Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

ongein op me pc

smeenk
19 antwoorden
  • Ik heb een 2de hands comp. gekocht. Ik heb er tot nu toe alleen maar problemen mee. Er zit een 1 of ander (of meerdere) virussen op die ik er niet af krijg. Ik heb al verschillende virus scanners geprobeerd die ze wel detecten maar niet definitief kunnen verwijderen (e-trust, Kaspersky, en andere spybots etc.). Het lijkt erop dat ik bij het opstarten met het internet een aantal toepassingen activeer. Zo krijg ik bij het opstarten van de comp. met Kaspersky eerst de melding; error (of zoiets dergelijks) in C:Windows/nogwat
    egister.exe, als ik dat bestand verwijder krijg ik weer een melding met C:Windows/programfiles/spydocter.exe. Wanneer ik spydocter wil verwijderen bij software loopt die vast dus dat gaat niet. Als ik dan ook op verwijderen klik (in Kaspersky dus) krijg ik nog een melding met error in C:windows/explorer.exe. Als ik dan bijv. internet start is het over met de pret en kan ik de comp. opnieuw opstarten. Bij het opstarten krijg ik alles opnieuw

    Iemand enig idee hoe ik al die ongein kan verwijderen?

    alvast bedankt
  • Gewoon de schijf formatteren en opnieuw beginnen? Zou ik sowieso doen met een tweedehands computer. Wil je dat niet, plaats dan een hijackthis log, als dat nog gaat (zie spyware faq).
  • nog ff een update:

    het is niet C:windows
    egister.exe maar C:windows/system32
    egedit.exe

  • Doe dit eens:

    Download [b:27a0c93320] naar je [b:27a0c93320]Bureaublad[/b:27a0c93320].
    [list:27a0c93320][*:27a0c93320]Sluit alle programma's die open staan af..
    [*:27a0c93320][b:27a0c93320]Dubbelklik[/b:27a0c93320] op [b:27a0c93320]comboscan.exe[/b:27a0c93320] om het te starten en volg de aanwijzingen.
    [*:27a0c93320]De scan kan een minuutje duren. Wanneer de scan voltooid is zal er een tekstbestand openen - [b:27a0c93320]ComboScan.txt[/b:27a0c93320]
    [*:27a0c93320]De map "Comboscan" zal openen waarin je Comboscan.txt en Supplementary.txt zal vinden.
    [*:27a0c93320]Kopieer en plak de inhoud van [b:27a0c93320]ComboScan.txt[/b:27a0c93320] in je volgende post. (Supplementary.txt hoef je niet te plaatsen.)
    [/list:u:27a0c93320][b:27a0c93320]Opmerking:[/b:27a0c93320] Tijdens het scannen van Comboscan, kan het zijn dat je Firewall de melding geeft dat [b:27a0c93320]sigcheck.exe[/b:27a0c93320] internetverbinding probeert te maken - blokkeer dit niet, maar sta het toe. Ook kan het gebeuren dat je Antivirus Comboscan als verdacht aangeeft. Laat je Antivirus dit niet verwijderen. (In dit geval is het misschien beter om tijdens de Comboscan je Antivirus even uit te schakelen.)
  • ComboScan v20070221.16 run by Rive on 2007-02-23 at 23:25:30
    Computer is in Normal Mode.
    ——————————————————————————–

    Successfully created restore point.
    Performed disk cleanup.


    – HijackThis (run as Rive.exe) ————————————————-

    Logfile of HijackThis v1.99.1
    Scan saved at 23:26:55, on 23-2-2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\WINDOWS\System32\msiexec.exe
    C:\Program Files\Valve\Steam\Steam.exe
    C:\Documents and Settings\Rive\Bureaublad\comboscan.exe
    C:\Program Files\HijackThis\Rive.exe

    O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
    O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe


    – File Associations ————————————————————

    .bat - batfile - "%1" %*
    .chm - chm.file - "C:\WINDOWS\hh.exe" %1
    .cmd - cmdfile - "%1" %*
    .com - comfile - "%1" %*
    .exe - exefile - "%1" %*
    .hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
    .inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
    .ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
    .js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
    .lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
    .pif - piffile - "%1" %*
    .reg - regfile - regedit.exe "%1"
    .scr - scrfile - "%1" /S
    .txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
    .vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*


    – Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ———————-

    3R Arp1394 (1394 ARP-clientprotocol) - C:\WINDOWS\system32\drivers\arp1394.sys
    3R ati2mtag - C:\WINDOWS\system32\drivers\ati2mtag.sys
    3R atinrvxx (ATI WDM Rage Theater Video) - C:\WINDOWS\system32\drivers\atinrvxx.sys
    3S CCDECODE (Closed Caption-decoder) - C:\WINDOWS\system32\drivers\CCDECODE.sys
    3R cmudax (C-Media High Definition Audio Interface) - C:\WINDOWS\system32\drivers\cmudax.sys
    3R FETNDISB (VIA Rhine Family Fast Ethernet Adapter Driver Service) - C:\WINDOWS\system32\drivers\fetnd5b.sys
    3R GcKernel (Microsoft SideWinder Value Add - Filterstuurprogramma) - C:\WINDOWS\system32\drivers\GcKernel.sys
    3S HdAudAddService (Microsoft UAA-functiestuurprogramma voor High Definition Audio-service) - C:\WINDOWS\system32\drivers\Hdaudio.sys
    3R HDAudBus (Microsoft UAA-busstuurprogramma voor High Definition Audio) - C:\WINDOWS\system32\drivers\Hdaudbus.sys
    3R HIDSwvd (Mini-stuurprogramma voor virtueel HID-apparaat van Microsoft SideWinder) - C:\WINDOWS\system32\drivers\HIDSwvd.sys
    3R hidusb (Microsoft HID Class-stuurprogramma) - C:\WINDOWS\system32\drivers\hidusb.sys
    1R kbdhid (Stuurprogramma voor toetsenbord-HID) - C:\WINDOWS\system32\drivers\kbdhid.sys
    3R mouhid (Stuurprogramma voor muis-HID) - C:\WINDOWS\system32\drivers\mouhid.sys
    3S MSTEE (Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma) - C:\WINDOWS\system32\drivers\MSTEE.sys
    3R MVDCODEC (ATI WDM Specialized MVD Codec) - C:\WINDOWS\system32\drivers\atinmdxx.sys
    3S NABTSFEC (NABTS/FEC VBI Codec) - C:\WINDOWS\system32\drivers\NABTSFEC.sys
    3S NdisIP (Microsoft TV/Video-verbinding) - C:\WINDOWS\system32\drivers\NdisIP.sys
    3R NIC1394 (1394-stuurprogramma) - C:\WINDOWS\system32\drivers
    ic1394.sys
    0R ohci1394 (VIA OHCI Compliant IEEE 1394 Host Controller) - C:\WINDOWS\system32\drivers\ohci1394.sys
    3S SLIP (BDA Slip De-Framer) - C:\WINDOWS\system32\drivers\SLIP.sys
    3S streamip (BDA IPSink) - C:\WINDOWS\system32\drivers\StreamIP.sys
    3S SYMDNS - C:\WINDOWS\system32\drivers\symdns.sys
    3R SYMREDRV - C:\WINDOWS\system32\drivers\symredrv.sys
    1R SYMTDI - C:\WINDOWS\system32\drivers\symtdi.sys
    3S usbccgp (Microsoft generiek hoofd-USB-stuurprogramma) - C:\WINDOWS\system32\drivers\usbccgp.sys
    3R usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - C:\WINDOWS\system32\drivers\usbehci.sys
    3S usbprint (Microsoft USB PRINTER Class) - C:\WINDOWS\system32\drivers\usbprint.sys
    3R usbstor (Stuurprogramma voor USB-massaopslag) - C:\WINDOWS\system32\drivers\usbstor.sys
    3S WSTCODEC (World Standard Teletext-codec) - C:\WINDOWS\system32\drivers\WSTCODEC.SYS


    – Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ———————

    3S Alerter - C:\WINDOWS\System32\svchost.exe -k LocalService
    3S ALG (Application Layer Gateway-service) - C:\WINDOWS\System32\alg.exe
    3S AppMgmt (Application Management) - C:\WINDOWS\system32\svchost.exe -k netsvcs
    2R AudioSrv (Windows Audio) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    3S BITS (Intelligente achtergrondsoverdrachtservice) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    2R Browser (Computer Browser) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    3S CA_LIC_CLNT (CA License Client) - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    3S CA_LIC_SRVR (CA License Server) - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
    2R ccEvtMgr (Symantec Event Manager) - "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
    2R ccProxy (Symantec Network Proxy) - "C:\Program Files\Common Files\Symantec Shared\ccProxy.exe"
    3S ccPwdSvc (Symantec Password Validation) - "C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"
    2R ccSetMgr (Symantec Settings Manager) - "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
    3S CiSvc (Indexing-service) - C:\WINDOWS\system32\cisvc.exe
    3S ClipSrv (ClipBook) - C:\WINDOWS\system32\clipsrv.exe
    3S COMSysApp (COM+-systeemtoepassing) - C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
    2R CryptSvc (Services voor cryptografie) - C:\WINDOWS\system32\svchost.exe -k netsvcs
    2R Dhcp (DHCP Client) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    3S dmadmin (Logical Disk Manager Administrative-service) - C:\WINDOWS\System32\dmadmin.exe /com
    3S dmserver (Logical Disk Manager) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    2R Dnscache (DNS Client) - C:\WINDOWS\System32\svchost.exe -k NetworkService
    2R ERSvc (Service voor het rapporteren van fouten) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    2R Eventlog (Event Log) - C:\WINDOWS\system32\services.exe
    3R EventSystem (COM+-gebeurtenissysteem) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    3R FastUserSwitchingCompatibility (Compatibiliteit voor Snelle gebruikerswisseling) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    2R helpsvc (Help en ondersteuning) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    4S HidServ (Apparaattoegang via menselijke interface) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    3S ImapiService (COM-service voor IMAPI cd-branders) - C:\WINDOWS\System32\imapi.exe
    2R lanmanserver (Server) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    2R lanmanworkstation (Workstation) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    2R LmHosts (TCP/IP NetBIOS Helper) - C:\WINDOWS\System32\svchost.exe -k LocalService
    2R LogWatch (Event Log Watch) - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    4S Messenger - C:\WINDOWS\System32\svchost.exe -k netsvcs
    3S mnmsrvc (NetMeeting Remote Desktop Sharing) - C:\WINDOWS\System32\mnmsrvc.exe
    3S MSDTC (Distributed Transaction Coordinator) - C:\WINDOWS\System32\msdtc.exe
    3R MSIServer (Windows Installer) - C:\WINDOWS\System32\msiexec.exe /V
    3S NetDDE (Network DDE) - C:\WINDOWS\system32
    etdde.exe
    3S NetDDEdsdm (Network DDE DSDM) - C:\WINDOWS\system32
    etdde.exe
    3S Netlogon (Net Logon) - C:\WINDOWS\System32\lsass.exe
    3R Netman (Network Connections) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    3R Nla (Network Location Awareness (NLA)) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    3S NtLmSsp (NT LM Security Support Provider) - C:\WINDOWS\System32\lsass.exe
    3S NtmsSvc (Verwisselbare opslag) - C:\WINDOWS\system32\svchost.exe -k netsvcs
    2R PlugPlay (Plug and Play) - C:\WINDOWS\system32\services.exe
    2R PolicyAgent (IPSEC-services) - C:\WINDOWS\System32\lsass.exe
    2R ProtectedStorage (Protected Storage) - C:\WINDOWS\system32\lsass.exe
    3S RasAuto (Remote Access Auto Connection Manager) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    3R RasMan (Verbindingsbeheer voor RAS) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    3S RDSessMgr (Helpsessiebeheer voor Extern bureaublad) - C:\WINDOWS\system32\sessmgr.exe
    4S RemoteAccess (Routing and Remote Access) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    3S RpcLocator (Remote Procedure Call (RPC) Locator) - C:\WINDOWS\System32\locator.exe
    2R RpcSs (Remote Procedure Call (RPC)) - C:\WINDOWS\system32\svchost -k rpcss
    3S RSVP (QoS RSVP) - C:\WINDOWS\System32\rsvp.exe
    2R SamSs (Security Accounts Manager) - C:\WINDOWS\system32\lsass.exe
    3S SCardDrv (Smart Card Helper) - C:\WINDOWS\System32\SCardSvr.exe
    3S SCardSvr (Smart Card) - C:\WINDOWS\System32\SCardSvr.exe
    2R Schedule (Task Scheduler) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    2R seclogon (Secondary Logon) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    2R SENS (System Event Notification) - C:\WINDOWS\system32\svchost.exe -k netsvcs
    4S SharedAccess (Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS)) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    2R ShellHWDetection (Shell Hardware Detection) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    3S SNDSrvc (Symantec Network Drivers Service) - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    2R Spooler (Print Spooler) - C:\WINDOWS\system32\spoolsv.exe
    2R srservice (System Restore-service) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    3R SSDPSRV (SSDP Discovery-service) - C:\WINDOWS\System32\svchost.exe -k LocalService
    3S stisvc (Windows Image Acquisition (WIA)) - C:\WINDOWS\System32\svchost.exe -k imgsvc
    3S SwPrv (MS Software Shadow Copy Provider) - C:\WINDOWS\System32\dllhost.exe /Processid:{53598F8B-413B-429B-8D04-7D5E72F9A6DB}
    3S SysmonLog (Performance Logs and Alerts) - C:\WINDOWS\system32\smlogsvc.exe
    3R TapiSrv (Telephony) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    3R TermService (Terminal Services) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    2R Themes (Thema's) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    2R TrkWks (Distributed Link Tracking Client) - C:\WINDOWS\system32\svchost.exe -k netsvcs
    2R uploadmgr (Uploadbeheer) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    2R upnphost (Universele Plug en Play-apparaathost) - C:\WINDOWS\System32\svchost.exe -k LocalService
    3S UPS (Uninterruptible Power Supply) - C:\WINDOWS\System32\ups.exe
    3S VSS (Volume Shadow Copy) - C:\WINDOWS\System32\vssvc.exe
    2R W32Time (Windows Time) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    2R WebClient - C:\WINDOWS\System32\svchost.exe -k LocalService
    2R winmgmt (Windows Management Instrumentation) - C:\WINDOWS\system32\svchost.exe -k netsvcs
    3S WmdmPmSN (Portable Media Serial Number Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs
    3S WmiApSrv (WMI-prestatieadapter) - C:\WINDOWS\System32\wbem\wmiapsrv.exe
    4S wuauserv (Automatische updates) - C:\WINDOWS\system32\svchost.exe -k netsvcs
    2R WZCSVC (Wireless Zero Configuration-service) - C:\WINDOWS\System32\svchost.exe -k netsvcs


    – Scheduled Tasks ————————————————————–

    2007-02-23 22:04:19 410 –a—— C:\WINDOWS\Tasks\Symantec NetDetect.job<SYMANT~1.JOB>


    – Files created between 2007-01-23 and 2007-02-23 ——————————

    2007-02-23 23:26:48 0 d——– C:\Program Files\HijackThis<HIJACK~1>
    2007-02-23 20:21:20 0 d——– C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy<SPYBOT~1>
    2007-02-23 19:47:26 24576 –a—— C:\WINDOWS\System32\xpsp1hfm.exe
    2007-02-23 17:50:07 0 d——– C:\Program Files\Kaspersky Lab<KASPER~1>
    2007-02-23 17:45:26 0 d——– C:\kav
    2007-02-23 01:40:31 0 –a—— C:\WINDOWS
    sreg.dat
    2007-02-23 01:40:26 0 d——– C:\Program Files\Google
    2007-02-23 01:40:22 2951 –a—— C:\WINDOWS\mozver.dat
    2007-02-23 01:40:22 0 d——– C:\Program Files\Mozilla Firefox<MOZILL~1>
    2007-02-23 01:39:58 0 d——– C:\Program Files\DivX
    2007-02-22 21:57:11 0 d——– C:\WINDOWS\RegisteredPackages<REGIST~2>
    2007-02-22 21:56:43 225280 –a—— C:\WINDOWS\System32\wmpdxm.dll
    2007-02-22 21:56:43 106496 –a—— C:\WINDOWS\System32\wmpasf.dll
    2007-02-22 21:56:43 167936 –a—— C:\WINDOWS\System32\wmerror.dll
    2007-02-22 21:56:42 52224 –a—— C:\WINDOWS\System32\mspmsnsv.dll
    2007-02-22 21:56:40 997888 –a—— C:\WINDOWS\System32\wmvdmoe2.dll
    2007-02-22 21:56:40 892416 –a—— C:\WINDOWS\System32\wmspdmoe.dll
    2007-02-22 21:56:40 486536 –a—— C:\WINDOWS\System32\wmspdmod.dll
    2007-02-22 21:56:40 1111040 –a—— C:\WINDOWS\System32\wmsdmoe2.dll
    2007-02-22 21:56:40 143360 –a—— C:\WINDOWS\System32\wmidx.dll
    2007-02-22 21:56:40 384512 –a—— C:\WINDOWS\System32\mp4sdmod.dll
    2007-02-22 21:56:40 316040 –a—— C:\WINDOWS\System32\mp43dmod.dll
    2007-02-21 21:44:41 0 d——– C:\Program Files\Shareaza
    2007-02-21 21:44:41 0 d——– C:\Documents and Settings\Rive\Application Data\Shareaza
    2007-02-21 21:24:42 19456 –a—— C:\WINDOWS\System32\xlibgfl254.dll<XLIBGF~1.DLL>
    2007-02-21 21:24:42 0 d——– C:\Documents and Settings\Rive\Application Data\ultra
    2007-02-19 00:25:15 0 d——– C:\Program Files\SymNetDrv<SYMNET~1>
    2007-02-19 00:22:24 0 d——– C:\Program Files\Norton AntiSpam<NORTON~1>
    2007-02-19 00:21:53 0 d——– C:\Documents and Settings\Rive\Application Data\Symantec
    2007-02-19 00:21:52 0 d——– C:\Program Files\Common Files\Symantec Shared<SYMANT~1>
    2007-02-19 00:21:43 0 d——– C:\Program Files\Symantec
    2007-02-19 00:21:37 0 d——– C:\Documents and Settings\All Users\Application Data\Symantec
    2007-02-18 23:42:12 64000 –a—— C:\WINDOWS\System32\ECBTEG.DLL
    2007-02-18 23:42:12 79622 –a—— C:\WINDOWS\System32\EBPMON24.DLL
    2007-02-18 23:42:12 34304 –a—— C:\WINDOWS\System32\EBPCHP.DLL
    2007-02-18 23:42:12 31744 –a—— C:\WINDOWS\System32\E_DCINST.DLL
    2007-02-18 23:41:09 0 d——– C:\Program Files\EPSON
    2007-02-18 23:32:16 182880 –a—— C:\WINDOWS\System32\iuengine.dll
    2007-02-18 23:32:04 24960 –a—— C:\WINDOWS\System32\drivers\usbprint.sys
    2007-02-18 23:31:56 28160 –a—— C:\WINDOWS\System32\drivers\usbccgp.sys
    2007-02-17 00:19:13 0 d——– C:\WINDOWS\LastGood(2)<LASTGO~1>
    2007-02-17 00:18:13 0 d——– C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage<WINDOW~1>
    2007-02-17 00:13:00 0 d——– C:\WINDOWS\$hf_mig$
    2007-02-17 00:09:54 0 d——– C:\WINDOWS\SoftwareDistribution<SOFTWA~1>
    2007-02-17 00:00:22 0 d——– C:\Program Files\Valve
    2007-02-17 00:00:21 262144 –a—— C:\Documents and Settings\NetworkService
    tuser.dat
    2007-02-17 00:00:21 262144 –a—— C:\Documents and Settings\LocalService
    tuser.dat
    2007-02-16 19:20:36 0 d——– C:\Documents and Settings\Rive\Application Data\Help
    2007-02-16 02:35:47 0 d-a—— C:\Documents and Settings\All Users\Application Data\TEMP
    2007-02-16 02:35:32 348160 –a—— C:\WINDOWS\System32\msvcr71.dll
    2007-02-16 02:35:32 499712 –a—— C:\WINDOWS\System32\msvcp71.dll
    2007-02-16 02:21:05 0 d——– C:\WINDOWS\McAfee.com
    2007-02-16 02:09:10 334344 –a—— C:\WINDOWS\runrbt.exe
    2007-02-16 01:58:38 45056 –a—— C:\x3ao7s6w9y3.exe<X3AO7S~1.EXE>
    2007-02-16 01:55:15 4992 –a—— C:\WINDOWS\System32\drivers\MSTEE.sys
    2007-02-16 01:55:14 14592 –a—— C:\WINDOWS\System32\drivers\StreamIP.sys
    2007-02-16 01:55:14 8064 –a—— C:\WINDOWS\System32\drivers\NdisIP.sys
    2007-02-16 01:55:13 18560 –a—— C:\WINDOWS\System32\drivers\WSTCODEC.SYS
    2007-02-16 01:55:13 10752 –a—— C:\WINDOWS\System32\drivers\SLIP.sys
    2007-02-16 01:55:13 83712 –a—— C:\WINDOWS\System32\drivers\NABTSFEC.sys
    2007-02-16 01:55:12 16384 –a—— C:\WINDOWS\System32\drivers\CCDECODE.sys
    2007-02-16 01:55:11 50176 –a—— C:\WINDOWS\System32\vfwwdm32.dll
    2007-02-16 01:52:56 77440 –a—— C:\WINDOWS\System32\drivers\wdmaud.sys
    2007-02-16 01:52:56 5888 –a—— C:\WINDOWS\System32\drivers\splitter.sys
    2007-02-16 01:52:55 54272 –a—— C:\WINDOWS\System32\drivers\swmidi.sys
    2007-02-16 01:52:55 50048 –a—— C:\WINDOWS\System32\drivers\DMusic.sys
    2007-02-16 01:52:55 142208 –a—— C:\WINDOWS\System32\drivers\aec.sys
    2007-02-16 01:52:54 159360 –a—— C:\WINDOWS\System32\drivers\kmixer.sys
    2007-02-16 01:52:54 2816 –a—— C:\WINDOWS\System32\drivers\drmkaud.sys
    2007-02-16 01:52:43 56832 –a—— C:\WINDOWS\System32\drivers\sysaudio.sys
    2007-02-16 01:52:32 712704 -ra—— C:\WINDOWS\System32\Audio3D.dll
    2007-02-16 01:52:32 712704 -ra—— C:\WINDOWS\System32\a3d.dll
    2007-02-16 01:52:31 16384 -ra—— C:\WINDOWS\System32\udaprop.dll
    2007-02-16 01:52:31 1258432 -ra—— C:\WINDOWS\System32\drivers\cmudax.sys
    2007-02-16 01:52:31 57344 -ra—— C:\WINDOWS\System32\cmudax.dll
    2007-02-16 01:52:31 233472 -ra—— C:\WINDOWS\System32\cmirmdrv.exe
    2007-02-16 01:52:31 28672 -ra—— C:\WINDOWS\System32\cmirmdrv.dll
    2007-02-16 01:52:31 315392 -ra—— C:\WINDOWS\system\cmifltr.dll
    2007-02-16 01:52:31 917504 -ra—— C:\WINDOWS\system\cmids3d.dll
    2007-02-16 01:52:30 0 d——– C:\WINDOWS\System32\ReinstallBackups<REINST~1>
    2007-02-16 01:52:30 4096 –a—— C:\WINDOWS\System32\ksuser.dll
    2007-02-16 01:52:30 44416 –a—— C:\WINDOWS\System32\drivers\stream.sys
    2007-02-16 01:52:30 131712 –a—— C:\WINDOWS\System32\drivers\ks.sys
    2007-02-16 01:52:30 57856 –a—— C:\WINDOWS\System32\drivers\drmk.sys
    2007-02-16 01:52:29 4608 –a—— C:\WINDOWS\System32\drivers\MSPQM.sys
    2007-02-16 01:52:29 7040 –a—— C:\WINDOWS\System32\drivers\MSKSSRV.sys
    2007-02-16 01:52:28 5120 –a—— C:\WINDOWS\System32\drivers\MSPCLOCK.sys
    2007-02-16 01:51:58 327168 –a—— C:\WINDOWS\IsUn0413.exe
    2007-02-16 01:51:25 105984 –a—— C:\WINDOWS\System32\drivers\atinrvxx.sys
    2007-02-16 01:51:25 13824 –a—— C:\WINDOWS\System32\drivers\atinmdxx.sys
    2007-02-16 01:51:25 32768 –a—— C:\WINDOWS\System32\ativtmxx.dll
    2007-02-16 01:51:05 294912 -ra—— C:\WINDOWS\System32\atiiiexx.dll
    2007-02-16 01:51:04 151552 -ra—— C:\WINDOWS\System32\ATIDEMGR.dll
    2007-02-16 01:50:53 0 d——– C:\Program Files\ATI Technologies<ATITEC~1>
    2007-02-16 01:49:59 0 d–h—– C:\Program Files\InstallShield Installation Information<INSTAL~1>
    2007-02-16 01:49:49 0 d——– C:\Program Files\Common Files\InstallShield<INSTAL~1>
    2007-02-16 01:49:40 0 d——– C:\Program Files\CA
    2007-02-16 01:49:17 306688 –a—— C:\WINDOWS\IsUninst.exe
    2007-02-16 01:37:58 0 d——– C:\Documents and Settings\Rive\Application Data\Lavasoft
    2007-02-16 01:37:55 0 d——– C:\Program Files\Lavasoft
    2007-02-16 01:37:48 0 d——– C:\Program Files\Common Files\Wise Installation Wizard<WISEIN~1>
    2007-02-16 01:36:17 0 d—s—- C:\Documents and Settings\Rive\UserData
    2007-02-16 01:31:18 0 dr-h—– C:\Documents and Settings\Rive\Onlangs geopend<ONLANG~1>
    2007-02-16 01:30:09 0 d——– C:\Program Files\CCleaner
    2007-02-16 01:11:34 0 d——– C:\halflife
    2007-02-16 01:11:28 1610240 —–n— C:\TLUNOS.EXE
    2007-02-15 21:56:15 3072 –a—— C:\WINDOWS\System32\drivers\audstub.sys
    2007-02-15 21:56:07 14080 –a—— C:\WINDOWS\System32\drivers\kbdhid.sys
    2007-02-15 21:56:04 2688 –a—— C:\WINDOWS\System32\drivers\HIDSwvd.sys
    2007-02-15 21:56:01 54144 –a—— C:\WINDOWS\System32\drivers\GcKernel.sys
    2007-02-15 21:55:57 10240 –a—— C:\WINDOWS\System32\SWPIDFLT.DLL
    2007-02-15 21:55:37 57088 –a—— C:\WINDOWS\System32\drivers\redbook.sys
    2007-02-15 21:55:31 6400 –a—— C:\WINDOWS\System32\drivers\enum1394.sys
    2007-02-15 21:55:13 69120 –a—— C:\WINDOWS\System32\usbui.dll
    2007-02-15 21:54:26 0 d——– C:\Program Files\Common Files\ODBC
    2007-02-15 21:54:23 0 dr——- C:\Program Files<PROGRA~1>
    2007-02-15 21:54:23 0 d——– C:\Program Files\Common Files\SpeechEngines<SPEECH~1>
    2007-02-15 21:54:21 6144 -ra—— C:\WINDOWS\System32\kbdtuq.dll
    2007-02-15 21:54:21 6144 -ra—— C:\WINDOWS\System32\kbdtuf.dll
    2007-02-15 21:54:21 5632 -ra—— C:\WINDOWS\System32\kbdazel.dll
    2007-02-15 21:54:20 5632 -ra—— C:\WINDOWS\System32\kbdmon.dll
    2007-02-15 21:54:20 5632 -ra—— C:\WINDOWS\System32\kbdkyr.dll
    2007-02-15 21:54:18 8192 -ra—— C:\WINDOWS\System32\kbdhept.dll
    2007-02-15 21:54:18 6656 -ra—— C:\WINDOWS\System32\kbdhela3.dll
    2007-02-15 21:54:18 6144 -ra—— C:\WINDOWS\System32\kbdhela2.dll
    2007-02-15 21:54:18 5632 -ra—— C:\WINDOWS\System32\kbdhe319.dll
    2007-02-15 21:54:18 5632 -ra—— C:\WINDOWS\System32\kbdhe220.dll
    2007-02-15 21:54:18 5632 -ra—— C:\WINDOWS\System32\kbdhe.dll
    2007-02-15 21:54:18 6144 -ra—— C:\WINDOWS\System32\kbdgkl.dll
    2007-02-15 21:54:17 6144 -ra—— C:\WINDOWS\System32\kbdlv1.dll
    2007-02-15 21:54:17 6144 -ra—— C:\WINDOWS\System32\kbdlv.dll
    2007-02-15 21:54:17 5632 -ra—— C:\WINDOWS\System32\kbdlt1.dll
    2007-02-15 21:54:17 5632 -ra—— C:\WINDOWS\System32\kbdlt.dll
    2007-02-15 21:54:17 6144 -ra—— C:\WINDOWS\System32\kbdest.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\kbdycl.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\kbdsl1.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\kbdsl.dll
    2007-02-15 21:54:16 5632 -ra—— C:\WINDOWS\System32\kbdro.dll
    2007-02-15 21:54:16 5632 -ra—— C:\WINDOWS\System32\kbdpl1.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\kbdpl.dll
    2007-02-15 21:54:16 5632 -ra—— C:\WINDOWS\System32\kbdhu1.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\kbdhu.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\kbdcz2.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\kbdcz1.dll
    2007-02-15 21:54:16 7168 -ra—— C:\WINDOWS\System32\kbdcz.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\kbdcr.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\KBDAL.DLL
    2007-02-15 21:54:14 24661 –a—— C:\WINDOWS\System32\spxcoins.dll
    2007-02-15 21:54:14 13312 –a—— C:\WINDOWS\System32\irclass.dll
    2007-02-15 21:54:14 103936 –a—— C:\WINDOWS\System32\EqnClass.Dll
    2007-02-15 21:54:14 10496 –a—— C:\WINDOWS\System32\drivers\irenum.sys
    2007-02-15 21:54:14 86556 –a—— C:\WINDOWS\System32\dgsetup.dll
    2007-02-15 21:54:14 176157 –a—— C:\WINDOWS\System32\dgrpsetu.dll
    2007-02-15 21:54:13 9040 –a—— C:\WINDOWS\system\VER.DLL
    2007-02-15 21:54:13 19200 –a—— C:\WINDOWS\system\TAPI.DLL
    2007-02-15 21:54:13 5120 –a—— C:\WINDOWS\system\SHELL.DLL
    2007-02-15 21:54:13 24064 –a—— C:\WINDOWS\system\OLESVR.DLL
    2007-02-15 21:54:13 82944 –a—— C:\WINDOWS\system\OLECLI.DLL
    2007-02-15 21:54:13 126976 –a—— C:\WINDOWS\system\MSVIDEO.DLL
    2007-02-15 21:54:13 70352 –a—— C:\WINDOWS\system\MMSYSTEM.DLL
    2007-02-15 21:54:13 9936 –a—— C:\WINDOWS\system\LZEXPAND.DLL
    2007-02-15 21:54:13 33696 –a—— C:\WINDOWS\system\COMMDLG.DLL
    2007-02-15 21:54:12 15872 –a—— C:\WINDOWS\TASKMAN.EXE
    2007-02-15 21:54:12 6656 –a—— C:\WINDOWS\System32\batt.dll
    2007-02-15 21:54:12 109552 –a—— C:\WINDOWS\system\AVIFILE.DLL
    2007-02-15 21:54:12 70144 –a—— C:\WINDOWS\system\AVICAP.DLL
    2007-02-15 21:54:12 67072 –a—— C:\WINDOWS\NOTEPAD.EXE
    2007-02-15 21:54:11 72704 –a—— C:\WINDOWS\System32\storprop.dll
    2007-02-15 21:54:08 0 d–h—– C:\Documents and Settings\Default User\Sjablonen<SJABLO~1>
    2007-02-15 21:54:08 0 d–h—– C:\Documents and Settings\Default User\Onlangs geopend<ONLANG~1>
    2007-02-15 21:54:08 0 d–h—– C:\Documents and Settings\Default User\Netwerkprinteromgeving<NETWER~1>
    2007-02-15 21:54:08 0 d——– C:\Documents and Settings\Default User\Mijn documenten<MIJNDO~1>
    2007-02-15 21:54:08 0 dr——- C:\Documents and Settings\Default User\Menu Start<MENUST~1>
    2007-02-15 21:54:08 0 d——– C:\Documents and Settings\Default User\Favorieten<FAVORI~1>
    2007-02-15 21:54:08 0 d——– C:\Documents and Settings\Default User\Bureaublad<BUREAU~1>
    2007-02-15 21:54:08 0 d–h—– C:\Documents and Settings\All Users\Sjablonen<SJABLO~1>
    2007-02-15 21:54:08 0 dr——- C:\Documents and Settings\All Users\Menu Start<MENUST~1>
    2007-02-15 21:54:08 0 d——– C:\Documents and Settings\All Users\Favorieten<FAVORI~1>
    2007-02-15 21:54:08 0 dr——- C:\Documents and Settings\All Users\Documenten<DOCUME~1>
    2007-02-15 21:54:08 0 d——– C:\Documents and Settings\All Users\Bureaublad<BUREAU~1>
    2007-02-15 21:54:00 0 d——– C:\WINDOWS\System32\CatRoot2
    2007-02-15 21:54:00 0 d——– C:\WINDOWS\System32\CatRoot
    2007-02-15 21:53:40 0 d——– C:\Documents and Settings<DOCUME~1>
    2007-02-15 21:50:05 0 d——– C:\WINDOWS
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\WinSxS
    2007-02-15 21:50:05 0 dr——- C:\WINDOWS\Web
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\twain_32
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\system32
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\wins
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\wbem
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\usmt
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\spool
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\ShellExt
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\Setup
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\ras
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\oobe
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32
    pp
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\mui
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\inetsrv
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\IME
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\icsxml
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\ias
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\export
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\drivers
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\drivers\etc
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\drivers\disdn
    2007-02-15 21:50:05 0 dr-hs–c- C:\WINDOWS\System32\dllcache
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\dhcp
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\config
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\3com_dmi
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\3076
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\2052
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1054
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1043
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1042
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1041
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1037
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1033
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1031
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1028
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1025
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\system
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\security
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\Resources<RESOUR~1>
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\repair
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\mui
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\msapps
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\msagent
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\Media
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\java
    2007-02-15 21:50:05 0 d–h—– C:\WINDOWS\inf
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\ime
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\Help
    2007-02-15 21:50:05 0 dr–s—- C:\WINDOWS\Fonts
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\Driver Cache<DRIVER~1>
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\Debug
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\Cursors
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\Connection Wizard<CONNEC~1>
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\Config
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\AppPatch
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\addins
    2007-02-15 21:29:10 0 d–h—– C:\Program Files\Common Files\tjd
    2007-02-15 21:26:29 0 d——– C:\Documents and Settings\Rive\Application Data\AdobeUM
    2007-02-15 21:26:25 0 d——– C:\Program Files\Common Files\Adobe
    2007-02-15 21:26:25 0 d——– C:\Documents and Settings\Rive\Application Data\Adobe
    2007-02-15 21:26:10 0 d——– C:\Documents and Settings\All Users\Application Data\Adobe
    2007-02-15 21:25:41 0 d——– C:\WINDOWS\Cache
    2007-02-15 21:20:43 40960 -ra—— C:\WINDOWS\System32\drivers\fetnd5b.sys
    2007-02-15 21:05:06 0 d–hs—- C:\WINDOWS\Installer<INSTAL~1>
    2007-02-15 21:04:58 0 dr——- C:\Documents and Settings\Rive\Mijn documenten<MIJNDO~1>
    2007-02-15 21:04:58 0 dr——- C:\Documents and Settings\Rive\Menu Start<MENUST~1>
    2007-02-15 21:04:58 0 dr——- C:\Documents and Settings\Rive\Favorieten<FAVORI~1>
    2007-02-15 21:04:58 0 d——– C:\Documents and Settings\Rive\Bureaublad<BUREAU~1>
    2007-02-15 21:04:57 0 d–h—– C:\Documents and Settings\Rive\Sjablonen<SJABLO~1>
    2007-02-15 21:04:57 1572864 –a—— C:\Documents and Settings\Rive\NTUSER.DAT
    2007-02-15 21:04:57 0 d–h—– C:\Documents and Settings\Rive\Netwerkprinteromgeving<NETWER~1>
    2007-02-15 21:04:27 0 d——– C:\WINDOWS\Prefetch
    2007-02-15 20:59:34 0 d——– C:\WINDOWS\System32\xircom
    2007-02-15 20:59:34 0 d——– C:\Program Files\microsoft frontpage<MICROS~1>
    2007-02-15 20:59:32 229376 —h—– C:\Documents and Settings\Default User\NTUSER.DAT
    2007-02-15 20:59:25 112128 –a—— C:\WINDOWS\System32\mapi32.dll
    2007-02-15 20:59:02 0 d–hs—- C:\Documents and Settings\All Users\DRM
    2007-02-15 20:58:57 0 dr——- C:\WINDOWS\Offline Web Pages<OFFLIN~1>
    2007-02-15 20:58:57 0 d—s—- C:\WINDOWS\Downloaded Program Files<DOWNLO~1>
    2007-02-15 20:58:40 0 d——– C:\WINDOWS\System32\DirectX
    2007-02-15 20:58:21 40960 –a—— C:\WINDOWS\System32\safrslv.dll
    2007-02-15 20:58:21 26624 –a—— C:\WINDOWS\System32\safrdm.dll
    2007-02-15 20:58:21 39424 –a—— C:\WINDOWS\System32\safrcdlg.dll
    2007-02-15 20:58:21 33792 –a—— C:\WINDOWS\System32\racpldlg.dll
    2007-02-15 20:58:21 11264 –a—— C:\WINDOWS\System32\atrace.dll
    2007-02-15 20:58:13 12288 –a—— C:\WINDOWS\System32
    mevtmsg.dll
    2007-02-15 20:58:13 32768 –a—— C:\WINDOWS\System32\mnmsrvc.exe
    2007-02-15 20:58:13 28672 –a—— C:\WINDOWS\System32\isrdbg32.dll
    2007-02-15 20:58:12 67584 –a—— C:\WINDOWS\System32\acctres.dll
    2007-02-15 20:58:11 49664 –a—— C:\WINDOWS\System32\inetres.dll
    2007-02-15 20:58:09 0 d—s—- C:\WINDOWS\Tasks
    2007-02-15 20:58:09 81920 –a—— C:\WINDOWS\System32\isign32.dll
    2007-02-15 20:58:09 270336 –a—— C:\WINDOWS\System32\inetcfg.dll
    2007-02-15 20:58:09 61440 –a—— C:\WINDOWS\System32\icwphbk.dll
    2007-02-15 20:58:09 69632 –a—— C:\WINDOWS\System32\icwdial.dll
    2007-02-15 20:58:09 16384 –a—— C:\WINDOWS\System32\icfgnt5.dll
    2007-02-15 20:58:07 0 d——– C:\Program Files\Common Files\MSSoap
    2007-02-15 20:58:04 0 d——– C:\WINDOWS\srchasst
    2007-02-15 20:58:03 17408 –a—— C:\WINDOWS\System32\qmgrprxy.dll
    2007-02-15 20:58:03 17408 –a—— C:\WINDOWS\System32\qmgrprxy(2).dll<QMGRPR~1.DLL>
    2007-02-15 20:58:03 223232 –a—— C:\WINDOWS\System32\qmgr.dll
    2007-02-15 20:58:03 0 d——– C:\WINDOWS\System32\Macromed
    2007-02-15 20:58:02 0 d——– C:\Program Files\Movie Maker<MOVIEM~1>
    2007-02-15 20:57:59 158720 –a—— C:\WINDOWS\System32\srsvc.dll
    2007-02-15 20:57:59 228352 –a—— C:\WINDOWS\System32\srrstr.dll
    2007-02-15 20:57:59 63488 –a—— C:\WINDOWS\System32\srclient.dll
    2007-02-15 20:57:59 0 d——– C:\WINDOWS\System32\Restore
    2007-02-15 20:57:59 73728 –a—— C:\WINDOWS\System32\ils.dll
    2007-02-15 20:57:59 69248 –a—— C:\WINDOWS\System32\drivers\sr.sys
    2007-02-15 20:57:59 0 d——– C:\WINDOWS\PCHealth
    2007-02-15 20:57:58 24576 –a—— C:\WINDOWS\System32
    mmkcert.dll
    2007-02-15 20:57:58 65536 –a—— C:\WINDOWS\System32\msconf.dll
    2007-02-15 20:57:58 32256 –a—— C:\WINDOWS\System32\mnmdd.dll
    2007-02-15 20:57:57 81408 –a—— C:\WINDOWS\System32\msoert2.dll
    2007-02-15 20:57:57 228864 –a—— C:\WINDOWS\System32\msoeacct.dll
    2007-02-15 20:57:56 587776 –a—— C:\WINDOWS\System32\inetcomm.dll
    2007-02-15 20:57:55 160256 –a—— C:\WINDOWS\System32\schedsvc.dll
    2007-02-15 20:57:55 9728 –a—— C:\WINDOWS\System32\mstinit.exe
    2007-02-15 20:57:55 253952 –a—— C:\WINDOWS\System32\mstask.dll
    2007-02-15 20:57:51 21748 –a—— C:\WINDOWS\System32\emptyregdb.dat<EMPTYR~1.DAT>
    2007-02-15 20:57:46 0 d——– C:\WINDOWS\Registration<REGIST~1>
    2007-02-15 20:57:31 0 d–h—– C:\Program Files\WindowsUpdate<WINDOW~3>
    2007-02-15 20:57:31 0 d——– C:\Program Files\Online Services<ONLINE~1>
    2007-02-15 20:57:29 0 d——– C:\Program Files\Messenger<MESSEN~1>
    2007-02-15 20:57:25 5632 –a—— C:\WINDOWS\System32\write.exe
    2007-02-15 20:57:25 0 d——– C:\Program Files\MSN Gaming Zone<MSNGAM~1>
    2007-02-15 20:57:19 139264 –a—— C:\WINDOWS\System32\sndvol32.exe
    2007-02-15 20:57:19 125440 –a—— C:\WINDOWS\System32\sndrec32.exe
    2007-02-15 20:57:19 495616 –a—— C:\WINDOWS\System32\hypertrm.dll
    2007-02-15 20:57:19 44544 –a—— C:\WINDOWS\System32\hticons.dll
    2007-02-15 20:57:19 73216 –a—— C:\WINDOWS\System32\avwav.dll
    2007-02-15 20:57:19 233472 –a—— C:\WINDOWS\System32\avtapi.dll
    2007-02-15 20:57:19 16384 –a—— C:\WINDOWS\System32\avmeter.dll
    2007-02-15 20:57:19 182784 –a—— C:\WINDOWS\System32\accwiz.exe
    2007-02-15 20:57:18 35840 –a—— C:\WINDOWS\System32\winchat.exe
    2007-02-15 20:57:14 119808 –a—— C:\WINDOWS\System32\winmine.exe
    2007-02-15 20:57:14 57344 –a—— C:\WINDOWS\System32\sol.exe
    2007-02-15 20:57:14 662528 –a—— C:\WINDOWS\System32\getuname.dll
    2007-02-15 20:57:14 80896 –a—— C:\WINDOWS\System32\charmap.exe
    2007-02-15 20:57:14 114688 –a—— C:\WINDOWS\System32\calc.exe
    2007-02-15 20:57:13 1161 –a—— C:\WINDOWS\System32\usrlogon.cmd
    2007-02-15 20:57:13 17920 –a—— C:\WINDOWS\System32\tsshutdn.exe
    2007-02-15 20:57:13 16384 –a—— C:\WINDOWS\System32\tskill.exe
    2007-02-15 20:57:13 15360 –a—— C:\WINDOWS\System32\tsdiscon.exe
    2007-02-15 20:57:13 15360 –a—— C:\WINDOWS\System32\tscon.exe
    2007-02-15 20:57:13 15360 –a—— C:\WINDOWS\System32\shadow.exe
    2007-02-15 20:57:13 16384 –a—— C:\WINDOWS\System32\rwinsta.exe
    2007-02-15 20:57:13 9728 –a—— C:\WINDOWS\System32\reset.exe
    2007-02-15 20:57:13 33792 –a—— C:\WINDOWS\System32\regini.exe
    2007-02-15 20:57:13 61952 –a—— C:\WINDOWS\System32\rdshost.exe
    2007-02-15 20:57:13 4608 –a—— C:\WINDOWS\System32\rdpcfgex.dll
    2007-02-15 20:57:13 23040 –a—— C:\WINDOWS\System32\qwinsta.exe
    2007-02-15 20:57:13 128000 –a—— C:\WINDOWS\System32\mshearts.exe
    2007-02-15 20:57:13 55808 –a—— C:\WINDOWS\System32\freecell.exe
    2007-02-15 20:57:13 20232 –a—— C:\WINDOWS\System32\drivers\tdtcp.sys
    2007-02-15 20:57:13 11144 –a—— C:\WINDOWS\System32\drivers\tdpipe.sys
    2007-02-15 20:57:12 9728 –a—— C:\WINDOWS\System32\xolehlp.dll
    2007-02-15 20:57:12 18944 –a—— C:\WINDOWS\System32\qprocess.exe
    2007-02-15 20:57:12 17408 –a—— C:\WINDOWS\System32\qappsrv.exe
    2007-02-15 20:57:12 83968 –a—— C:\WINDOWS\System32\mtxoci.dll
    2007-02-15 20:57:12 83968 –a—— C:\WINDOWS\System32\mtxoci(3).dll<MTXOCI~2.DLL>
    2007-02-15 20:57:12 83968 –a—— C:\WINDOWS\System32\mtxoci(2).dll<MTXOCI~1.DLL>
    2007-02-15 20:57:12 22016 –a—— C:\WINDOWS\System32\msg.exe
    2007-02-15 20:57:12 151040 –a—— C:\WINDOWS\System32\msdtcuiu.dll
    2007-02-15 20:57:12 869376 –a—— C:\WINDOWS\System32\msdtctm.dll
    2007-02-15 20:57:12 54784 –a—— C:\WINDOWS\System32\msdtclog.dll
    2007-02-15 20:57:12 6144 –a—— C:\WINDOWS\System32\msdtc.exe
    2007-02-15 20:57:12 15360 –a—— C:\WINDOWS\System32\logoff.exe
    2007-02-15 20:57:12 15872 –a—— C:\WINDOWS\System32\cdmodem.dll
    2007-02-15 20:57:11 25088 –a—— C:\WINDOWS\System32\mtxlegih.dll
    2007-02-15 20:57:11 4096 –a—— C:\WINDOWS\System32\mtxex.dll
    2007-02-15 20:57:11 20480 –a—— C:\WINDOWS\System32\mtxdm.dll
    2007-02-15 20:57:11 5120 –a—— C:\WINDOWS\System32\dcomcnfg.exe
    2007-02-15 20:57:11 82432 –a—— C:\WINDOWS\System32\comrepl.dll
    2007-02-15 20:57:11 25600 –a—— C:\WINDOWS\System32\comaddin.dll
    2007-02-15 20:57:11 56832 –a—— C:\WINDOWS\System32\colbact.dll
    2007-02-15 20:57:11 56832 –a—— C:\WINDOWS\System32\colbact(3).dll<COLBAC~2.DLL>
    2007-02-15 20:57:10 54272 –a—— C:\WINDOWS\System32\stclient.dll
    2007-02-15 20:57:10 495616 –a—— C:\WINDOWS\System32\comuid.dll
    2007-02-15 20:57:10 147456 –a—— C:\WINDOWS\System32\comsnap.dll
    2007-02-15 20:57:10 468480 –a—— C:\WINDOWS\System32\clbcatq.dll
    2007-02-15 20:57:10 468480 –a—— C:\WINDOWS\System32\clbcatq(3).dll<CLBCAT~2.DLL>
    2007-02-15 20:57:10 100864 –a—— C:\WINDOWS\System32\clbcatex.dll
    2007-02-15 20:57:10 85504 –a—— C:\WINDOWS\System32\catsrvps.dll
    2007-02-15 20:57:10 215040 –a—— C:\WINDOWS\System32\catsrv.dll
    2007-02-15 20:57:10 215040 –a—— C:\WINDOWS\System32\catsrv(3).dll<CATSRV~3.DLL>
    2007-02-15 20:57:05 53248 –a—— C:\WINDOWS\System32\servdeps.dll
    2007-02-15 20:57:05 16896 –a—— C:\WINDOWS\System32\mmfutil.dll
    2007-02-15 20:57:05 178176 –a—— C:\WINDOWS\System32\cmprops.dll
    2007-02-15 20:57:02 117760 –a—— C:\WINDOWS\System32\mplay32.exe
    2007-02-15 20:57:02 0 d——– C:\Program Files\Windows NT<WINDOW~1>
    2007-02-15 20:57:01 9216 –a—— C:\WINDOWS\System32\wuauserv.dll
    2007-02-15 20:57:01 189952 –a—— C:\WINDOWS\System32\wuaueng.dll
    2007-02-15 20:57:01 141824 –a—— C:\WINDOWS\System32\wuauclt.exe
    2007-02-15 20:57:01 534528 –a—— C:\WINDOWS\System32\spider.exe
    2007-02-15 20:57:01 342528 –a—— C:\WINDOWS\System32\mspaint.exe
    2007-02-15 20:57:01 115976 –a—— C:\WINDOWS\System32\drivers\rdpwd.sys
    2007-02-15 20:57:01 99840 –a—— C:\WINDOWS\System32\clipbrd.exe
    2007-02-15 20:57:00 40960 –a—— C:\WINDOWS\System32\tscupgrd.exe
    2007-02-15 20:57:00 88576 –a—— C:\WINDOWS\System32\tscfgwmi.dll
    2007-02-15 20:57:00 202240 –a—— C:\WINDOWS\System32\termsrv.dll
    2007-02-15 20:57:00 130048 –a—— C:\WINDOWS\System32\sessmgr.exe
    2007-02-15 20:57:00 57344 –a—— C:\WINDOWS\System32\remotepg.dll
    2007-02-15 20:57:00 12288 –a—— C:\WINDOWS\System32\rdsaddin.exe
    2007-02-15 20:57:00 75912 –a—— C:\WINDOWS\System32\rdpwsx.dll
    2007-02-15 20:57:00 14848 –a—— C:\WINDOWS\System32\rdpsnd.dll
    2007-02-15 20:57:00 44032 –a—— C:\WINDOWS\System32\rdpclip.exe
    2007-02-15 20:57:00 135680 –a—— C:\WINDOWS\System32\rdchost.dll
    2007-02-15 20:57:00 598016 –a—— C:\WINDOWS\System32\mstscax.dll
    2007-02-15 20:57:00 393728 –a—— C:\WINDOWS\System32\mstsc.exe
    2007-02-15 20:56:59 359936 –a—— C:\WINDOWS\System32\msdtcprx.dll
    2007-02-15 20:56:59 0 d——– C:\WINDOWS\System32\MsDtc
    2007-02-15 20:56:59 9216 –a—— C:\WINDOWS\System32\icaapi.dll
    2007-02-15 20:56:59 0 d——– C:\WINDOWS\System32\Com
    2007-02-15 20:56:59 33280 –a—— C:\WINDOWS\System32\cfgbkend.dll
    2007-02-15 20:56:59 582656 –a—— C:\WINDOWS\System32\catsrvut.dll
    2007-02-15 20:56:59 582656 –a—— C:\WINDOWS\System32\catsrvut(3).dll<CATSRV~4.DLL>
    2007-02-15 20:56:58 1172992 –a—— C:\WINDOWS\System32\comsvcs.dll
    2007-02-15 20:56:58 1172992 –a—— C:\WINDOWS\System32\comsvcs(3).dll<COMSVC~2.DLL>
    2007-02-15 20:56:56 57856 –a—— C:\WINDOWS\System32\licwmi.dll
    2007-02-15 20:56:53 38024 –a—— C:\WINDOWS\System32\drivers\termdd.sys
    2007-02-15 20:56:53 182400 –a—— C:\WINDOWS\System32\drivers\rdpdr.sys
    2007-02-12 12:07:49 0 d——– C:\epson
    2007-02-10 02:53:43 0 d–hs—- C:\RECYCLER
    2007-02-10 01:35:35 0 d——– C:\62cfec6ecc6b4e67026ba8<62CFEC~1>
    2007-02-09 23:41:53 0 d–hs—- C:\System Volume Information<SYSTEM~1>
    2007-02-09 23:38:51 0 -rahs—- C:\MSDOS.SYS
    2007-02-09 23:38:51 0 -rahs—- C:\IO.SYS
    2007-02-09 23:38:51 0 –a—— C:\CONFIG.SYS
    2007-02-09 23:38:51 0 –a—— C:\AUTOEXEC.BAT
    2007-02-01 05:56:06 823296 –a—— C:\WINDOWS\System32\divx_xx07.dll<DIVX_X~2.DLL>
    2007-02-01 05:56:05 802816 –a—— C:\WINDOWS\System32\divx_xx11.dll<DIVX_X~3.DLL>
    2007-02-01 05:56:05 823296 –a—— C:\WINDOWS\System32\divx_xx0c.dll<DIVX_X~1.DLL>
    2007-02-01 05:56:04 639066 –a—— C:\WINDOWS\System32\DivX.dll
    2007-01-31 22:27:01 524288 –a—— C:\WINDOWS\System32\DivXsm.exe
    2007-01-31 00:15:10 118784 –a—— C:\WINDOWS\System32\DivXCodecUpdateChecker.exe<DIVXCO~1.EXE>
    2007-01-30 06:03:40 3596288 –a—— C:\WINDOWS\System32\qt-dx331.dll
    2007-01-30 06:03:26 200704 –a—— C:\WINDOWS\System32\ssldivx.dll
    2007-01-30 06:03:26 1044480 –a—— C:\WINDOWS\System32\libdivx.dll
    2007-01-30 05:56:56 196608 –a—— C:\WINDOWS\System32\dtu100.dll
    2007-01-30 05:56:56 73728 –a—— C:\WINDOWS\System32\dpl100.dll
    2007-01-30 05:56:54 53248 –a—— C:\WINDOWS\System32\dpuGUI10.dll
    2007-01-30 05:56:52 57344 –a—— C:\WINDOWS\System32\dpv11.dll
    2007-01-30 05:56:52 344064 –a—— C:\WINDOWS\System32\dpus11.dll
    2007-01-30 05:56:52 593920 –a—— C:\WINDOWS\System32\dpuGUI11.dll
    2007-01-30 05:56:52 294912 –a—— C:\WINDOWS\System32\dpu11.dll
    2007-01-30 05:56:52 294912 –a—— C:\WINDOWS\System32\dpu10.dll


    – Find3M Report —————————————————————-

    2007-02-23 21:54:28 0 d—s—- C:\Documents and Settings\Rive\Application Data\Microsoft<MICROS~1>
    2007-02-23 01:40:30 0 d——– C:\Documents and Settings\Rive\Application Data\Mozilla
    2007-02-16 02:00:46 364940 –a—— C:\WINDOWS\System32\perfh013.dat
    2007-02-16 02:00:46 54028 –a—— C:\WINDOWS\System32\perfc013.dat
    2007-02-16 01:56:45 17408 –a—— C:\WINDOWS\System32\tftp.exe
    2007-02-16 01:56:45 43008 –a—— C:\WINDOWS\System32\ftp.exe
    2007-02-15 23:17:08 0 d——– C:\Documents and Settings\Rive\Application Data\Macromedia<MACROM~1>
    2007-02-15 21:54:08 62 –ahs—- C:\Documents and Settings\Rive\Application Data\desktop.ini
    2007-02-15 21:26:37 134656 –a—— C:\WINDOWS\System32\sfc_os.dll
    2007-02-15 21:05:04 0 d——– C:\Documents and Settings\Rive\Application Data\Identities<IDENTI~1>
    2006-12-12 17:24:42 12288 –a—— C:\WINDOWS\System32\DivXWMPExtType.dll<DIVXWM~1.DLL>


    – Registry Dump —————————————————————-


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "Steam"="C:\\Program Files\\Valve\\Steam\Steam.exe -silent"


    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, xlibgfl254.dll"

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0


    [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e7fc742-bd35-11db-b616-806d6172696f}]
    Shell\AutoRun\command N:\AUTORUN.EXE

    [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e7fc743-bd35-11db-b616-806d6172696f}]
    Shell\AutoRun\command O:\Menu95.exe


    – End of ComboScan: finished at 2007-02-23 at 23:27:09 ————————-








  • 1) Open een kladblokbestand.
    2) Kopieer onderstaande code in dit kladblokbestand.
    3) Ga naar Bestand - Opslaan als.
    -Bij "Opslaan in" kies je: Bureaublad
    -Bij "Bestandsnaam" zet je: fix.reg
    -Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
    -Klik op de knop Opslaan.[code:1:367b14d80b]REGEDIT4

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
    "SecurityProviders"=-

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"[/code:1:367b14d80b]4) Dubbelklik op de fix.reg file en laat de wijzigingen aan het register toevoegen.

    Herstart je PC en post een nieuw logje van Comboscan ;)
  • ComboScan v20070221.16 run by Rive on 2007-02-24 at 00:22:21
    Computer is in Normal Mode.
    ——————————————————————————–



    – HijackThis (run as Rive.exe) ————————————————-

    Logfile of HijackThis v1.99.1
    Scan saved at 0:22:23, on 24-2-2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\userinit.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\Program Files\Valve\Steam\Steam.exe
    C:\Documents and Settings\Rive\Bureaublad\comboscan.exe
    C:\Program Files\HijackThis\Rive.exe

    O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
    O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe


    – Files created between 2007-01-24 and 2007-02-24 ——————————

    2007-02-23 23:26:48 0 d——– C:\Program Files\HijackThis<HIJACK~1>
    2007-02-23 20:21:20 0 d——– C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy<SPYBOT~1>
    2007-02-23 19:47:26 24576 –a—— C:\WINDOWS\System32\xpsp1hfm.exe
    2007-02-23 17:50:07 0 d——– C:\Program Files\Kaspersky Lab<KASPER~1>
    2007-02-23 17:45:26 0 d——– C:\kav
    2007-02-23 01:40:31 0 –a—— C:\WINDOWS
    sreg.dat
    2007-02-23 01:40:26 0 d——– C:\Program Files\Google
    2007-02-23 01:40:22 2951 –a—— C:\WINDOWS\mozver.dat
    2007-02-23 01:40:22 0 d——– C:\Program Files\Mozilla Firefox<MOZILL~1>
    2007-02-23 01:39:58 0 d——– C:\Program Files\DivX
    2007-02-22 21:57:11 0 d——– C:\WINDOWS\RegisteredPackages<REGIST~2>
    2007-02-22 21:56:43 225280 –a—— C:\WINDOWS\System32\wmpdxm.dll
    2007-02-22 21:56:43 106496 –a—— C:\WINDOWS\System32\wmpasf.dll
    2007-02-22 21:56:43 167936 –a—— C:\WINDOWS\System32\wmerror.dll
    2007-02-22 21:56:42 52224 –a—— C:\WINDOWS\System32\mspmsnsv.dll
    2007-02-22 21:56:40 997888 –a—— C:\WINDOWS\System32\wmvdmoe2.dll
    2007-02-22 21:56:40 892416 –a—— C:\WINDOWS\System32\wmspdmoe.dll
    2007-02-22 21:56:40 486536 –a—— C:\WINDOWS\System32\wmspdmod.dll
    2007-02-22 21:56:40 1111040 –a—— C:\WINDOWS\System32\wmsdmoe2.dll
    2007-02-22 21:56:40 143360 –a—— C:\WINDOWS\System32\wmidx.dll
    2007-02-22 21:56:40 384512 –a—— C:\WINDOWS\System32\mp4sdmod.dll
    2007-02-22 21:56:40 316040 –a—— C:\WINDOWS\System32\mp43dmod.dll
    2007-02-21 21:44:41 0 d——– C:\Program Files\Shareaza
    2007-02-21 21:44:41 0 d——– C:\Documents and Settings\Rive\Application Data\Shareaza
    2007-02-21 21:24:42 19456 –a—— C:\WINDOWS\System32\xlibgfl254.dll<XLIBGF~1.DLL>
    2007-02-21 21:24:42 0 d——– C:\Documents and Settings\Rive\Application Data\ultra
    2007-02-19 00:25:15 0 d——– C:\Program Files\SymNetDrv<SYMNET~1>
    2007-02-19 00:22:24 0 d——– C:\Program Files\Norton AntiSpam<NORTON~1>
    2007-02-19 00:21:53 0 d——– C:\Documents and Settings\Rive\Application Data\Symantec
    2007-02-19 00:21:52 0 d——– C:\Program Files\Common Files\Symantec Shared<SYMANT~1>
    2007-02-19 00:21:43 0 d——– C:\Program Files\Symantec
    2007-02-19 00:21:37 0 d——– C:\Documents and Settings\All Users\Application Data\Symantec
    2007-02-18 23:42:12 64000 –a—— C:\WINDOWS\System32\ECBTEG.DLL
    2007-02-18 23:42:12 79622 –a—— C:\WINDOWS\System32\EBPMON24.DLL
    2007-02-18 23:42:12 34304 –a—— C:\WINDOWS\System32\EBPCHP.DLL
    2007-02-18 23:42:12 31744 –a—— C:\WINDOWS\System32\E_DCINST.DLL
    2007-02-18 23:41:09 0 d——– C:\Program Files\EPSON
    2007-02-18 23:32:16 182880 –a—— C:\WINDOWS\System32\iuengine.dll
    2007-02-18 23:32:04 24960 –a—— C:\WINDOWS\System32\drivers\usbprint.sys
    2007-02-18 23:31:56 28160 –a—— C:\WINDOWS\System32\drivers\usbccgp.sys
    2007-02-17 00:19:13 0 d——– C:\WINDOWS\LastGood(2)<LASTGO~1>
    2007-02-17 00:18:13 0 d——– C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage<WINDOW~1>
    2007-02-17 00:13:00 0 d——– C:\WINDOWS\$hf_mig$
    2007-02-17 00:09:54 0 d——– C:\WINDOWS\SoftwareDistribution<SOFTWA~1>
    2007-02-17 00:00:22 0 d——– C:\Program Files\Valve
    2007-02-17 00:00:21 262144 –a—— C:\Documents and Settings\NetworkService
    tuser.dat
    2007-02-17 00:00:21 262144 –a—— C:\Documents and Settings\LocalService
    tuser.dat
    2007-02-16 19:20:36 0 d——– C:\Documents and Settings\Rive\Application Data\Help
    2007-02-16 02:35:47 0 d-a—— C:\Documents and Settings\All Users\Application Data\TEMP
    2007-02-16 02:35:32 348160 –a—— C:\WINDOWS\System32\msvcr71.dll
    2007-02-16 02:35:32 499712 –a—— C:\WINDOWS\System32\msvcp71.dll
    2007-02-16 02:21:05 0 d——– C:\WINDOWS\McAfee.com
    2007-02-16 02:09:10 334344 –a—— C:\WINDOWS\runrbt.exe
    2007-02-16 01:58:38 45056 –a—— C:\x3ao7s6w9y3.exe<X3AO7S~1.EXE>
    2007-02-16 01:55:15 4992 –a—— C:\WINDOWS\System32\drivers\MSTEE.sys
    2007-02-16 01:55:14 14592 –a—— C:\WINDOWS\System32\drivers\StreamIP.sys
    2007-02-16 01:55:14 8064 –a—— C:\WINDOWS\System32\drivers\NdisIP.sys
    2007-02-16 01:55:13 18560 –a—— C:\WINDOWS\System32\drivers\WSTCODEC.SYS
    2007-02-16 01:55:13 10752 –a—— C:\WINDOWS\System32\drivers\SLIP.sys
    2007-02-16 01:55:13 83712 –a—— C:\WINDOWS\System32\drivers\NABTSFEC.sys
    2007-02-16 01:55:12 16384 –a—— C:\WINDOWS\System32\drivers\CCDECODE.sys
    2007-02-16 01:55:11 50176 –a—— C:\WINDOWS\System32\vfwwdm32.dll
    2007-02-16 01:52:56 77440 –a—— C:\WINDOWS\System32\drivers\wdmaud.sys
    2007-02-16 01:52:56 5888 –a—— C:\WINDOWS\System32\drivers\splitter.sys
    2007-02-16 01:52:55 54272 –a—— C:\WINDOWS\System32\drivers\swmidi.sys
    2007-02-16 01:52:55 50048 –a—— C:\WINDOWS\System32\drivers\DMusic.sys
    2007-02-16 01:52:55 142208 –a—— C:\WINDOWS\System32\drivers\aec.sys
    2007-02-16 01:52:54 159360 –a—— C:\WINDOWS\System32\drivers\kmixer.sys
    2007-02-16 01:52:54 2816 –a—— C:\WINDOWS\System32\drivers\drmkaud.sys
    2007-02-16 01:52:43 56832 –a—— C:\WINDOWS\System32\drivers\sysaudio.sys
    2007-02-16 01:52:32 712704 -ra—— C:\WINDOWS\System32\Audio3D.dll
    2007-02-16 01:52:32 712704 -ra—— C:\WINDOWS\System32\a3d.dll
    2007-02-16 01:52:31 16384 -ra—— C:\WINDOWS\System32\udaprop.dll
    2007-02-16 01:52:31 1258432 -ra—— C:\WINDOWS\System32\drivers\cmudax.sys
    2007-02-16 01:52:31 57344 -ra—— C:\WINDOWS\System32\cmudax.dll
    2007-02-16 01:52:31 233472 -ra—— C:\WINDOWS\System32\cmirmdrv.exe
    2007-02-16 01:52:31 28672 -ra—— C:\WINDOWS\System32\cmirmdrv.dll
    2007-02-16 01:52:31 315392 -ra—— C:\WINDOWS\system\cmifltr.dll
    2007-02-16 01:52:31 917504 -ra—— C:\WINDOWS\system\cmids3d.dll
    2007-02-16 01:52:30 0 d——– C:\WINDOWS\System32\ReinstallBackups<REINST~1>
    2007-02-16 01:52:30 4096 –a—— C:\WINDOWS\System32\ksuser.dll
    2007-02-16 01:52:30 44416 –a—— C:\WINDOWS\System32\drivers\stream.sys
    2007-02-16 01:52:30 131712 –a—— C:\WINDOWS\System32\drivers\ks.sys
    2007-02-16 01:52:30 57856 –a—— C:\WINDOWS\System32\drivers\drmk.sys
    2007-02-16 01:52:29 4608 –a—— C:\WINDOWS\System32\drivers\MSPQM.sys
    2007-02-16 01:52:29 7040 –a—— C:\WINDOWS\System32\drivers\MSKSSRV.sys
    2007-02-16 01:52:28 5120 –a—— C:\WINDOWS\System32\drivers\MSPCLOCK.sys
    2007-02-16 01:51:58 327168 –a—— C:\WINDOWS\IsUn0413.exe
    2007-02-16 01:51:25 105984 –a—— C:\WINDOWS\System32\drivers\atinrvxx.sys
    2007-02-16 01:51:25 13824 –a—— C:\WINDOWS\System32\drivers\atinmdxx.sys
    2007-02-16 01:51:25 32768 –a—— C:\WINDOWS\System32\ativtmxx.dll
    2007-02-16 01:51:05 294912 -ra—— C:\WINDOWS\System32\atiiiexx.dll
    2007-02-16 01:51:04 151552 -ra—— C:\WINDOWS\System32\ATIDEMGR.dll
    2007-02-16 01:50:53 0 d——– C:\Program Files\ATI Technologies<ATITEC~1>
    2007-02-16 01:49:59 0 d–h—– C:\Program Files\InstallShield Installation Information<INSTAL~1>
    2007-02-16 01:49:49 0 d——– C:\Program Files\Common Files\InstallShield<INSTAL~1>
    2007-02-16 01:49:40 0 d——– C:\Program Files\CA
    2007-02-16 01:49:17 306688 –a—— C:\WINDOWS\IsUninst.exe
    2007-02-16 01:37:58 0 d——– C:\Documents and Settings\Rive\Application Data\Lavasoft
    2007-02-16 01:37:55 0 d——– C:\Program Files\Lavasoft
    2007-02-16 01:37:48 0 d——– C:\Program Files\Common Files\Wise Installation Wizard<WISEIN~1>
    2007-02-16 01:36:17 0 d—s—- C:\Documents and Settings\Rive\UserData
    2007-02-16 01:31:18 0 dr-h—– C:\Documents and Settings\Rive\Onlangs geopend<ONLANG~1>
    2007-02-16 01:30:09 0 d——– C:\Program Files\CCleaner
    2007-02-16 01:11:34 0 d——– C:\halflife
    2007-02-16 01:11:28 1610240 —–n— C:\TLUNOS.EXE
    2007-02-15 21:56:15 3072 –a—— C:\WINDOWS\System32\drivers\audstub.sys
    2007-02-15 21:56:07 14080 –a—— C:\WINDOWS\System32\drivers\kbdhid.sys
    2007-02-15 21:56:04 2688 –a—— C:\WINDOWS\System32\drivers\HIDSwvd.sys
    2007-02-15 21:56:01 54144 –a—— C:\WINDOWS\System32\drivers\GcKernel.sys
    2007-02-15 21:55:57 10240 –a—— C:\WINDOWS\System32\SWPIDFLT.DLL
    2007-02-15 21:55:37 57088 –a—— C:\WINDOWS\System32\drivers\redbook.sys
    2007-02-15 21:55:31 6400 –a—— C:\WINDOWS\System32\drivers\enum1394.sys
    2007-02-15 21:55:13 69120 –a—— C:\WINDOWS\System32\usbui.dll
    2007-02-15 21:54:26 0 d——– C:\Program Files\Common Files\ODBC
    2007-02-15 21:54:23 0 dr——- C:\Program Files<PROGRA~1>
    2007-02-15 21:54:23 0 d——– C:\Program Files\Common Files\SpeechEngines<SPEECH~1>
    2007-02-15 21:54:21 6144 -ra—— C:\WINDOWS\System32\kbdtuq.dll
    2007-02-15 21:54:21 6144 -ra—— C:\WINDOWS\System32\kbdtuf.dll
    2007-02-15 21:54:21 5632 -ra—— C:\WINDOWS\System32\kbdazel.dll
    2007-02-15 21:54:20 5632 -ra—— C:\WINDOWS\System32\kbdmon.dll
    2007-02-15 21:54:20 5632 -ra—— C:\WINDOWS\System32\kbdkyr.dll
    2007-02-15 21:54:18 8192 -ra—— C:\WINDOWS\System32\kbdhept.dll
    2007-02-15 21:54:18 6656 -ra—— C:\WINDOWS\System32\kbdhela3.dll
    2007-02-15 21:54:18 6144 -ra—— C:\WINDOWS\System32\kbdhela2.dll
    2007-02-15 21:54:18 5632 -ra—— C:\WINDOWS\System32\kbdhe319.dll
    2007-02-15 21:54:18 5632 -ra—— C:\WINDOWS\System32\kbdhe220.dll
    2007-02-15 21:54:18 5632 -ra—— C:\WINDOWS\System32\kbdhe.dll
    2007-02-15 21:54:18 6144 -ra—— C:\WINDOWS\System32\kbdgkl.dll
    2007-02-15 21:54:17 6144 -ra—— C:\WINDOWS\System32\kbdlv1.dll
    2007-02-15 21:54:17 6144 -ra—— C:\WINDOWS\System32\kbdlv.dll
    2007-02-15 21:54:17 5632 -ra—— C:\WINDOWS\System32\kbdlt1.dll
    2007-02-15 21:54:17 5632 -ra—— C:\WINDOWS\System32\kbdlt.dll
    2007-02-15 21:54:17 6144 -ra—— C:\WINDOWS\System32\kbdest.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\kbdycl.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\kbdsl1.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\kbdsl.dll
    2007-02-15 21:54:16 5632 -ra—— C:\WINDOWS\System32\kbdro.dll
    2007-02-15 21:54:16 5632 -ra—— C:\WINDOWS\System32\kbdpl1.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\kbdpl.dll
    2007-02-15 21:54:16 5632 -ra—— C:\WINDOWS\System32\kbdhu1.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\kbdhu.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\kbdcz2.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\kbdcz1.dll
    2007-02-15 21:54:16 7168 -ra—— C:\WINDOWS\System32\kbdcz.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\kbdcr.dll
    2007-02-15 21:54:16 6656 -ra—— C:\WINDOWS\System32\KBDAL.DLL
    2007-02-15 21:54:14 24661 –a—— C:\WINDOWS\System32\spxcoins.dll
    2007-02-15 21:54:14 13312 –a—— C:\WINDOWS\System32\irclass.dll
    2007-02-15 21:54:14 103936 –a—— C:\WINDOWS\System32\EqnClass.Dll
    2007-02-15 21:54:14 10496 –a—— C:\WINDOWS\System32\drivers\irenum.sys
    2007-02-15 21:54:14 86556 –a—— C:\WINDOWS\System32\dgsetup.dll
    2007-02-15 21:54:14 176157 –a—— C:\WINDOWS\System32\dgrpsetu.dll
    2007-02-15 21:54:13 9040 –a—— C:\WINDOWS\system\VER.DLL
    2007-02-15 21:54:13 19200 –a—— C:\WINDOWS\system\TAPI.DLL
    2007-02-15 21:54:13 5120 –a—— C:\WINDOWS\system\SHELL.DLL
    2007-02-15 21:54:13 24064 –a—— C:\WINDOWS\system\OLESVR.DLL
    2007-02-15 21:54:13 82944 –a—— C:\WINDOWS\system\OLECLI.DLL
    2007-02-15 21:54:13 126976 –a—— C:\WINDOWS\system\MSVIDEO.DLL
    2007-02-15 21:54:13 70352 –a—— C:\WINDOWS\system\MMSYSTEM.DLL
    2007-02-15 21:54:13 9936 –a—— C:\WINDOWS\system\LZEXPAND.DLL
    2007-02-15 21:54:13 33696 –a—— C:\WINDOWS\system\COMMDLG.DLL
    2007-02-15 21:54:12 15872 –a—— C:\WINDOWS\TASKMAN.EXE
    2007-02-15 21:54:12 6656 –a—— C:\WINDOWS\System32\batt.dll
    2007-02-15 21:54:12 109552 –a—— C:\WINDOWS\system\AVIFILE.DLL
    2007-02-15 21:54:12 70144 –a—— C:\WINDOWS\system\AVICAP.DLL
    2007-02-15 21:54:12 67072 –a—— C:\WINDOWS\NOTEPAD.EXE
    2007-02-15 21:54:11 72704 –a—— C:\WINDOWS\System32\storprop.dll
    2007-02-15 21:54:08 0 d–h—– C:\Documents and Settings\Default User\Sjablonen<SJABLO~1>
    2007-02-15 21:54:08 0 d–h—– C:\Documents and Settings\Default User\Onlangs geopend<ONLANG~1>
    2007-02-15 21:54:08 0 d–h—– C:\Documents and Settings\Default User\Netwerkprinteromgeving<NETWER~1>
    2007-02-15 21:54:08 0 d——– C:\Documents and Settings\Default User\Mijn documenten<MIJNDO~1>
    2007-02-15 21:54:08 0 dr——- C:\Documents and Settings\Default User\Menu Start<MENUST~1>
    2007-02-15 21:54:08 0 d——– C:\Documents and Settings\Default User\Favorieten<FAVORI~1>
    2007-02-15 21:54:08 0 d——– C:\Documents and Settings\Default User\Bureaublad<BUREAU~1>
    2007-02-15 21:54:08 0 d–h—– C:\Documents and Settings\All Users\Sjablonen<SJABLO~1>
    2007-02-15 21:54:08 0 dr——- C:\Documents and Settings\All Users\Menu Start<MENUST~1>
    2007-02-15 21:54:08 0 d——– C:\Documents and Settings\All Users\Favorieten<FAVORI~1>
    2007-02-15 21:54:08 0 dr——- C:\Documents and Settings\All Users\Documenten<DOCUME~1>
    2007-02-15 21:54:08 0 d——– C:\Documents and Settings\All Users\Bureaublad<BUREAU~1>
    2007-02-15 21:54:00 0 d——– C:\WINDOWS\System32\CatRoot2
    2007-02-15 21:54:00 0 d——– C:\WINDOWS\System32\CatRoot
    2007-02-15 21:53:40 0 d——– C:\Documents and Settings<DOCUME~1>
    2007-02-15 21:50:05 0 d——– C:\WINDOWS
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\WinSxS
    2007-02-15 21:50:05 0 dr——- C:\WINDOWS\Web
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\twain_32
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\system32
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\wins
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\wbem
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\usmt
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\spool
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\ShellExt
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\Setup
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\ras
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\oobe
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32
    pp
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\mui
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\inetsrv
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\IME
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\icsxml
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\ias
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\export
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\drivers
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\drivers\etc
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\drivers\disdn
    2007-02-15 21:50:05 0 dr-hs–c- C:\WINDOWS\System32\dllcache
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\dhcp
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\config
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\3com_dmi
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\3076
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\2052
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1054
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1043
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1042
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1041
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1037
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1033
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1031
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1028
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\System32\1025
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\system
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\security
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\Resources<RESOUR~1>
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\repair
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\mui
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\msapps
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\msagent
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\Media
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\java
    2007-02-15 21:50:05 0 d–h—– C:\WINDOWS\inf
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\ime
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\Help
    2007-02-15 21:50:05 0 dr–s—- C:\WINDOWS\Fonts
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\Driver Cache<DRIVER~1>
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\Debug
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\Cursors
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\Connection Wizard<CONNEC~1>
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\Config
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\AppPatch
    2007-02-15 21:50:05 0 d——– C:\WINDOWS\addins
    2007-02-15 21:29:10 0 d–h—– C:\Program Files\Common Files\tjd
    2007-02-15 21:26:29 0 d——– C:\Documents and Settings\Rive\Application Data\AdobeUM
    2007-02-15 21:26:25 0 d——– C:\Program Files\Common Files\Adobe
    2007-02-15 21:26:25 0 d——– C:\Documents and Settings\Rive\Application Data\Adobe
    2007-02-15 21:26:10 0 d——– C:\Documents and Settings\All Users\Application Data\Adobe
    2007-02-15 21:25:41 0 d——– C:\WINDOWS\Cache
    2007-02-15 21:20:43 40960 -ra—— C:\WINDOWS\System32\drivers\fetnd5b.sys
    2007-02-15 21:05:06 0 d–hs—- C:\WINDOWS\Installer<INSTAL~1>
    2007-02-15 21:04:58 0 dr——- C:\Documents and Settings\Rive\Mijn documenten<MIJNDO~1>
    2007-02-15 21:04:58 0 dr——- C:\Documents and Settings\Rive\Menu Start<MENUST~1>
    2007-02-15 21:04:58 0 dr——- C:\Documents and Settings\Rive\Favorieten<FAVORI~1>
    2007-02-15 21:04:58 0 d——– C:\Documents and Settings\Rive\Bureaublad<BUREAU~1>
    2007-02-15 21:04:57 0 d–h—– C:\Documents and Settings\Rive\Sjablonen<SJABLO~1>
    2007-02-15 21:04:57 1572864 –a—— C:\Documents and Settings\Rive\NTUSER.DAT
    2007-02-15 21:04:57 0 d–h—– C:\Documents and Settings\Rive\Netwerkprinteromgeving<NETWER~1>
    2007-02-15 21:04:27 0 d——– C:\WINDOWS\Prefetch
    2007-02-15 20:59:34 0 d——– C:\WINDOWS\System32\xircom
    2007-02-15 20:59:34 0 d——– C:\Program Files\microsoft frontpage<MICROS~1>
    2007-02-15 20:59:32 229376 —h—– C:\Documents and Settings\Default User\NTUSER.DAT
    2007-02-15 20:59:25 112128 –a—— C:\WINDOWS\System32\mapi32.dll
    2007-02-15 20:59:02 0 d–hs—- C:\Documents and Settings\All Users\DRM
    2007-02-15 20:58:57 0 dr——- C:\WINDOWS\Offline Web Pages<OFFLIN~1>
    2007-02-15 20:58:57 0 d—s—- C:\WINDOWS\Downloaded Program Files<DOWNLO~1>
    2007-02-15 20:58:40 0 d——– C:\WINDOWS\System32\DirectX
    2007-02-15 20:58:21 40960 –a—— C:\WINDOWS\System32\safrslv.dll
    2007-02-15 20:58:21 26624 –a—— C:\WINDOWS\System32\safrdm.dll
    2007-02-15 20:58:21 39424 –a—— C:\WINDOWS\System32\safrcdlg.dll
    2007-02-15 20:58:21 33792 –a—— C:\WINDOWS\System32\racpldlg.dll
    2007-02-15 20:58:21 11264 –a—— C:\WINDOWS\System32\atrace.dll
    2007-02-15 20:58:13 12288 –a—— C:\WINDOWS\System32
    mevtmsg.dll
    2007-02-15 20:58:13 32768 –a—— C:\WINDOWS\System32\mnmsrvc.exe
    2007-02-15 20:58:13 28672 –a—— C:\WINDOWS\System32\isrdbg32.dll
    2007-02-15 20:58:12 67584 –a—— C:\WINDOWS\System32\acctres.dll
    2007-02-15 20:58:11 49664 –a—— C:\WINDOWS\System32\inetres.dll
    2007-02-15 20:58:09 0 d—s—- C:\WINDOWS\Tasks
    2007-02-15 20:58:09 81920 –a—— C:\WINDOWS\System32\isign32.dll
    2007-02-15 20:58:09 270336 –a—— C:\WINDOWS\System32\inetcfg.dll
    2007-02-15 20:58:09 61440 –a—— C:\WINDOWS\System32\icwphbk.dll
    2007-02-15 20:58:09 69632 –a—— C:\WINDOWS\System32\icwdial.dll
    2007-02-15 20:58:09 16384 –a—— C:\WINDOWS\System32\icfgnt5.dll
    2007-02-15 20:58:07 0 d——– C:\Program Files\Common Files\MSSoap
    2007-02-15 20:58:04 0 d——– C:\WINDOWS\srchasst
    2007-02-15 20:58:03 17408 –a—— C:\WINDOWS\System32\qmgrprxy.dll
    2007-02-15 20:58:03 17408 –a—— C:\WINDOWS\System32\qmgrprxy(2).dll<QMGRPR~1.DLL>
    2007-02-15 20:58:03 223232 –a—— C:\WINDOWS\System32\qmgr.dll
    2007-02-15 20:58:03 0 d——– C:\WINDOWS\System32\Macromed
    2007-02-15 20:58:02 0 d——– C:\Program Files\Movie Maker<MOVIEM~1>
    2007-02-15 20:57:59 158720 –a—— C:\WINDOWS\System32\srsvc.dll
    2007-02-15 20:57:59 228352 –a—— C:\WINDOWS\System32\srrstr.dll
    2007-02-15 20:57:59 63488 –a—— C:\WINDOWS\System32\srclient.dll
    2007-02-15 20:57:59 0 d——– C:\WINDOWS\System32\Restore
    2007-02-15 20:57:59 73728 –a—— C:\WINDOWS\System32\ils.dll
    2007-02-15 20:57:59 69248 –a—— C:\WINDOWS\System32\drivers\sr.sys
    2007-02-15 20:57:59 0 d——– C:\WINDOWS\PCHealth
    2007-02-15 20:57:58 24576 –a—— C:\WINDOWS\System32
    mmkcert.dll
    2007-02-15 20:57:58 65536 –a—— C:\WINDOWS\System32\msconf.dll
    2007-02-15 20:57:58 32256 –a—— C:\WINDOWS\System32\mnmdd.dll
    2007-02-15 20:57:57 81408 –a—— C:\WINDOWS\System32\msoert2.dll
    2007-02-15 20:57:57 228864 –a—— C:\WINDOWS\System32\msoeacct.dll
    2007-02-15 20:57:56 587776 –a—— C:\WINDOWS\System32\inetcomm.dll
    2007-02-15 20:57:55 160256 –a—— C:\WINDOWS\System32\schedsvc.dll
    2007-02-15 20:57:55 9728 –a—— C:\WINDOWS\System32\mstinit.exe
    2007-02-15 20:57:55 253952 –a—— C:\WINDOWS\System32\mstask.dll
    2007-02-15 20:57:51 21748 –a—— C:\WINDOWS\System32\emptyregdb.dat<EMPTYR~1.DAT>
    2007-02-15 20:57:46 0 d——– C:\WINDOWS\Registration<REGIST~1>
    2007-02-15 20:57:31 0 d–h—– C:\Program Files\WindowsUpdate<WINDOW~3>
    2007-02-15 20:57:31 0 d——– C:\Program Files\Online Services<ONLINE~1>
    2007-02-15 20:57:29 0 d——– C:\Program Files\Messenger<MESSEN~1>
    2007-02-15 20:57:25 5632 –a—— C:\WINDOWS\System32\write.exe
    2007-02-15 20:57:25 0 d——– C:\Program Files\MSN Gaming Zone<MSNGAM~1>
    2007-02-15 20:57:19 139264 –a—— C:\WINDOWS\System32\sndvol32.exe
    2007-02-15 20:57:19 125440 –a—— C:\WINDOWS\System32\sndrec32.exe
    2007-02-15 20:57:19 495616 –a—— C:\WINDOWS\System32\hypertrm.dll
    2007-02-15 20:57:19 44544 –a—— C:\WINDOWS\System32\hticons.dll
    2007-02-15 20:57:19 73216 –a—— C:\WINDOWS\System32\avwav.dll
    2007-02-15 20:57:19 233472 –a—— C:\WINDOWS\System32\avtapi.dll
    2007-02-15 20:57:19 16384 –a—— C:\WINDOWS\System32\avmeter.dll
    2007-02-15 20:57:19 182784 –a—— C:\WINDOWS\System32\accwiz.exe
    2007-02-15 20:57:18 35840 –a—— C:\WINDOWS\System32\winchat.exe
    2007-02-15 20:57:14 119808 –a—— C:\WINDOWS\System32\winmine.exe
    2007-02-15 20:57:14 57344 –a—— C:\WINDOWS\System32\sol.exe
    2007-02-15 20:57:14 662528 –a—— C:\WINDOWS\System32\getuname.dll
    2007-02-15 20:57:14 80896 –a—— C:\WINDOWS\System32\charmap.exe
    2007-02-15 20:57:14 114688 –a—— C:\WINDOWS\System32\calc.exe
    2007-02-15 20:57:13 1161 –a—— C:\WINDOWS\System32\usrlogon.cmd
    2007-02-15 20:57:13 17920 –a—— C:\WINDOWS\System32\tsshutdn.exe
    2007-02-15 20:57:13 16384 –a—— C:\WINDOWS\System32\tskill.exe
    2007-02-15 20:57:13 15360 –a—— C:\WINDOWS\System32\tsdiscon.exe
    2007-02-15 20:57:13 15360 –a—— C:\WINDOWS\System32\tscon.exe
    2007-02-15 20:57:13 15360 –a—— C:\WINDOWS\System32\shadow.exe
    2007-02-15 20:57:13 16384 –a—— C:\WINDOWS\System32\rwinsta.exe
    2007-02-15 20:57:13 9728 –a—— C:\WINDOWS\System32\reset.exe
    2007-02-15 20:57:13 33792 –a—— C:\WINDOWS\System32\regini.exe
    2007-02-15 20:57:13 61952 –a—— C:\WINDOWS\System32\rdshost.exe
    2007-02-15 20:57:13 4608 –a—— C:\WINDOWS\System32\rdpcfgex.dll
    2007-02-15 20:57:13 23040 –a—— C:\WINDOWS\System32\qwinsta.exe
    2007-02-15 20:57:13 128000 –a—— C:\WINDOWS\System32\mshearts.exe
    2007-02-15 20:57:13 55808 –a—— C:\WINDOWS\System32\freecell.exe
    2007-02-15 20:57:13 20232 –a—— C:\WINDOWS\System32\drivers\tdtcp.sys
    2007-02-15 20:57:13 11144 –a—— C:\WINDOWS\System32\drivers\tdpipe.sys
    2007-02-15 20:57:12 9728 –a—— C:\WINDOWS\System32\xolehlp.dll
    2007-02-15 20:57:12 18944 –a—— C:\WINDOWS\System32\qprocess.exe
    2007-02-15 20:57:12 17408 –a—— C:\WINDOWS\System32\qappsrv.exe
    2007-02-15 20:57:12 83968 –a—— C:\WINDOWS\System32\mtxoci.dll
    2007-02-15 20:57:12 83968 –a—— C:\WINDOWS\System32\mtxoci(3).dll<MTXOCI~2.DLL>
    2007-02-15 20:57:12 83968 –a—— C:\WINDOWS\System32\mtxoci(2).dll<MTXOCI~1.DLL>
    2007-02-15 20:57:12 22016 –a—— C:\WINDOWS\System32\msg.exe
    2007-02-15 20:57:12 151040 –a—— C:\WINDOWS\System32\msdtcuiu.dll
    2007-02-15 20:57:12 869376 –a—— C:\WINDOWS\System32\msdtctm.dll
    2007-02-15 20:57:12 54784 –a—— C:\WINDOWS\System32\msdtclog.dll
    2007-02-15 20:57:12 6144 –a—— C:\WINDOWS\System32\msdtc.exe
    2007-02-15 20:57:12 15360 –a—— C:\WINDOWS\System32\logoff.exe
    2007-02-15 20:57:12 15872 –a—— C:\WINDOWS\System32\cdmodem.dll
    2007-02-15 20:57:11 25088 –a—— C:\WINDOWS\System32\mtxlegih.dll
    2007-02-15 20:57:11 4096 –a—— C:\WINDOWS\System32\mtxex.dll
    2007-02-15 20:57:11 20480 –a—— C:\WINDOWS\System32\mtxdm.dll
    2007-02-15 20:57:11 5120 –a—— C:\WINDOWS\System32\dcomcnfg.exe
    2007-02-15 20:57:11 82432 –a—— C:\WINDOWS\System32\comrepl.dll
    2007-02-15 20:57:11 25600 –a—— C:\WINDOWS\System32\comaddin.dll
    2007-02-15 20:57:11 56832 –a—— C:\WINDOWS\System32\colbact.dll
    2007-02-15 20:57:11 56832 –a—— C:\WINDOWS\System32\colbact(3).dll<COLBAC~2.DLL>
    2007-02-15 20:57:10 54272 –a—— C:\WINDOWS\System32\stclient.dll
    2007-02-15 20:57:10 495616 –a—— C:\WINDOWS\System32\comuid.dll
    2007-02-15 20:57:10 147456 –a—— C:\WINDOWS\System32\comsnap.dll
    2007-02-15 20:57:10 468480 –a—— C:\WINDOWS\System32\clbcatq.dll
    2007-02-15 20:57:10 468480 –a—— C:\WINDOWS\System32\clbcatq(3).dll<CLBCAT~2.DLL>
    2007-02-15 20:57:10 100864 –a—— C:\WINDOWS\System32\clbcatex.dll
    2007-02-15 20:57:10 85504 –a—— C:\WINDOWS\System32\catsrvps.dll
    2007-02-15 20:57:10 215040 –a—— C:\WINDOWS\System32\catsrv.dll
    2007-02-15 20:57:10 215040 –a—— C:\WINDOWS\System32\catsrv(3).dll<CATSRV~3.DLL>
    2007-02-15 20:57:05 53248 –a—— C:\WINDOWS\System32\servdeps.dll
    2007-02-15 20:57:05 16896 –a—— C:\WINDOWS\System32\mmfutil.dll
    2007-02-15 20:57:05 178176 –a—— C:\WINDOWS\System32\cmprops.dll
    2007-02-15 20:57:02 117760 –a—— C:\WINDOWS\System32\mplay32.exe
    2007-02-15 20:57:02 0 d——– C:\Program Files\Windows NT<WINDOW~1>
    2007-02-15 20:57:01 9216 –a—— C:\WINDOWS\System32\wuauserv.dll
    2007-02-15 20:57:01 189952 –a—— C:\WINDOWS\System32\wuaueng.dll
    2007-02-15 20:57:01 141824 –a—— C:\WINDOWS\System32\wuauclt.exe
    2007-02-15 20:57:01 534528 –a—— C:\WINDOWS\System32\spider.exe
    2007-02-15 20:57:01 342528 –a—— C:\WINDOWS\System32\mspaint.exe
    2007-02-15 20:57:01 115976 –a—— C:\WINDOWS\System32\drivers\rdpwd.sys
    2007-02-15 20:57:01 99840 –a—— C:\WINDOWS\System32\clipbrd.exe
    2007-02-15 20:57:00 40960 –a—— C:\WINDOWS\System32\tscupgrd.exe
    2007-02-15 20:57:00 88576 –a—— C:\WINDOWS\System32\tscfgwmi.dll
    2007-02-15 20:57:00 202240 –a—— C:\WINDOWS\System32\termsrv.dll
    2007-02-15 20:57:00 130048 –a—— C:\WINDOWS\System32\sessmgr.exe
    2007-02-15 20:57:00 57344 –a—— C:\WINDOWS\System32\remotepg.dll
    2007-02-15 20:57:00 12288 –a—— C:\WINDOWS\System32\rdsaddin.exe
    2007-02-15 20:57:00 75912 –a—— C:\WINDOWS\System32\rdpwsx.dll
    2007-02-15 20:57:00 14848 –a—— C:\WINDOWS\System32\rdpsnd.dll
    2007-02-15 20:57:00 44032 –a—— C:\WINDOWS\System32\rdpclip.exe
    2007-02-15 20:57:00 135680 –a—— C:\WINDOWS\System32\rdchost.dll
    2007-02-15 20:57:00 598016 –a—— C:\WINDOWS\System32\mstscax.dll
    2007-02-15 20:57:00 393728 –a—— C:\WINDOWS\System32\mstsc.exe
    2007-02-15 20:56:59 359936 –a—— C:\WINDOWS\System32\msdtcprx.dll
    2007-02-15 20:56:59 0 d——– C:\WINDOWS\System32\MsDtc
    2007-02-15 20:56:59 9216 –a—— C:\WINDOWS\System32\icaapi.dll
    2007-02-15 20:56:59 0 d——– C:\WINDOWS\System32\Com
    2007-02-15 20:56:59 33280 –a—— C:\WINDOWS\System32\cfgbkend.dll
    2007-02-15 20:56:59 582656 –a—— C:\WINDOWS\System32\catsrvut.dll
    2007-02-15 20:56:59 582656 –a—— C:\WINDOWS\System32\catsrvut(3).dll<CATSRV~4.DLL>
    2007-02-15 20:56:58 1172992 –a—— C:\WINDOWS\System32\comsvcs.dll
    2007-02-15 20:56:58 1172992 –a—— C:\WINDOWS\System32\comsvcs(3).dll<COMSVC~2.DLL>
    2007-02-15 20:56:56 57856 –a—— C:\WINDOWS\System32\licwmi.dll
    2007-02-15 20:56:53 38024 –a—— C:\WINDOWS\System32\drivers\termdd.sys
    2007-02-15 20:56:53 182400 –a—— C:\WINDOWS\System32\drivers\rdpdr.sys
    2007-02-12 12:07:49 0 d——– C:\epson
    2007-02-10 02:53:43 0 d–hs—- C:\RECYCLER
    2007-02-10 01:35:35 0 d——– C:\62cfec6ecc6b4e67026ba8<62CFEC~1>
    2007-02-09 23:41:53 0 d–hs—- C:\System Volume Information<SYSTEM~1>
    2007-02-09 23:38:51 0 -rahs—- C:\MSDOS.SYS
    2007-02-09 23:38:51 0 -rahs—- C:\IO.SYS
    2007-02-09 23:38:51 0 –a—— C:\CONFIG.SYS
    2007-02-09 23:38:51 0 –a—— C:\AUTOEXEC.BAT
    2007-02-01 05:56:06 823296 –a—— C:\WINDOWS\System32\divx_xx07.dll<DIVX_X~2.DLL>
    2007-02-01 05:56:05 802816 –a—— C:\WINDOWS\System32\divx_xx11.dll<DIVX_X~3.DLL>
    2007-02-01 05:56:05 823296 –a—— C:\WINDOWS\System32\divx_xx0c.dll<DIVX_X~1.DLL>
    2007-02-01 05:56:04 639066 –a—— C:\WINDOWS\System32\DivX.dll
    2007-01-31 22:27:01 524288 –a—— C:\WINDOWS\System32\DivXsm.exe
    2007-01-31 00:15:10 118784 –a—— C:\WINDOWS\System32\DivXCodecUpdateChecker.exe<DIVXCO~1.EXE>
    2007-01-30 06:03:40 3596288 –a—— C:\WINDOWS\System32\qt-dx331.dll
    2007-01-30 06:03:26 200704 –a—— C:\WINDOWS\System32\ssldivx.dll
    2007-01-30 06:03:26 1044480 –a—— C:\WINDOWS\System32\libdivx.dll
    2007-01-30 05:56:56 196608 –a—— C:\WINDOWS\System32\dtu100.dll
    2007-01-30 05:56:56 73728 –a—— C:\WINDOWS\System32\dpl100.dll
    2007-01-30 05:56:54 53248 –a—— C:\WINDOWS\System32\dpuGUI10.dll
    2007-01-30 05:56:52 57344 –a—— C:\WINDOWS\System32\dpv11.dll
    2007-01-30 05:56:52 344064 –a—— C:\WINDOWS\System32\dpus11.dll
    2007-01-30 05:56:52 593920 –a—— C:\WINDOWS\System32\dpuGUI11.dll
    2007-01-30 05:56:52 294912 –a—— C:\WINDOWS\System32\dpu11.dll
    2007-01-30 05:56:52 294912 –a—— C:\WINDOWS\System32\dpu10.dll


    – Find3M Report —————————————————————-

    2007-02-23 21:54:28 0 d—s—- C:\Documents and Settings\Rive\Application Data\Microsoft<MICROS~1>
    2007-02-23 01:40:30 0 d——– C:\Documents and Settings\Rive\Application Data\Mozilla
    2007-02-16 02:00:46 364940 –a—— C:\WINDOWS\System32\perfh013.dat
    2007-02-16 02:00:46 54028 –a—— C:\WINDOWS\System32\perfc013.dat
    2007-02-16 01:56:45 17408 –a—— C:\WINDOWS\System32\tftp.exe
    2007-02-16 01:56:45 43008 –a—— C:\WINDOWS\System32\ftp.exe
    2007-02-15 23:17:08 0 d——– C:\Documents and Settings\Rive\Application Data\Macromedia<MACROM~1>
    2007-02-15 21:54:08 62 –ahs—- C:\Documents and Settings\Rive\Application Data\desktop.ini
    2007-02-15 21:26:37 134656 –a—— C:\WINDOWS\System32\sfc_os.dll
    2007-02-15 21:05:04 0 d——– C:\Documents and Settings\Rive\Application Data\Identities<IDENTI~1>
    2006-12-12 17:24:42 12288 –a—— C:\WINDOWS\System32\DivXWMPExtType.dll<DIVXWM~1.DLL>


    – Registry Dump —————————————————————-


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "Steam"="C:\\Program Files\\Valve\\Steam\Steam.exe -silent"


    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0



    – End of ComboScan: finished at 2007-02-24 at 00:22:34 ————————-





  • wow, hier dus een echte expert, thx 8)

    Ik zie dat deze weg zijn nu:

    [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e7fc742-bd35-11db-b616-806d6172696f}]
    Shell\AutoRun\command N:\AUTORUN.EXE

    [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e7fc743-bd35-11db-b616-806d6172696f}]
    Shell\AutoRun\command O:\Menu95.exe

    Volgens mij is me comp. clean nu, kan ik eindelijk die windows updates erop gooien want eerst lukte dat niet zonder me windows te vern–ken.

    ik wacht eerst nog even op de chef voor een bevestiging :D
  • Het HijackThis logje dat in Comboscan staat is te kort, als er bepaalde programma's problemen geven zou ik die opnieuw installeren.
    Als je zelf ooit al eens regels gefixt hebt met HijackThis, zet deze dan via de backups eens terug.

    Doe daarna dit eens:

    1. Download ATF cleaner (gemaakt door Atribune)
    Dubbelklik op ATF cleaner om het programma te starten.
    Op het tabblad "Main", plaats je een vinkje bij [b:8e86fd62bb]Select All[/b:8e86fd62bb].
    Klik op de knop [b:8e86fd62bb]Empty Selected[/b:8e86fd62bb].

    Het volgende doen als je ook FireFox als browser hebt:
    Klik op tabblad "Firefox", plaats een vinkje bij [b:8e86fd62bb]Select All[/b:8e86fd62bb].
    Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    (dit haalt het vinkje weer weg bij "Firefox saved passwords";)
    Klik op de knop [b:8e86fd62bb]Empty Selected[/b:8e86fd62bb].

    Het volgende doen als je ook Opera als browser hebt:
    Klik op tabblad "Opera", plaats een vinkje bij [b:8e86fd62bb]Select All[/b:8e86fd62bb].
    Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    Klik op de knop [b:8e86fd62bb]Empty Selected[/b:8e86fd62bb].
    Ga naar het tabblad "Main" en klik op de knop [b:8e86fd62bb]Exit[/b:8e86fd62bb] om het programma af te sluiten.

    2. Download [b:8e86fd62bb]Dr.Web CureIt[/b:8e86fd62bb] naar je bureaublad:
    ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

    3. Start de computer in veilige modus.

    4. Dubbelklik [b:8e86fd62bb]drweb-cureit.exe[/b:8e86fd62bb] en sta het toe om de express scan te starten.
    Dit zal de bestanden scannen die momenteel in het geheugen geladen zijn en wanneer er iets gevonden wordt, klik de Yes to all knop bij de vraag 'cure it?'. Dit is enkel een korte scan.
    Eenmaal de korte scan is beeïndigd, Klik [b:8e86fd62bb]Options[/b:8e86fd62bb] > Change Settings
    Kies de "Scan"-tab en verwijder het vinkje bij "Heuristic analyse"
    Terug in het hoofdvenster kan je de drives selecteren die je wilt laten scannen.
    Selecteer hier alle drives. Een rood bolletje zal dan tevoorschijn komen op de drives die je laat scannen.
    Klik daarna de [b:8e86fd62bb]groene pijl[/b:8e86fd62bb] rechts om de scan te starten.
    Klik 'Yes to all' wanneer er gevraagd wordt om cure of move uit te voeren.
    Wanneer de scan gedaan is, kijk of je volgende icoontje kan aanklikken dat staat naast hetgeen gevonden werd: [img:8e86fd62bb]http://users.telenet.be/bluepatchy/miekiemoes/images/check.gif[/img:8e86fd62bb]
    Indien wel, klik erop en daarna klik op het icoontje er net onder en kies: [b:8e86fd62bb]Move incurable[/b:8e86fd62bb] zoals je zal zien in volgende afbeelding:
    [img:8e86fd62bb]http://users.telenet.be/bluepatchy/miekiemoes/images/move.gif[/img:8e86fd62bb]
    Dit zal de bestanden verplaatsen naar volgende map %userprofile%\DoctorWeb\quarantaine-folder indien het niet gedesinfecteerd kan worden. (dit in het geval dat we samples nodig hebben)
    Na bovenstaande te selecteren, in het menu bovenaan van Dr.Web CureIt, klik [b:8e86fd62bb]file[/b:8e86fd62bb] en kies [b:8e86fd62bb]save report list[/b:8e86fd62bb]. Bewaar de log op je bureaublad.
    Sluit daarna Dr.Web Cureit.

    5. [b:8e86fd62bb]Herstart[/b:8e86fd62bb] je computer in normale modus!! Belangrijke stap, want het kan zijn dat Dr.Web Cureit bestanden zal verplaatsen/verwijderen tijdens herstart.
    Na het herstarten, Kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post tesamen met een logje van Hijackthis ;)
  • Hij loopt steeds vast aan het eind van de scan :(

    Hij vindt 1 vurus in c:windows. Dan maar stoppen nadat ik hem gevonden heb?
  • Hier alleen een scan van windows met 1 trojan ivm met vastlopen

    Hjackthis:

    Logfile of HijackThis v1.99.1
    Scan saved at 14:32:45, on 24-2-2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Valve\Steam\Steam.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\HijackThis\HijackThis.exe

    O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1172274525812
    O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

    En de log van DRWeb:

    xlibgfl254.dll;C:\WINDOWS\system32;Probably DLOADER.Trojan;Incurable.Moved.;
  • Werkt Norton nog goed?

    Anders kan je deze beter opnieuw installeren.
  • Dat is alleen anti spam van Northon. Ik weet niet waar dat goed voor is behalve als pop-up blocker.

    Ik ga de windows updates maar weer proberen te installeren. Bedankt Smeenk
  • Laat maar weten of dat lukt :)
  • Nee :(

    zelfs een complete reinstall van me schrijf C heeft niet geholpen. Of is er een betere manier van formateren?

    Ik kijk nog wel even wat ik ga doen, misschien dan maar zon computer expert inschakelen die langs komt
  • Net kreeg ik weer zo'n error in win32 Host processing ofziets. Net een nieuwe scan gedaan in veilige modus zoals Smeenk vermelde en hij herkende 197 geinfecteerde bestanden :o ik ben er dus niet echt op vooruit gegaan :P

    hier nog ff een logje van hoe die nu is @ Hjackthis

    Logfile of HijackThis v1.99.1
    Scan saved at 21:50:57, on 24-2-2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\System32\iexploler.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [Services] C:\WINDOWS\System32\iexploler.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
  • Probeer nod32 eens? Een snelle acurate virus & malware scanner. Je kunt bijvoorbeeld hier een probeerversie downloaden of gelijk aanschaffen…
  • Download Killbox naar je bureaublad.
    Alternatieve download.
    Klik op killbox.exe.
    Selecteer de optie "[b:c54ab06579]Delete on reboot[/b:c54ab06579]".
    In het veld "Full Path of File to Delete" kopieer en plak je het volgende:

    [b:c54ab06579]C:\WINDOWS\System32\iexploler.exe[/b:c54ab06579]

    Klik op de knop: [b:c54ab06579]single file[/b:c54ab06579] (!Belangrijk!)

    Daarna, Klik op de rode cirkel met het wit kruisje erin.
    Killbox zal zeggen dat deze file zal verwijderd worden on reboot.. vraagt om nu te rebooten. Klik YES.

    Je pc moet nu rebooten.

    Doe na de herstart het volgende:
    Start HijackThis nog een keer, kies voor "Do a system scan only" en plaats alleen een vinkje voor de volgende regels:
    [b:c54ab06579]O4 - HKLM\..\Run: [Services] C:\WINDOWS\System32\iexploler.exe
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm[/b:c54ab06579]
    Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af.

    Download dit bestand, iefix.exe
    Dubbelklik op iefix.exe en voer het programma uit.

    Probeer ook deze IEFIX eens: http://windowsxp.mvps.org/IEFIX.htm
    Mogelijk wordt gevraagd om je Windows installatieCD.

    Meldt of dit verbetering geeft ;)
  • Logfile of HijackThis v1.99.1
    Scan saved at 12:33:52, on 26-2-2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\RunDll32.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Steam\Steam.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\System32\msiexec.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\Plugins\RazaWebHook.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1172355277078
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1172355271421

    Hier een nieuw logje.

    Ik weet eigenlijk pas of het een verbetering is als ik die updates heb geinstalleerd, maar zo niet dan ben ik weer de sigaar :x

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.