2007-01-13 19:12 <DIR> d——– C:\DOCUME~1\ALLUSE~1.WIN\Bureaublad
    2007-01-13 19:03 <DIR> d——– C:\WINDOWS\Provisioning
    2007-01-13 19:03 <DIR> d——– C:\WINDOWS\PeerNet
    2007-01-13 19:03 <DIR> d——– C:\WINDOWS\ehome
    2007-01-13 18:50 <DIR> d——– C:\Program Files\Mozilla Firefox
    2007-01-13 18:47 <DIR> d—s—- C:\DOCUME~1\Fedox\UserData
    2007-01-13 18:46 32,768 –a—— C:\WINDOWS\system32\drivers\avgntdd.sys
    2007-01-13 18:46 14,848 –a—— C:\WINDOWS\system32\drivers\avgntmgr.sys
    2007-01-13 18:46 <DIR> d——– C:\Program Files\AntiVir PersonalEdition Classic
    2007-01-13 18:46 <DIR> d——– C:\DOCUME~1\ALLUSE~1.WIN\Application Data\AntiVir PersonalEdition Classic
    2007-01-13 18:43 408,064 -ra—— C:\WINDOWS\system32\drivers\SMCWGU.sys
    2007-01-13 18:34 <DIR> dr-h—– C:\DOCUME~1\Fedox\Onlangs geopend
    2007-01-13 18:34 <DIR> dr——- C:\DOCUME~1\Fedox\Mijn documenten
    2007-01-13 18:34 <DIR> dr——- C:\DOCUME~1\Fedox\Menu Start
    2007-01-13 18:34 <DIR> dr——- C:\DOCUME~1\Fedox\Favorieten
    2007-01-13 18:34 <DIR> d–h—– C:\DOCUME~1\Fedox\Sjablonen
    2007-01-13 18:34 <DIR> d–h—– C:\DOCUME~1\Fedox\Netwerkprinteromgeving
    2007-01-13 18:34 <DIR> d——– C:\DOCUME~1\Fedox\Bureaublad
    2007-01-13 18:24 112,128 –a—— C:\WINDOWS\system32\mapi32.dll
    2007-01-13 18:23 <DIR> d–hs—- C:\DOCUME~1\ALLUSE~1.WIN\DRM
    2007-01-13 18:22 11,264 –a—— C:\WINDOWS\system32\atrace.dll
    2007-01-13 18:21 86,016 –a—— C:\WINDOWS\system32\isign32.dll
    2007-01-13 18:21 81,920 –a—— C:\WINDOWS\system32\ils.dll
    2007-01-13 18:21 8,192 –a—— C:\WINDOWS\system32\bitsprx2.dll
    2007-01-13 18:21 73,728 –a—— C:\WINDOWS\system32\icwdial.dll
    2007-01-13 18:21 73,472 –a—— C:\WINDOWS\system32\drivers\sr.sys
    2007-01-13 18:21 7,168 –a—— C:\WINDOWS\system32\bitsprx3.dll
    2007-01-13 18:21 69,632 –a—— C:\WINDOWS\system32\msconf.dll
    2007-01-13 18:21 679,424 –a—— C:\WINDOWS\system32\inetcomm.dll
    2007-01-13 18:21 67,584 –a—— C:\WINDOWS\system32\srclient.dll
    2007-01-13 18:21 67,584 –a—— C:\WINDOWS\system32\acctres.dll
    2007-01-13 18:21 65,536 –a—— C:\WINDOWS\system32\icwphbk.dll
    2007-01-13 18:21 6,656 –a—— C:\WINDOWS\system32\wuauserv.dll
    2007-01-13 18:21 50,176 –a—— C:\WINDOWS\system32\inetres.dll
    2007-01-13 18:21 466,200 –a—— C:\WINDOWS\system32\wuapi.dll
    2007-01-13 18:21 45,568 –a—— C:\WINDOWS\system32\safrslv.dll
    2007-01-13 18:21 43,520 –a—— C:\WINDOWS\system32\safrcdlg.dll
    2007-01-13 18:21 43,520 –a—— C:\WINDOWS\system32\racpldlg.dll
    2007-01-13 18:21 41,240 –a—— C:\WINDOWS\system32\wups.dll
    2007-01-13 18:21 382,464 –a—— C:\WINDOWS\system32\qmgr.dll
    2007-01-13 18:21 34,560 –a—— C:\WINDOWS\system32\mnmdd.dll
    2007-01-13 18:21 32,768 –a—— C:\WINDOWS\system32\mnmsrvc.exe
    2007-01-13 18:21 32,768 –a—— C:\WINDOWS\system32\isrdbg32.dll
    2007-01-13 18:21 29,696 –a—— C:\WINDOWS\system32\safrdm.dll
    2007-01-13 18:21 28,672 –a—— C:\WINDOWS\system32\nmmkcert.dll
    2007-01-13 18:21 278,528 –a—— C:\WINDOWS\system32\mstask.dll
    2007-01-13 18:21 278,528 –a—— C:\WINDOWS\system32\inetcfg.dll
    2007-01-13 18:21 252,928 –a—— C:\WINDOWS\system32\msoeacct.dll
    2007-01-13 18:21 241,152 –a—— C:\WINDOWS\system32\srrstr.dll
    2007-01-13 18:21 23,040 –a—— C:\WINDOWS\system32\fltmc.exe
    2007-01-13 18:21 194,840 –a—— C:\WINDOWS\system32\wuaueng1.dll
    2007-01-13 18:21 192,000 –a—— C:\WINDOWS\system32\schedsvc.dll
    2007-01-13 18:21 18,944 –a—— C:\WINDOWS\system32\qmgrprxy.dll
    2007-01-13 18:21 174,360 –a—— C:\WINDOWS\system32\wuauclt1.exe
    2007-01-13 18:21 173,536 –a—— C:\WINDOWS\system32\wuweb.dll
    2007-01-13 18:21 170,496 –a—— C:\WINDOWS\system32\srsvc.dll
    2007-01-13 18:21 16,896 –a—— C:\WINDOWS\system32\fltlib.dll
    2007-01-13 18:21 16,384 –a—— C:\WINDOWS\system32\icfgnt5.dll
    2007-01-13 18:21 128,896 –a—— C:\WINDOWS\system32\drivers\fltmgr.sys
    2007-01-13 18:21 128,280 –a—— C:\WINDOWS\system32\wucltui.dll
    2007-01-13 18:21 125,208 –a—— C:\WINDOWS\system32\wuauclt.exe
    2007-01-13 18:21 12,288 –a—— C:\WINDOWS\system32\nmevtmsg.dll
    2007-01-13 18:21 12,288 –a—— C:\WINDOWS\system32\mstinit.exe
    2007-01-13 18:21 105,984 –a—— C:\WINDOWS\system32\msoert2.dll
    2007-01-13 18:21 1,343,768 –a—— C:\WINDOWS\system32\wuaueng.dll
    2007-01-13 18:19 97,792 –a—— C:\WINDOWS\system32\comrepl.dll
    2007-01-13 18:19 956,416 –a—— C:\WINDOWS\system32\msdtctm.dll
    2007-01-13 18:19 94,208 –a—— C:\WINDOWS\system32\tscfgwmi.dll
    2007-01-13 18:19 91,136 –a—— C:\WINDOWS\system32\mtxoci.dll
    2007-01-13 18:19 9,728 –a—— C:\WINDOWS\system32\reset.exe
    2007-01-13 18:19 87,176 –a—— C:\WINDOWS\system32\rdpwsx.dll
    2007-01-13 18:19 85,504 –a—— C:\WINDOWS\system32\catsrvps.dll
    2007-01-13 18:19 80,896 –a—— C:\WINDOWS\system32\charmap.exe
    2007-01-13 18:19 73,216 –a—— C:\WINDOWS\system32\avwav.dll
    2007-01-13 18:19 67,072 –a—— C:\WINDOWS\system32\rdshost.exe
    2007-01-13 18:19 662,528 –a—— C:\WINDOWS\system32\getuname.dll
    2007-01-13 18:19 655,360 –a—— C:\WINDOWS\system32\mstscax.dll
    2007-01-13 18:19 625,152 –a—— C:\WINDOWS\system32\catsrvut.dll
    2007-01-13 18:19 62,464 –a—— C:\WINDOWS\system32\rdpclip.exe
    2007-01-13 18:19 61,440 –a—— C:\WINDOWS\system32\remotepg.dll
    2007-01-13 18:19 60,416 –a—— C:\WINDOWS\system32\colbact.dll
    2007-01-13 18:19 6,144 –a—— C:\WINDOWS\system32\msdtc.exe
    2007-01-13 18:19 58,880 –a—— C:\WINDOWS\system32\msdtclog.dll
    2007-01-13 18:19 57,344 –a—— C:\WINDOWS\system32\sol.exe
    2007-01-13 18:19 55,808 –a—— C:\WINDOWS\system32\freecell.exe
    2007-01-13 18:19 540,160 –a—— C:\WINDOWS\system32\comuid.dll
    2007-01-13 18:19 54,272 –a—— C:\WINDOWS\system32\stclient.dll
    2007-01-13 18:19 539,136 –a—— C:\WINDOWS\system32\spider.exe
    2007-01-13 18:19 5,632 –a—— C:\WINDOWS\system32\write.exe
    2007-01-13 18:19 5,120 –a—— C:\WINDOWS\system32\dcomcnfg.exe
    2007-01-13 18:19 498,688 –a—— C:\WINDOWS\system32\clbcatq.dll
    2007-01-13 18:19 44,544 –a—— C:\WINDOWS\system32\tscupgrd.exe
    2007-01-13 18:19 44,544 –a—— C:\WINDOWS\system32\hticons.dll
    2007-01-13 18:19 426,496 –a—— C:\WINDOWS\system32\msdtcprx.dll
    2007-01-13 18:19 412,160 –a—— C:\WINDOWS\system32\mstsc.exe
    2007-01-13 18:19 4,608 –a—— C:\WINDOWS\system32\rdpcfgex.dll
    2007-01-13 18:19 4,096 –a—— C:\WINDOWS\system32\mtxex.dll
    2007-01-13 18:19 39,424 –a—— C:\WINDOWS\system32\cfgbkend.dll
    2007-01-13 18:19 352,768 –a—— C:\WINDOWS\system32\hypertrm.dll
    2007-01-13 18:19 35,840 –a—— C:\WINDOWS\system32\winchat.exe
    2007-01-13 18:19 345,600 –a—— C:\WINDOWS\system32\mspaint.exe
    2007-01-13 18:19 33,792 –a—— C:\WINDOWS\system32\regini.exe
    2007-01-13 18:19 297,472 –a—— C:\WINDOWS\system32\termsrv.dll
    2007-01-13 18:19 25,600 –a—— C:\WINDOWS\system32\comaddin.dll
    2007-01-13 18:19 25,088 –a—— C:\WINDOWS\system32\mtxlegih.dll
    2007-01-13 18:19 233,472 –a—— C:\WINDOWS\system32\avtapi.dll
    2007-01-13 18:19 23,040 –a—— C:\WINDOWS\system32\qwinsta.exe
    2007-01-13 18:19 225,792 –a—— C:\WINDOWS\system32\catsrv.dll
    2007-01-13 18:19 22,016 –a—— C:\WINDOWS\system32\msg.exe
    2007-01-13 18:19 21,896 –a—— C:\WINDOWS\system32\drivers\tdtcp.sys
    2007-01-13 18:19 20,480 –a—— C:\WINDOWS\system32\qprocess.exe
    2007-01-13 18:19 20,480 –a—— C:\WINDOWS\system32\mtxdm.dll
    2007-01-13 18:19 19,968 –a—— C:\WINDOWS\system32\rdpsnd.dll
    2007-01-13 18:19 187,392 –a—— C:\WINDOWS\system32\accwiz.exe
    2007-01-13 18:19 17,920 –a—— C:\WINDOWS\system32\tsshutdn.exe
    2007-01-13 18:19 17,408 –a—— C:\WINDOWS\system32\qappsrv.exe
    2007-01-13 18:19 161,280 –a—— C:\WINDOWS\system32\msdtcuiu.dll
    2007-01-13 18:19 16,384 –a—— C:\WINDOWS\system32\tskill.exe
    2007-01-13 18:19 16,384 –a—— C:\WINDOWS\system32\rwinsta.exe
    2007-01-13 18:19 16,384 –a—— C:\WINDOWS\system32\avmeter.dll
    2007-01-13 18:19 15,872 –a—— C:\WINDOWS\system32\cdmodem.dll
    2007-01-13 18:19 15,360 –a—— C:\WINDOWS\system32\tsdiscon.exe
    2007-01-13 18:19 15,360 –a—— C:\WINDOWS\system32\tscon.exe
    2007-01-13 18:19 15,360 –a—— C:\WINDOWS\system32\shadow.exe
    2007-01-13 18:19 15,360 –a—— C:\WINDOWS\system32\logoff.exe
    2007-01-13 18:19 147,968 –a—— C:\WINDOWS\system32\rdchost.dll
    2007-01-13 18:19 147,456 –a—— C:\WINDOWS\system32\comsnap.dll
    2007-01-13 18:19 142,336 –a—— C:\WINDOWS\system32\sessmgr.exe
    2007-01-13 18:19 139,528 –a—— C:\WINDOWS\system32\drivers\rdpwd.sys
    2007-01-13 18:19 139,264 –a—— C:\WINDOWS\system32\sndvol32.exe
    2007-01-13 18:19 132,608 –a—— C:\WINDOWS\system32\sndrec32.exe
    2007-01-13 18:19 13,824 –a—— C:\WINDOWS\system32\rdsaddin.exe
    2007-01-13 18:19 128,000 –a—— C:\WINDOWS\system32\mshearts.exe
    2007-01-13 18:19 124,416 –a—— C:\WINDOWS\system32\mplay32.exe
    2007-01-13 18:19 12,040 –a—— C:\WINDOWS\system32\drivers\tdpipe.sys
    2007-01-13 18:19 119,808 –a—— C:\WINDOWS\system32\winmine.exe
    2007-01-13 18:19 114,688 –a—— C:\WINDOWS\system32\calc.exe
    2007-01-13 18:19 110,080 –a—— C:\WINDOWS\system32\clbcatex.dll
    2007-01-13 18:19 11,776 –a—— C:\WINDOWS\system32\xolehlp.dll
    2007-01-13 18:19 11,264 –a—— C:\WINDOWS\system32\icaapi.dll
    2007-01-13 18:19 104,448 –a—— C:\WINDOWS\system32\clipbrd.exe
    2007-01-13 18:19 1,267,200 –a—— C:\WINDOWS\system32\comsvcs.dll
    2007-01-13 18:19 1,161 –a—— C:\WINDOWS\system32\usrlogon.cmd
    2007-01-13 18:18 58,880 –a—— C:\WINDOWS\system32\licwmi.dll
    2007-01-13 18:18 56,320 –a—— C:\WINDOWS\system32\servdeps.dll
    2007-01-13 18:18 40,840 –a—— C:\WINDOWS\system32\drivers\termdd.sys
    2007-01-13 18:18 196,864 –a—— C:\WINDOWS\system32\drivers\rdpdr.sys
    2007-01-13 18:18 188,928 –a—— C:\WINDOWS\system32\cmprops.dll
    2007-01-13 18:18 17,920 –a—— C:\WINDOWS\system32\mmfutil.dll
    2007-01-03 18:32 <DIR> d——– C:\Brother
    2007-01-03 18:30 <DIR> d——– C:\Program Files\ScanSoft
    2007-01-03 18:30 <DIR> d——– C:\Program Files\Common Files\ScanSoft Shared
    2007-01-03 18:30 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\ScanSoft
    2007-01-03 18:30 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\InstallShield
    2007-01-03 18:29 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\Brother
    2007-01-03 18:05 <DIR> d——– C:\Program Files\Microsoft ActiveSync
    2007-01-03 18:04 <DIR> d–h—– C:\WINDOWS\ShellNew
    2007-01-03 18:01 <DIR> dr-h—– C:\MSOCache
    2007-01-02 15:09 <DIR> d——– C:\DOCUME~1\Fedox90\Contacts
    2007-01-02 15:08 <DIR> d—-c— C:\WINDOWS\system32\DRVSTORE
    2007-01-02 15:08 <DIR> d——– C:\Program Files\MSN Messenger
    2006-12-31 00:01 <DIR> d—s—- C:\DOCUME~1\Fedox90\UserData
    2006-12-30 23:59 <DIR> d——– C:\WINDOWS\system32\bits
    2006-12-30 23:58 <DIR> d–h—– C:\WINDOWS\$hf_mig$
    2006-12-30 23:58 <DIR> d——– C:\WINDOWS\system32\PreInstall
    2006-12-29 13:07 <DIR> d——– C:\DOCUME~1\Fedox90\Application Data\uTorrent
    2006-12-29 13:04 <DIR> d——– C:\Program Files\uTorrent
    2006-12-28 20:43 <DIR> d——– C:\Guildwars
    2006-12-28 19:24 <DIR> d——– C:\Program Files\Realtek Sound Manager
    2006-12-28 19:24 <DIR> d——– C:\Program Files\AvRack
    2006-12-28 18:10 <DIR> d-a—— C:\DOCUME~1\ALLUSE~1\Application Data\TEMP
    2006-12-28 18:09 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy
    2006-12-28 18:07 <DIR> d——– C:\DOCUME~1\Fedox90\Application Data\PC Tools
    2006-12-28 18:05 <DIR> d——– C:\Program Files\PC Tools AntiVirus
    2006-12-28 18:05 <DIR> d——– C:\Program Files\Common Files\PC Tools
    2006-12-28 18:05 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\PC Tools
    2006-12-28 18:02 <DIR> d——– C:\WINDOWS\system32\ReinstallBackups
    2006-12-28 18:01 <DIR> d——– C:\DOCUME~1\Fedox90\WINDOWS
    2006-12-28 17:38 <DIR> dr——- C:\Program Files
    2006-12-28 17:38 <DIR> dr——- C:\DOCUME~1\DEFAUL~1\Menu Start
    2006-12-28 17:38 <DIR> dr——- C:\DOCUME~1\ALLUSE~1\Menu Start
    2006-12-28 17:38 <DIR> dr——- C:\DOCUME~1\ALLUSE~1\Documenten
    2006-12-28 17:38 <DIR> d–h—– C:\DOCUME~1\DEFAUL~1\Sjablonen
    2006-12-28 17:38 <DIR> d–h—– C:\DOCUME~1\DEFAUL~1\Onlangs geopend
    2006-12-28 17:38 <DIR> d–h—– C:\DOCUME~1\DEFAUL~1\Netwerkprinteromgeving
    2006-12-28 17:38 <DIR> d–h—– C:\DOCUME~1\ALLUSE~1\Sjablonen
    2006-12-28 17:38 <DIR> d——– C:\Program Files\Common Files\SpeechEngines
    2006-12-28 17:38 <DIR> d——– C:\Program Files\Common Files\ODBC
    2006-12-28 17:38 <DIR> d——– C:\DOCUME~1\DEFAUL~1\Mijn documenten
    2006-12-28 17:38 <DIR> d——– C:\DOCUME~1\DEFAUL~1\Favorieten
    2006-12-28 17:38 <DIR> d——– C:\DOCUME~1\DEFAUL~1\Bureaublad
    2006-12-28 17:38 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Favorieten
    2006-12-28 17:38 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Bureaublad
    2006-12-28 17:37 <DIR> d——– C:\WINDOWS\system32\CatRoot2
    2006-12-28 17:37 <DIR> d——– C:\WINDOWS\system32\CatRoot
    2006-12-28 17:36 <DIR> d——– C:\Documents and Settings
    2006-12-28 17:35 <DIR> d——– C:\WINDOWS\Sun
    2006-12-28 17:35 <DIR> d——– C:\WINDOWS\.file_store_32
    2006-12-28 17:35 <DIR> d——– C:\DOCUME~1\Fedox90\Application Data\Sun
    2006-12-28 17:31 <DIR> dr-hsc— C:\WINDOWS\system32\dllcache
    2006-12-28 17:31 <DIR> dr–s—- C:\WINDOWS\Fonts
    2006-12-28 17:31 <DIR> dr——- C:\WINDOWS\Web
    2006-12-28 17:31 <DIR> d–h—– C:\WINDOWS\inf
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\WinSxS
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\twain_32
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\wins
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\wbem
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\usmt
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\spool
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\ShellExt
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\Setup
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\ras
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\oobe
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\npp
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\mui
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\inetsrv
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\IME
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\icsxml
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\ias
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\export
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\drivers\etc
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\drivers\disdn
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\drivers
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\dhcp
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\config
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\3com_dmi
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\3076
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\2052
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\1054
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\1043
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\1042
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\1041
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\1037
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\1033
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\1031
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\1028
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32\1025
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system32
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\system
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\security
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\Resources
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\repair
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\mui
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\msapps
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\msagent
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\Media
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\java
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\ime
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\Help
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\Driver Cache
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\Debug
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\Cursors
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\Connection Wizard
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\Config
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\AppPatch
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS\addins
    2006-12-28 17:31 <DIR> d——– C:\WINDOWS
    2006-12-28 17:24 <DIR> d——– C:\Program Files\C-Media 3D Audio
    2006-12-28 17:20 <DIR> d——– C:\Program Files\Java
    2006-12-28 17:19 <DIR> d——– C:\Program Files\Common Files\Java
    2006-12-28 17:18 <DIR> d——– C:\Program Files\Browser MOUSE
    2006-12-28 17:13 <DIR> d——– C:\Program Files\Ares
    2006-12-28 17:13 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\SwiftSwitch
    2006-12-28 17:12 <DIR> d——– C:\Program Files\SwiftSwitch
    2006-12-28 17:10 <DIR> d——– C:\WINDOWS\system32\SoftwareDistribution
    2006-12-28 17:08 <DIR> d——– C:\WINDOWS\SoftwareDistribution
    2006-12-28 16:59 <DIR> d–h—– C:\Program Files\InstallShield Installation Information
    2006-12-28 16:59 <DIR> d——– C:\Program Files\SMC
    2006-12-28 16:58 <DIR> d–hs—- C:\RECYCLER
    2006-12-28 16:57 <DIR> d——– C:\WINDOWS\Downloaded Installations
    2006-12-28 16:57 <DIR> d——– C:\Program Files\Common Files\InstallShield
    2006-12-28 16:51 <DIR> dr-h—– C:\DOCUME~1\Fedox90\Onlangs geopend
    2006-12-28 16:51 <DIR> dr——- C:\DOCUME~1\Fedox90\Mijn documenten
    2006-12-28 16:51 <DIR> dr——- C:\DOCUME~1\Fedox90\Menu Start
    2006-12-28 16:51 <DIR> dr——- C:\DOCUME~1\Fedox90\Favorieten
    2006-12-28 16:51 <DIR> d–hs—- C:\WINDOWS\Installer
    2006-12-28 16:51 <DIR> d–h—– C:\DOCUME~1\Fedox90\Sjablonen
    2006-12-28 16:51 <DIR> d–h—– C:\DOCUME~1\Fedox90\Netwerkprinteromgeving
    2006-12-28 16:51 <DIR> d——– C:\DOCUME~1\Fedox90\Bureaublad
    2006-12-28 16:50 <DIR> d–hs—- C:\System Volume Information
    2006-12-28 16:50 <DIR> d——– C:\WINDOWS\Prefetch
    2006-12-28 16:46 0 -rahs—- C:\MSDOS.SYS
    2006-12-28 16:46 0 -rahs—- C:\IO.SYS
    2006-12-28 16:46 0 –a—— C:\CONFIG.SYS
    2006-12-28 16:46 0 –a—— C:\AUTOEXEC.BAT
    2006-12-28 16:46 <DIR> d——– C:\WINDOWS\system32\xircom
    2006-12-28 16:46 <DIR> d——– C:\Program Files\microsoft frontpage
    2006-12-28 16:45 <DIR> dr——- C:\WINDOWS\Offline Web Pages
    2006-12-28 16:45 <DIR> d–hs—- C:\DOCUME~1\ALLUSE~1\DRM
    2006-12-28 16:45 <DIR> d—s—- C:\WINDOWS\Downloaded Program Files
    2006-12-28 16:45 <DIR> d——– C:\WINDOWS\system32\DirectX
    2006-12-28 16:44 <DIR> d—s—- C:\WINDOWS\Tasks
    2006-12-28 16:43 <DIR> d–h—– C:\Program Files\WindowsUpdate
    2006-12-28 16:43 <DIR> d——– C:\WINDOWS\system32\Restore
    2006-12-28 16:43 <DIR> d——– C:\WINDOWS\system32\Macromed
    2006-12-28 16:43 <DIR> d——– C:\WINDOWS\srchasst
    2006-12-28 16:43 <DIR> d——– C:\WINDOWS\Registration
    2006-12-28 16:43 <DIR> d——– C:\WINDOWS\PCHealth
    2006-12-28 16:43 <DIR> d——– C:\Program Files\Online Services
    2006-12-28 16:43 <DIR> d——– C:\Program Files\Movie Maker
    2006-12-28 16:43 <DIR> d——– C:\Program Files\Messenger
    2006-12-28 16:43 <DIR> d——– C:\Program Files\Common Files\MSSoap
    2006-12-28 16:42 <DIR> d——– C:\WINDOWS\system32\MsDtc
    2006-12-28 16:42 <DIR> d——– C:\WINDOWS\system32\Com
    2006-12-28 16:42 <DIR> d——– C:\Program Files\Windows NT
    2006-12-28 16:42 <DIR> d——– C:\Program Files\MSN Gaming Zone


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2007-01-20 12:53 ——– d—s—- C:\DOCUME~1\Fedox\Application Data\microsoft
    2007-01-19 19:08 ——– d——– C:\DOCUME~1\Fedox\Application Data\macromedia
    2007-01-13 19:12 62 –ahs—- C:\DOCUME~1\Fedox\Application Data\desktop.ini
    2007-01-13 18:50 ——– d——– C:\DOCUME~1\Fedox\Application Data\mozilla
    2007-01-13 18:34 ——– d——– C:\DOCUME~1\Fedox\Application Data\identities
    2006-12-07 17:02 2174976 –a—— C:\WINDOWS\system32\wmvcore.dll


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries & legit default entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "SpybotSD TeaTimer"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"
    "STYLEXP"="C:\\Program Files\\TGTSoft\\StyleXP\\StyleXP.exe -Hide"
    "NoAdware5"="\"C:\\Program Files\\NoAdware5.0\\NoAdware5.exe\" :Min:"
    "ares"="\"C:\\Program Files\\Ares\\Ares.exe\" -h"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "avgnt"="\"C:\\Program Files\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
    "SoundMan"="SOUNDMAN.EXE"
    "SSBkgdUpdate"="\"C:\\Program Files\\Common Files\\Scansoft Shared\\SSBkgdUpdate\\SSBkgdupdate.exe\" -Embedding -boot"
    "PaperPort PTD"="C:\\Program Files\\ScanSoft\\PaperPort\\pptd40nt.exe"
    "IndexSearch"="C:\\Program Files\\ScanSoft\\PaperPort\\IndexSearch.exe"
    "SetDefPrt"="C:\\Program Files\\Brother\\Brmfl05a\\BrStDvPt.exe"
    "ControlCenter2.0"="C:\\Program Files\\Brother\\ControlCenter2\\brctrcen.exe /autorun"
    "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0
    Usnsvc REG_MULTI_SZ usnsvc\0\0


    Completion time: 07-01-23 15:46:23
    [/quote:ad2fc78bf6]
    [quote:ad2fc78bf6]HijackThis Log:
    Logfile of HijackThis v1.99.1
    Scan saved at 15:48:05, on 23-1-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\NoAdware5.0\NoAdware5.exe
    C:\Program Files\Ares\Ares.exe
    C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
    O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [NoAdware5] "C:\Program Files\NoAdware5.0\NoAdware5.exe" :Min:
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - Global Startup: SMCWUSB-G 802.11g Wireless USB Utility.lnk = C:\Program Files\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe
    O4 - Global Startup: Statusvenster.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

    [/quote:ad2fc78bf6]

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.