Vraag & Antwoord

Beveiliging & privacy

Virus check en advertisement pop-ups.

Anoniem
None
40 antwoorden
  • Nou ik heb het wel 10 keer geprobeerd, oude weggooien en nieuwe installeren maar het lukt me echt niet, is er geen andere manier om mij te helpen dan?? Ik wil natuurlijk wel dat virus eraf hebben.

    Ik hhop dat jullie me nog wel verder kunnen helpen.

    Groetjes

    RocX
  • In de laatste versies van ComboFix, zou het probleem moeten opgelost zijn.
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Nou, toen ik de nieuwe ComboFix opstartte dacht ik even dat het weer fout zou gaan, want hij kon het bestand [b:988ff08064]REGT[/b:988ff08064] niet vinden, maar toen ging hij tog door en kwam bij het venster.

    TYP 1 om door te gaan en 2 voor sluiten o.i.d.

    Ik heb 1 gedrukt en hij ging vrolijk scannen en later gaf hij weer iets aan met het bestand [b:988ff08064]REGT[/b:988ff08064].

    Hier het logje:

    ComboFix 07-10-07.1 - Daan 2007-10-07 11:36:52.1 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.201 [GMT 2:00]
    Gestart vanuit: C:\Documents and Settings\Daan\Bureaublad\ComboFix.exe
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\check_LSA7.txt
    C:\Documents and Settings\Britta\Bureaublad\internet.lnk
    C:\Documents and Settings\Britta\err.log
    C:\Documents and Settings\Daan\Application Data\CURITY~1
    C:\Documents and Settings\Daan\Application Data\YMANTE~1
    C:\Documents and Settings\Daan\Bureaublad\internet.lnk
    C:\Documents and Settings\Daan\err.log
    C:\Documents and Settings\Daan\Menu Start\Programma's\Outerinfo
    C:\Documents and Settings\Daan\Menu Start\Programma's\Outerinfo\Terms.lnk
    C:\Documents and Settings\Daan\Menu Start\Programma's\Outerinfo\Uninstall.lnk
    C:\Documents and Settings\Daan\Mijn documenten\ICROSO~1.NET
    C:\Documents and Settings\Daan\Mijn documenten\STEM32~1
    C:\Documents and Settings\Niels\Application Data\CROSOF~1.NET
    C:\Documents and Settings\Niels\Application Data\macromedia\Flash Player\#SharedObjects\WCVFU3R7\www.broadcaster.com
    C:\Documents and Settings\Niels\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
    C:\Documents and Settings\Niels\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
    C:\Documents and Settings\Niels\Application Data\SSTEM~1
    C:\Documents and Settings\Niels\Application Data\SSTEM~1\csrss.exe
    C:\Documents and Settings\Niels\Application Data\TSKS~1
    C:\Documents and Settings\Niels\Bureaublad\internet.lnk
    C:\Documents and Settings\Niels\err.log
    C:\Documents and Settings\Niels\Menu Start\Programma's\Outerinfo
    C:\Documents and Settings\Niels\Menu Start\Programma's\Outerinfo\Terms.lnk
    C:\Documents and Settings\Niels\Menu Start\Programma's\Outerinfo\Uninstall.lnk
    C:\Documents and Settings\Niels\Mijn documenten\CROSOF~1.NET
    C:\Documents and Settings\Niels\Mijn documenten\MCROSO~1
    C:\Documents and Settings\Niels\Mijn documenten\SCURIT~1
    C:\Documents and Settings\Niels\Mijn documenten\SSTEM~1
    C:\Documents and Settings\Niels\Mijn documenten\TSKS~1
    C:\Documents and Settings\Reinier\Bureaublad\internet.lnk
    C:\Documents and Settings\Reinier\err.log
    C:\Program Files\Common Files\sstem~1
    C:\Program Files\Common Files\sstem~1\r?gedit.exe
    C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe
    C:\Program Files\mantec~1
    C:\Program Files\MSN Gaming Zone\lavunagiv.dll
    C:\Program Files\MSN Gaming Zone\lavunagiv157.dll
    C:\Program Files\MSN Gaming Zone\lavunagiv219.dll
    C:\Program Files\MSN Gaming Zone\lavunagiv238.dll
    C:\Program Files\MSN Gaming Zone\lavunagiv246.dll
    C:\Program Files\MSN Gaming Zone\lavunagiv401.dll
    C:\Program Files\MSN Gaming Zone\lavunagiv44.dll
    C:\Program Files\MSN Gaming Zone\lavunagiv454.dll
    C:\Program Files\MSN Gaming Zone\lavunagiv498.dll
    C:\Program Files\MSN Gaming Zone\lavunagiv648.dll
    C:\Program Files\MSN Gaming Zone\lavunagiv863.dll
    C:\Program Files\MSN Gaming Zone\lavunagiv945.dll
    C:\Program Files\MSN Gaming Zone\lavunagivNaN.dll
    C:\Program Files\MSN Messenger\msimg32.dll
    C:\Program Files\outerinfo
    C:\Program Files\outerinfo\OiUninstaller.exe
    C:\Program Files\outerinfo\outerinfo.ico
    C:\Program Files\outerinfo\Terms.rtf
    C:\Program Files\TTC.dll
    C:\Program Files\ystem~1
    C:\Program Files\ystem~1\?ystem\
    C:\WINDOWS\b128.exe
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\fnts~1
    C:\WINDOWS\fnts~1\??chost.exe
    C:\WINDOWS\smbols~1
    C:\WINDOWS\system32\ahsrpais.exe
    C:\WINDOWS\system32\amuthcbw.exe
    C:\WINDOWS\system32\atmtd.dll._
    C:\WINDOWS\system32\f04WtR
    C:\WINDOWS\system32\f04WtR\f04WtR1080.exe
    C:\WINDOWS\system32\hsgqwlvp.ini
    C:\WINDOWS\system32\hxecglio.dll
    C:\WINDOWS\system32\ilnmp.bak1
    C:\WINDOWS\system32\ilnmp.bak1
    C:\WINDOWS\system32\ilnmp.bak2
    C:\WINDOWS\system32\ilnmp.bak2
    C:\WINDOWS\system32\ilnmp.ini
    C:\WINDOWS\system32\ilnmp.ini
    C:\WINDOWS\system32\ktltpfwn.exe
    C:\WINDOWS\system32\P2
    C:\WINDOWS\system32\P2\mid2dll.exe
    C:\WINDOWS\system32\pmnli.dll
    C:\WINDOWS\system32\pvlwqgsh.dll
    C:\WINDOWS\system32\rtljdpgu.exe
    C:\WINDOWS\system32\smqedbkg.exe
    C:\WINDOWS\system32\ssembl~1
    C:\WINDOWS\system32\ucnbxdiw.exe
    C:\WINDOWS\system32\wcpsvit.exe
    C:\WINDOWS\system32\yjhrkdds.dll
    D:\Autorun.inf

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


    ——-\LEGACY_CMDSERVICE
    ——-\LEGACY_COM+_MESSAGES
    ——-\LEGACY_DOMAINSERVICE
    ——-\COM+ Messages
    ——-\DomainService
    ——-\nm


    (((((((((((((((((((( Bestanden Gemaakt van 2007-09-07 to 2007-10-07 ))))))))))))))))))))))))))))))
    .

    2007-09-28 23:24 <DIR> d——– C:\VundoFix Backups
    2007-09-28 15:46 <DIR> d——– C:\Deckard
    2007-09-26 20:37 <DIR> d——– C:\Program Files\Jamdat
    2007-09-26 19:15 51,200 –a—— C:\WINDOWS\NirCmd.exe
    2007-09-25 22:20 <DIR> d——– C:\Program Files\Trend Micro
    2007-09-25 15:23 207 –a—— C:\Documents and Settings\Daan\2977.bat
    2007-09-25 07:52 207 –a—— C:\Documents and Settings\Daan\2813.bat
    2007-09-24 23:28 207 –a—— C:\Documents and Settings\Daan\4992.bat
    2007-09-24 23:28 <DIR> d——– C:\Program Files\Temporary
    2007-09-24 23:13 9,814 –a—— C:\WINDOWS\system32\app.exe
    2007-09-24 23:13 207 –a—— C:\WINDOWS\system32\9774.bat
    2007-09-24 23:13 109,585 –a—— C:\WINDOWS\system32\ps.exe
    2007-09-24 23:13 <DIR> d——– C:\WINDOWS\system32\UPC1
    2007-09-24 23:13 <DIR> d——– C:\WINDOWS\system32\Dr3
    2007-09-24 23:13 <DIR> d——– C:\Documents and Settings\LocalService\Application Data\NetMon
    2007-09-24 23:13 <DIR> d——– C:\Documents and Settings\LocalService\Application Data\NetMon
    2007-09-24 23:13 <DIR> d——– C:\Documents and Settings\LocalService\Application Data\NetMon
    2007-09-24 22:06 147,456 –a—— C:\WINDOWS\system32\vbzip10.dll
    2007-09-24 22:06 0 –a—— C:\WINDOWS\system32\taskkill.exe
    2007-09-23 21:07 225,280 –a—— C:\WINDOWS\system32\rewire.dll
    2007-09-23 21:07 <DIR> d——– C:\Program Files\VstPlugins
    2007-09-23 21:02 <DIR> d——– C:\Program Files\Image-Line
    2007-09-23 15:12 <DIR> d——– C:\Documents and Settings\Daan\Application Data\Syntrillium
    2007-09-23 14:42 4,608 –a—— C:\WINDOWS\system32\W95INF32.DLL
    2007-09-23 14:42 2,272 –a—— C:\WINDOWS\system32\W95INF16.DLL
    2007-09-23 10:18 <DIR> d——– C:\Program Files\Google
    2007-09-23 10:18 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Google Updater
    2007-09-20 17:55 <DIR> d——– C:\Documents and Settings\Niels\Application Data\Logitech
    2007-09-14 18:32 <DIR> d——– C:\Documents and Settings\Daan\Application Data\NCH Swift Sound
    2007-09-14 18:27 <DIR> d——– C:\Program Files\NCH Swift Sound
    2007-09-10 23:13 <DIR> d——– C:\Documents and Settings\Reinier\Application Data\Logitech

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-10-07 11:39 ——— d——– C:\Program Files\MSN Messenger
    2007-09-26 20:54 ——— d——– C:\Program Files\Microsoft ActiveSync
    2007-09-25 18:14 ——— d——– C:\Program Files\AdSponsorCL
    2007-09-25 16:56 86016 –a—— C:\eSetup.exe
    2007-09-10 22:20 ——— d——– C:\Program Files\LimeWire
    2007-09-05 15:42 ——— d——– C:\Program Files\Norton Security Scan
    2007-09-03 18:20 ——— d——– C:\Program Files\Common Files\Symantec Shared
    2007-09-03 17:34 ——— d——– C:\Program Files\Common Files\LogiShared
    2007-09-03 17:34 ——— d——– C:\Documents and Settings\Daan\Application Data\Logitech
    2007-09-03 17:34 ——— d——– C:\Documents and Settings\Daan\Application Data\Leadertech
    2007-09-03 17:33 0 –ah—– C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2007-09-03 17:33 0 –ah—– C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    2007-09-03 17:33 0 –ah—– C:\WINDOWS\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
    2007-09-03 17:32 ——— d——– C:\Program Files\Common Files\Logitech
    2007-09-03 17:31 ——— d–h—– C:\Program Files\InstallShield Installation Information
    2007-09-03 17:31 ——— d——– C:\Program Files\Logitech
    2007-09-03 17:31 ——— d——– C:\Documents and Settings\Daan\Application Data\InstallShield
    2007-09-03 17:31 ——— d——– C:\Documents and Settings\All Users\Application Data\Logitech
    2007-09-03 17:31 ——— d——– C:\Documents and Settings\All Users\Application Data\LogiShrd
    2007-08-15 23:10 ——— d——– C:\Program Files\MSXML 4.0
    2006-11-26 13:22 139489 –a—— C:\Documents and Settings\Niels\mc2.exe
    2006-11-21 20:34 206 ——— C:\Program Files\MNInetModule.log
    2006-11-21 20:34 194 ——— C:\Program Files\MNWMRM.log
    2005-08-02 14:46:54 187,904 –sha-r C:\WINDOWS\RGVuIFVpamw\asappsrv.dll
    2005-08-02 14:58:38 293,888 –sha-r C:\WINDOWS\RGVuIFVpamw\command.exe
    2005-07-29 14:24:26 472 –sha-r C:\WINDOWS\RGVuIFVpamw\l3pRKIpDuAT.vbs
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{554534D4-2C73-4A6E-8EC8-D4A37C30CEF4}]
    C:\Program Files\Internet Explorer\hoketof83122.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B403F9DE-5C4E-4149-808B-25855C446A89}]
    C:\Program Files\Internet Explorer\hoketof4444.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-10-06 15:16]
    "AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-04-10 17:44]
    "SpeedTouch USB Diagnostics"="C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2002-11-12 12:02]
    "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" []
    "nwiz"="nwiz.exe" [2003-10-06 15:16 C:\WINDOWS\system32\nwiz.exe]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-03-08 15:54]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" []
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14]
    "iTunesHelper"="D:\Britta\Itunes\iTunesHelper.exe" [2006-02-23 15:45]
    "CreateCD50"="C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" [2002-05-02 19:58]
    "McRegWiz"="C:\PROGRA~1\McAfee.com\Agent\mcregwiz.exe" []
    "VSOCheckTask"="c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" []
    "VirusScan Online"="c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" []
    "MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" []
    "MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\McUpdate.exe" []
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-12-31 13:55]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 15:32 C:\WINDOWS\KHALMNPR.Exe]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:03]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" []
    "Steam"="c:\program files\steam\steam.exe" []
    "SmartBarXP"="D:\Daan\Documenten\SmartBarXP\SmartBarXP.exe" []
    "Eyeball Chat"="C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" []
    "BitTorrent"="D:\Daan\Documenten\bittorrent.exe" []
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-23 10:18]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 18:34]
    "Adru"="C:\PROGRA~1\YSTEM~1\javaw.exe" []

    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
    Adobe Reader Snelle start.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
    Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-09-23 10:18:45]
    Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-09-03 17:32:07]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04]

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
    Source= C:\Program Files\MSN Gaming Zone\profsycyzyrt.html
    FriendlyName=

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkklkk]
    jkkklkk.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\qomnlmm]
    qomnlmm.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    "Notification Packages"= scecli scecli

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
    @=""

    R1 cdudf_xp;cdudf_xp;C:\WINDOWS\system32\drivers\cdudf_xp.sys
    R1 pwd_2k;pwd_2k;C:\WINDOWS\system32\drivers\pwd_2k.sys
    R1 UdfReadr_xp;UdfReadr_xp;C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
    R2 Devx;Devx;C:\WINDOWS\system32\drivers\Devx.sys
    R2 VtPr;VtPr;C:\WINDOWS\system32\drivers\VtPr.sys
    R3 mmc_2K;mmc_2K;C:\WINDOWS\system32\drivers\mmc_2K.sys
    S3 BRGSp50;BRGSp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\BRGSp50.sys
    S3 dvd_2K;dvd_2K;C:\WINDOWS\system32\drivers\dvd_2K.sys
    S3 hitmanpro2;Hitman Pro 2 Driver;\??\C:\Program Files\Hitman Pro\hitmanpro2.sys
    S3 NaiFiltr;NaiFiltr;C:\WINDOWS\system32\DRIVERS\NaiFiltr.sys
    S3 psquery;psquery;\??\C:\Program Files\psquery\psquery.sys
    S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4AFEB339-8F0B-469A-B2A2-87D2A8FA92BE}]
    c:\eSetup.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5Y99AE78-58TT-11dW-BE53-Y67078979Y}]
    C:\WINDOWS\system\sservice.exe
    .
    Inhoud van de 'Gedeelde Taken' map
    "2007-06-23 04:54:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-10-07 09:45:00 C:\WINDOWS\Tasks\Controle op updates door McAfee.com (WOONKAMER-Britta).job"
    - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    "2007-10-07 09:38:00 C:\WINDOWS\Tasks\Controle op updates door McAfee.com (WOONKAMER-Daan).job"
    - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    "2007-10-07 09:42:00 C:\WINDOWS\Tasks\Controle op updates door McAfee.com (WOONKAMER-Niels).job"
    - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    "2007-10-07 09:45:00 C:\WINDOWS\Tasks\Controle op updates door McAfee.com (WOONKAMER-Reinier).job"
    - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    "2007-10-05 18:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen - Reinier.job"
    - C:\PROGRA~1\NORTON~1\Navw32.exe
    .
    **************************************************************************

    catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-10-07 11:43:42
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    Voltooingstijd: 2007-10-07 11:45:38 - machine was rebooted
    C:\ComboFix-quarantined-files.txt … 2007-10-07 11:45
    .
    — E O F —
  • Maak een nieuwe hijackthislog en post deze.
  • Alstublieft:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:02:00, on 7-10-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    D:\Britta\Itunes\iTunesHelper.exe
    C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    C:\PROGRA~1\MICROS~4\rapimgr.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    D:\Britta\Ipod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.jvo.nl/dagelijksrooster.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {554534D4-2C73-4A6E-8EC8-D4A37C30CEF4} - C:\Program Files\Internet Explorer\hoketof83122.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O2 - BHO: (no name) - {B403F9DE-5C4E-4149-808B-25855C446A89} - C:\Program Files\Internet Explorer\hoketof4444.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Britta\Itunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [CreateCD50] "C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r
    O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\McAfee.com\Agent\mcregwiz.exe /autorun
    O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [SmartBarXP] D:\Daan\Documenten\SmartBarXP\SmartBarXP.exe
    O4 - HKCU\..\Run: [Eyeball Chat] "C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" -min
    O4 - HKCU\..\Run: [BitTorrent] "D:\Daan\Documenten\bittorrent.exe" –force_start_minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
    O4 - HKCU\..\Run: [Adru] "C:\PROGRA~1\YSTEM~1\javaw.exe" -vt ndrv
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
    O4 - Startup: Planet Internet ADSL.lnk = ?
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Mobiele favorieten maken… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1168462717453
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader4.cab
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
    O16 - DPF: {B0A2C7FC-8666-44D6-A990-2FCE3B933341} (ING Bank Autorisatiescherm) - https://secure.ingbank.nl/download/DigiSign.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O20 - Winlogon Notify: jkkklkk - jkkklkk.dll (file missing)
    O20 - Winlogon Notify: qomnlmm - qomnlmm.dll (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - D:\Britta\Ipod\bin\iPodService.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: SAVScan - Unknown owner - C:\Program Files\Norton AntiVirus\SAVScan.exe (file missing)
    O23 - Service: ScriptBlocking Service (SBService) - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (file missing)
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (file missing)
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
    O24 - Desktop Component 0: (no name) - C:\Program Files\MSN Gaming Zone\profsycyzyrt.html


    End of file - 12172 bytes
  • Sluit alle open vensters.
    Start HijackThis nog een keer en plaats een vinkje bij de volgende items:

    [b:37aabc75a3]O2 - BHO: (no name) - {554534D4-2C73-4A6E-8EC8-D4A37C30CEF4} - C:\Program Files\Internet Explorer\hoketof83122.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {B403F9DE-5C4E-4149-808B-25855C446A89} - C:\Program Files\Internet Explorer\hoketof4444.dll (file missing)
    O20 - Winlogon Notify: jkkklkk - jkkklkk.dll (file missing)
    O20 - Winlogon Notify: qomnlmm - qomnlmm.dll (file missing)
    O24 - Desktop Component 0: (no name) - C:\Program Files\MSN Gaming Zone\profsycyzyrt.html[/b:37aabc75a3]

    Klik daarna op "Fix checked" en sluit HijackThis af.


    Download ATF cleaner (gemaakt door Atribune)
    Dubbelklik op ATF cleaner om het programma te starten.
    In het venster "Main", plaats je een vinkje bij [b:37aabc75a3]Select All[/b:37aabc75a3].
    Klik op de knop [b:37aabc75a3]Empty Selected[/b:37aabc75a3].

    Gebruik je ook Firefox als browser:
    Klik op het tabblad "Firefox" en plaats een vinkje bij [b:37aabc75a3]Select All[/b:37aabc75a3].
    Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    (dit haalt het vinkje weer weg bij "Firefox saved passwords";)
    Klik op de knop [b:37aabc75a3]Empty Selected[/b:37aabc75a3].

    Gebruik je ook Opera als browser:
    Klik op het tabblad "Opera" en plaats een vinkje bij [b:37aabc75a3]Select All[/b:37aabc75a3].
    Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    Klik op de knop [b:37aabc75a3]Empty Selected[/b:37aabc75a3].

    Ga naar het menu "Main" en klik op de knop [b:37aabc75a3]Exit[/b:37aabc75a3] om het programma af te sluiten.


    Download [b:37aabc75a3]Dr.Web CureIt[/b:37aabc75a3] en plaats het op je bureaublad: [b:37aabc75a3]cureit.exe[/b:37aabc75a3].

    Dubbelklik op cureit.exe, en klik daarna op [b:37aabc75a3]Start[/b:37aabc75a3] om een snelle scan te laten uitvoeren.
    Dit zal de bestanden scannen die momenteel in het geheugen geladen zijn en wanneer er iets gevonden wordt, laat je CureIt dit repareren.
    - Verschijnt er een venster met een aanbieding tot kopen met 50% korting, dan klik je deze weg met het kruisje.
    Daarna zal het hoofdvenster zichtbaar worden.
    - Kies bovenaan in het menu voor [b:37aabc75a3]Taal[/b:37aabc75a3] en wijzig deze naar [b:37aabc75a3]Dutch(nederlands)[/b:37aabc75a3], indien deze bij jou anders staat ingesteld.
    - Kies daarna voor [b:37aabc75a3]Acties[/b:37aabc75a3] en stel het volgende in:
    Adware: [b:37aabc75a3]Verplaats[/b:37aabc75a3]
    Dialers: [b:37aabc75a3]Verplaats[/b:37aabc75a3]
    Jokes: [b:37aabc75a3]Rapportage[/b:37aabc75a3]
    Riskware: [b:37aabc75a3]Rapportage[/b:37aabc75a3]
    Hacktools: [b:37aabc75a3]Verplaats[/b:37aabc75a3]
    Haal dan het vinkje weg bij [b:37aabc75a3]Prompt bij actie[/b:37aabc75a3].
    Druk dan op [b:37aabc75a3]OK[/b:37aabc75a3].
    - Kies [b:37aabc75a3]Opties[/b:37aabc75a3] - [b:37aabc75a3]Instellingen veranderen[/b:37aabc75a3] en verwijder het vinkje bij [b:37aabc75a3]Heuristic analyse[/b:37aabc75a3].
    - Druk daarna op [b:37aabc75a3]OK[/b:37aabc75a3].

    Terug in het hoofdvenster kan je de drives selecteren die je wilt laten scannen.
    - Selecteer hier alle drives. Een rood bolletje zal dan tevoorschijn komen op de drives die je laat scannen.
    - Klik daarna op de [b:37aabc75a3]groene pijl[/b:37aabc75a3] rechts, om de scan te starten.
    Dit zal geïnfecteerde bestanden verplaatsen naar de volgende map %userprofile%\DoctorWeb\[b:37aabc75a3]Quarantine[/b:37aabc75a3]\ indien deze niet gedesinfecteerd kunnen worden.
    - Als de scan gereed is kies je bovenaan voor [b:37aabc75a3]Bestand[/b:37aabc75a3] - [b:37aabc75a3]Rapportagelijst opslaan[/b:37aabc75a3]. Bewaar de log van Dr.web CureIt op je bureaublad.
    - Sluit daarna Dr.Web Cureit.

    [b:37aabc75a3]Herstart je computer!![/b:37aabc75a3] Dit een belangrijke stap, want het kan zijn dat Dr.Web Cureit bestanden zal verplaatsen/verwijderen tijdens een herstart.
    Na het herstarten, Kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post.
    Post ook een nieuw logje van Hijackthis en van Combofix.
  • Dr. Web:

    eSetup.exe C:\ BackDoor.Slh Verwijderd.
    Program1 C:\ Trojan.PurityAd Niet repareerbaar.Verplaatst.
    !update.exe C:\Deckard\System Scanner\20070928234705\backup\DOCUME~1\Daan\LOCALS~1\Temp Trojan.DownLoader.22753 Verwijderd.
    setup_ares.exe C:\Documents and Settings\Niels\Mijn documenten\Mijn ontvangen bestanden Adware.NavHelper Verplaatst.
    backup-20070421-114725-526.dll C:\Program Files\Hijack This\backups Adware.Macfa Verplaatst.
    backup-20070421-114725-818.dll C:\Program Files\Hijack This\backups Adware.ClickSpring Verplaatst.
    backup-20070423-154747-744.dll C:\Program Files\Hijack This\backups Adware.ClickSpring Verplaatst.
    psquery.exe C:\Program Files\psquery Trojan.Click.2776 Verwijderd.
    csrss.exe.vir C:\qoobox\Quarantine\C\Documents and Settings\Niels\Application Data\SSTEM~1 Trojan.DownLoader.22753 Verwijderd.
    TTC.dll.vir C:\qoobox\Quarantine\C\Program Files Adware.Ttc Verplaatst.
    RGEDIT~1.VIR C:\qoobox\Quarantine\C\Program Files\Common Files\SSTEM~1 Trojan.PurityAd Verwijderd.
    lavunagiv.dll.vir C:\qoobox\Quarantine\C\Program Files\MSN Gaming Zone Trojan.StartPage.19992 Verwijderd.
    lavunagiv157.dll.vir C:\qoobox\Quarantine\C\Program Files\MSN Gaming Zone Trojan.StartPage.19992 Verwijderd.
    lavunagiv219.dll.vir C:\qoobox\Quarantine\C\Program Files\MSN Gaming Zone Trojan.StartPage.19992 Verwijderd.
    lavunagiv238.dll.vir C:\qoobox\Quarantine\C\Program Files\MSN Gaming Zone Trojan.StartPage.19992 Verwijderd.
    lavunagiv246.dll.vir C:\qoobox\Quarantine\C\Program Files\MSN Gaming Zone Trojan.StartPage.19992 Verwijderd.
    lavunagiv401.dll.vir C:\qoobox\Quarantine\C\Program Files\MSN Gaming Zone Trojan.StartPage.19992 Verwijderd.
    lavunagiv44.dll.vir C:\qoobox\Quarantine\C\Program Files\MSN Gaming Zone Trojan.StartPage.19992 Verwijderd.
    lavunagiv454.dll.vir C:\qoobox\Quarantine\C\Program Files\MSN Gaming Zone Trojan.StartPage.19992 Verwijderd.
    lavunagiv498.dll.vir C:\qoobox\Quarantine\C\Program Files\MSN Gaming Zone Trojan.StartPage.19992 Verwijderd.
    lavunagiv648.dll.vir C:\qoobox\Quarantine\C\Program Files\MSN Gaming Zone Trojan.StartPage.19992 Verwijderd.
    lavunagiv863.dll.vir C:\qoobox\Quarantine\C\Program Files\MSN Gaming Zone Trojan.StartPage.19992 Verwijderd.
    lavunagiv945.dll.vir C:\qoobox\Quarantine\C\Program Files\MSN Gaming Zone Trojan.StartPage.19992 Verwijderd.
    lavunagivNaN.dll.vir C:\qoobox\Quarantine\C\Program Files\MSN Gaming Zone Trojan.StartPage.19992 Verwijderd.
    CHOSTE~1.VIR C:\qoobox\Quarantine\C\WINDOWS\FNTS~1 Trojan.PurityAd.origin Niet repareerbaar.Verplaatst.
    ahsrpais.exe.vir C:\qoobox\Quarantine\C\WINDOWS\system32 Trojan.Click.2799 Verwijderd.
    amuthcbw.exe.vir C:\qoobox\Quarantine\C\WINDOWS\system32 Trojan.EzulaAd Verwijderd.
    hxecglio.dll.vir C:\qoobox\Quarantine\C\WINDOWS\system32 Trojan.Virtumod Verwijderd.
    ktltpfwn.exe.vir C:\qoobox\Quarantine\C\WINDOWS\system32 Trojan.EzulaAd Verwijderd.
    rtljdpgu.exe.vir C:\qoobox\Quarantine\C\WINDOWS\system32 Trojan.EzulaAd Verwijderd.
    smqedbkg.exe.vir C:\qoobox\Quarantine\C\WINDOWS\system32 Trojan.EzulaAd Verwijderd.
    ucnbxdiw.exe.vir C:\qoobox\Quarantine\C\WINDOWS\system32 Trojan.EzulaAd Verwijderd.
    f04WtR1080.exe.vir C:\qoobox\Quarantine\C\WINDOWS\system32\f04WtR Trojan.DownLoader.24715 Verwijderd.
    mid2dll.exe.vir C:\qoobox\Quarantine\C\WINDOWS\system32\P2 Trojan.DownLoader.5013 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc10 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc10 Trojan.DownLoader.17040 Verwijderd.
    ipwins.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc103 Adware.Maxifiles Verplaatst.
    ipwins.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc103 Adware.Maxifiles Verplaatst.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc11 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc11 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc12 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc12 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc13 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc13 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc14 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc14 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc15 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc15 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc17 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc17 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc18 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc18 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc19 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc19 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc20 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc20 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc21 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc21 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc22 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc22 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc23 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc23 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc24 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc24 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc25 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc25 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc26 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc26 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc27 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc27 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc28 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc28 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc29 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc29 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc3 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc3 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc30 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc30 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc31 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc31 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc32 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc32 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc33 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc33 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc34 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc34 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc35 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc35 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc36 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc36 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc37 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc37 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc38 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc38 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc39 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc39 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc4 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc4 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc40 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc40 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc41 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc41 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc42 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc42 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc43 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc43 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc44 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc44 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc45 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc45 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc46 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc46 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc47 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc47 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc48 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc48 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc49 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc49 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc5 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc5 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc50 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc50 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc51 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc51 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc52 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc52 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc53 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc53 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc54 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc54 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc55 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc55 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc56 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc56 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc57 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc57 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc58 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc58 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc59 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc59 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc6 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc6 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc60 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc60 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc61 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc61 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc62 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc62 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc63 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc63 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc64 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc64 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc65 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc65 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc66 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc66 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc67 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc67 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc68 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc68 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc69 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc69 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc7 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc7 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc70 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc70 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc71 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc71 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc72 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc72 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc73 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc73 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc74 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc74 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc75 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc75 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc76 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc76 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc77 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc77 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc78 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc78 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc79 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc79 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc8 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc8 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc80 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc80 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc81 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc81 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc82 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc82 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc83 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc83 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc84 Adware.Macfa Verplaatst.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc84 Adware.Macfa Verplaatst.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc85 Adware.Macfa Verplaatst.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc85 Adware.Macfa Verplaatst.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc86 Adware.Macfa Verplaatst.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc86 Adware.Macfa Verplaatst.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc87 Adware.Macfa Verplaatst.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc87 Adware.Macfa Verplaatst.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc88 Adware.Macfa Verplaatst.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc88 Adware.Macfa Verplaatst.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc89 Adware.Macfa Verplaatst.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc89 Adware.Macfa Verplaatst.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc9 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc9 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc90 Adware.Macfa Verplaatst.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc90 Adware.Macfa Verplaatst.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc91 Adware.Macfa Verplaatst.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc91 Adware.Macfa Verplaatst.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc92 Adware.Macfa Verplaatst.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc92 Adware.Macfa Verplaatst.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc93 Adware.Macfa Verplaatst.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc93 Adware.Macfa Verplaatst.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc94 Adware.Macfa Verplaatst.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc94 Adware.Macfa Verplaatst.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc95 Adware.Macfa Verplaatst.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1004\Dc95 Adware.Macfa Verplaatst.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1005\Dc1 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1005\Dc1 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1005\Dc2 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1005\Dc2 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1005\Dc3 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1005\Dc3 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1005\Dc4 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1005\Dc4 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1005\Dc5 Trojan.DownLoader.17039 Verwijderd.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1005\Dc5 Trojan.DownLoader.17040 Verwijderd.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1005\Dc6 Adware.Macfa Verplaatst.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1005\Dc6 Adware.Macfa Verplaatst.
    system.dll C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1005\Dc7 Adware.Macfa Verplaatst.
    Update.exe C:\RECYCLER\S-1-5-21-725345543-115176313-839522115-1005\Dc7 Adware.Macfa Verplaatst.
    A0000008.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP1 Trojan.Click.2799 Verwijderd.
    A0000009.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP1 Adware.Ttc Verplaatst.
    A0000017.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP1 Trojan.Virtumod Verwijderd.
    A0000026.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP1 Adware.ClickSpring.origin Verplaatst.
    A0000027.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP1 Trojan.PurityAd.origin Niet repareerbaar.Verplaatst.
    A0000032.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP1 Trojan.StartPage.19993 Verwijderd.
    A0000034.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP1 Adware.Ttc Verplaatst.
    A0000044.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP1 Trojan.StartPage.19993 Verwijderd.
    A0000047.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP1 Adware.Ttc Verplaatst.
    A0000057.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP1 Trojan.StartPage.19993 Verwijderd.
    A0000063.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP1 Adware.Ttc Verplaatst.
    A0000073.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP1 Trojan.StartPage.19993 Verwijderd.
    MFEX-1.DAT C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP1\snapshot Adware.Ttc Verplaatst.
    A0003344.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 BackDoor.Slh Verwijderd.
    A0003345.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.22753 Verwijderd.
    A0003346.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003347.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.ClickSpring Verplaatst.
    A0003348.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.ClickSpring Verplaatst.
    A0003349.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.Click.2776 Verwijderd.
    A0003350.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003351.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003352.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Maxifiles Verplaatst.
    A0003353.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Maxifiles Verplaatst.
    A0003354.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003355.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003356.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003357.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003358.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003359.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003360.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003361.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003362.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003363.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003364.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003365.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003366.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003367.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003368.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003369.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003370.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003371.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003372.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003373.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003374.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003375.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003376.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003377.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003378.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003379.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003380.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003381.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003382.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003383.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003384.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003385.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003386.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003387.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003388.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003389.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003390.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003391.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003392.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003393.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003394.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003395.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003396.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003397.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003398.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003399.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003400.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003401.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003402.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003403.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003404.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003405.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003406.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003407.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003408.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003409.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003410.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003411.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003412.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003413.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003414.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003415.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003416.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003417.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003418.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003419.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003420.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003421.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003422.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003423.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003424.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003425.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003426.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003427.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003428.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003429.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003430.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003431.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003432.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003433.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003434.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003435.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003436.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003437.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003438.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003439.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003440.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003441.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003442.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003443.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003444.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003445.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003446.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003447.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003448.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003449.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003450.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003451.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003452.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003453.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003454.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003455.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003456.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003457.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003458.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003459.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003460.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003461.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003462.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003463.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003464.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003465.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003466.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003467.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003468.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003469.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003470.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003471.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003472.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003473.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003474.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003475.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003476.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003477.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003478.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003479.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003480.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003481.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003482.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003483.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003484.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003485.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003486.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003487.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003488.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003489.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003490.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003491.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003492.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003493.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003494.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003495.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003496.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003497.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003498.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003499.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003500.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003501.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003502.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003503.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003504.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003505.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003506.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003507.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003508.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003509.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003510.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003511.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003512.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003513.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003514.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003515.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003516.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003517.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003518.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003519.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003520.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003521.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003522.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003523.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003524.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003525.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003526.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003527.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003528.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003529.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003530.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003531.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003532.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003533.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003534.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003535.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003536.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003537.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003538.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003539.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003540.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003541.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003542.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003543.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003544.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17039 Verwijderd.
    A0003545.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.17040 Verwijderd.
    A0003546.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003547.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003548.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003549.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Macfa Verplaatst.
    A0003245.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.EzulaAd Verwijderd.
    A0003246.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.EzulaAd Verwijderd.
    A0003247.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.EzulaAd Verwijderd.
    A0003248.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.EzulaAd Verwijderd.
    A0003249.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.EzulaAd Verwijderd.
    A0003250.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Adware.Ttc Verplaatst.
    A0003251.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.StartPage.19992 Verwijderd.
    A0003252.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.StartPage.19992 Verwijderd.
    A0003253.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.StartPage.19992 Verwijderd.
    A0003254.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.StartPage.19992 Verwijderd.
    A0003255.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.StartPage.19992 Verwijderd.
    A0003256.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.StartPage.19992 Verwijderd.
    A0003257.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.StartPage.19992 Verwijderd.
    A0003258.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.StartPage.19992 Verwijderd.
    A0003259.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.StartPage.19992 Verwijderd.
    A0003260.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.StartPage.19992 Verwijderd.
    A0003261.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.StartPage.19992 Verwijderd.
    A0003262.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.StartPage.19992 Verwijderd.
    A0003263.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.StartPage.19992 Verwijderd.
    A0003264.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.Click.2799 Verwijderd.
    A0003265.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.Virtumod Verwijderd.
    A0003271.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.PurityAd Verwijderd.
    A0003274.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.PurityAd.origin Niet repareerbaar.Verplaatst.
    A0003275.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.DownLoader.22753 Verwijderd.
    A0003280.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.DownLoader.5013 Verwijderd.
    A0003281.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP9 Trojan.DownLoader.24715 Verwijderd.
    ccsspsru.dll.bad C:\VundoFix Backups Trojan.Virtumod Verwijderd.
    hycushbv.exe.bad C:\VundoFix Backups Trojan.Click.2799 Verwijderd.
    wcvdjkju.dll.bad C:\VundoFix Backups Trojan.Virtumod Verwijderd.
    asappsrv.dll C:\WINDOWS\RGVuIFVpamw Trojan.Proxy.493 Verwijderd.
    command.exe C:\WINDOWS\RGVuIFVpamw Trojan.Proxy.493 Verwijderd.
    imsn.exe C:\WINDOWS\system32 Tool.MessenPass Verplaatst.
    hoketof4444.dll C:\_OTMoveIt\MovedFiles\Program Files\Internet Explorer Adware.Ttc Verplaatst.
    hoketof83122.dll C:\_OTMoveIt\MovedFiles\Program Files\Internet Explorer Adware.Ttc Verplaatst.
    lavunagiv463.dll C:\_OTMoveIt\MovedFiles\Program Files\MSN Gaming Zone Trojan.StartPage.19992 Verwijderd.
    javaw.exe C:\_OTMoveIt\MovedFiles\PROGRA~1\YSTEM~1 Trojan.DownLoader.22753 Verwijderd.
    b122.exe C:\_OTMoveIt\MovedFiles\WINDOWS Trojan.MulDrop.origin Niet repareerbaar.Verplaatst.
    retadpu1000106.exe C:\_OTMoveIt\MovedFiles\WINDOWS Trojan.DownLoader.31817 Verwijderd.
    retadpu1000137.exe C:\_OTMoveIt\MovedFiles\WINDOWS Trojan.DownLoader.31817 Verwijderd.
    tk58.exe C:\_OTMoveIt\MovedFiles\WINDOWS Trojan.StartPage.19993 Verwijderd.
    bneogv.dll C:\_OTMoveIt\MovedFiles\WINDOWS\system32 Trojan.DownLoader.34102 Verwijderd.
    fxrsalun.exe C:\_OTMoveIt\MovedFiles\WINDOWS\system32 Trojan.EzulaAd Verwijderd.
    fzv.dll C:\_OTMoveIt\MovedFiles\WINDOWS\system32 Adware.ClickSpring.origin Verplaatst.
    jufvcmyw.exe C:\_OTMoveIt\MovedFiles\WINDOWS\system32 Trojan.EzulaAd Verwijderd.


    Hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 6:50:30, on 8-10-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    D:\Britta\Itunes\iTunesHelper.exe
    C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    D:\Britta\Ipod\bin\iPodService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\PROGRA~1\MICROS~4\rapimgr.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\WINDOWS\System32\msiexec.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.jvo.nl/dagelijksrooster.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Britta\Itunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [CreateCD50] "C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r
    O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\McAfee.com\Agent\mcregwiz.exe /autorun
    O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [SmartBarXP] D:\Daan\Documenten\SmartBarXP\SmartBarXP.exe
    O4 - HKCU\..\Run: [Eyeball Chat] "C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" -min
    O4 - HKCU\..\Run: [BitTorrent] "D:\Daan\Documenten\bittorrent.exe" –force_start_minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
    O4 - HKCU\..\Run: [Adru] "C:\PROGRA~1\YSTEM~1\javaw.exe" -vt ndrv
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
    O4 - Startup: Planet Internet ADSL.lnk = ?
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra 'Tools' menuitem:
  • Hmmm, ik zag in mijn vorige antwoord het Combofix logje niet dus hier nog een keer:

    ComboFix 07-10-07.1 - Daan 2007-10-08 6:51:38.2 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.250 [GMT 2:00]
    Gestart vanuit: C:\Documents and Settings\Daan\Bureaublad\ComboFix.exe
    .

    (((((((((((((((((((( Bestanden Gemaakt van 2007-09-08 to 2007-10-08 ))))))))))))))))))))))))))))))
    .

    2007-10-07 22:20 <DIR> d——– C:\Documents and Settings\Daan\DoctorWeb
    2007-09-28 23:24 <DIR> d——– C:\VundoFix Backups
    2007-09-28 15:46 <DIR> d——– C:\Deckard
    2007-09-26 20:37 <DIR> d——– C:\Program Files\Jamdat
    2007-09-26 19:15 51,200 –a—— C:\WINDOWS\NirCmd.exe
    2007-09-25 22:20 <DIR> d——– C:\Program Files\Trend Micro
    2007-09-25 15:23 207 –a—— C:\Documents and Settings\Daan\2977.bat
    2007-09-25 07:52 207 –a—— C:\Documents and Settings\Daan\2813.bat
    2007-09-24 23:28 207 –a—— C:\Documents and Settings\Daan\4992.bat
    2007-09-24 23:28 <DIR> d——– C:\Program Files\Temporary
    2007-09-24 23:13 9,814 –a—— C:\WINDOWS\system32\app.exe
    2007-09-24 23:13 207 –a—— C:\WINDOWS\system32\9774.bat
    2007-09-24 23:13 109,585 –a—— C:\WINDOWS\system32\ps.exe
    2007-09-24 23:13 <DIR> d——– C:\WINDOWS\system32\UPC1
    2007-09-24 23:13 <DIR> d——– C:\WINDOWS\system32\Dr3
    2007-09-24 23:13 <DIR> d——– C:\Documents and Settings\LocalService\Application Data\NetMon
    2007-09-24 22:06 147,456 –a—— C:\WINDOWS\system32\vbzip10.dll
    2007-09-24 22:06 0 –a—— C:\WINDOWS\system32\taskkill.exe
    2007-09-23 21:07 225,280 –a—— C:\WINDOWS\system32\rewire.dll
    2007-09-23 21:07 <DIR> d——– C:\Program Files\VstPlugins
    2007-09-23 21:02 <DIR> d——– C:\Program Files\Image-Line
    2007-09-23 15:12 <DIR> d——– C:\Documents and Settings\Daan\Application Data\Syntrillium
    2007-09-23 14:42 4,608 –a—— C:\WINDOWS\system32\W95INF32.DLL
    2007-09-23 14:42 2,272 –a—— C:\WINDOWS\system32\W95INF16.DLL
    2007-09-23 10:18 <DIR> d——– C:\Program Files\Google
    2007-09-23 10:18 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Google Updater
    2007-09-20 17:55 <DIR> d——– C:\Documents and Settings\Niels\Application Data\Logitech
    2007-09-14 18:32 <DIR> d——– C:\Documents and Settings\Daan\Application Data\NCH Swift Sound
    2007-09-14 18:27 <DIR> d——– C:\Program Files\NCH Swift Sound
    2007-09-10 23:13 <DIR> d——– C:\Documents and Settings\Reinier\Application Data\Logitech

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-10-07 23:09 ——— d——– C:\Program Files\psquery
    2007-10-07 22:40 86016 –a—— C:\eSetup.exe
    2007-10-07 11:39 ——— d——– C:\Program Files\MSN Messenger
    2007-09-26 20:54 ——— d——– C:\Program Files\Microsoft ActiveSync
    2007-09-25 18:14 ——— d——– C:\Program Files\AdSponsorCL
    2007-09-10 22:20 ——— d——– C:\Program Files\LimeWire
    2007-09-05 15:42 ——— d——– C:\Program Files\Norton Security Scan
    2007-09-03 18:20 ——— d——– C:\Program Files\Common Files\Symantec Shared
    2007-09-03 17:34 ——— d——– C:\Program Files\Common Files\LogiShared
    2007-09-03 17:34 ——— d——– C:\Documents and Settings\Daan\Application Data\Logitech
    2007-09-03 17:34 ——— d——– C:\Documents and Settings\Daan\Application Data\Leadertech
    2007-09-03 17:33 0 –ah—– C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2007-09-03 17:33 0 –ah—– C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    2007-09-03 17:33 0 –ah—– C:\WINDOWS\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
    2007-09-03 17:32 ——— d——– C:\Program Files\Common Files\Logitech
    2007-09-03 17:31 ——— d–h—– C:\Program Files\InstallShield Installation Information
    2007-09-03 17:31 ——— d——– C:\Program Files\Logitech
    2007-09-03 17:31 ——— d——– C:\Documents and Settings\Daan\Application Data\InstallShield
    2007-09-03 17:31 ——— d——– C:\Documents and Settings\All Users\Application Data\Logitech
    2007-09-03 17:31 ——— d——– C:\Documents and Settings\All Users\Application Data\LogiShrd
    2007-08-15 23:10 ——— d——– C:\Program Files\MSXML 4.0
    2007-07-30 19:19 92504 –a—— C:\WINDOWS\system32\cdm.dll
    2007-07-30 19:19 549720 –a—— C:\WINDOWS\system32\wuapi.dll
    2007-07-30 19:19 53080 –a—— C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 19:19 43352 –a—— C:\WINDOWS\system32\wups2.dll
    2007-07-30 19:19 325976 –a—— C:\WINDOWS\system32\wucltui.dll
    2007-07-30 19:19 271224 –a—— C:\WINDOWS\system32\mucltui.dll
    2007-07-30 19:19 207736 –a—— C:\WINDOWS\system32\muweb.dll
    2007-07-30 19:19 203096 –a—— C:\WINDOWS\system32\wuweb.dll
    2007-07-30 19:19 1712984 –a—— C:\WINDOWS\system32\wuaueng.dll
    2007-07-30 19:18 33624 –a—— C:\WINDOWS\system32\wups.dll
    2006-11-26 13:22 139489 –a—— C:\Documents and Settings\Niels\mc2.exe
    2006-11-21 20:34 206 ——— C:\Program Files\MNInetModule.log
    2006-11-21 20:34 194 ——— C:\Program Files\MNWMRM.log
    2005-07-29 14:24:26 472 –sha-r C:\WINDOWS\RGVuIFVpamw\l3pRKIpDuAT.vbs
    .

    ((((((((((((((((((((((((((((( snapshot@2007-10-07_11.44.55.93 )))))))))))))))))))))))))))))))))))))))))
    .
    —-a-r 167,936 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\accicons.exe
    —-a-r 34,304 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\misc.exe
    —-a-r 8,192 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\mspicons.exe
    —-a-r 3,584 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\opwicon.exe
    —-a-r 114,688 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\outicon.exe
    —-a-r 16,384 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\PEicons.exe
    —-a-r 30,720 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\pptico.exe
    —-a-r 22,528 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\unbndico.exe
    —-a-r 45,056 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\wordicon.exe
    —-a-r 90,112 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\xlicons.exe
    .
    —-a-r 167,936 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\accicons.exe
    —-a-r 34,304 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\misc.exe
    —-a-r 8,192 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\mspicons.exe
    —-a-r 3,584 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\opwicon.exe
    —-a-r 114,688 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\outicon.exe
    —-a-r 16,384 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\PEicons.exe
    —-a-r 30,720 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\pptico.exe
    —-a-r 22,528 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\unbndico.exe
    —-a-r 45,056 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\wordicon.exe
    —-a-r 90,112 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\xlicons.exe
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-10-06 15:16]
    "AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-04-10 17:44]
    "SpeedTouch USB Diagnostics"="C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2002-11-12 12:02]
    "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" []
    "nwiz"="nwiz.exe" [2003-10-06 15:16 C:\WINDOWS\system32\nwiz.exe]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-03-08 15:54]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" []
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14]
    "iTunesHelper"="D:\Britta\Itunes\iTunesHelper.exe" [2006-02-23 15:45]
    "CreateCD50"="C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" [2002-05-02 19:58]
    "McRegWiz"="C:\PROGRA~1\McAfee.com\Agent\mcregwiz.exe" []
    "VSOCheckTask"="c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" []
    "VirusScan Online"="c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" []
    "MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" []
    "MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\McUpdate.exe" []
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-12-31 13:55]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 15:32 C:\WINDOWS\KHALMNPR.Exe]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:03]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" []
    "Steam"="c:\program files\steam\steam.exe" []
    "SmartBarXP"="D:\Daan\Documenten\SmartBarXP\SmartBarXP.exe" []
    "Eyeball Chat"="C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" []
    "BitTorrent"="D:\Daan\Documenten\bittorrent.exe" []
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-23 10:18]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 18:34]
    "Adru"="C:\PROGRA~1\YSTEM~1\javaw.exe" []

    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
    Adobe Reader Snelle start.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
    Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-09-23 10:18:45]
    Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-09-03 17:32:07]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    "Notification Packages"= scecli scecli

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
    @=""

    R1 cdudf_xp;cdudf_xp;C:\WINDOWS\system32\drivers\cdudf_xp.sys
    R1 pwd_2k;pwd_2k;C:\WINDOWS\system32\drivers\pwd_2k.sys
    R1 UdfReadr_xp;UdfReadr_xp;C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
    R2 Devx;Devx;C:\WINDOWS\system32\drivers\Devx.sys
    R2 VtPr;VtPr;C:\WINDOWS\system32\drivers\VtPr.sys
    R3 mmc_2K;mmc_2K;C:\WINDOWS\system32\drivers\mmc_2K.sys
    S3 BRGSp50;BRGSp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\BRGSp50.sys
    S3 dvd_2K;dvd_2K;C:\WINDOWS\system32\drivers\dvd_2K.sys
    S3 hitmanpro2;Hitman Pro 2 Driver;\??\C:\Program Files\Hitman Pro\hitmanpro2.sys
    S3 NaiFiltr;NaiFiltr;C:\WINDOWS\system32\DRIVERS\NaiFiltr.sys
    S3 psquery;psquery;\??\C:\Program Files\psquery\psquery.sys
    S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5Y99AE78-58TT-11dW-BE53-Y67078979Y}]
    C:\WINDOWS\system\sservice.exe
    .
    Inhoud van de 'Gedeelde Taken' map
    "2007-06-23 04:54:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-10-08 04:55:00 C:\WINDOWS\Tasks\Controle op updates door McAfee.com (WOONKAMER-Britta).job"
    - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    "2007-10-08 04:53:00 C:\WINDOWS\Tasks\Controle op updates door McAfee.com (WOONKAMER-Daan).job"
    - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    "2007-10-08 04:52:00 C:\WINDOWS\Tasks\Controle op updates door McAfee.com (WOONKAMER-Niels).job"
    - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    "2007-10-08 04:55:00 C:\WINDOWS\Tasks\Controle op updates door McAfee.com (WOONKAMER-Reinier).job"
    - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    "2007-10-05 18:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen - Reinier.job"
    - C:\PROGRA~1\NORTON~1\Navw32.exe
    .
    **************************************************************************

    catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-10-08 06:55:57
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    Voltooingstijd: 2007-10-08 6:57:00
    C:\ComboFix-quarantined-files.txt … 2007-10-08 06:56
    C:\ComboFix2.txt … 2007-10-07 11:45
    .
    — E O F —
  • Heey, ik heb al 3 dagen niks meer van jullie gehoord?? Is het zo'n moeilijk probleem of heb jullie weinig tijd gehad?? Want het probleem is nog steeds niet helemaal weg, ik heb iig al geen last meer van de adverisement pop ups, maar de tekstjes onder de pictogrammen zijn nog wel blauw.
  • Alles gebeurd op vrijwillige basis, we antwoorden wanneer we er tijd voor hebben.

    Open een kladblokbestand.
    Kopieer onderstaande code in dit kladblokbestand.
    Ga naar Bestand - Opslaan als.
    Bij "Opslaan in" kies je: Bureaublad
    Bij "Bestandsnaam" zet je: fix.reg
    Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
    Klik op de knop Opslaan.
    [code:1:26865a4aa7]REGEDIT4

    [-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5Y99AE78-58TT-11dW-BE53-Y67078979Y}]

    [/code:1:26865a4aa7]
    Dubbelklik op de fix.reg file en laat de wijzigingen aan het register toevoegen.

    Maak een nieuw hijackthislog, de vorige was niet volledig, en maak een nieuwe log met Combofix.
    (Combofix wel opnieuw downloaden!)
  • Ik weet dat het op vrijwillige basis gebeurd en ik bedoelde het ook niet op een zeurtoon en ik ben hartstikke blij dat jullie me helpen. Dus mijn excuses daarvoor.

    En waarom is het zo belangrijk dat ik Combofix weer opnieuw download?

    Dan nu het Hijackthislogje:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:34:49, on 11-10-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    D:\Britta\Itunes\iTunesHelper.exe
    C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    D:\Britta\Ipod\bin\iPodService.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\PROGRA~1\MICROS~4\rapimgr.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.jvo.nl/dagelijksrooster.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Britta\Itunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [CreateCD50] "C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r
    O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\McAfee.com\Agent\mcregwiz.exe /autorun
    O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [SmartBarXP] D:\Daan\Documenten\SmartBarXP\SmartBarXP.exe
    O4 - HKCU\..\Run: [Eyeball Chat] "C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" -min
    O4 - HKCU\..\Run: [BitTorrent] "D:\Daan\Documenten\bittorrent.exe" –force_start_minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
    O4 - HKCU\..\Run: [Adru] "C:\PROGRA~1\YSTEM~1\javaw.exe" -vt ndrv
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
    O4 - Startup: Planet Internet ADSL.lnk = ?
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Mobiele favorieten maken… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1168462717453
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader4.cab
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
    O16 - DPF: {B0A2C7FC-8666-44D6-A990-2FCE3B933341} (ING Bank Autorisatiescherm) - https://secure.ingbank.nl/download/DigiSign.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - D:\Britta\Ipod\bin\iPodService.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: SAVScan - Unknown owner - C:\Program Files\Norton AntiVirus\SAVScan.exe (file missing)
    O23 - Service: ScriptBlocking Service (SBService) - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (file missing)
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (file missing)
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe


    End of file - 11553 bytes

    Combofix:

    ComboFix 07-10-11.1 - Daan 2007-10-11 16:39:35.3 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.219 [GMT 2:00]
    Gestart vanuit: C:\Documents and Settings\Daan\Bureaublad\ComboFix.exe
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((( Bestanden Gemaakt van 2007-09-11 to 2007-10-11 ))))))))))))))))))))))))))))))
    .

    2007-10-07 22:20 <DIR> d——– C:\Documents and Settings\Daan\DoctorWeb
    2007-09-28 23:24 <DIR> d——– C:\VundoFix Backups
    2007-09-28 15:46 <DIR> d——– C:\Deckard
    2007-09-26 20:37 <DIR> d——– C:\Program Files\Jamdat
    2007-09-26 19:15 51,200 –a—— C:\WINDOWS\NirCmd.exe
    2007-09-25 22:20 <DIR> d——– C:\Program Files\Trend Micro
    2007-09-25 22:17 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Avg7
    2007-09-25 15:23 207 –a—— C:\Documents and Settings\Daan\2977.bat
    2007-09-25 07:52 207 –a—— C:\Documents and Settings\Daan\2813.bat
    2007-09-24 23:28 <DIR> d——– C:\Program Files\Temporary
    2007-09-24 23:28 207 –a—— C:\Documents and Settings\Daan\4992.bat
    2007-09-24 23:13 <DIR> d——– C:\WINDOWS\system32\UPC1
    2007-09-24 23:13 <DIR> d——– C:\WINDOWS\system32\Dr3
    2007-09-24 23:13 <DIR> d——– C:\Documents and Settings\LocalService\Application Data\NetMon
    2007-09-24 23:13 109,585 –a—— C:\WINDOWS\system32\ps.exe
    2007-09-24 23:13 9,814 –a—— C:\WINDOWS\system32\app.exe
    2007-09-24 23:13 207 –a—— C:\WINDOWS\system32\9774.bat
    2007-09-24 22:06 147,456 –a—— C:\WINDOWS\system32\vbzip10.dll
    2007-09-24 22:06 0 –a—— C:\WINDOWS\system32\taskkill.exe
    2007-09-23 21:07 <DIR> d——– C:\Program Files\VstPlugins
    2007-09-23 21:07 225,280 –a—— C:\WINDOWS\system32\rewire.dll
    2007-09-23 21:02 <DIR> d——– C:\Program Files\Image-Line
    2007-09-23 15:12 <DIR> d——– C:\Documents and Settings\Daan\Application Data\Syntrillium
    2007-09-23 14:42 4,608 –a—— C:\WINDOWS\system32\W95INF32.DLL
    2007-09-23 14:42 2,272 –a—— C:\WINDOWS\system32\W95INF16.DLL
    2007-09-23 10:18 <DIR> d——– C:\Program Files\Google
    2007-09-23 10:18 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Google Updater
    2007-09-20 17:55 <DIR> d——– C:\Documents and Settings\Niels\Application Data\Logitech
    2007-09-14 18:32 <DIR> d——– C:\Documents and Settings\Daan\Application Data\NCH Swift Sound
    2007-09-14 18:27 <DIR> d——– C:\Program Files\NCH Swift Sound

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-10-07 21:09 ——— d—–w C:\Program Files\psquery
    2007-10-07 20:40 86,016 —-a-w C:\eSetup.exe
    2007-10-07 09:39 ——— d—–w C:\Program Files\MSN Messenger
    2007-09-26 18:54 ——— d—–w C:\Program Files\Microsoft ActiveSync
    2007-09-25 16:14 ——— d—–w C:\Program Files\AdSponsorCL
    2007-09-10 21:13 ——— d—–w C:\Documents and Settings\Reinier\Application Data\Logitech
    2007-09-10 20:20 ——— d—–w C:\Program Files\LimeWire
    2007-09-10 14:46 ——— d—–w C:\Program Files\Java
    2007-09-05 13:42 ——— d—–w C:\Program Files\Norton Security Scan
    2007-09-03 16:20 ——— d—–w C:\Program Files\Common Files\Symantec Shared
    2007-09-03 15:34 ——— d—–w C:\Program Files\Common Files\LogiShared
    2007-09-03 15:34 ——— d—–w C:\Documents and Settings\Daan\Application Data\Logitech
    2007-09-03 15:34 ——— d—–w C:\Documents and Settings\Daan\Application Data\Leadertech
    2007-09-03 15:33 0 —ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2007-09-03 15:33 0 —ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    2007-09-03 15:33 0 —ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
    2007-09-03 15:32 ——— d—–w C:\Program Files\Common Files\Logitech
    2007-09-03 15:31 ——— d–h–w C:\Program Files\InstallShield Installation Information
    2007-09-03 15:31 ——— d—–w C:\Program Files\Logitech
    2007-09-03 15:31 ——— d—–w C:\Documents and Settings\Daan\Application Data\InstallShield
    2007-09-03 15:31 ——— d—–w C:\Documents and Settings\All Users\Application Data\Logitech
    2007-09-03 15:31 ——— d—–w C:\Documents and Settings\All Users\Application Data\LogiShrd
    2007-08-21 06:18 683,520 —-a-w C:\WINDOWS\system32\inetcomm.dll
    2007-08-15 21:10 ——— d—–w C:\Program Files\MSXML 4.0
    2007-07-30 17:19 92,504 —-a-w C:\WINDOWS\system32\cdm.dll
    2007-07-30 17:19 549,720 —-a-w C:\WINDOWS\system32\wuapi.dll
    2007-07-30 17:19 53,080 —-a-w C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 17:19 43,352 —-a-w C:\WINDOWS\system32\wups2.dll
    2007-07-30 17:19 325,976 —-a-w C:\WINDOWS\system32\wucltui.dll
    2007-07-30 17:19 271,224 —-a-w C:\WINDOWS\system32\mucltui.dll
    2007-07-30 17:19 207,736 —-a-w C:\WINDOWS\system32\muweb.dll
    2007-07-30 17:19 203,096 —-a-w C:\WINDOWS\system32\wuweb.dll
    2007-07-30 17:19 1,712,984 —-a-w C:\WINDOWS\system32\wuaueng.dll
    2007-07-30 17:18 33,624 —-a-w C:\WINDOWS\system32\wups.dll
    2007-06-08 09:23 26,152 —-a-w C:\Documents and Settings\Niels\Application Data\GDIPFONTCACHEV1.DAT
    2007-05-27 10:44 26,152 —-a-w C:\Documents and Settings\Reinier\Application Data\GDIPFONTCACHEV1.DAT
    2006-11-26 11:22 139,489 —-a-w C:\Documents and Settings\Niels\mc2.exe
    2006-11-21 18:34 206 ——w C:\Program Files\MNInetModule.log
    2006-11-21 18:34 194 ——w C:\Program Files\MNWMRM.log
    2006-11-05 14:05 17,920 —-a-w C:\Documents and Settings\Britta\Application Data\GDIPFONTCACHEV1.DAT
    2006-08-18 18:58 17,920 —-a-w C:\Documents and Settings\Daan\Application Data\GDIPFONTCACHEV1.DAT
    2005-07-29 14:24:26 472 –sha-r C:\WINDOWS\RGVuIFVpamw\l3pRKIpDuAT.vbs
    .

    ((((((((((((((((((((((((((((( snapshot@2007-10-07_11.44.55.93 )))))))))))))))))))))))))))))))))))))))))
    .
    —-a-w 15,584 2007-03-06 01:58:22 C:\WINDOWS\$hf_mig$\KB939653-IE7\spmsg.dll
    —-a-w 216,800 2007-03-06 01:58:28 C:\WINDOWS\$hf_mig$\KB939653-IE7\spuninst.exe
    —-a-w 124,928 2007-08-20 09:52:08 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\advpack.dll
    —-a-w 214,528 2007-08-20 09:52:19 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\dxtrans.dll
    —-a-w 132,608 2007-08-20 09:52:08 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\extmgr.dll
    —-a-w 63,488 2007-08-20 09:52:08 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\icardie.dll
    —-a-w 70,656 2007-08-17 10:14:47 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe
    —-a-w 153,088 2007-08-20 09:52:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakeng.dll
    —-a-w 230,400 2007-08-20 09:52:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieaksie.dll
    —-a-w 161,792 2007-08-17 07:29:55 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakui.dll
    —-a-w 2,455,488 2007-04-17 09:32:38 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dat
    —-a-w 383,488 2007-08-20 09:52:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dll
    —-a-w 387,584 2007-08-20 09:52:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iedkcs32.dll
    —-a-w 6,066,176 2007-08-20 09:52:12 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieframe.dll
    —-a-w 44,544 2007-08-20 09:52:12 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iernonce.dll
    —-a-w 267,776 2007-08-20 09:52:13 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iertutil.dll
    —-a-w 13,824 2007-08-17 10:14:48 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe
    —-a-w 625,152 2007-08-17 10:15:00 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe
    —-a-w 27,648 2007-08-20 09:52:14 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\jsproxy.dll
    —-a-w 459,264 2007-08-20 09:52:14 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msfeeds.dll
    —-a-w 52,224 2007-08-20 09:52:14 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msfeedsbs.dll
    —-a-w 3,592,192 2007-08-20 09:52:16 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll
    —-a-w 478,208 2007-08-20 09:52:16 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mshtmled.dll
    —-a-w 193,024 2007-08-20 09:52:17 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msrating.dll
    —-a-w 671,232 2007-08-20 09:52:17 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mstime.dll
    —-a-w 102,400 2007-08-20 09:52:17 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\occache.dll
    —-a-w 105,984 2007-08-20 09:52:17 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\url.dll
    —-a-w 1,161,728 2007-08-20 09:52:18 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\urlmon.dll
    —-a-w 232,960 2007-08-20 09:52:18 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\webcheck.dll
    —-a-w 825,344 2007-08-20 09:52:19 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
    —-a-w 22,752 2007-03-06 01:58:21 C:\WINDOWS\$hf_mig$\KB939653-IE7\update\spcustom.dll
    —-a-w 725,728 2007-03-06 01:58:46 C:\WINDOWS\$hf_mig$\KB939653-IE7\update\update.exe
    —-a-w 389,856 2007-03-06 01:59:37 C:\WINDOWS\$hf_mig$\KB939653-IE7\update\updspapi.dll
    —-a-w 15,584 2007-03-06 01:58:22 C:\WINDOWS\$hf_mig$\KB941202\spmsg.dll
    —-a-w 216,800 2007-03-06 01:58:28 C:\WINDOWS\$hf_mig$\KB941202\spuninst.exe
    —-a-w 683,520 2007-08-21 06:26:15 C:\WINDOWS\$hf_mig$\KB941202\SP2QFE\inetcomm.dll
    —-a-w 22,752 2007-03-06 01:58:21 C:\WINDOWS\$hf_mig$\KB941202\update\spcustom.dll
    —-a-w 725,728 2007-03-06 01:58:46 C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
    —-a-w 389,856 2007-03-06 01:59:37 C:\WINDOWS\$hf_mig$\KB941202\update\updspapi.dll
    -c—-w 581,120 2004-08-04 00:03:20 C:\WINDOWS\$NtUninstallKB933729$\rpcrt4.dll
    -c—-w 266,240 2007-03-09 11:51:35 C:\WINDOWS\$NtUninstallKB933729$\xpsp3res.dll
    -c—-w 216,800 2005-10-12 23:20:06 C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe
    -c—-w 389,856 2005-10-12 23:20:15 C:\WINDOWS\$NtUninstallKB933729$\spuninst\updspapi.dll
    -c—-w 683,520 2007-05-16 15:19:43 C:\WINDOWS\$NtUninstallKB941202$\inetcomm.dll
    -c—-w 216,800 2007-03-06 01:58:28 C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe
    -c—-w 389,856 2007-03-06 01:59:37 C:\WINDOWS\$NtUninstallKB941202$\spuninst\updspapi.dll
    -c—-w 124,928 2007-06-27 14:11:20 C:\WINDOWS\ie7updates\KB939653-IE7\advpack.dll
    -c—-w 214,528 2006-10-17 10:57:50 C:\WINDOWS\ie7updates\KB939653-IE7\dxtrans.dll
    -c—-w 132,608 2007-06-27 14:11:22 C:\WINDOWS\ie7updates\KB939653-IE7\extmgr.dll
    -c—-w 61,952 2006-10-17 10:58:20 C:\WINDOWS\ie7updates\KB939653-IE7\icardie.dll
    -c—-w 63,488 2007-06-27 08:27:04 C:\WINDOWS\ie7updates\KB939653-IE7\ie4uinit.exe
    -c—-w 153,088 2007-06-27 14:11:26 C:\WINDOWS\ie7updates\KB939653-IE7\ieakeng.dll
    -c—-w 230,400 2007-06-27 14:11:26 C:\WINDOWS\ie7updates\KB939653-IE7\ieaksie.dll
    -c—-w 161,792 2007-06-27 07:00:33 C:\WINDOWS\ie7updates\KB939653-IE7\ieakui.dll
    -c—-w 383,488 2007-06-27 14:11:29 C:\WINDOWS\ie7updates\KB939653-IE7\ieapfltr.dll
    -c—-w 384,512 2007-06-27 14:11:35 C:\WINDOWS\ie7updates\KB939653-IE7\iedkcs32.dll
    -c—-w 6,058,496 2007-06-27 14:11:53 C:\WINDOWS\ie7updates\KB939653-IE7\ieframe.dll
    -c—-w 44,544 2007-06-27 14:11:53 C:\WINDOWS\ie7updates\KB939653-IE7\iernonce.dll
    -c—-w 267,776 2007-06-27 14:11:55 C:\WINDOWS\ie7updates\KB939653-IE7\iertutil.dll
    -c—-w 13,824 2007-06-27 08:27:05 C:\WINDOWS\ie7updates\KB939653-IE7\ieudinit.exe
    -c—-w 625,152 2007-06-27 08:29:14 C:\WINDOWS\ie7updates\KB939653-IE7\iexplore.exe
    -c—-w 27,648 2007-06-27 14:11:59 C:\WINDOWS\ie7updates\KB939653-IE7\jsproxy.dll
    -c—-w 459,264 2007-06-27 14:12:00 C:\WINDOWS\ie7updates\KB939653-IE7\msfeeds.dll
    -c—-w 52,224 2007-06-27 14:12:00 C:\WINDOWS\ie7updates\KB939653-IE7\msfeedsbs.dll
    -c—-w 3,583,488 2007-07-19 06:59:22 C:\WINDOWS\ie7updates\KB939653-IE7\mshtml.dll
    -c—-w 477,696 2007-06-27 14:12:12 C:\WINDOWS\ie7updates\KB939653-IE7\mshtmled.dll
    -c—-w 193,024 2007-06-27 14:12:14 C:\WINDOWS\ie7updates\KB939653-IE7\msrating.dll
    -c—-w 671,232 2007-06-27 14:12:21 C:\WINDOWS\ie7updates\KB939653-IE7\mstime.dll
    -c—-w 102,400 2007-06-27 14:12:21 C:\WINDOWS\ie7updates\KB939653-IE7\occache.dll
    -c—-w 105,984 2007-06-27 14:12:22 C:\WINDOWS\ie7updates\KB939653-IE7\url.dll
    -c—-w 1,152,000 2007-06-27 14:12:26 C:\WINDOWS\ie7updates\KB939653-IE7\urlmon.dll
    -c—-w 232,960 2007-06-27 14:12:28 C:\WINDOWS\ie7updates\KB939653-IE7\webcheck.dll
    -c—-w 823,808 2007-06-27 14:12:32 C:\WINDOWS\ie7updates\KB939653-IE7\wininet.dll
    -c—-w 216,800 2007-03-06 01:58:28 C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe
    -c—-w 389,856 2007-03-06 01:59:37 C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\updspapi.dll
    —-a-r 167,936 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\accicons.exe
    —-a-r 34,304 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\misc.exe
    —-a-r 8,192 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\mspicons.exe
    —-a-r 3,584 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\opwicon.exe
    —-a-r 114,688 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\outicon.exe
    —-a-r 16,384 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\PEicons.exe
    —-a-r 30,720 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\pptico.exe
    —-a-r 22,528 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\unbndico.exe
    —-a-r 45,056 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\wordicon.exe
    —-a-r 90,112 2007-10-08 04:49:12 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\xlicons.exe
    —-a-w 15,584 2007-03-06 01:58:22 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\spmsg.dll
    —-a-w 216,800 2007-03-06 01:58:28 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\spuninst.exe
    —-a-w 124,928 2007-08-20 10:02:06 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\advpack.dll
    —-a-w 214,528 2007-08-20 10:02:06 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\dxtrans.dll
    —-a-w 132,608 2007-08-20 10:02:06 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\extmgr.dll
    —-a-w 63,488 2007-08-20 10:02:06 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\icardie.dll
    —-a-w 63,488 2007-08-17 10:23:18 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\ie4uinit.exe
    —-a-w 153,088 2007-08-20 10:02:06 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\ieakeng.dll
    —-a-w 230,400 2007-08-20 10:02:06 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\ieaksie.dll
    —-a-w 161,792 2007-08-17 07:34:25 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\ieakui.dll
    —-a-w 383,488 2007-08-20 10:02:06 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\ieapfltr.dll
    —-a-w 384,512 2007-08-20 10:02:06 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\iedkcs32.dll
    —-a-w 6,058,496 2007-08-20 10:02:07 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\ieframe.dll
    —-a-w 44,544 2007-08-20 10:02:07 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\iernonce.dll
    —-a-w 267,776 2007-08-20 10:02:07 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\iertutil.dll
    —-a-w 13,824 2007-08-17 10:23:18 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\ieudinit.exe
    —-a-w 625,152 2007-08-17 10:23:36 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\iexplore.exe
    —-a-w 27,648 2007-08-20 10:02:07 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\jsproxy.dll
    —-a-w 459,264 2007-08-20 10:02:07 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\msfeeds.dll
    —-a-w 52,224 2007-08-20 10:02:07 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\msfeedsbs.dll
    —-a-w 3,584,512 2007-08-20 10:02:07 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\mshtml.dll
    —-a-w 477,696 2007-08-20 10:02:07 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\mshtmled.dll
    —-a-w 193,024 2007-08-20 10:02:07 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\msrating.dll
    —-a-w 671,232 2007-08-20 10:02:08 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\mstime.dll
    —-a-w 102,400 2007-08-20 10:02:08 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\occache.dll
    —-a-w 105,984 2007-08-20 10:02:08 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\url.dll
    —-a-w 1,152,000 2007-08-20 10:02:08 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\urlmon.dll
    —-a-w 232,960 2007-08-20 10:02:08 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\webcheck.dll
    —-a-w 824,832 2007-08-20 10:02:08 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\wininet.dll
    —-a-w 124,928 2007-08-20 09:52:08 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\advpack.dll
    —-a-w 214,528 2007-08-20 09:52:19 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\dxtrans.dll
    —-a-w 132,608 2007-08-20 09:52:08 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\extmgr.dll
    —-a-w 63,488 2007-08-20 09:52:08 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\icardie.dll
    —-a-w 70,656 2007-08-17 10:14:47 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\ie4uinit.exe
    —-a-w 153,088 2007-08-20 09:52:09 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\ieakeng.dll
    —-a-w 230,400 2007-08-20 09:52:09 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\ieaksie.dll
    —-a-w 161,792 2007-08-17 07:29:55 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\ieakui.dll
    —-a-w 2,455,488 2007-04-17 09:32:38 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\ieapfltr.dat
    —-a-w 383,488 2007-08-20 09:52:09 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\ieapfltr.dll
    —-a-w 387,584 2007-08-20 09:52:09 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\iedkcs32.dll
    —-a-w 6,066,176 2007-08-20 09:52:12 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\ieframe.dll
    —-a-w 44,544 2007-08-20 09:52:12 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\iernonce.dll
    —-a-w 267,776 2007-08-20 09:52:13 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\iertutil.dll
    —-a-w 13,824 2007-08-17 10:14:48 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\ieudinit.exe
    —-a-w 625,152 2007-08-17 10:15:00 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\iexplore.exe
    —-a-w 27,648 2007-08-20 09:52:14 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\jsproxy.dll
    —-a-w 459,264 2007-08-20 09:52:14 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\msfeeds.dll
    —-a-w 52,224 2007-08-20 09:52:14 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\msfeedsbs.dll
    —-a-w 3,592,192 2007-08-20 09:52:16 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\mshtml.dll
    —-a-w 478,208 2007-08-20 09:52:16 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\mshtmled.dll
    —-a-w 193,024 2007-08-20 09:52:17 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\msrating.dll
    —-a-w 671,232 2007-08-20 09:52:17 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\mstime.dll
    —-a-w 102,400 2007-08-20 09:52:17 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\occache.dll
    —-a-w 105,984 2007-08-20 09:52:17 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\url.dll
    —-a-w 1,161,728 2007-08-20 09:52:18 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\urlmon.dll
    —-a-w 232,960 2007-08-20 09:52:18 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\webcheck.dll
    —-a-w 825,344 2007-08-20 09:52:19 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\wininet.dll
    —-a-w 22,752 2007-03-06 01:58:21 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\update\spcustom.dll
    —-a-w 725,728 2007-03-06 01:58:46 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\update\update.exe
    —-a-w 389,856 2007-03-06 01:59:37 C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\update\updspapi.dll
    —-a-w 15,584 2007-03-06 01:58:22 C:\WINDOWS\SoftwareDistribution\Download\44caabfd14cfbbd5a2119d6fd73c197d\spmsg.dll
    —-a-w 216,800 2007-03-06 01:58:28 C:\WINDOWS\SoftwareDistribution\Download\44caabfd14cfbbd5a2119d6fd73c197d\spuninst.exe
    —-a-w 683,520 2007-08-21 06:18:26 C:\WINDOWS\SoftwareDistribution\Download\44caabfd14cfbbd5a2119d6fd73c197d\sp2gdr\inetcomm.dll
    —-a-w 683,520 2007-08-21 06:26:15 C:\WINDOWS\SoftwareDistribution\Download\44caabfd14cfbbd5a2119d6fd73c197d\sp2qfe\inetcomm.dll
    —-a-w 22,752 2007-03-06 01:58:21 C:\WINDOWS\SoftwareDistribution\Download\44caabfd14cfbbd5a2119d6fd73c197d\update\spcustom.dll
    —-a-w 725,728 2007-03-06 01:58:46 C:\WINDOWS\SoftwareDistribution\Download\44caabfd14cfbbd5a2119d6fd73c197d\update\update.exe
    —-a-w 389,856 2007-03-06 01:59:37 C:\WINDOWS\SoftwareDistribution\Download\44caabfd14cfbbd5a2119d6fd73c197d\update\updspapi.dll
    —-a-w 15,584 2005-10-12 23:20:05 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\spmsg.dll
    —-a-w 216,800 2005-10-12 23:20:06 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\spuninst.exe
    —-a-w 584,192 2007-07-09 13:11:51 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\SP2GDR\rpcrt4.dll
    —-a-w 122,880 2007-06-12 21:53:16 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\SP2GDR\spru0413.dll
    —-a-w 582,656 2007-07-09 13:20:52 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\SP2QFE\rpcrt4.dll
    —-a-w 369,664 2007-06-18 22:24:36 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\SP2QFE\spru0413.dll
    —-a-w 22,752 2005-10-12 23:20:04 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\update\spcustom.dll
    —-a-w 725,728 2005-10-12 23:20:09 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\update\update.exe
    —-a-w 389,856 2005-10-12 23:20:15 C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\update\updspapi.dll
    —-a-w 124,928 2007-08-20 10:02:06 C:\WINDOWS\system32\advpack.dll
    —-a-w 214,528 2007-08-20 10:02:06 C:\WINDOWS\system32\dxtrans.dll
    —-a-w 132,608 2007-08-20 10:02:06 C:\WINDOWS\system32\extmgr.dll
    —-a-w 63,488 2007-08-20 10:02:06 C:\WINDOWS\system32\icardie.dll
    —-a-w 63,488 2007-08-17 10:23:18 C:\WINDOWS\system32\ie4uinit.exe
    —-a-w 153,088 2007-08-20 10:02:06 C:\WINDOWS\system32\ieakeng.dll
    —-a-w 230,400 2007-08-20 10:02:06 C:\WINDOWS\system32\ieaksie.dll
    —-a-w 161,792 2007-08-17 07:34:25 C:\WINDOWS\system32\ieakui.dll
    —-a-w 383,488 2007-08-20 10:02:06 C:\WINDOWS\system32\ieapfltr.dll
    —-a-w 384,512 2007-08-20 10:02:06 C:\WINDOWS\system32\iedkcs32.dll
    —-a-w 6,058,496 2007-08-20 10:02:07 C:\WINDOWS\system32\ieframe.dll
    —-a-w 44,544 2007-08-20 10:02:07 C:\WINDOWS\system32\iernonce.dll
    —-a-w 267,776 2007-08-20 10:02:07 C:\WINDOWS\system32\iertutil.dll
    —-a-w 13,824 2007-08-17 10:23:18 C:\WINDOWS\system32\ieudinit.exe
    —-a-w 27,648 2007-08-20 10:02:07 C:\WINDOWS\system32\jsproxy.dll
    —-a-w 18,089,592 2007-09-28 05:19:39 C:\WINDOWS\system32\MRT.exe
    —-a-w 459,264 2007-08-20 10:02:07 C:\WINDOWS\system32\msfeeds.dll
    —-a-w 52,224 2007-08-20 10:02:07 C:\WINDOWS\system32\msfeedsbs.dll
    —-a-w 3,584,512 2007-08-20 10:02:07 C:\WINDOWS\system32\mshtml.dll
    —-a-w 477,696 2007-08-20 10:02:07 C:\WINDOWS\system32\mshtmled.dll
    —-a-w 193,024 2007-08-20 10:02:07 C:\WINDOWS\system32\msrating.dll
    —-a-w 671,232 2007-08-20 10:02:08 C:\WINDOWS\system32\mstime.dll
    —-a-w 102,400 2007-08-20 10:02:08 C:\WINDOWS\system32\occache.dll
    —-a-w 582,656 2007-07-09 13:20:52 C:\WINDOWS\system32\rpcrt4.dll
    —-a-w 105,984 2007-08-20 10:02:08 C:\WINDOWS\system32\url.dll
    —-a-w 1,152,000 2007-08-20 10:02:08 C:\WINDOWS\system32\urlmon.dll
    —-a-w 232,960 2007-08-20 10:02:08 C:\WINDOWS\system32\webcheck.dll
    —-a-w 824,832 2007-08-20 10:02:08 C:\WINDOWS\system32\wininet.dll
    —-a-w 369,664 2007-06-18 22:24:36 C:\WINDOWS\system32\xpsp3res.dll
    -c–a-w 124,928 2007-08-20 10:02:06 C:\WINDOWS\system32\dllcache\advpack.dll
    -c–a-w 214,528 2007-08-20 10:02:06 C:\WINDOWS\system32\dllcache\dxtrans.dll
    -c–a-w 132,608 2007-08-20 10:02:06 C:\WINDOWS\system32\dllcache\extmgr.dll
    -c—-w 63,488 2007-08-20 10:02:06 C:\WINDOWS\system32\dllcache\icardie.dll
    -c–a-w 63,488 2007-08-17 10:23:18 C:\WINDOWS\system32\dllcache\ie4uinit.exe
    -c–a-w 153,088 2007-08-20 10:02:06 C:\WINDOWS\system32\dllcache\ieakeng.dll
    -c–a-w 230,400 2007-08-20 10:02:06 C:\WINDOWS\system32\dllcache\ieaksie.dll
    -c–a-w 161,792 2007-08-17 07:34:25 C:\WINDOWS\system32\dllcache\ieakui.dll
    -c—-w 383,488 2007-08-20 10:02:06 C:\WINDOWS\system32\dllcache\ieapfltr.dll
    -c–a-w 384,512 2007-08-20 10:02:06 C:\WINDOWS\system32\dllcache\iedkcs32.dll
    -c—-w 6,058,496 2007-08-20 10:02:07 C:\WINDOWS\system32\dllcache\ieframe.dll
    -c–a-w 44,544 2007-08-20 10:02:07 C:\WINDOWS\system32\dllcache\iernonce.dll
    -c—-w 267,776 2007-08-20 10:02:07 C:\WINDOWS\system32\dllcache\iertutil.dll
    -c—-w 13,824 2007-08-17 10:23:18 C:\WINDOWS\system32\dllcache\ieudinit.exe
    -c–a-w 625,152 2007-08-17 10:23:36 C:\WINDOWS\system32\dllcache\iexplore.exe
    -c–a-w 683,520 2007-08-21 06:18:26 C:\WINDOWS\system32\dllcache\inetcomm.dll
    -c–a-w 27,648 2007-08-20 10:02:07 C:\WINDOWS\system32\dllcache\jsproxy.dll
    -c—-w 459,264 2007-08-20 10:02:07 C:\WINDOWS\system32\dllcache\msfeeds.dll
    -c—-w 52,224 2007-08-20 10:02:07 C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    -c–a-w 3,584,512 2007-08-20 10:02:07 C:\WINDOWS\system32\dllcache\mshtml.dll
    -c–a-w 477,696 2007-08-20 10:02:07 C:\WINDOWS\system32\dllcache\mshtmled.dll
    -c–a-w 193,024 2007-08-20 10:02:07 C:\WINDOWS\system32\dllcache\msrating.dll
    -c–a-w 671,232 2007-08-20 10:02:08 C:\WINDOWS\system32\dllcache\mstime.dll
    -c–a-w 102,400 2007-08-20 10:02:08 C:\WINDOWS\system32\dllcache\occache.dll
    -c–a-w 582,656 2007-07-09 13:20:52 C:\WINDOWS\system32\dllcache\rpcrt4.dll
    -c–a-w 105,984 2007-08-20 10:02:08 C:\WINDOWS\system32\dllcache\url.dll
    -c–a-w 1,152,000 2007-08-20 10:02:08 C:\WINDOWS\system32\dllcache\urlmon.dll
    -c–a-w 232,960 2007-08-20 10:02:08 C:\WINDOWS\system32\dllcache\webcheck.dll
    -c–a-w 824,832 2007-08-20 10:02:08 C:\WINDOWS\system32\dllcache\wininet.dll
    .
    —-a-r 167,936 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\accicons.exe
    —-a-r 34,304 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\misc.exe
    —-a-r 8,192 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\mspicons.exe
    —-a-r 3,584 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\opwicon.exe
    —-a-r 114,688 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\outicon.exe
    —-a-r 16,384 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\PEicons.exe
    —-a-r 30,720 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\pptico.exe
    —-a-r 22,528 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\unbndico.exe
    —-a-r 45,056 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\wordicon.exe
    —-a-r 90,112 2007-09-20 15:59:05 C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\xlicons.exe
    —-a-w 124,928 2007-06-27 14:11:20 C:\WINDOWS\system32\advpack.dll
    —-a-w 214,528 2006-10-17 10:57:50 C:\WINDOWS\system32\dxtrans.dll
    —-a-w 132,608 2007-06-27 14:11:22 C:\WINDOWS\system32\extmgr.dll
    ——w 61,952 2006-10-17 10:58:20 C:\WINDOWS\system32\icardie.dll
    —-a-w 63,488 2007-06-27 08:27:04 C:\WINDOWS\system32\ie4uinit.exe
    —-a-w 153,088 2007-06-27 14:11:26 C:\WINDOWS\system32\ieakeng.dll
    —-a-w 230,400 2007-06-27 14:11:26 C:\WINDOWS\system32\ieaksie.dll
    —-a-w 161,792 2007-06-27 07:00:33 C:\WINDOWS\system32\ieakui.dll
    —-a-w 383,488 2007-06-27 14:11:29 C:\WINDOWS\system32\ieapfltr.dll
    —-a-w 384,512 2007-06-27 14:11:35 C:\WINDOWS\system32\iedkcs32.dll
    —-a-w 6,058,496 2007-06-27 14:11:53 C:\WINDOWS\system32\ieframe.dll
    —-a-w 44,544 2007-06-27 14:11:53 C:\WINDOWS\system32\iernonce.dll
    —-a-w 267,776 2007-06-27 14:11:55 C:\WINDOWS\system32\iertutil.dll
    —-a-w 13,824 2007-06-27 08:27:05 C:\WINDOWS\system32\ieudinit.exe
    —-a-w 27,648 2007-06-27 14:11:59 C:\WINDOWS\system32\jsproxy.dll
    —-a-w 17,474,680 2007-09-06 02:50:42 C:\WINDOWS\system32\MRT.exe
    —-a-w 459,264 2007-06-27 14:12:00 C:\WINDOWS\system32\msfeeds.dll
    —-a-w 52,224 2007-06-27 14:12:00 C:\WINDOWS\system32\msfeedsbs.dll
    —-a-w 3,583,488 2007-07-19 06:59:22 C:\WINDOWS\system32\mshtml.dll
    —-a-w 477,696 2007-06-27 14:12:12 C:\WINDOWS\system32\mshtmled.dll
    —-a-w 193,024 2007-06-27 14:12:14 C:\WINDOWS\system32\msrating.dll
    —-a-w 671,232 2007-06-27 14:12:21 C:\WINDOWS\system32\mstime.dll
    —-a-w 102,400 2007-06-27 14:12:21 C:\WINDOWS\system32\occache.dll
    —-a-w 581,120 2004-08-04 00:03:20 C:\WINDOWS\system32\rpcrt4.dll
    —-a-w 105,984 2007-06-27 14:12:22 C:\WINDOWS\system32\url.dll
    —-a-w 1,152,000 2007-06-27 14:12:26 C:\WINDOWS\system32\urlmon.dll
    —-a-w 232,960 2007-06-27 14:12:28 C:\WINDOWS\system32\webcheck.dll
    —-a-w 823,808 2007-06-27 14:12:32 C:\WINDOWS\system32\wininet.dll
    —-a-w 266,240 2007-03-09 11:51:35 C:\WINDOWS\system32\xpsp3res.dll
    -c–a-w 124,928 2007-06-27 14:11:20 C:\WINDOWS\system32\dllcache\advpack.dll
    -c–a-w 214,528 2006-10-17 10:57:50 C:\WINDOWS\system32\dllcache\dxtrans.dll
    -c–a-w 132,608 2007-06-27 14:11:22 C:\WINDOWS\system32\dllcache\extmgr.dll
    -c–a-w 63,488 2007-06-27 08:27:04 C:\WINDOWS\system32\dllcache\ie4uinit.exe
    -c–a-w 153,088 2007-06-27 14:11:26 C:\WINDOWS\system32\dllcache\ieakeng.dll
    -c–a-w 230,400 2007-06-27 14:11:26 C:\WINDOWS\system32\dllcache\ieaksie.dll
    -c–a-w 161,792 2007-06-27 07:00:33 C:\WINDOWS\system32\dllcache\ieakui.dll
    -c—-w 383,488 2007-06-27 14:11:29 C:\WINDOWS\system32\dllcache\ieapfltr.dll
    -c–a-w 384,512 2007-06-27 14:11:35 C:\WINDOWS\system32\dllcache\iedkcs32.dll
    -c—-w 6,058,496 2007-06-27 14:11:53 C:\WINDOWS\system32\dllcache\ieframe.dll
    -c–a-w 44,544 2007-06-27 14:11:53 C:\WINDOWS\system32\dllcache\iernonce.dll
    -c—-w 267,776 2007-06-27 14:11:55 C:\WINDOWS\system32\dllcache\iertutil.dll
    -c—-w 13,824 2007-06-27 08:27:05 C:\WINDOWS\system32\dllcache\ieudinit.exe
    -c–a-w 625,152 2007-06-27 08:29:14 C:\WINDOWS\system32\dllcache\iexplore.exe
    -c–a-w 683,520 2007-05-16 15:19:43 C:\WINDOWS\system32\dllcache\inetcomm.dll
    -c–a-w 27,648 2007-06-27 14:11:59 C:\WINDOWS\system32\dllcache\jsproxy.dll
    -c—-w 459,264 2007-06-27 14:12:00 C:\WINDOWS\system32\dllcache\msfeeds.dll
    -c—-w 52,224 2007-06-27 14:12:00 C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    -c–a-w 3,583,488 2007-07-19 06:59:22 C:\WINDOWS\system32\dllcache\mshtml.dll
    -c–a-w 477,696 2007-06-27 14:12:12 C:\WINDOWS\system32\dllcache\mshtmled.dll
    -c–a-w 193,024 2007-06-27 14:12:14 C:\WINDOWS\system32\dllcache\msrating.dll
    -c–a-w 671,232 2007-06-27 14:12:21 C:\WINDOWS\system32\dllcache\mstime.dll
    -c–a-w 102,400 2007-06-27 14:12:21 C:\WINDOWS\system32\dllcache\occache.dll
    -c–a-w 581,120 2004-08-04 00:03:20 C:\WINDOWS\system32\dllcache\rpcrt4.dll
    -c–a-w 105,984 2007-06-27 14:12:22 C:\WINDOWS\system32\dllcache\url.dll
    -c–a-w 1,152,000 2007-06-27 14:12:26 C:\WINDOWS\system32\dllcache\urlmon.dll
    -c–a-w 232,960 2007-06-27 14:12:28 C:\WINDOWS\system32\dllcache\webcheck.dll
    -c–a-w 823,808 2007-06-27 14:12:32 C:\WINDOWS\system32\dllcache\wininet.dll
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-10-06 15:16]
    "AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-04-10 17:44]
    "SpeedTouch USB Diagnostics"="C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2002-11-12 12:02]
    "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" []
    "nwiz"="nwiz.exe" [2003-10-06 15:16 C:\WINDOWS\system32\nwiz.exe]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-03-08 15:54]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" []
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14]
    "iTunesHelper"="D:\Britta\Itunes\iTunesHelper.exe" [2006-02-23 15:45]
    "CreateCD50"="C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" [2002-05-02 19:58]
    "McRegWiz"="C:\PROGRA~1\McAfee.com\Agent\mcregwiz.exe" []
    "VSOCheckTask"="c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" []
    "VirusScan Online"="c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" []
    "MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" []
    "MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\McUpdate.exe" []
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-12-31 13:55]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 15:32 C:\WINDOWS\KHALMNPR.Exe]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:03]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" []
    "Steam"="c:\program files\steam\steam.exe" []
    "SmartBarXP"="D:\Daan\Documenten\SmartBarXP\SmartBarXP.exe" []
    "Eyeball Chat"="C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" []
    "BitTorrent"="D:\Daan\Documenten\bittorrent.exe" []
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-23 10:18]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 18:34]
    "Adru"="C:\PROGRA~1\YSTEM~1\javaw.exe" []

    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
    Adobe Reader Snelle start.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
    Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-09-23 10:18:45]
    Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-09-03 17:32:07]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    "Notification Packages"= scecli scecli

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
    @=""

    R1 cdudf_xp;cdudf_xp;C:\WINDOWS\system32\drivers\cdudf_xp.sys
    R1 pwd_2k;pwd_2k;C:\WINDOWS\system32\drivers\pwd_2k.sys
    R1 UdfReadr_xp;UdfReadr_xp;C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
    R2 Devx;Devx;C:\WINDOWS\system32\drivers\Devx.sys
    R2 VtPr;VtPr;C:\WINDOWS\system32\drivers\VtPr.sys
    R3 mmc_2K;mmc_2K;C:\WINDOWS\system32\drivers\mmc_2K.sys
    S3 BRGSp50;BRGSp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\BRGSp50.sys
    S3 dvd_2K;dvd_2K;C:\WINDOWS\system32\drivers\dvd_2K.sys
    S3 hitmanpro2;Hitman Pro 2 Driver;\??\C:\Program Files\Hitman Pro\hitmanpro2.sys
    S3 NaiFiltr;NaiFiltr;C:\WINDOWS\system32\DRIVERS\NaiFiltr.sys
    S3 psquery;psquery;\??\C:\Program Files\psquery\psquery.sys
    S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys

    .
    Inhoud van de 'Gedeelde Taken' map
    "2007-06-23 04:54:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-10-11 14:45:00 C:\WINDOWS\Tasks\Controle op updates door McAfee.com (WOONKAMER-Britta).job"
    - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    "2007-10-11 14:48:00 C:\WINDOWS\Tasks\Controle op updates door McAfee.com (WOONKAMER-Daan).job"
    - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    "2007-10-11 14:47:00 C:\WINDOWS\Tasks\Controle op updates door McAfee.com (WOONKAMER-Niels).job"
    - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    "2007-10-11 14:45:00 C:\WINDOWS\Tasks\Controle op updates door McAfee.com (WOONKAMER-Reinier).job"
    - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    "2007-10-05 18:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen - Reinier.job"
    - C:\PROGRA~1\NORTON~1\Navw32.exe
    .
    **************************************************************************

    catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-10-11 16:48:40
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    Voltooingstijd: 2007-10-11 16:49:33
    C:\ComboFix-quarantined-files.txt … 2007-10-08 06:56
    C:\ComboFix2.txt … 2007-10-08 06:57
    C:\ComboFix3.txt … 2007-10-07 11:45
    .
    — E O F —
  • Combofix wordt bijna (meermaals) daags geupdate. Detectie en verwijdering voor nieuwe infecties, eventuele bugjes die er uit gehaald worden..

    Doe dit:
    Opruiming van cookies en tijdelijke internetbestanden:
    Sluit alle open vensters van Internet Explorer.
    Ga naar Start en klik op "Configuratiescherm" en dubbelklik op "Internet-opties".
    Het venster "Eigenschappen voor Internet" zal openen.
    Ga naar het tabblad "Algemeen".
    Bij "Browsergeschiedenis" klik je op de knop "Verwijderen".
    Een nieuw venster zal open: Browsergeschiedenis verwijderen.
    Klik onderaan op de knop "Alles verwijderen". In het venster dat nu opent plaats je een vinkje bij "Ook bestanden en instellingen die door invoegtoepassingen zijn opgeslagen, verwijderen".
    Klik op Ja.
    Dit verwijdert de tijdelijke internetbestanden, de cookies, de surfgeschiedenis, de opgeslagen informatie die je in formulieren hebt opgegeven en de opgeslagen wachtwoorden die automatisch worden ingevuld als je je aanmeldt bij een website die je eerder hebt bezocht.
    Indien je deze laatste 2 (formuliergegevens en wachtwoorden) liever niet verwijderd, dan klik je niet op alles verwijderen maar enkel op deze:
    - bij Tijdelijke internetbestanden op Bestanden verwijderen.
    - bij Cookies op Cookies verwijderen.
    - bij Geschiedenis op Geschiedenis verwijderen.

    Blokkeer ook nog de indirecte of third party cookies:
    Op het tabblad Privacy klik je op de knop geavanceerd.
    Plaats een vinkje bij "Automatische cookie-verwerking opheffen".
    Bij Directe cookies zorg je dat "Accepteren" aangeduid is.
    Bij Indirecte cookies kies je voor "Blokkeren".
    Klik op OK.
    Wanneer dit gebeurd is, sluit je het venster "Eigenschappen voor Internet".

    Opruiming van andere tijdelijke mappen en de prullenbak leegmaken:
    Sluit alle open vensters.
    Ga naar Start, kies Uitvoeren en tik in: cleanmgr
    Druk daarna op OK en Schijfopruiming zal gestart worden.
    Indien je meerdere partities hebt kies je de partitie waarop Windows geïnstalleerd is.
    Laat nu je systeem scannen op bestanden die verwijderd kunnen worden.
    Wanneer het overzicht verschijnt zorg je dat enkel de volgende items aangevinkt zijn:
    - Tijdelijke internetbestanden
    - Prullenbak
    - Tijdelijke bestanden
    Klik daarna op OK.

    Download [b:b445b30a25]Dr.Web CureIt[/b:b445b30a25] en plaats het op je bureaublad: [b:b445b30a25]cureit.exe[/b:b445b30a25].

    Dubbelklik op cureit.exe, en klik daarna op [b:b445b30a25]Start[/b:b445b30a25] om een snelle scan te laten uitvoeren.
    Dit zal de bestanden scannen die momenteel in het geheugen geladen zijn en wanneer er iets gevonden wordt, laat je CureIt dit repareren.
    - Verschijnt er een venster met een aanbieding tot kopen met 50% korting, dan klik je deze weg met het kruisje.
    Daarna zal het hoofdvenster zichtbaar worden.
    - Kies bovenaan in het menu voor [b:b445b30a25]Taal[/b:b445b30a25] en wijzig deze naar [b:b445b30a25]Dutch(nederlands)[/b:b445b30a25], indien deze bij jou anders staat ingesteld.
    - Kies daarna voor [b:b445b30a25]Acties[/b:b445b30a25] en stel het volgende in:
    Adware: [b:b445b30a25]Verplaats[/b:b445b30a25]
    Dialers: [b:b445b30a25]Verplaats[/b:b445b30a25]
    Jokes: [b:b445b30a25]Rapportage[/b:b445b30a25]
    Riskware: [b:b445b30a25]Rapportage[/b:b445b30a25]
    Hacktools: [b:b445b30a25]Verplaats[/b:b445b30a25]
    Haal dan het vinkje weg bij [b:b445b30a25]Prompt bij actie[/b:b445b30a25].
    Druk dan op [b:b445b30a25]OK[/b:b445b30a25].
    - Kies [b:b445b30a25]Opties[/b:b445b30a25] - [b:b445b30a25]Instellingen veranderen[/b:b445b30a25] en verwijder het vinkje bij [b:b445b30a25]Heuristic analyse[/b:b445b30a25].
    - Druk daarna op [b:b445b30a25]OK[/b:b445b30a25].

    Terug in het hoofdvenster kan je de drives selecteren die je wilt laten scannen.
    - Selecteer hier alle drives. Een rood bolletje zal dan tevoorschijn komen op de drives die je laat scannen.
    - Klik daarna op de [b:b445b30a25]groene pijl[/b:b445b30a25] rechts, om de scan te starten.
    Dit zal geïnfecteerde bestanden verplaatsen naar de volgende map %userprofile%\DoctorWeb\[b:b445b30a25]Quarantine[/b:b445b30a25]\ indien deze niet gedesinfecteerd kunnen worden.
    - Als de scan gereed is kies je bovenaan voor [b:b445b30a25]Bestand[/b:b445b30a25] - [b:b445b30a25]Rapportagelijst opslaan[/b:b445b30a25]. Bewaar de log van Dr.web CureIt op je bureaublad.
    - Sluit daarna Dr.Web Cureit.

    [b:b445b30a25]Herstart je computer!![/b:b445b30a25] Dit een belangrijke stap, want het kan zijn dat Dr.Web Cureit bestanden zal verplaatsen/verwijderen tijdens een herstart.
    Na het herstarten, Kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post.
    Post ook een nieuw logje van Hijackthis en een nieuwe log van Combofix.
  • Okeej komt ie:

    Dr. Web:

    eSetup.exe C:\ BackDoor.Slh Verwijderd.
    A0003550.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.Proxy.493 Verwijderd.
    A0003551.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.Proxy.493 Verwijderd.
    A0003552.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Tool.MessenPass Verplaatst.
    A0003553.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Ttc Verplaatst.
    A0003554.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.Ttc Verplaatst.
    A0003555.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.StartPage.19992 Verwijderd.
    A0003556.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.22753 Verwijderd.
    A0003557.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.MulDrop.origin Niet repareerbaar.Verplaatst.
    A0003558.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.31817 Verwijderd.
    A0003559.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.31817 Verwijderd.
    A0003560.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.StartPage.19993 Verwijderd.
    A0003561.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.DownLoader.34102 Verwijderd.
    A0003562.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.EzulaAd Verwijderd.
    A0003563.dll C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Adware.ClickSpring.origin Verplaatst.
    A0003564.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP10 Trojan.EzulaAd Verwijderd.
    A0005001.exe C:\System Volume Information\_restore{48A4EEE2-EFC6-4E8B-85A9-ACDE1CB1CA6E}\RP16 BackDoor.Slh Verwijderd.

    Combofix:

    ComboFix 07-10-12.4 - Daan 2007-10-14 15:57:47.4 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.219 [GMT 2:00]
    Gestart vanuit: C:\Documents and Settings\Daan\Bureaublad\ComboFix.exe
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((( Bestanden Gemaakt van 2007-09-14 to 2007-10-14 ))))))))))))))))))))))))))))))
    .

    2007-10-12 13:41 <DIR> d——– C:\Program Files\Windows Media Connect 2
    2007-10-07 22:20 <DIR> d——– C:\Documents and Settings\Daan\DoctorWeb
    2007-09-28 23:24 <DIR> d——– C:\VundoFix Backups
    2007-09-28 15:46 <DIR> d——– C:\Deckard
    2007-09-26 20:37 <DIR> d——– C:\Program Files\Jamdat
    2007-09-26 19:15 51,200 –a—— C:\WINDOWS\NirCmd.exe
    2007-09-25 22:20 <DIR> d——– C:\Program Files\Trend Micro
    2007-09-25 22:17 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Avg7
    2007-09-25 15:23 207 –a—— C:\Documents and Settings\Daan\2977.bat
    2007-09-25 07:52 207 –a—— C:\Documents and Settings\Daan\2813.bat
    2007-09-24 23:28 <DIR> d——– C:\Program Files\Temporary
    2007-09-24 23:28 207 –a—— C:\Documents and Settings\Daan\4992.bat
    2007-09-24 23:13 <DIR> d——– C:\WINDOWS\system32\UPC1
    2007-09-24 23:13 <DIR> d——– C:\WINDOWS\system32\Dr3
    2007-09-24 23:13 <DIR> d——– C:\Documents and Settings\LocalService\Application Data\NetMon
    2007-09-24 23:13 109,585 –a—— C:\WINDOWS\system32\ps.exe
    2007-09-24 23:13 9,814 –a—— C:\WINDOWS\system32\app.exe
    2007-09-24 23:13 207 –a—— C:\WINDOWS\system32\9774.bat
    2007-09-24 22:06 147,456 –a—— C:\WINDOWS\system32\vbzip10.dll
    2007-09-24 22:06 0 –a—— C:\WINDOWS\system32\taskkill.exe
    2007-09-23 21:07 <DIR> d——– C:\Program Files\VstPlugins
    2007-09-23 21:07 225,280 –a—— C:\WINDOWS\system32\rewire.dll
    2007-09-23 21:02 <DIR> d——– C:\Program Files\Image-Line
    2007-09-23 15:12 <DIR> d——– C:\Documents and Settings\Daan\Application Data\Syntrillium
    2007-09-23 14:42 4,608 –a—— C:\WINDOWS\system32\W95INF32.DLL
    2007-09-23 14:42 2,272 –a—— C:\WINDOWS\system32\W95INF16.DLL
    2007-09-23 10:18 <DIR> d——– C:\Program Files\Google
    2007-09-23 10:18 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Google Updater
    2007-09-20 17:55 <DIR> d——– C:\Documents and Settings\Niels\Application Data\Logitech
    2007-09-14 18:32 <DIR> d——– C:\Documents and Settings\Daan\Application Data\NCH Swift Sound
    2007-09-14 18:27 <DIR> d——– C:\Program Files\NCH Swift Sound

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-10-07 21:09 ——— d—–w C:\Program Files\psquery
    2007-10-07 09:39 ——— d—–w C:\Program Files\MSN Messenger
    2007-09-26 18:54 ——— d—–w C:\Program Files\Microsoft ActiveSync
    2007-09-25 16:14 ——— d—–w C:\Program Files\AdSponsorCL
    2007-09-10 21:13 ——— d—–w C:\Documents and Settings\Reinier\Application Data\Logitech
    2007-09-10 20:20 ——— d—–w C:\Program Files\LimeWire
    2007-09-10 14:46 ——— d—–w C:\Program Files\Java
    2007-09-05 13:42 ——— d—–w C:\Program Files\Norton Security Scan
    2007-09-03 16:20 ——— d—–w C:\Program Files\Common Files\Symantec Shared
    2007-09-03 15:34 ——— d—–w C:\Program Files\Common Files\LogiShared
    2007-09-03 15:34 ——— d—–w C:\Documents and Settings\Daan\Application Data\Logitech
    2007-09-03 15:34 ——— d—–w C:\Documents and Settings\Daan\Application Data\Leadertech
    2007-09-03 15:33 0 —ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2007-09-03 15:33 0 —ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
    2007-09-03 15:33 0 —ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
    2007-09-03 15:32 ——— d—–w C:\Program Files\Common Files\Logitech
    2007-09-03 15:31 ——— d–h–w C:\Program Files\InstallShield Installation Information
    2007-09-03 15:31 ——— d—–w C:\Program Files\Logitech
    2007-09-03 15:31 ——— d—–w C:\Documents and Settings\Daan\Application Data\InstallShield
    2007-09-03 15:31 ——— d—–w C:\Documents and Settings\All Users\Application Data\Logitech
    2007-09-03 15:31 ——— d—–w C:\Documents and Settings\All Users\Application Data\LogiShrd
    2007-08-21 06:18 683,520 —-a-w C:\WINDOWS\system32\inetcomm.dll
    2007-08-15 21:10 ——— d—–w C:\Program Files\MSXML 4.0
    2007-07-30 17:19 92,504 —-a-w C:\WINDOWS\system32\cdm.dll
    2007-07-30 17:19 549,720 —-a-w C:\WINDOWS\system32\wuapi.dll
    2007-07-30 17:19 53,080 —-a-w C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 17:19 43,352 —-a-w C:\WINDOWS\system32\wups2.dll
    2007-07-30 17:19 325,976 —-a-w C:\WINDOWS\system32\wucltui.dll
    2007-07-30 17:19 271,224 —-a-w C:\WINDOWS\system32\mucltui.dll
    2007-07-30 17:19 207,736 —-a-w C:\WINDOWS\system32\muweb.dll
    2007-07-30 17:19 203,096 —-a-w C:\WINDOWS\system32\wuweb.dll
    2007-07-30 17:19 1,712,984 —-a-w C:\WINDOWS\system32\wuaueng.dll
    2007-07-30 17:18 33,624 —-a-w C:\WINDOWS\system32\wups.dll
    2007-06-08 09:23 26,152 —-a-w C:\Documents and Settings\Niels\Application Data\GDIPFONTCACHEV1.DAT
    2007-05-27 10:44 26,152 —-a-w C:\Documents and Settings\Reinier\Application Data\GDIPFONTCACHEV1.DAT
    2006-11-26 11:22 139,489 —-a-w C:\Documents and Settings\Niels\mc2.exe
    2006-11-21 18:34 206 ——w C:\Program Files\MNInetModule.log
    2006-11-21 18:34 194 ——w C:\Program Files\MNWMRM.log
    2006-11-05 14:05 17,920 —-a-w C:\Documents and Settings\Britta\Application Data\GDIPFONTCACHEV1.DAT
    2006-08-18 18:58 17,920 —-a-w C:\Documents and Settings\Daan\Application Data\GDIPFONTCACHEV1.DAT
    2005-07-29 14:24:26 472 –sha-r C:\WINDOWS\RGVuIFVpamw\l3pRKIpDuAT.vbs
    .

    ((((((((((((((((((((((((((((( snapshot@2007-10-07_11.44.55.93 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2007-08-20 09:52:08 124,928 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\advpack.dll
    + 2007-08-20 09:52:19 214,528 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\dxtrans.dll
    + 2007-08-20 09:52:08 132,608 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\extmgr.dll
    + 2007-08-20 09:52:08 63,488 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\icardie.dll
    + 2007-08-17 10:14:47 70,656 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe
    + 2007-08-20 09:52:09 153,088 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakeng.dll
    + 2007-08-20 09:52:09 230,400 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieaksie.dll
    + 2007-08-17 07:29:55 161,792 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakui.dll
    + 2007-04-17 09:32:38 2,455,488 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dat
    + 2007-08-20 09:52:09 383,488 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dll
    + 2007-08-20 09:52:09 387,584 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iedkcs32.dll
    + 2007-08-20 09:52:12 6,066,176 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieframe.dll
    + 2007-08-20 09:52:12 44,544 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iernonce.dll
    + 2007-08-20 09:52:13 267,776 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iertutil.dll
    + 2007-08-17 10:14:48 13,824 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe
    + 2007-08-17 10:15:00 625,152 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe
    + 2007-08-20 09:52:14 27,648 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\jsproxy.dll
    + 2007-08-20 09:52:14 459,264 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msfeeds.dll
    + 2007-08-20 09:52:14 52,224 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msfeedsbs.dll
    + 2007-08-20 09:52:16 3,592,192 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll
    + 2007-08-20 09:52:16 478,208 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mshtmled.dll
    + 2007-08-20 09:52:17 193,024 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msrating.dll
    + 2007-08-20 09:52:17 671,232 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mstime.dll
    + 2007-08-20 09:52:17 102,400 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\occache.dll
    + 2007-08-20 09:52:17 105,984 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\url.dll
    + 2007-08-20 09:52:18 1,161,728 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\urlmon.dll
    + 2007-08-20 09:52:18 232,960 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\webcheck.dll
    + 2007-08-20 09:52:19 825,344 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
    + 2007-03-06 01:58:22 15,584 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\spmsg.dll
    + 2007-03-06 01:58:28 216,800 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\spuninst.exe
    + 2007-03-06 01:58:21 22,752 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\spcustom.dll
    + 2007-03-06 01:58:46 725,728 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\update.exe
    + 2007-03-06 01:59:37 389,856 —-a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\updspapi.dll
    + 2007-08-21 06:26:15 683,520 —-a-w C:\WINDOWS\$hf_mig$\KB941202\SP2QFE\inetcomm.dll
    + 2007-03-06 01:58:22 15,584 —-a-w C:\WINDOWS\$hf_mig$\KB941202\spmsg.dll
    + 2007-03-06 01:58:28 216,800 —-a-w C:\WINDOWS\$hf_mig$\KB941202\spuninst.exe
    + 2007-03-06 01:58:21 22,752 —-a-w C:\WINDOWS\$hf_mig$\KB941202\update\spcustom.dll
    + 2007-03-06 01:58:46 725,728 —-a-w C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
    + 2007-03-06 01:59:37 389,856 —-a-w C:\WINDOWS\$hf_mig$\KB941202\update\updspapi.dll
    + 2005-10-12 23:12:26 213,216 -c—-w C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe
    + 2005-10-12 23:12:33 371,424 -c—-w C:\WINDOWS\$NtUninstallKB926239$\spuninst\updspapi.dll
    + 2006-10-18 19:47:16 414,208 -c—-w C:\WINDOWS\$NtUninstallKB929399$\msscp.dll
    + 2005-06-28 08:23:26 213,216 -c—-w C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe
    + 2005-06-28 08:23:54 371,424 -c—-w C:\WINDOWS\$NtUninstallKB929399$\spuninst\updspapi.dll
    + 2004-08-04 00:03:20 581,120 -c—-w C:\WINDOWS\$NtUninstallKB933729$\rpcrt4.dll
    + 2005-10-12 23:20:06 216,800 -c—-w C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe
    + 2005-10-12 23:20:15 389,856 -c—-w C:\WINDOWS\$NtUninstallKB933729$\spuninst\updspapi.dll
    + 2007-03-09 11:51:35 266,240 -c—-w C:\WINDOWS\$NtUninstallKB933729$\xpsp3res.dll
    + 2005-06-28 08:23:40 216,800 -c—-w C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe
    + 2005-06-28 08:23:54 371,424 -c—-w C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\updspapi.dll
    + 2006-10-18 19:47:20 10,834,432 -c—-w C:\WINDOWS\$NtUninstallKB936782_WMP11$\wmp.dll
    + 2005-06-28 08:23:40 216,800 -c—-w C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe
    + 2005-06-28 08:23:54 371,424 -c—-w C:\WINDOWS\$NtUninstallKB939683$\spuninst\updspapi.dll
    + 2006-11-02 20:52:44 316,416 -c—-w C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe
    + 2007-05-16 15:19:43 683,520 -c—-w C:\WINDOWS\$NtUninstallKB941202$\inetcomm.dll
    + 2007-03-06 01:58:28 216,800 -c—-w C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe
    + 2007-03-06 01:59:37 389,856 -c—-w C:\WINDOWS\$NtUninstallKB941202$\spuninst\updspapi.dll
    + 2006-05-09 18:45:20 304,640 -c—-w C:\WINDOWS\$NtUninstallMSCompPackV1$\msdelta.dll
    + 2006-09-25 15:58:48 221,488 -c—-w C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe
    + 2006-09-25 15:58:48 379,184 -c—-w C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\updspapi.dll
    - 2006-03-10 19:21:04 213,216 -c-h–w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe
    + 2006-09-15 23:05:22 221,488 -c—-w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe
    - 2006-03-10 19:21:04 371,424 -c-h–w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\updspapi.dll
    + 2006-09-15 23:05:22 379,184 -c—-w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\updspapi.dll
    - 2006-04-11 12:29:30 69,120 -c-h–w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\WudfCustom.dll
    + 2006-09-28 17:01:52 58,368 -c—-w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\WudfCustom.dll
    + 2006-04-11 12:30:44 93,752 -c—-w C:\WINDOWS\$NtUninstallWudf01000$\wudfcoinstaller.dll
    + 2006-04-11 12:27:18 130,048 -c—-w C:\WINDOWS\$NtUninstallWudf01000$\wudfhost.exe
    + 2006-04-11 12:26:38 82,944 -c—-w C:\WINDOWS\$NtUninstallWudf01000$\wudfpf.sys
    + 2006-04-11 12:26:44 158,208 -c—-w C:\WINDOWS\$NtUninstallWudf01000$\wudfplatform.dll
    + 2006-04-11 12:29:18 87,808 -c—-w C:\WINDOWS\$NtUninstallWudf01000$\wudfrd.sys
    + 2006-04-11 12:26:56 54,272 -c—-w C:\WINDOWS\$NtUninstallWudf01000$\wudfsvc.dll
    + 2006-04-11 12:27:18 304,640 -c—-w C:\WINDOWS\$NtUninstallWudf01000$\wudfx.dll
    + 2006-10-04 14:05:26 39,424 ——w C:\WINDOWS\AppPatch\acadproc.dll
    + 2007-06-27 14:11:20 124,928 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\advpack.dll
    + 2006-10-17 10:57:50 214,528 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\dxtrans.dll
    + 2007-06-27 14:11:22 132,608 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\extmgr.dll
    + 2006-10-17 10:58:20 61,952 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\icardie.dll
    + 2007-06-27 08:27:04 63,488 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\ie4uinit.exe
    + 2007-06-27 14:11:26 153,088 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\ieakeng.dll
    + 2007-06-27 14:11:26 230,400 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\ieaksie.dll
    + 2007-06-27 07:00:33 161,792 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\ieakui.dll
    + 2007-06-27 14:11:29 383,488 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\ieapfltr.dll
    + 2007-06-27 14:11:35 384,512 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\iedkcs32.dll
    + 2007-06-27 14:11:53 6,058,496 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\ieframe.dll
    + 2007-06-27 14:11:53 44,544 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\iernonce.dll
    + 2007-06-27 14:11:55 267,776 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\iertutil.dll
    + 2007-06-27 08:27:05 13,824 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\ieudinit.exe
    + 2007-06-27 08:29:14 625,152 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\iexplore.exe
    + 2007-06-27 14:11:59 27,648 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\jsproxy.dll
    + 2007-06-27 14:12:00 459,264 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\msfeeds.dll
    + 2007-06-27 14:12:00 52,224 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\msfeedsbs.dll
    + 2007-07-19 06:59:22 3,583,488 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\mshtml.dll
    + 2007-06-27 14:12:12 477,696 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\mshtmled.dll
    + 2007-06-27 14:12:14 193,024 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\msrating.dll
    + 2007-06-27 14:12:21 671,232 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\mstime.dll
    + 2007-06-27 14:12:21 102,400 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\occache.dll
    + 2007-03-06 01:58:28 216,800 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe
    + 2007-03-06 01:59:37 389,856 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\updspapi.dll
    + 2007-06-27 14:12:22 105,984 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\url.dll
    + 2007-06-27 14:12:26 1,152,000 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\urlmon.dll
    + 2007-06-27 14:12:28 232,960 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\webcheck.dll
    + 2007-06-27 14:12:32 823,808 -c—-w C:\WINDOWS\ie7updates\KB939653-IE7\wininet.dll
    - 2006-05-10 01:15:38 181,248 —ha-w C:\WINDOWS\inf\unregmp2.exe
    + 2007-06-27 13:57:10 317,952 —ha-w C:\WINDOWS\inf\unregmp2.exe
    - 2007-09-20 15:59:05 167,936 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\accicons.exe
    + 2007-10-08 04:49:12 167,936 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\accicons.exe
    - 2007-09-20 15:59:05 34,304 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\misc.exe
    + 2007-10-08 04:49:12 34,304 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\misc.exe
    - 2007-09-20 15:59:05 8,192 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\mspicons.exe
    + 2007-10-08 04:49:12 8,192 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\mspicons.exe
    - 2007-09-20 15:59:05 3,584 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\opwicon.exe
    + 2007-10-08 04:49:12 3,584 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\opwicon.exe
    - 2007-09-20 15:59:05 114,688 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\outicon.exe
    + 2007-10-08 04:49:12 114,688 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\outicon.exe
    - 2007-09-20 15:59:05 16,384 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\PEicons.exe
    + 2007-10-08 04:49:12 16,384 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\PEicons.exe
    - 2007-09-20 15:59:05 30,720 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\pptico.exe
    + 2007-10-08 04:49:12 30,720 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\pptico.exe
    - 2007-09-20 15:59:05 22,528 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\unbndico.exe
    + 2007-10-08 04:49:12 22,528 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\unbndico.exe
    - 2007-09-20 15:59:05 45,056 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\wordicon.exe
    + 2007-10-08 04:49:12 45,056 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\wordicon.exe
    - 2007-09-20 15:59:05 90,112 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\xlicons.exe
    + 2007-10-08 04:49:12 90,112 —-a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\xlicons.exe
    + 2005-06-28 08:20:24 13,536 —-a-w C:\WINDOWS\SoftwareDistribution\Download\12666915ebbbca1aacbfe3d5d9d15aab\spmsg.dll
    + 2005-06-28 08:23:40 216,800 —-a-w C:\WINDOWS\SoftwareDistribution\Download\12666915ebbbca1aacbfe3d5d9d15aab\spuninst.exe
    + 2005-06-28 08:21:34 22,752 —-a-w C:\WINDOWS\SoftwareDistribution\Download\12666915ebbbca1aacbfe3d5d9d15aab\spupdsvc.exe
    + 2005-06-28 08:25:04 725,728 —-a-w C:\WINDOWS\SoftwareDistribution\Download\12666915ebbbca1aacbfe3d5d9d15aab\update\update.exe
    + 2005-06-28 08:23:54 371,424 —-a-w C:\WINDOWS\SoftwareDistribution\Download\12666915ebbbca1aacbfe3d5d9d15aab\update\updspapi.dll
    + 2007-06-11 21:51:12 10,834,944 —-a-w C:\WINDOWS\SoftwareDistribution\Download\12666915ebbbca1aacbfe3d5d9d15aab\wmp.dll
    + 2007-08-20 10:02:06 124,928 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\advpack.dll
    + 2007-08-20 10:02:06 214,528 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\dxtrans.dll
    + 2007-08-20 10:02:06 132,608 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\extmgr.dll
    + 2007-08-20 10:02:06 63,488 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\icardie.dll
    + 2007-08-17 10:23:18 63,488 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\ie4uinit.exe
    + 2007-08-20 10:02:06 153,088 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\ieakeng.dll
    + 2007-08-20 10:02:06 230,400 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\ieaksie.dll
    + 2007-08-17 07:34:25 161,792 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\ieakui.dll
    + 2007-08-20 10:02:06 383,488 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\ieapfltr.dll
    + 2007-08-20 10:02:06 384,512 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\iedkcs32.dll
    + 2007-08-20 10:02:07 6,058,496 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\ieframe.dll
    + 2007-08-20 10:02:07 44,544 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\iernonce.dll
    + 2007-08-20 10:02:07 267,776 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\iertutil.dll
    + 2007-08-17 10:23:18 13,824 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\ieudinit.exe
    + 2007-08-17 10:23:36 625,152 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\iexplore.exe
    + 2007-08-20 10:02:07 27,648 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\jsproxy.dll
    + 2007-08-20 10:02:07 459,264 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\msfeeds.dll
    + 2007-08-20 10:02:07 52,224 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\msfeedsbs.dll
    + 2007-08-20 10:02:07 3,584,512 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\mshtml.dll
    + 2007-08-20 10:02:07 477,696 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\mshtmled.dll
    + 2007-08-20 10:02:07 193,024 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\msrating.dll
    + 2007-08-20 10:02:08 671,232 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\mstime.dll
    + 2007-08-20 10:02:08 102,400 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\occache.dll
    + 2007-08-20 10:02:08 105,984 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\url.dll
    + 2007-08-20 10:02:08 1,152,000 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\urlmon.dll
    + 2007-08-20 10:02:08 232,960 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\webcheck.dll
    + 2007-08-20 10:02:08 824,832 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2gdr\wininet.dll
    + 2007-08-20 09:52:08 124,928 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\advpack.dll
    + 2007-08-20 09:52:19 214,528 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\dxtrans.dll
    + 2007-08-20 09:52:08 132,608 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\extmgr.dll
    + 2007-08-20 09:52:08 63,488 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\icardie.dll
    + 2007-08-17 10:14:47 70,656 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\ie4uinit.exe
    + 2007-08-20 09:52:09 153,088 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\ieakeng.dll
    + 2007-08-20 09:52:09 230,400 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\ieaksie.dll
    + 2007-08-17 07:29:55 161,792 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\ieakui.dll
    + 2007-04-17 09:32:38 2,455,488 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\ieapfltr.dat
    + 2007-08-20 09:52:09 383,488 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\ieapfltr.dll
    + 2007-08-20 09:52:09 387,584 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\iedkcs32.dll
    + 2007-08-20 09:52:12 6,066,176 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\ieframe.dll
    + 2007-08-20 09:52:12 44,544 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\iernonce.dll
    + 2007-08-20 09:52:13 267,776 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\iertutil.dll
    + 2007-08-17 10:14:48 13,824 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\ieudinit.exe
    + 2007-08-17 10:15:00 625,152 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\iexplore.exe
    + 2007-08-20 09:52:14 27,648 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\jsproxy.dll
    + 2007-08-20 09:52:14 459,264 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\msfeeds.dll
    + 2007-08-20 09:52:14 52,224 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\msfeedsbs.dll
    + 2007-08-20 09:52:16 3,592,192 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\mshtml.dll
    + 2007-08-20 09:52:16 478,208 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\mshtmled.dll
    + 2007-08-20 09:52:17 193,024 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\msrating.dll
    + 2007-08-20 09:52:17 671,232 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\mstime.dll
    + 2007-08-20 09:52:17 102,400 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\occache.dll
    + 2007-08-20 09:52:17 105,984 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\url.dll
    + 2007-08-20 09:52:18 1,161,728 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\urlmon.dll
    + 2007-08-20 09:52:18 232,960 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\webcheck.dll
    + 2007-08-20 09:52:19 825,344 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\sp2qfe\wininet.dll
    + 2007-03-06 01:58:22 15,584 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\spmsg.dll
    + 2007-03-06 01:58:28 216,800 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\spuninst.exe
    + 2007-03-06 01:58:21 22,752 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\update\spcustom.dll
    + 2007-03-06 01:58:46 725,728 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\update\update.exe
    + 2007-03-06 01:59:37 389,856 —-a-w C:\WINDOWS\SoftwareDistribution\Download\21905803cf7322875a62c6059da88f86\update\updspapi.dll
    + 2007-08-21 06:18:26 683,520 —-a-w C:\WINDOWS\SoftwareDistribution\Download\44caabfd14cfbbd5a2119d6fd73c197d\sp2gdr\inetcomm.dll
    + 2007-08-21 06:26:15 683,520 —-a-w C:\WINDOWS\SoftwareDistribution\Download\44caabfd14cfbbd5a2119d6fd73c197d\sp2qfe\inetcomm.dll
    + 2007-03-06 01:58:22 15,584 —-a-w C:\WINDOWS\SoftwareDistribution\Download\44caabfd14cfbbd5a2119d6fd73c197d\spmsg.dll
    + 2007-03-06 01:58:28 216,800 —-a-w C:\WINDOWS\SoftwareDistribution\Download\44caabfd14cfbbd5a2119d6fd73c197d\spuninst.exe
    + 2007-03-06 01:58:21 22,752 —-a-w C:\WINDOWS\SoftwareDistribution\Download\44caabfd14cfbbd5a2119d6fd73c197d\update\spcustom.dll
    + 2007-03-06 01:58:46 725,728 —-a-w C:\WINDOWS\SoftwareDistribution\Download\44caabfd14cfbbd5a2119d6fd73c197d\update\update.exe
    + 2007-03-06 01:59:37 389,856 —-a-w C:\WINDOWS\SoftwareDistribution\Download\44caabfd14cfbbd5a2119d6fd73c197d\update\updspapi.dll
    + 2007-07-09 13:11:51 584,192 —-a-w C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\SP2GDR\rpcrt4.dll
    + 2007-06-12 21:53:16 122,880 —-a-w C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\SP2GDR\spru0413.dll
    + 2007-07-09 13:20:52 582,656 —-a-w C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\SP2QFE\rpcrt4.dll
    + 2007-06-18 22:24:36 369,664 —-a-w C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\SP2QFE\spru0413.dll
    + 2005-10-12 23:20:05 15,584 —-a-w C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\spmsg.dll
    + 2005-10-12 23:20:06 216,800 —-a-w C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\spuninst.exe
    + 2005-10-12 23:20:04 22,752 —-a-w C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\update\spcustom.dll
    + 2005-10-12 23:20:09 725,728 —-a-w C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\update\update.exe
    + 2005-10-12 23:20:15 389,856 —-a-w C:\WINDOWS\SoftwareDistribution\Download\884c97e4892c28e282b7cfc6cc18997b\update\updspapi.dll
    + 2005-06-28 08:20:24 13,536 —-a-w C:\WINDOWS\SoftwareDistribution\Download\b6030cc9bdf016294e4bc50904635316\spmsg.dll
    + 2005-06-28 08:23:40 216,800 —-a-w C:\WINDOWS\SoftwareDistribution\Download\b6030cc9bdf016294e4bc50904635316\spuninst.exe
    + 2007-06-27 13:57:10 317,952 —-a-w C:\WINDOWS\SoftwareDistribution\Download\b6030cc9bdf016294e4bc50904635316\unregmp2.exe
    + 2005-06-28 08:25:04 725,728 —-a-w C:\WINDOWS\SoftwareDistribution\Download\b6030cc9bdf016294e4bc50904635316\update\update.exe
    + 2005-06-28 08:23:54 371,424 —-a-w C:\WINDOWS\SoftwareDistribution\Download\b6030cc9bdf016294e4bc50904635316\update\updspapi.dll
    + 2006-12-04 14:21:50 414,720 —-a-w C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\msscp.dll
    + 2005-06-28 08:20:24 13,536 —-a-w C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\spmsg.dll
    + 2005-06-28 08:23:26 213,216 —-a-w C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\spuninst.exe
    + 2005-06-28 08:21:34 22,752 —-a-w C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\spupdsvc.exe
    + 2005-06-28 08:24:52 716,000 —-a-w C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\update\update.exe
    + 2005-06-28 08:23:54 371,424 —-a-w C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\update\updspapi.dll
    - 2007-06-27 14:11:20 124,928 —-a-w C:\WINDOWS\system32\advpack.dll
    + 2007-08-20 10:02:06 124,928 —-a-w C:\WINDOWS\system32\advpack.dll
    - 2006-05-10 01:14:32 7,680 —-a-w C:\WINDOWS\system32\asferror.dll
    + 2006-11-02 20:50:44 7,680 —-a-w C:\WINDOWS\system32\asferror.dll
    - 2006-05-10 01:50:18 269,312 —-a-w C:\WINDOWS\system32\Audiodev.dll
    + 2006-10-18 19:47:08 276,992 —-a-w C:\WINDOWS\system32\audiodev.dll
    - 2006-05-09 18:59:14 585,216 —-a-w C:\WINDOWS\system32\blackbox.dll
    + 2006-10-18 19:47:10 542,720 —-a-w C:\WINDOWS\system32\blackbox.dll
    - 2006-05-09 20:26:34 219,648 —-a-w C:\WINDOWS\system32\CEWMDM.dll
    + 2006-10-18 19:47:10 229,376 —-a-w C:\WINDOWS\system32\cewmdm.dll
    - 2007-06-27 14:11:20 124,928 -c–a-w C:\WINDOWS\system32\dllcache\advpack.dll
    + 2007-08-20 10:02:06 124,928 -c–a-w C:\WINDOWS\system32\dllcache\advpack.dll
    - 2006-05-10 01:14:32 7,680 -c–a-w C:\WINDOWS\system32\dllcache\asferror.dll
    + 2006-11-02 20:50:44 7,680 -c–a-w C:\WINDOWS\system32\dllcache\asferror.dll
    - 2006-05-09 18:59:14 585,216 -c–a-w C:\WINDOWS\system32\dllcache\blackbox.dll
    + 2006-10-18 19:47:10 542,720 -c–a-w C:\WINDOWS\system32\dllcache\blackbox.dll
    - 2006-05-09 20:26:34 219,648 -c–a-w C:\WINDOWS\system32\dllcache\cewmdm.dll
    + 2006-10-18 19:47:10 229,376 -c–a-w C:\WINDOWS\system32\dllcache\cewmdm.dll
    - 2006-05-09 19:00:02 1,350,656 -c–a-w C:\WINDOWS\system32\dllcache\drmv2clt.dll
    + 2006-10-18 19:47:10 991,744 -c–a-w C:\WINDOWS\system32\dllcache\drmv2clt.dll
    - 2006-10-17 10:57:50 214,528 -c–a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
    + 2007-08-20 10:02:06 214,528 -c–a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
    - 2007-06-27 14:11:22 132,608 -c–a-w C:\WINDOWS\system32\dllcache\extmgr.dll
    + 2007-08-20 10:02:06 132,608 -c–a-w C:\WINDOWS\system32\dllcache\extmgr.dll
    + 2007-08-20 10:02:06 63,488 -c—-w C:\WINDOWS\system32\dllcache\icardie.dll
    - 2007-06-27 08:27:04 63,488 -c–a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    + 2007-08-17 10:23:18 63,488 -c–a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    - 2007-06-27 14:11:26 153,088 -c–a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
    + 2007-08-20 10:02:06 153,088 -c–a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
    - 2007-06-27 14:11:26 230,400 -c–a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
    + 2007-08-20 10:02:06 230,400 -c–a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
    - 2007-06-27 07:00:33 161,792 -c–a-w C:\WINDOWS\system32\dllcache\ieakui.dll
    + 2007-08-17 07:34:25 161,792 -c–a-w C:\WINDOWS\system32\dllcache\ieakui.dll
    - 2007-06-27 14:11:29 383,488 -c—-w C:\WINDOWS\system32\dllcache\ieapfltr.dll
    + 2007-08-20 10:02:06 383,488 -c—-w C:\WINDOWS\system32\dllcache\ieapfltr.dll
    - 2007-06-27 14:11:35 384,512 -c–a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
    + 2007-08-20 10:02:06 384,512 -c–a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
    - 2007-06-27 14:11:53 6,058,496 -c—-w C:\WINDOWS\system32\dllcache\ieframe.dll
    + 2007-08-20 10:02:07 6,058,496 -c—-w C:\WINDOWS\system32\dllcache\ieframe.dll
    - 2007-06-27 14:11:53 44,544 -c–a-w C:\WINDOWS\system32\dllcache\iernonce.dll
    + 2007-08-20 10:02:07 44,544 -c–a-w C:\WINDOWS\system32\dllcache\iernonce.dll
    - 2007-06-27 14:11:55 267,776 -c—-w C:\WINDOWS\system32\dllcache\iertutil.dll
    + 2007-08-20 10:02:07 267,776 -c—-w C:\WINDOWS\system32\dllcache\iertutil.dll
    - 2007-06-27 08:27:05 13,824 -c—-w C:\WINDOWS\system32\dllcache\ieudinit.exe
    + 2007-08-17 10:23:18 13,824 -c—-w C:\WINDOWS\system32\dllcache\ieudinit.exe
    - 2007-06-27 08:29:14 625,152 -c–a-w C:\WINDOWS\system32\dllcache\iexplore.exe
    + 2007-08-17 10:23:36 625,152 -c–a-w C:\WINDOWS\system32\dllcache\iexplore.exe
    - 2007-05-16 15:19:43 683,520 -c–a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
    + 2007-08-21 06:18:26 683,520 -c–a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
    - 2007-06-27 14:11:59 27,648 -c–a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
    + 2007-08-20 10:02:07 27,648 -c–a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
    - 2006-05-09 20:26:32 9,728 -c–a-w C:\WINDOWS\system32\dllcache\laprxy.dll
    + 2006-10-18 19:47:14 11,264 -c–a-w C:\WINDOWS\system32\dllcache\LAPRXY.dll
    - 2006-05-09 19:02:02 84,480 -c–a-w C:\WINDOWS\system32\dllcache\logagent.exe
    + 2006-10-18 18:03:58 100,864 -c–a-w C:\WINDOWS\system32\dllcache\logagent.exe
    - 2004-08-04 00:03:14 310,272 -c–a-w C:\WINDOWS\system32\dllcache\mp43dmod.dll
    + 2006-10-18 19:47:14 4,096 -c–a-w C:\WINDOWS\system32\dllcache\MP43DMOD.dll
    - 2004-08-04 00:03:14 384,512 -c–a-w C:\WINDOWS\system32\dllcache\mp4sdmod.dll
    + 2006-10-18 19:47:14 4,096 -c–a-w C:\WINDOWS\system32\dllcache\MP4SDMOD.dll
    - 2004-08-04 00:03:14 240,640 -c–a-w C:\WINDOWS\system32\dllcache\mpg4dmod.dll
    + 2006-10-18 19:47:14 4,096 -c–a-w C:\WINDOWS\system32\dllcache\MPG4DMOD.dll
    - 2006-05-10 01:14:40 345,600 -c–a-w C:\WINDOWS\system32\dllcache\mpvis.dll
    + 2006-11-02 20:51:00 244,224 -c–a-w C:\WINDOWS\system32\dllcache\mpvis.dll
    - 2007-06-27 14:12:00 459,264 -c—-w C:\WINDOWS\system32\dllcache\msfeeds.dll
    + 2007-08-20 10:02:07 459,264 -c—-w C:\WINDOWS\system32\dllcache\msfeeds.dll
    - 2007-06-27 14:12:00 52,224 -c—-w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    + 2007-08-20 10:02:07 52,224 -c—-w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    - 2007-07-19 06:59:22 3,583,488 -c–a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    + 2007-08-20 10:02:07 3,584,512 -c–a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    - 2007-06-27 14:12:12 477,696 -c–a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
    + 2007-08-20 10:02:07 477,696 -c–a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
    - 2006-05-09 20:26:34 212,480 -c–a-w C:\WINDOWS\system32\dllcache\msnetobj.dll
    + 2006-10-18 19:47:16 179,712 -c–a-w C:\WINDOWS\system32\dllcache\msnetobj.dll
    - 2006-05-09 20:26:34 26,112 -c–a-w C:\WINDOWS\system32\dllcache\mspmsnsv.dll
    + 2006-10-18 19:47:16 27,136 -c–a-w C:\WINDOWS\system32\dllcache\mspmsnsv.dll
    - 2006-05-09 20:26:34 165,376 -c–a-w C:\WINDOWS\system32\dllcache\mspmsp.dll
    + 2006-10-18 19:47:16 175,616 -c–a-w C:\WINDOWS\system32\dllcache\mspmsp.dll
    - 2007-06-27 14:12:14 193,024 -c–a-w C:\WINDOWS\system32\dllcache\msrating.dll
    + 2007-08-20 10:02:07 193,024 -c–a-w C:\WINDOWS\system32\dllcache\msrating.dll
    - 2006-05-09 18:59:20 417,280 -c–a-w C:\WINDOWS\system32\dllcache\msscp.dll
    + 2006-12-04 14:21:50 414,720 -c–a-w C:\WINDOWS\system32\dllcache\msscp.dll
    - 2007-06-27 14:12:21 671,232 -c–a-w C:\WINDOWS\system32\dllcache\mstime.dll
    + 2007-08-20 10:02:08 671,232 -c–a-w C:\WINDOWS\system32\dllcache\mstime.dll
    - 2006-05-09 20:26:34 306,688 -c–a-w C:\WINDOWS\system32\dllcache\mswmdm.dll
    + 2006-10-18 19:47:16 321,536 -c–a-w C:\WINDOWS\system32\dllcache\mswmdm.dll
    - 2007-06-27 14:12:21 102,400 -c–a-w C:\WINDOWS\system32\dllcache\occache.dll
    + 2007-08-20 10:02:08 102,400 -c–a-w C:\WINDOWS\system32\dllcache\occache.dll
    - 2006-05-09 20:26:34 201,728 -c–a-w C:\WINDOWS\system32\dllcache\qasf.dll
    + 2006-10-18 19:47:18 211,456 -c–a-w C:\WINDOWS\system32\dllcache\qasf.dll
    - 2004-08-04 00:03:20 581,120 -c–a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
    + 2007-07-09 13:20:52 582,656 -c–a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
    - 2006-05-10 01:48:04 1,592,320 -c–a-w C:\WINDOWS\system32\dllcache\setup_wm.exe
    + 2006-11-02 21:33:18 1,674,752 -c–a-w C:\WINDOWS\system32\dllcache\setup_wm.exe
    - 2006-05-10 01:15:38 181,248 -c–a-w C:\WINDOWS\system32\dllcache\unregmp2.exe
    + 2007-06-27 13:57:10 317,952 -c–a-w C:\WINDOWS\system32\dllcache\unregmp2.exe
    - 2007-06-27 14:12:22 105,984 -c–a-w C:\WINDOWS\system32\dllcache\url.dll
    + 2007-08-20 10:02:08 105,984 -c–a-w C:\WINDOWS\system32\dllcache\url.dll
    - 2007-06-27 14:12:26 1,152,000 -c–a-w C:\WINDOWS\system32\dllcache\urlmon.dll
    + 2007-08-20 10:02:08 1,152,000 -c–a-w C:\WINDOWS\system32\dllcache\urlmon.dll
    - 2007-06-27 14:12:28 232,960 -c–a-w C:\WINDOWS\system32\dllcache\webcheck.dll
    + 2007-08-20 10:02:08 232,960 -c–a-w C:\WINDOWS\system32\dllcache\webcheck.dll
    - 2007-06-27 14:12:32 823,808 -c–a-w C:\WINDOWS\system32\dllcache\wininet.dll
    + 2007-08-20 10:02:08 824,832 -c–a-w C:\WINDOWS\system32\dllcache\wininet.dll
    - 2006-05-09 20:26:34 705,024 -c–a-w C:\WINDOWS\system32\dllcache\wmadmod.dll
    + 2006-10-18 19:47:18 757,248 -c–a-w C:\WINDOWS\system32\dllcache\WMADMOD.dll
    - 2006-05-09 20:26:34 1,063,424 -c–a-w C:\WINDOWS\system32\dllcache\wmadmoe.dll
    + 2006-10-18 19:47:18 1,117,696 -c–a-w C:\WINDOWS\system32\dllcache\WMADMOE.dll
    - 2006-05-09 20:26:34 221,696 -c–a-w C:\WINDOWS\system32\dllcache\wmasf.dll
    + 2006-10-18 19:47:18 222,208 -c–a-w C:\WINDOWS\system32\dllcache\WMASF.dll
    - 2006-05-09 20:26:34 31,744 -c–a-w C:\WINDOWS\system32\dllcache\wmdmlog.dll
    + 2006-10-18 19:47:18 33,792 -c–a-w C:\WINDOWS\system32\dllcache\wmdmlog.dll
    - 2006-05-09 20:26:34 36,864 -c–a-w C:\WINDOWS\system32\dllcache\wmdmps.dll
    + 2006-10-18 19:47:18 37,376 -c–a-w C:\WINDOWS\system32\dllcache\wmdmps.dll
    - 2006-05-10 01:15:42 247,296 -c–a-w C:\WINDOWS\system32\dllcache\wmerror.dll
    + 2006-11-02 20:52:52 257,536 -c–a-w C:\WINDOWS\system32\dllcache\wmerror.dll
    - 2006-05-09 20:26:34 155,136 -c–a-w C:\WINDOWS\system32\dllcache\wmidx.dll
    + 2006-10-18 19:47:20 157,184 -c–a-w C:\WINDOWS\system32\dllcache\wmidx.dll
    - 2006-05-09 20:26:34 992,256 -c–a-w C:\WINDOWS\system32\dllcache\wmnetmgr.dll
    + 2006-10-18 19:47:20 937,984 -c–a-w C:\WINDOWS\system32\dllcache\WMNetMgr.dll
    - 2006-05-09 20:26:34 10,394,624 -c–a-w C:\WINDOWS\system32\dllcache\wmp.dll
    + 2007-06-11 21:51:12 10,834,944 -c–a-w C:\WINDOWS\system32\dllcache\wmp.dll
    - 2006-05-09 20:26:34 237,056 -c–a-w C:\WINDOWS\system32\dllcache\wmpasf.dll
    + 2006-10-18 19:47:20 242,688 -c–a-w C:\WINDOWS\system32\dllcache\wmpasf.dll
    - 2006-05-10 01:15:46 87,040 -c–a-w C:\WINDOWS\system32\dllcache\wmpband.dll
    + 2006-11-02 20:53:00 96,256 -c–a-w C:\WINDOWS\system32\dllcache\wmpband.dll
    - 2006-05-09 20:26:34 301,056 -c–a-w C:\WINDOWS\system32\dllcache\wmpdxm.dll
    + 2006-10-18 19:47:20 314,880 -c–a-w C:\WINDOWS\system32\dllcache\wmpdxm.dll
    - 2006-05-10 01:15:54 62,976 -c–a-w C:\WINDOWS\system32\dllcache\wmplayer.exe
    + 2006-11-02 20:53:14 64,000 -c–a-w C:\WINDOWS\system32\dllcache\wmplayer.exe
    - 2006-05-10 01:50:14 7,747,072 -c–a-w C:\WINDOWS\system32\dllcache\wmploc.dll
    + 2006-11-02 21:35:30 8,271,872 -c–a-w C:\WINDOWS\system32\dllcache\wmploc.dll
    - 2006-05-10 01:15:58 97,792 -c–a-w C:\WINDOWS\system32\dllcache\wmpshell.dll
    + 2006-11-02 20:53:24 99,840 -c–a-w C:\WINDOWS\system32\dllcache\wmpshell.dll
    - 2006-05-09 20:26:34 4,096 -c–a-w C:\WINDOWS\system32\dllcache\wmsdmod.dll
    + 2006-10-18 19:47:22 4,096 -c–a-w C:\WINDOWS\system32\dllcache\wmsdmod.dll
    - 2006-05-09 20:26:34 4,096 -c–a-w C:\WINDOWS\system32\dllcache\wmsdmoe2.dll
    + 2006-10-18 19:47:22 4,096 -c–a-w C:\WINDOWS\system32\dllcache\wmsdmoe2.dll
    - 2006-05-09 20:26:34 564,736 -c–a-w C:\WINDOWS\system32\dllcache\wmspdmod.dll
    + 2006-10-18 19:47:22 603,648 -c–a-w C:\WINDOWS\system32\dllcache\WMSPDMOD.dll
    - 2006-05-09 20:26:34 1,280,000 -c–a-w C:\WINDOWS\system32\dllcache\wmspdmoe.dll
    + 2006-10-18 19:47:22 1,329,152 -c–a-w C:\WINDOWS\system32\dllcache\WMSPDMOE.dll
    - 2006-05-09 20:22:32 2,463,744 -c–a-w C:\WINDOWS\system32\dllcache\wmvcore.dll
    + 2006-10-18 19:47:22 2,450,944 -c–a-w C:\WINDOWS\system32\dllcache\wmvcore.dll
    - 2006-05-09 20:26:34 4,096 -c–a-w C:\WINDOWS\system32\dllcache\wmvdmod.dll
    + 2006-10-18 19:47:22 4,096 -c–a-w C:\WINDOWS\system32\dllcache\wmvdmod.dll
    - 2006-05-09 20:26:34 4,096 -c–a-w C:\WINDOWS\system32\dllcache\wmvdmoe2.dll
    + 2006-10-18 19:47:22 4,096 -c–a-w C:\WINDOWS\system32\dllcache\wmvdmoe2.dll
    - 2006-05-09 18:58:46 646,656 ——w C:\WINDOWS\system32\drivers\umdf\wpdmtpdr.dll
    + 2006-10-18 19:47:22 671,232 ——w C:\WINDOWS\system32\drivers\umdf\wpdmtpdr.dll
    - 2006-05-09 18:58:44 40,704 —-a-w C:\WINDOWS\system32\drivers\wpdusb.sys
    + 2006-10-18 18:00:00 38,528 —-a-w C:\WINDOWS\system32\drivers\wpdusb.sys
    - 2006-04-11 12:26:38 82,944 ——w C:\WINDOWS\system32\drivers\WudfPf.sys
    + 2006-09-28 16:55:50 77,568 ——w C:\WINDOWS\system32\drivers\WudfPf.sys
    - 2006-04-11 12:29:18 87,808 ——w C:\WINDOWS\system32\drivers\WudfRd.sys
    + 2006-09-28 17:00:34 82,944 ——w C:\WINDOWS\system32\drivers\WudfRd.sys
    - 2006-05-09 18:59:18 229,376 ——w C:\WINDOWS\system32\drmupgds.exe
    + 2006-10-18 18:00:46 249,856 ——w C:\WINDOWS\system32\drmupgds.exe
    - 2006-05-09 19:00:02 1,350,656 —-a-w C:\WINDOWS\system32\drmv2clt.dll
    + 2006-10-18 19:47:10 991,744 —-a-w C:\WINDOWS\system32\drmv2clt.dll
    - 2006-10-17 10:57:50 214,528 —-a-w C:\WINDOWS\system32\dxtrans.dll
    + 2007-08-20 10:02:06 214,528 —-a-w C:\WINDOWS\system32\dxtrans.dll
    - 2007-06-27 14:11:22 132,608 —-a-w C:\WINDOWS\system32\extmgr.dll
    + 2007-08-20 10:02:06 132,608 —-a-w C:\WINDOWS\system32\extmgr.dll
    - 2006-10-17 10:58:20 61,952 ——w C:\WINDOWS\system32\icardie.dll
    + 2007-08-20 10:02:06 63,488 —-a-w C:\WINDOWS\system32\icardie.dll
    - 2007-06-27 08:27:04 63,488 —-a-w C:\WINDOWS\system32\ie4uinit.exe
    + 2007-08-17 10:23:18 63,488 —-a-w C:\WINDOWS\system32\ie4uinit.exe
    - 2007-06-27 14:11:26 153,088 —-a-w C:\WINDOWS\system32\ieakeng.dll
    + 2007-08-20 10:02:06 153,088 —-a-w C:\WINDOWS\system32\ieakeng.dll
    - 2007-06-27 14:11:26 230,400 —-a-w C:\WINDOWS\system32\ieaksie.dll
    + 2007-08-20 10:02:06 230,400 —-a-w C:\WINDOWS\system32\ieaksie.dll
    - 2007-06-27 07:00:33 161,792 —-a-w C:\WINDOWS\system32\ieakui.dll
    + 2007-08-17 07:34:25 161,792 —-a-w C:\WINDOWS\system32\ieakui.dll
    - 2007-06-27 14:11:29 383,488 —-a-w C:\WINDOWS\system32\ieapfltr.dll
    + 2007-08-20 10:02:06 383,488 —-a-w C:\WINDOWS\system32\ieapfltr.dll
    - 2007-06-27 14:11:35 384,512 —-a-w C:\WINDOWS\system32\iedkcs32.dll
    + 2007-08-20 10:02:06 384,512 —-a-w C:\WINDOWS\system32\iedkcs32.dll
    - 2007-06-27 14:11:53 6,058,496 —-a-w C:\WINDOWS\system32\ieframe.dll
    + 2007-08-20 10:02:07 6,058,496 —-a-w C:\WINDOWS\system32\ieframe.dll
    - 2007-06-27 14:11:53 44,544 —-a-w C:\WINDOWS\system32\iernonce.dll
    + 2007-08-20 10:02:07 44,544 —-a-w C:\WINDOWS\system32\iernonce.dll
    - 2007-06-27 14:11:55 267,776 —-a-w C:\WINDOWS\system32\iertutil.dll
    + 2007-08-20 10:02:07 267,776 —-a-w C:\WINDOWS\system32\iertutil.dll
    - 2007-06-27 08:27:05 13,824 —-a-w C:\WINDOWS\system32\ieudinit.exe
    + 2007-08-17 10:23:18 13,824 —-a-w C:\WINDOWS\system32\ieudinit.exe
    - 2007-06-27 14:11:59 27,648 —-a-w C:\WINDOWS\system32\jsproxy.dll
    + 2007-08-20 10:02:07 27,648 —-a-w C:\WINDOWS\system32\jsproxy.dll
    - 2006-05-09 20:26:32 9,728 —-a-w C:\WINDOWS\system32\LAPRXY.dll
    + 2006-10-18 19:47:14 11,264 —-a-w C:\WINDOWS\system32\LAPRXY.dll
    - 2006-05-09 19:02:02 84,480 —-a-w C:\WINDOWS\system32\logagent.exe
    + 2006-10-18 18:03:58 100,864 —-a-w C:\WINDOWS\system32\logagent.exe
    - 2006-05-09 19:00:08 382,976 ——w C:\WINDOWS\system32\MFPLAT.dll
    + 2006-10-18 19:47:14 212,992 —-a-w C:\WINDOWS\system32\mfplat.dll
    - 2006-05-09 19:00:56 241,152 ——w C:\WINDOWS\system32\MP43DECD.dll
    + 2006-10-18 19:47:14 259,072 ——w C:\WINDOWS\system32\MP43DECD.dll
    - 2004-08-04 00:03:14 310,272 ——w C:\WINDOWS\system32\mp43dmod.dll
    + 2006-10-18 19:47:14 4,096 ——w C:\WINDOWS\system32\MP43DMOD.dll
    - 2006-05-09 19:00:58 299,520 ——w C:\WINDOWS\system32\MP4SDECD.dll
    + 2006-10-18 19:47:14 317,440 ——w C:\WINDOWS\system32\MP4SDECD.dll
    - 2004-08-04 00:03:14 384,512 ——w C:\WINDOWS\system32\mp4sdmod.dll
    + 2006-10-18 19:47:14 4,096 ——w C:\WINDOWS\system32\MP4SDMOD.dll
    - 2006-05-09 19:00:58 241,152 ——w C:\WINDOWS\system32\MPG4DECD.dll
    + 2006-10-18 19:47:14 259,072 ——w C:\WINDOWS\system32\MPG4DECD.dll
    - 2004-08-04 00:03:14 240,640 —-a-w C:\WINDOWS\system32\mpg4dmod.dll
    + 2006-10-18 19:47:14 4,096 —-a-w C:\WINDOWS\system32\MPG4DMOD.dll
    - 2007-09-06 02:50:42 17,474,680 —-a-w C:\WINDOWS\system32\MRT.exe
    + 2007-09-28 05:19:39 18,089,592 —-a-w C:\WINDOWS\system32\MRT.exe
    - 2006-05-09 18:45:20 304,640 ——w C:\WINDOWS\system32\MSDelta.dll
    + 2006-10-02 13:28:42 312,128 ——w C:\WINDOWS\system32\msdelta.dll
    - 2007-06-27 14:12:00 459,264 —-a-w C:\WINDOWS\system32\msfeeds.dll
    + 2007-08-20 10:02:07 459,264 —-a-w C:\WINDOWS\system32\msfeeds.dll
    - 2007-06-27 14:12:00 52,224 —-a-w C:\WINDOWS\system32\msfeedsbs.dll
    + 2007-08-20 10:02:07 52,224 —-a-w C:\WINDOWS\system32\msfeedsbs.dll
    - 2007-07-19 06:59:22 3,583,488 —-a-w C:\WINDOWS\system32\mshtml.dll
    + 2007-08-20 10:02:07 3,584,512 —-a-w C:\WINDOWS\system32\mshtml.dll
    - 2007-06-27 14:12:12 477,696 —-a-w C:\WINDOWS\system32\mshtmled.dll
    + 2007-08-20 10:02:07 477,696 —-a-w C:\WINDOWS\system32\mshtmled.dll
    - 2006-05-09 20:26:34 212,480 —-a-w C:\WINDOWS\system32\msnetobj.dll
    + 2006-10-18 19:47:16 179,712 —-a-w C:\WINDOWS\system32\msnetobj.dll
    - 2006-05-09 20:26:34 26,112 —-a-w C:\WINDOWS\system32\MsPMSNSv.dll
    + 2006-10-18 19:47:16 27,136 —-a-w C:\WINDOWS\system32\mspmsnsv.dll
    - 2006-05-09 20:26:34 165,376 —-a-w C:\WINDOWS\system32\MsPMSP.dll
    + 2006-10-18 19:47:16 175,616 —-a-w C:\WINDOWS\system32\mspmsp.dll
    - 2007-06-27 14:12:14 193,024 —-a-w C:\WINDOWS\system32\msrating.dll
    + 2007-08-20 10:02:07 193,024 —-a-w C:\WINDOWS\system32\msrating.dll
    - 2006-05-09 18:59:20 417,280 —-a-w C:\WINDOWS\system32\MSSCP.dll
    + 2006-12-04 14:21:50 414,720 —-a-w C:\WINDOWS\system32\msscp.dll
    - 2007-06-27 14:12:21 671,232 —-a-w C:\WINDOWS\system32\mstime.dll
    + 2007-08-20 10:02:08 671,232 —-a-w C:\WINDOWS\system32\mstime.dll
    - 2006-05-09 20:26:34 306,688 —-a-w C:\WINDOWS\system32\MSWMDM.dll
    + 2006-10-18 19:47:16 321,536 —-a-w C:\WINDOWS\system32\mswmdm.dll
    - 2007-06-27 14:12:21 102,400 —-a-w C:\WINDOWS\system32\occache.dll
    + 2007-08-20 10:02:08 102,400 —-a-w C:\WINDOWS\system32\occache.dll
    - 2006-05-09 18:58:48 345,600 ——w C:\WINDOWS\system32\PortableDeviceApi.dll
    + 2006-10-18 19:47:18 284,160 —-a-w C:\WINDOWS\system32\portabledeviceapi.dll
    - 2006-05-09 18:58:48 101,376 ——w C:\WINDOWS\system32\PortableDeviceClassExtension.dll
    + 2006-10-18 19:47:18 101,888 ——w C:\WINDOWS\system32\PortableDeviceClassExtension.dll
    - 2006-05-09 18:58:38 168,960 ——w C:\WINDOWS\system32\PortableDeviceTypes.dll
    + 2006-10-18 19:47:18 166,912 —-a-w C:\WINDOWS\system32\portabledevicetypes.dll
    - 2006-05-09 18:58:50 103,424 ——w C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
    + 2006-10-18 19:47:18 132,096 ——w C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
    - 2006-05-09 18:58:48 188,928 ——w C:\WINDOWS\system32\PortableDeviceWMDRM.dll
    + 2006-10-18 19:47:18 199,168 ——w C:\WINDOWS\system32\PortableDeviceWMDRM.dll
    - 2006-05-09 20:26:34 201,728 —-a-w C:\WINDOWS\system32\qasf.dll
    + 2006-10-18 19:47:18 211,456 —-a-w C:\WINDOWS\system32\qasf.dll
    - 2004-08-04 00:03:20 581,120 —-a-w C:\WINDOWS\system32\rpcrt4.dll
    + 2007-07-09 13:20:52 582,656 —-a-w C:\WINDOWS\system32\rpcrt4.dll
    - 2006-10-08 19:51:14 14,640 ——w C:\WINDOWS\system32\spmsg.dll
    + 2006-09-25 15:58:48 14,640 ——w C:\WINDOWS\system32\spmsg.dll
    - 2007-06-27 14:12:22 105,984 —-a-w C:\WINDOWS\system32\url.dll
    + 2007-08-20 10:02:08 105,984 —-a-w C:\WINDOWS\system32\url.dll
    - 2007-06-27 14:12:26 1,152,000 —-a-w C:\WINDOWS\system32\urlmon.dll
    + 2007-08-20 10:02:08 1,152,000 —-a-w C:\WINDOWS\system32\urlmon.dll
    - 2006-05-09 20:36:46 6,656 —-a-w C:\WINDOWS\system32\uWDF.exe
    + 2006-10-18 19:58:00 8,704 —-a-w C:\WINDOWS\system32\uwdf.exe
    - 2006-05-09 20:26:34 4,096 —-a-w C:\WINDOWS\system32\wdfApi.dll
    + 2006-10-18 19:47:18 4,096 —-a-w C:\WINDOWS\system32\wdfapi.dll
    - 2006-05-09 20:36:46 6,656 —-a-w C:\WINDOWS\system32\WdfMgr.exe
    + 2006-10-18 19:58:00 8,704 —-a-w C:\WINDOWS\system32\wdfmgr.exe
    - 2007-06-27 14:12:28 232,960 —-a-w C:\WINDOWS\system32\webcheck.dll
    + 2007-08-20 10:02:08 232,960 —-a-w C:\WINDOWS\system32\webcheck.dll
    - 2007-06-27 14:12:32 823,808 —-a-w C:\WINDOWS\system32\wininet.dll
    + 2007-08-20 10:02:08 824,832 —-a-w C:\WINDOWS\system32\wininet.dll
    - 2006-05-09 20:26:34 705,024 —-a-w C:\WINDOWS\system32\wmadmod.dll
    + 2006-10-18 19:47:18 757,248 —-a-w C:\WINDOWS\system32\wmadmod.dll
    - 2006-05-09 20:26:34 1,063,424 —-a-w C:\WINDOWS\system32\WMADMOE.dll
    + 2006-10-18 19:47:18 1,117,696 —-a-w C:\WINDOWS\system32\WMADMOE.dll
    - 2006-05-09 20:26:34 221,696 —-a-w C:\WINDOWS\system32\wmasf.dll
    + 2006-10-18 19:47:18 222,208 —-a-w C:\WINDOWS\system32\wmasf.dll
    - 2006-05-09 20:26:34 31,744 —-a-w C:\WINDOWS\system32\WMDMLOG.dll
    + 2006-10-18 19:47:18 33,792 —-a-w C:\WINDOWS\system32\wmdmlog.dll
    - 2006-05-09 20:26:34 36,864 —-a-w C:\WINDOWS\system32\WMDMPS.dll
    + 2006-10-18 19:47:18 37,376 —-a-w C:\WINDOWS\system32\wmdmps.dll
    - 2006-05-09 20:26:34 417,280 —-a-w C:\WINDOWS\system32\wmdrmdev.dll
    + 2006-10-18 19:47:18 429,056 —-a-w C:\WINDOWS\system32\wmdrmdev.dll
    - 2006-05-09 20:26:34 337,408 —-a-w C:\WINDOWS\system32\wmdrmnet.dll
    + 2006-10-18 19:47:20 348,672 —-a-w C:\WINDOWS\system32\wmdrmnet.dll
    - 2006-05-09 18:59:34 513,536 ——w C:\WINDOWS\system32\wmdrmsdk.dll
    + 2006-10-18 19:47:20 535,040 ——w C:\WINDOWS\system32\wmdrmsdk.dll
    - 2006-05-10 01:15:42 247,296 —-a-w C:\WINDOWS\system32\wmerror.dll
    + 2006-11-02 20:52:52 257,536 —-a-w C:\WINDOWS\system32\wmerror.dll
    - 2006-05-09 20:26:34 155,136 —-a-w C:\WINDOWS\system32\wmidx.dll
    + 2006-10-18 19:47:20 157,184 —-a-w C:\WINDOWS\system32\wmidx.dll
    - 2006-05-09 20:26:34 992,256 —-a-w C:\WINDOWS\system32\WMNetMgr.dll
    + 2006-10-18 19:47:20 937,984 —-a-w C:\WINDOWS\system32\WMNetMgr.dll
    - 2006-05-09 20:26:34 10,394,624 —-a-w C:\WINDOWS\system32\wmp.dll
    + 2007-06-11 21:51:12 10,834,944 —-a-w C:\WINDOWS\system32\wmp.dll
    - 2006-05-09 20:26:34 237,056 —-a-w C:\WINDOWS\system32\wmpasf.dll
    + 2006-10-18 19:47:20 242,688 —-a-w C:\WINDOWS\system32\wmpasf.dll
    - 2006-05-09 20:26:34 301,056 —-a-w C:\WINDOWS\system32\wmpdxm.dll
    + 2006-10-18 19:47:20 314,880 —-a-w C:\WINDOWS\system32\wmpdxm.dll
    - 2006-05-09 20:26:34 433,152 ——w C:\WINDOWS\system32\wmpeffects.dll
    + 2006-10-18 19:47:20 295,936 ——w C:\WINDOWS\system32\wmpeffects.dll
    - 2006-05-09 20:26:34 1,641,472 —-a-w C:\WINDOWS\system32\wmpencen.dll
    + 2006-10-18 19:47:20 1,661,440 —-a-w C:\WINDOWS\system32\wmpencen.dll
    - 2006-05-10 01:50:14 7,747,072 —-a-w C:\WINDOWS\system32\wmploc.dll
    + 2006-11-02 21:35:30 8,271,872 —-a-w C:\WINDOWS\system32\wmploc.dll
    - 2006-05-09 19:00:22 546,816 ——w C:\WINDOWS\system32\wmpmde.dll
    + 2006-10-18 19:47:20 613,376 ——w C:\WINDOWS\system32\wmpmde.dll
    - 2006-05-09 20:26:34 135,680 ——w C:\WINDOWS\system32\wmpps.dll
    + 2006-10-18 19:47:20 130,048 ——w C:\WINDOWS\system32\wmpps.dll
    - 2006-05-10 01:15:58 97,792 —-a-w C:\WINDOWS\system32\wmpshell.dll
    + 2006-11-02 20:53:24 99,840 —-a-w C:\WINDOWS\system32\wmpshell.dll
    - 2006-05-09 20:26:34 203,776 —-a-w C:\WINDOWS\system32\wmpsrcwp.dll
    + 2006-10-18 19:47:20 204,288 —-a-w C:\WINDOWS\system32\wmpsrcwp.dll
    - 2006-05-09 20:26:34 4,096 —-a-w C:\WINDOWS\system32\wmsdmod.dll
    + 2006-10-18 19:47:22 4,096 —-a-w C:\WINDOWS\system32\wmsdmod.dll
    - 2006-05-09 20:26:34 4,096 —-a-w C:\WINDOWS\system32\wmsdmoe2.dll
    + 2006-10-18 19:47:22 4,096 —-a-w C:\WINDOWS\system32\wmsdmoe2.dll
    - 2006-05-09 20:26:34 564,736 —-a-w C:\WINDOWS\system32\WMSPDMOD.dll
    + 2006-10-18 19:47:22 603,648 —-a-w C:\WINDOWS\system32\WMSPDMOD.dll
    - 2006-05-09 20:26:34 1,280,000 —-a-w C:\WINDOWS\system32\WMSPDMOE.dll
    + 2006-10-18 19:47:22 1,329,152 —-a-w C:\WINDOWS\system32\WMSPDMOE.dll
    - 2006-05-09 20:26:34 4,096 —-a-w C:\WINDOWS\system32\WMVADVD.dll
    + 2006-10-18 19:47:22 4,096 —-a-w C:\WINDOWS\system32\WMVADVD.dll
    - 2006-05-09 20:26:34 4,096 —-a-w C:\WINDOWS\system32\WMVADVE.DLL
    + 2006-10-18 19:47:22 4,096 —-a-w C:\WINDOWS\system32\WMVADVE.DLL
    - 2006-05-09 20:22:32 2,463,744 —-a-w C:\WINDOWS\system32\wmvcore.dll
    + 2006-10-18 19:47:22 2,450,944 —-a-w C:\WINDOWS\system32\wmvcore.dll
    - 2006-05-09 19:01:06 1,463,808 ——w C:\WINDOWS\system32\WMVDECOD.dll
    + 2006-10-18 19:47:22 1,543,680 ——w C:\WINDOWS\system32\WMVDECOD.dll
    - 2006-05-09 20:26:34 4,096 —-a-w C:\WINDOWS\system32\wmvdmod.dll
    + 2006-10-18 19:47:22 4,096 —-a-w C:\WINDOWS\system32\wmvdmod.dll
    - 2006-05-09 20:26:34 4,096 —-a-w C:\WINDOWS\system32\wmvdmoe2.dll
    + 2006-10-18 19:47:22 4,096 —-a-w C:\WINDOWS\system32\wmvdmoe2.dll
    - 2006-05-09 19:00:58 1,455,616 ——w C:\WINDOWS\system32\WMVENCOD.dll
    + 2006-10-18 19:47:22 1,574,912 ——w C:\WINDOWS\system32\WMVENCOD.dll
    - 2006-05-09 19:01:06 1,359,360 ——w C:\WINDOWS\system32\WMVSDECD.dll
    + 2006-10-18 19:47:22 1,382,912 ——w C:\WINDOWS\system32\WMVSDECD.dll
    - 2006-05-09 19:00:58 770,560 ——w C:\WINDOWS\system32\WMVSENCD.dll
    + 2006-10-18 19:47:22 767,488 ——w C:\WINDOWS\system32\WMVSENCD.dll
    - 2006-05-09 19:00:56 636,928 ——w C:\WINDOWS\system32\WMVXENCD.dll
    + 2006-10-18 19:47:22 656,896 ——w C:\WINDOWS\system32\WMVXENCD.dll
    - 2006-05-09 18:58:50 670,208 —-a-w C:\WINDOWS\system32\wpd_ci.dll
    + 2006-10-18 19:47:22 629,760 —-a-w C:\WINDOWS\system32\wpd_ci.dll
    - 2006-05-09 18:58:40 35,840 —-a-w C:\WINDOWS\system32\wpdconns.dll
    + 2006-10-18 19:47:22 35,840 —-a-w C:\WINDOWS\system32\wpdconns.dll
    - 2006-05-09 18:58:40 144,896 —-a-w C:\WINDOWS\system32\wpdmtp.dll
    + 2006-10-18 19:47:22 154,624 —-a-w C:\WINDOWS\system32\wpdmtp.dll
    - 2006-05-09 18:58:40 55,808 —-a-w C:\WINDOWS\system32\wpdmtpus.dll
    + 2006-10-18 19:47:22 63,488 —-a-w C:\WINDOWS\system32\wpdmtpus.dll
    - 2006-05-10 01:16:04 3,748,864 ——w C:\WINDOWS\system32\WpdShext.dll
    + 2006-10-18 19:47:22 2,603,008 ——w C:\WINDOWS\system32\WpdShext.dll
    - 2006-05-09 18:58:54 13,824 ——w C:\WINDOWS\system32\wpdshextautoplay.exe
    + 2006-10-18 18:00:14 17,408 ——w C:\WINDOWS\system32\wpdshextautoplay.exe
    + 2006-11-02 09:52:46 42,496 ——w C:\WINDOWS\system32\wpdshextres.dll
    - 2006-05-09 18:58:54 52,224 ——w C:\WINDOWS\system32\WPDShServiceObj.dll
    + 2006-10-18 19:47:22 133,632 —-a-w C:\WINDOWS\system32\wpdshserviceobj.dll
    - 2006-05-09 18:58:46 343,552 —-a-w C:\WINDOWS\system32\WPDSp.dll
    + 2006-10-18 19:47:22 356,352 —-a-w C:\WINDOWS\system32\wpdsp.dll
    - 2006-04-11 12:30:44 93,752 ——w C:\WINDOWS\system32\WUDFCoinstaller.dll
    + 2006-09-28 18:13:26 95,344 ——w C:\WINDOWS\system32\WUDFCoinstaller.dll
    - 2006-04-11 12:27:18 130,048 ——w C:\WINDOWS\system32\WudfHost.exe
    + 2006-09-28 16:56:38 146,432 ——w C:\WINDOWS\system32\WudfHost.exe
    - 2006-04-11 12:26:44 158,208 ——w C:\WINDOWS\system32\WudfPlatform.dll
    + 2006-09-28 16:56:16 165,376 ——w C:\WINDOWS\system32\WudfPlatform.dll
    - 2006-04-11 12:26:56 54,272 ——w C:\WINDOWS\system32\WudfSvc.dll
    + 2006-09-28 16:56:14 55,808 ——w C:\WINDOWS\system32\WudfSvc.dll
    - 2006-04-11 12:27:18 304,640 ——w C:\WINDOWS\system32\WUDFx.dll
    + 2006-09-28 16:56:38 316,416 ——w C:\WINDOWS\system32\WUDFx.dll
    - 2007-03-09 11:51:35 266,240 —-a-w C:\WINDOWS\system32\xpsp3res.dll
    + 2007-06-18 22:24:36 369,664 —-a-w C:\WINDOWS\system32\xpsp3res.dll
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-10-06 15:16]
    "AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-04-10 17:44]
    "SpeedTouch USB Diagnostics"="C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2002-11-12 12:02]
    "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" []
    "nwiz"="nwiz.exe" [2003-10-06 15:16 C:\WINDOWS\system32\nwiz.exe]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-03-08 15:54]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" []
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14]
    "iTunesHelper"="D:\Britta\Itunes\iTunesHelper.exe" [2006-02-23 15:45]
    "CreateCD50"="C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" [2002-05-02 19:58]
    "McRegWiz"="C:\PROGRA~1\McAfee.com\Agent\mcregwiz.exe" []
    "VSOCheckTask"="c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" []
    "VirusScan Online"="c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" []
    "MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" []
    "MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\McUpdate.exe" []
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-12-31 13:55]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 15:32 C:\WINDOWS\KHALMNPR.Exe]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:03]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" []
    "Steam"="c:\program files\steam\steam.exe" []
    "SmartBarXP"="D:\Daan\Documenten\SmartBarXP\SmartBarXP.exe" []
    "Eyeball Chat"="C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" []
    "BitTorrent"="D:\Daan\Documenten\bittorrent.exe" []
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-23 10:18]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 18:34]
    "Adru"="C:\PROGRA~1\YSTEM~1\javaw.exe" []

    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
    Adobe Reader Snelle start.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
    Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-09-23 10:18:45]
    Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-09-03 17:32:07]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    "Notification Packages"= scecli scecli

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
    @=""

    R1 cdudf_xp;cdudf_xp;C:\WINDOWS\system32\drivers\cdudf_xp.sys
    R1 pwd_2k;pwd_2k;C:\WINDOWS\system32\drivers\pwd_2k.sys
    R1 UdfReadr_xp;UdfReadr_xp;C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
    R2 Devx;Devx;C:\WINDOWS\system32\drivers\Devx.sys
    R2 VtPr;VtPr;C:\WINDOWS\system32\drivers\VtPr.sys
    R3 mmc_2K;mmc_2K;C:\WINDOWS\system32\drivers\mmc_2K.sys
    S3 BRGSp50;BRGSp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\BRGSp50.sys
    S3 dvd_2K;dvd_2K;C:\WINDOWS\system32\drivers\dvd_2K.sys
    S3 hitmanpro2;Hitman Pro 2 Driver;\??\C:\Program Files\Hitman Pro\hitmanpro2.sys
    S3 NaiFiltr;NaiFiltr;C:\WINDOWS\system32\DRIVERS\NaiFiltr.sys
    S3 psquery;psquery;\??\C:\Program Files\psquery\psquery.sys
    S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys

    .
    Inhoud van de 'Gedeelde Taken' map
    "2007-06-23 04:54:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-10-14 14:00:00 C:\WINDOWS\Tasks\Controle op updates door McAfee.com (WOONKAMER-Britta).job"
    - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    "2007-10-14 13:58:00 C:\WINDOWS\Tasks\Controle op updates door McAfee.com (WOONKAMER-Daan).job"
    - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    "2007-10-14 13:57:00 C:\WINDOWS\Tasks\Controle op updates door McAfee.com (WOONKAMER-Niels).job"
    - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    "2007-10-14 14:00:00 C:\WINDOWS\Tasks\Controle op updates door McAfee.com (WOONKAMER-Reinier).job"
    - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    "2007-10-05 18:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen - Reinier.job"
    - C:\PROGRA~1\NORTON~1\Navw32.exe
    .
    **************************************************************************

    catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-10-14 16:01:04
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    Voltooingstijd: 2007-10-14 16:02:00
    C:\ComboFix-quarantined-files.txt … 2007-10-08 06:56
    C:\ComboFix2.txt … 2007-10-11 16:49
    C:\ComboFix3.txt … 2007-10-08 06:57
    .
    — E O F —

    Hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:05:04, on 14-10-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Commo
  • En weer staat Hijackthis er niet helemaal dus hier nog een keer:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:05:04, on 14-10-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    D:\Britta\Itunes\iTunesHelper.exe
    C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    C:\PROGRA~1\MICROS~4\rapimgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    D:\Britta\Ipod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.jvo.nl/dagelijksrooster.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Britta\Itunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [CreateCD50] "C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r
    O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\McAfee.com\Agent\mcregwiz.exe /autorun
    O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [SmartBarXP] D:\Daan\Documenten\SmartBarXP\SmartBarXP.exe
    O4 - HKCU\..\Run: [Eyeball Chat] "C:\Program Files\Eyeball\Eyeball Chat\EyeballChat.exe" -min
    O4 - HKCU\..\Run: [BitTorrent] "D:\Daan\Documenten\bittorrent.exe" –force_start_minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
    O4 - HKCU\..\Run: [Adru] "C:\PROGRA~1\YSTEM~1\javaw.exe" -vt ndrv
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
    O4 - Startup: Planet Internet ADSL.lnk = ?
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Mobiele favorieten maken… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1168462717453
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader4.cab
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
    O16 - DPF: {B0A2C7FC-8666-44D6-A990-2FCE3B933341} (ING Bank Autorisatiescherm) - https://secure.ingbank.nl/download/DigiSign.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - D:\Britta\Ipod\bin\iPodService.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Planner voor Automat