Vraag & Antwoord
veiligheidscertificaatproblemen (hijackthislog)
8 antwoorden
- omdat ik problemen heb met het internet op mijn media center, een hijackthislogje.
Ik krijg bij diverse sites een waarschuwing dat het veiligheidscertificaat niet klopt of geldig is, met een andere computer heb ik dat probleem niet.
Tevens wilt msn me plotseling niet meer aanmelden.
Soms verdwijnt het plotseling, maar enkele dagen later heb ik het dan weer.
hijackthislogje:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:53:41, on 12-11-2006
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\NVIDIA Corporation
Tune
TuneService.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\TeamViewer3\TeamViewer_Host.exe
C:\Program Files\TeamViewer3\TeamViewer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TVR\RecSche.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Kreatives.org\KRISTAL Audio Engine\KRISTAL.exe
C:\Program Files\TVR\remote.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Remote] "C:\Program Files\TVR\remote.exe"
O4 - HKLM\..\Run: [RecSche] "C:\Program Files\TVR\RecSche.exe"
O4 - HKLM\..\Run: [WinDVRCtrl] C:\WINDOWS\WDVRCtrl.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\W
O4 - HKLM\..\Run: [ScanRegistry] C:\W
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation
Tune
TuneCmd.exe" clear
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1223930890109
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation
Tune
TuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
–
End of file - 9663 bytes - geen reactie is niets aan de hand? of moet ik gaan vrezen voor het ergste?
- Start Hijackthis op en kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:
[b:5757251e92]
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKLM\..\Run: [StillImageMonitor] C:\W
O4 - HKLM\..\Run: [ScanRegistry] C:\W
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
[/b:5757251e92]
Sluit alle vensters behalve Hijackthis
Klik op 'Fix checked' om de items te verwijderen.
Download [b:5757251e92] naar je Bureaublad en gebruik het volgens deze handleiding.
[i:5757251e92] - Combofix liep aanzienlijk sneller dan bij mijn laptop (mijn laptop is na opnieuw installeren nog steeds in bezit van een probleem overigens)
logje:
[b:93dbb4f386]
ComboFix 09-04-21.A1 - Media Center 21-04-2008 13:08.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2047.1415 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Media Center\Mijn documenten\ComboFix.exe
FW: ZoneAlarm Firewall *enabled*
* Nieuw herstelpunt werd aangemaakt
.
(((((((((((((((((((( Bestanden Gemaakt van 2009-03-21 to 2009-04-21 ))))))))))))))))))))))))))))))
.
2009-04-06 10:14 . 2006-11-12 15:00 ——– d—–w c:\program files\wmp11
2009-04-06 08:57 . 2009-04-06 08:57 ——– d–h–w c:\windows\PIF
2009-04-02 12:38 . 2009-04-02 12:38 ——– d—–w c:\documents and settings\All Users\Application Data\Adobe Systems
2009-04-02 12:38 . 2009-04-02 12:38 ——– d—–w c:\program files\Common Files\Adobe Systems Shared
2009-04-02 11:08 . 2008-04-14 20:32 219136 -c–a-w c:\windows\system32\dllcache\uxtheme.dll
2009-03-31 12:28 . 2009-01-15 10:19 23848 —-a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-31 12:28 . 2008-04-17 10:12 107368 —-a-w c:\windows\system32\GEARAspi.dll
2009-03-31 12:27 . 2009-03-31 12:27 ——– d—–w c:\program files\iPod
2009-03-31 12:27 . 2009-03-31 12:28 ——– d—–w c:\program files\iTunes
2009-03-31 12:27 . 2009-03-31 12:28 ——– d—–w c:\documents and settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-31 12:27 . 2009-03-05 21:59 36864 —-a-w c:\windows\system32\drivers\usbaapl.sys
2009-03-31 12:27 . 2009-03-05 21:59 1900544 —-a-w c:\windows\system32\usbaaplrc.dll
2009-03-11 08:50 . 2009-03-11 08:50 ——– d—–w c:\program files\Common Files\Macrovision Shared
2009-03-09 17:34 . 2009-03-10 08:55 ——– d—–w c:\documents and settings\All Users\Application Data\NFS Underground
2009-03-09 10:09 . 2009-03-09 10:09 22032 —ha-w c:\windows\system32\mlfcache.dat
2009-03-09 10:09 . 2009-03-09 10:09 ——– d—–w c:\program files\Safari
2009-03-09 10:08 . 2009-03-09 10:08 ——– d—–w c:\program files\QuickTime
2009-03-09 10:08 . 2009-03-31 12:27 ——– d—–w c:\documents and settings\All Users\Application Data\Apple Computer
2009-03-09 10:07 . 2009-03-09 10:07 0 —-a-w c:\windows
sreg.dat
2009-03-09 10:07 . 2009-03-09 10:07 ——– d—–w c:\documents and settings\Media Center\Local Settings\Application Data\Mozilla
2009-03-05 14:02 . 2009-03-05 14:02 ——– d–h–w c:\windows\$hf_mig$
2009-03-03 12:41 . 2009-03-03 12:41 ——– d—–w c:\documents and settings\Media Center\Local Settings\Application Data\Help
2009-03-03 12:39 . 2009-03-03 12:39 ——– d—–w c:\program files\Maxis
2009-03-01 22:53 . 2009-03-01 22:53 ——– d—–w c:\program files\3D Xtreme Mega Rides - Devil Rock
2009-02-26 08:35 . 2009-02-26 08:35 22328 —-a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-02-26 08:35 . 2009-02-26 08:35 103736 —-a-w c:\windows\system32\PnkBstrB.exe
2009-02-26 08:35 . 2009-02-26 08:35 66872 —-a-w c:\windows\system32\PnkBstrA.exe
2009-02-26 08:35 . 2009-02-26 08:35 ——– d—–w c:\windows\system32\LogFiles
2009-02-26 08:35 . 2009-02-26 08:35 ——– d–h–r c:\documents and settings\Media Center\Application Data\SecuROM
2009-02-25 13:37 . 2009-02-25 13:37 ——– d—–w c:\program files\Kreatives.org
2009-02-22 17:25 . 2009-02-22 17:25 268 —ha-w C:\sqmdata15.sqm
2009-02-22 17:25 . 2009-02-22 17:25 244 —ha-w C:\sqmnoopt15.sqm
2009-02-21 23:55 . 2009-02-21 23:55 268 —ha-w C:\sqmdata14.sqm
2009-02-21 23:55 . 2009-02-21 23:55 244 —ha-w C:\sqmnoopt14.sqm
2009-02-19 15:28 . 2009-02-19 15:28 268 —ha-w C:\sqmdata13.sqm
2009-02-19 15:28 . 2009-02-19 15:28 244 —ha-w C:\sqmnoopt13.sqm
2009-02-19 13:57 . 2009-02-25 11:27 ——– d—–w c:\program files\Freebox V2
2009-02-19 10:34 . 2009-04-02 12:46 ——– d—–w c:\documents and settings\Media Center\Local Settings\Application Data\Adobe
2009-02-19 10:31 . 2009-02-19 10:33 ——– d—–w c:\documents and settings\All Users\Application Data\NOS
2009-02-19 10:31 . 2009-02-19 10:31 ——– d—–w c:\program files\NOS
2009-02-19 09:37 . 2009-02-19 09:37 268 —ha-w C:\sqmdata12.sqm
2009-02-19 09:37 . 2009-02-19 09:37 244 —ha-w C:\sqmnoopt12.sqm
2009-02-19 09:37 . 2007-11-14 14:18 553 ——r c:\windows\USetup.iss
2009-02-19 09:37 . 2006-01-04 14:41 1389056 —-a-w c:\windows\system32\drivers\Monfilt.sys
2009-02-19 09:37 . 2008-08-05 19:10 1684736 —-a-w c:\windows\system32\drivers\Ambfilt.sys
2009-02-19 09:37 . 2009-02-19 09:37 319488 —-a-w c:\windows\HideWin.exe
2009-02-19 09:25 . 2009-02-19 09:25 268 —ha-w C:\sqmdata11.sqm
2009-02-19 09:25 . 2009-02-19 09:25 244 —ha-w C:\sqmnoopt11.sqm
2009-02-17 16:08 . 2009-02-17 16:08 268 —ha-w C:\sqmdata10.sqm
2009-02-17 16:08 . 2009-02-17 16:08 244 —ha-w C:\sqmnoopt10.sqm
2009-02-16 16:09 . 2009-02-16 16:09 268 —ha-w C:\sqmdata09.sqm
2009-02-16 16:09 . 2009-02-16 16:09 244 —ha-w C:\sqmnoopt09.sqm
2009-02-16 09:56 . 2009-02-16 09:57 ——– d—–w c:\program files\URS Dancing Queen Simulation
2009-02-16 09:11 . 2009-02-16 09:11 268 —ha-w C:\sqmdata08.sqm
2009-02-16 09:11 . 2009-02-16 09:11 244 —ha-w C:\sqmnoopt08.sqm
2009-02-16 09:07 . 2008-11-13 14:18 1221008 —-a-w c:\windows\system32\zpeng25.dll
2009-02-06 17:52 . 2009-02-06 17:52 49504 —-a-w c:\windows\system32\sirenacm.dll
2009-02-02 10:08 . 2008-04-14 21:32 159232 —-a-w c:\windows\system32\ptpusd.dll
2009-02-02 10:08 . 2001-09-06 20:27 5632 —-a-w c:\windows\system32\ptpusb.dll
2009-02-02 10:08 . 2008-04-13 23:15 15104 -c–a-w c:\windows\system32\dllcache\usbscan.sys
2009-02-02 10:08 . 2008-04-13 23:15 15104 —-a-w c:\windows\system32\drivers\usbscan.sys
2009-01-17 19:38 . 2006-11-11 12:23 ——– d—–w C:\ADCDA2
2009-01-16 16:43 . 2009-03-31 13:44 ——– d—–w c:\documents and settings\Media Center\Application Data\Apple Computer
2009-01-16 16:40 . 2009-01-16 16:40 ——– d—–w c:\documents and settings\Media Center\Local Settings\Application Data\Apple
2009-01-16 16:40 . 2009-01-16 16:40 ——– d—–w c:\program files\Apple Software Update
2009-01-16 16:40 . 2009-01-16 16:40 ——– d—–w c:\documents and settings\All Users\Application Data\Apple
2009-01-16 16:40 . 2009-03-31 12:28 ——– d—–w c:\documents and settings\Media Center\Local Settings\Application Data\Apple Computer
2009-01-16 16:28 . 2009-01-16 16:28 ——– d—–w c:\windows\Sun
2009-01-16 16:28 . 2009-03-09 04:19 410984 —-a-w c:\windows\system32\deploytk.dll
2009-01-16 16:28 . 2009-03-09 01:53 73728 —-a-w c:\windows\system32\javacpl.cpl
2009-01-16 16:28 . 2006-11-12 09:28 ——– d—–w c:\program files\Java
2009-01-15 12:42 . 2006-11-20 15:32 ——– d—–w c:\documents and settings\Media Center\Local Settings\Application Data\NFS Underground 2
2009-01-15 12:38 . 2009-01-15 12:38 ——– d—–w c:\program files\Common Files\DirectX
2009-01-15 12:28 . 2009-03-09 17:26 ——– d—–w c:\program files\EA GAMES
2009-01-15 11:37 . 2009-01-15 11:37 2581 –sh–r c:\windows\PCGWIN32.LI5
2009-01-15 11:34 . 2009-01-15 11:34 528 –sh–r c:\windows\PCGWIN32.LI4
2009-01-15 11:33 . 2009-01-15 11:33 ——– d—–w c:\documents and settings\All Users\Application Data\Autodata Limited
2009-01-15 11:29 . 2009-01-15 11:29 ——– d—–w c:\program files\Common Files\Autodata Limited Shared
2009-01-15 11:22 . 2009-03-26 19:47 ——– d—–w c:\documents and settings\Media Center\Application Data\Ahead
2009-01-15 11:22 . 2009-01-15 11:22 ——– d—–w c:\documents and settings\Media Center\Local Settings\Application Data\Ahead
2009-01-15 11:16 . 2009-01-15 11:16 ——– d—–w C:\ADCDTEMP
2009-01-15 10:53 . 2004-08-04 13:23 50503 ——w c:\windows\UNNMP.cfg
2009-01-15 10:48 . 2009-01-15 10:48 0 —-a-w c:\windows\homeDVD-movies2.INI
2009-01-15 10:47 . 2001-11-19 10:33 94208 —-a-w c:\windows\system32\lmpgvd.ax
2009-01-15 10:47 . 2001-11-19 10:33 46592 —-a-w c:\windows\system32\lmpgad.ax
2009-01-15 10:47 . 2001-11-19 10:33 106496 —-a-w c:\windows\system32\lmpgspl.ax
2009-01-15 10:47 . 2001-10-31 09:14 77824 —-a-w c:\windows\system32\mplaw7.dll
2009-01-15 10:47 . 2001-10-31 09:14 77824 —-a-w c:\windows\system32\mplaa6.dll
2009-01-15 10:47 . 2001-10-31 09:14 65536 —-a-w c:\windows\system32\mplapx.dll
2009-01-15 10:47 . 2001-10-31 09:14 65536 —-a-w c:\windows\system32\mplam6.dll
2009-01-15 10:47 . 2001-10-31 09:14 1650688 —-a-w c:\windows\system32\mplva6.dll
2009-01-15 10:47 . 2001-10-31 09:14 1581056 —-a-w c:\windows\system32\mplvw7.dll
2009-01-15 10:47 . 2001-10-31 09:14 1552384 —-a-w c:\windows\system32\mplvm6.dll
2009-01-15 10:47 . 2001-10-31 09:14 1122304 —-a-w c:\windows\system32\mplvpx.dll
2009-01-15 10:47 . 2001-09-17 12:20 19968 —-a-w c:\windows\system32\cpuinf32.dll
2009-01-15 10:44 . 2002-09-20 23:33 1089536 —-a-w c:\windows\system32\ROBOEX32.DLL
2009-01-15 10:44 . 1999-01-28 13:44 49152 —-a-w c:\windows\system32\INETWH32.dll
2009-01-15 10:44 . 1998-10-15 16:28 85504 —-a-w c:\windows\system32\HtmlWH.dll
2009-01-15 10:43 . 2009-01-15 10:43 85 —-a-w c:\windows\magix.ini
2009-01-15 10:43 . 2004-06-11 11:19 979 —-a-w c:\windows\mgxoschk.ini
2009-01-15 10:43 . 2004-06-01 09:53 176128 —-a-w c:\windows\system32\mgxoschk.dll
2009-01-12 12:43 . 2006-11-12 10:21 ——– d—–w c:\program files\Common Files\Adobe
2009-01-10 10:43 . 2009-01-10 10:43 268 —ha-w C:\sqmdata05.sqm
2009-01-10 10:43 . 2009-01-10 10:43 244 —ha-w C:\sqmnoopt05.sqm
2009-01-08 10:15 . 2009-01-08 10:15 ——– d—–w c:\documents and settings\LocalService\Local Settings\Application Data\NVIDIA Corporation
2009-01-08 10:15 . 2009-01-08 10:15 ——– d—–w c:\documents and settings\Media Center\Local Settings\Application Data\NVIDIA Corporation
2009-01-08 10:15 . 2009-01-08 10:15 ——– d—–w c:\program files\NVIDIA Corporation
2009-01-08 10:15 . 2009-01-08 10:15 ——– d—–w c:\program files\NVIDIA nTune Performance Application
2009-01-07 22:31 . 2009-01-07 22:31 268 —ha-w C:\sqmdata04.sqm
2009-01-07 22:31 . 2009-01-07 22:31 244 —ha-w C:\sqmnoopt04.sqm
2009-01-07 13:02 . 2009-01-07 13:02 ——– d—–w c:\program files\Explorer-World Simulations
2009-01-07 13:01 . 2009-01-07 13:01 ——– d—–w c:\program files\DeadlyElectronics
2009-01-07 12:58 . 2009-02-22 13:54 ——– d—–w c:\program files\URS Magic -Circus Circus- (Bruch)
2009-01-07 12:57 . 2009-01-07 13:08 ——– d—–w c:\program files\EWS
2009-01-05 15:18 . 2009-01-05 15:18 90112 —-a-w c:\windows\system32\QuickTimeVR.qtx
2009-01-05 15:18 . 2009-01-05 15:18 57344 —-a-w c:\windows\system32\QuickTime.qts
2009-01-04 23:38 . 2009-01-04 23:38 268 —ha-w C:\sqmdata03.sqm
2009-01-04 23:38 . 2009-01-04 23:38 244 —ha-w C:\sqmnoopt03.sqm
2009-01-04 22:50 . 2009-01-04 22:50 ——– d—–w c:\program files\Kingdia Software
2009-01-04 22:37 . 2009-01-04 22:38 0 —-a-w c:\windows\system32\video.avs
2009-01-04 22:37 . 2009-01-04 22:37 ——– d—–w c:\documents and settings\Media Center\Application Data\dvdcss
2009-01-04 22:32 . 2001-05-11 12:18 420240 —-a-w c:\windows\system32\mpg4c32.dll
2009-01-04 22:32 . 2001-03-26 03:41 245760 —-a-w c:\windows\system32\mp4sds32.ax
2009-01-04 22:28 . 2009-01-04 22:28 0 —-a-w c:\windows\AoADVDRipper.INI
2009-01-04 22:28 . 2009-01-04 22:28 ——– d—–w c:\documents and settings\All Users\Application Data\TEMP
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-02 11:32 . 2009-02-19 10:37 ——– d—–w c:\documents and settings\Media Center\Application Data\Winamp
2009-03-31 12:27 . 2009-03-31 12:27 ——– d—–w c:\program files\Common Files\Apple
2009-03-31 12:27 . 2009-03-11 08:58 ——– d—–w c:\program files\Bonjour
2009-03-30 09:06 . 2009-03-30 08:45 ——– d—–w c:\program files\URS Maximum Speed (Deinert & Kracke Gbr) Simulation
2009-03-25 07:45 . 2009-03-01 20:53 2119347 —-a-w c:\windows\Internet Logs\tvDebug.Zip
2009-03-23 10:36 . 2009-03-23 10:36 ——– d—–w c:\program files\Microsoft
2009-03-23 10:35 . 2009-03-23 10:35 ——– d—–w c:\program files\Windows Live SkyDrive
2009-03-23 10:34 . 2009-03-23 10:34 ——– d—–w c:\program files\Common Files\Windows Live
2009-03-22 23:56 . 2002-03-25 17:02 12464 —-a-w c:\windows\system32\drivers\secdrv.sys
2009-03-16 12:47 . 2009-03-16 12:41 ——– d—–w c:\program files\LimeWire
2009-03-16 12:46 . 2009-03-16 12:41 ——– d—–w c:\documents and settings\Media Center\Application Data\LimeWire
2009-03-12 09:09 . 2009-03-12 09:11 561664 —-a-w c:\windows\Internet Logs\xDB1.tmp
2009-03-11 09:02 . 2009-03-11 09:02 ——– d—–w c:\documents and settings\All Users\Application Data\FLEXnet
2009-03-11 08:59 . 2009-03-11 08:59 ——– d—–w c:\documents and settings\All Users\Application Data\ALM
2009-02-19 10:38 . 2009-02-19 10:37 ——– d—–w c:\program files\Winamp
2009-02-19 09:37 . 2008-10-13 16:19 ——– d—–w c:\program files\Realtek
2009-01-15 10:53 . 2009-01-15 10:49 ——– d—–w c:\program files\Ahead
2009-01-15 10:49 . 2009-01-15 10:49 ——– d—–w c:\documents and settings\All Users\Application Data\Ahead
2009-01-15 10:49 . 2009-01-15 10:49 ——– d—–w c:\program files\Common Files\Ahead
2009-01-08 10:15 . 2008-10-13 16:17 ——– d—–w c:\program files\Common Files\InstallShield
2009-01-04 22:32 . 2009-01-04 22:31 ——– d—–w c:\program files\Pando Networks
2009-01-04 22:31 . 2009-01-04 22:31 ——– d—–w c:\program files\SoftwareClub.ws
2009-01-04 22:31 . 2009-01-04 22:31 ——– d—–w c:\program files\PandoBar
2008-11-19 19:50 . 2008-11-19 19:50 ——– d—–w c:\program files\Zone Labs
2008-10-13 21:26 . 2008-10-13 15:56 86327 —-a-w c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2008-10-13 21:19 . 2002-08-28 23:05 251712 –sha-r C:
tldr
2008-10-13 16:56 . 2008-10-13 16:55 ——– d—–w c:\documents and settings\All Users\Application Data\Symantec
2008-10-13 16:56 . 2008-10-13 16:55 ——– d—–w c:\program files\Common Files\Symantec Shared
2008-10-13 16:56 . 2008-10-13 16:55 ——– d—–w c:\program files\Symantec
2008-10-13 16:55 . 2008-10-13 16:55 ——– d—–w c:\program files\Symantec AntiVirus
2008-10-13 16:39 . 2008-10-13 16:39 ——– d—–w c:\program files\DIFX
2008-10-13 16:18 . 2008-10-13 16:18 ——– d—–w c:\program files\Teletext
2008-10-13 16:18 . 2008-10-13 16:18 ——– d—–w c:\program files\TVR
2008-10-13 15:57 . 2008-10-13 15:57 ——– d—–w c:\program files\microsoft frontpage
2008-10-13 15:54 . 2008-10-13 15:54 21748 —-a-w c:\windows\system32\emptyregdb.dat
2008-10-02 18:01 . 2008-10-13 16:19 4878336 —-a-w c:\windows\system32\drivers\RtkHDAud.sys
2008-09-30 17:01 . 2008-10-13 16:20 16864768 —-a-w c:\windows\RTHDCPL.EXE
2008-09-30 15:38 . 2008-10-13 16:19 2168320 —-a-w c:\windows\MicCal.exe
2008-09-19 16:48 . 2008-10-13 16:19 1200128 —-a-w c:\windows\RtlUpd.exe
2008-08-25 15:17 . 2008-10-13 16:19 528384 ——r c:\windows\RtlExUpd.dll
2008-08-22 08:16 . 2006-11-11 20:36 2078952 —-a-w c:\windows\system32\starburnx.dll
2008-08-19 12:26 . 2008-10-13 16:19 77824 —-a-w c:\windows\SOUNDMAN.EXE
2008-06-19 15:42 . 2008-10-13 16:19 2808832 —-a-w c:\windows\ALCWZRD.EXE
2008-06-19 15:27 . 2008-10-13 16:19 9715200 —-a-w c:\windows\RTLCPL.EXE
2008-06-19 15:20 . 2008-10-13 16:19 57344 —-a-w c:\windows\ALCMTR.EXE
2008-04-21 09:39 . 2008-04-14 10:22 1340 —-a-w C:\aaw7boot.log
2008-04-14 20:49 . 2002-09-09 12:21 1804 —-a-w c:\windows\system32\dcache.bin
2008-04-14 20:36 . 2002-09-09 12:11 332800 —-a-w c:\windows\system32
etsetup.exe
2008-04-14 20:32 . 2002-09-09 12:08 194560 —-a-w c:\windows\system32\eudcedit.exe
2008-04-14 20:31 . 2001-09-07 12:00 763904 —-a-w c:\windows\system32\winntbbu.dll
2008-04-14 20:30 . 2001-09-07 12:00 3584 —-a-w c:\windows\system32\icmp.dll
2008-04-14 20:30 . 2001-09-07 12:00 572928 —-a-w c:\windows\system32\gpedit.dll
2008-04-14 20:30 . 2002-09-09 12:06 9344 —-a-w c:\windows\system32\framebuf.dll
2008-04-14 20:30 . 2002-08-28 23:08 24064 —-a-w c:\windows\system32\pidgen.dll
2008-04-14 20:30 . 2001-09-07 12:00 3072 —-a-w c:\windows\system32\dpnlobby.dll
2008-04-14 20:30 . 2001-09-07 12:00 3072 —-a-w c:\windows\system32\dpnaddr.dll
2008-04-14 20:30 . 2001-09-07 12:00 16896 —-a-w c:\windows\system32\cfgmgr32.dll
2008-04-14 20:30 . 2001-09-07 12:00 285696 —-a-w c:\windows\system32\atmfd.dll
2008-04-14 20:13 . 2008-10-13 15:55 73472 —-a-w c:\windows\system32\drivers\sr.sys
2008-04-14 20:13 . 2002-09-09 11:20 120448 —-a-w c:\windows\system32\drivers\pcmcia.sys
2008-04-14 20:13 . 2002-09-09 11:20 68224 —-a-w c:\windows\system32\drivers\pci.sys
2008-04-14 20:13 . 2002-09-09 13:20 80256 —-a-w c:\windows\system32\drivers\parport.sys
2008-04-14 20:13 . 2002-09-09 13:20 46848 —-a-w c:\windows\system32\drivers\p3.sys
2008-04-14 20:11 . 2002-09-09 13:18 2028544 —-a-w c:\windows\system32
tkrnlpa.exe
2008-04-14 20:11 . 2002-09-09 11:17 2149888 —-a-w c:\windows\system32
toskrnl.exe
2008-04-14 20:11 . 2002-09-09 11:32 4096 —-a-w c:\windows\system32\dsprpres.dll
2008-04-14 20:10 . 2001-09-07 12:00 153856 —-a-w c:\windows\system32\drivers\dmio.sys
2008-04-14 20:10 . 2001-09-07 12:00 800000 —-a-w c:\windows\system32\drivers\dmboot.sys
2008-04-14 20:09 . 2008-10-13 21:24 88064 ——w c:\windows\system32\msxml6r.dll
2008-04-14 20:09 . 2002-09-09 11:44 25088 —-a-w c:\windows\system32\drivers\kbdclass.sys
2008-04-14 20:08 . 2002-09-09 13:26 40832 —-a-w c:\windows\system32\drivers\crusoe.sys
2008-04-14 20:08 . 2008-10-13 21:24 78336 ——w c:\windows\system32\msshavmsg.dll
2008-04-14 20:08 . 2001-09-07 12:00 37760 —-a-w c:\windows\system32\drivers\isapnp.sys
2008-04-14 20:08 . 2002-09-09 12:04 2965504 —-a-w c:\windows\system32\wmploc.dll
2008-04-14 20:07 . 2008-10-13 16:32 40448 ——w c:\windows\system32\drivers\intelppm.sys
2008-04-14 20:07 . 2008-10-13 15:55 50176 —-a-w c:\windows\system32\inetres.dll
2008-04-14 20:07 . 2001-09-07 12:00 566784 —-a-w c:\windows\system32\shdoclc.dll
2008-04-14 20:06 . 2008-10-13 16:32 189952 ——w c:\windows\system32\wmerror.dll
2008-04-14 20:06 . 2002-09-09 11:26 65536 —-a-w c:\windows\system32\drivers\serial.sys
2008-04-14 20:05 . 2002-09-09 11:39 53504 —-a-w c:\windows\system32\drivers\i8042prt.sys
2008-04-14 20:05 . 2002-09-09 11:44 1845760 —-a-w c:\windows\system32\win32k.sys
2008-04-14 20:04 . 2008-10-13 16:32 25728 ——w c:\windows\system32\drivers\hidbth.sys
2008-04-14 20:04 . 2008-10-13 16:32 273536 ——w c:\windows\system32\drivers\bthport.sys
2008-04-14 20:04 . 2002-09-09 12:05 67584 —-a-w c:\windows\system32\browselc.dll
2008-04-14 20:04 . 2001-09-07 12:00 10240 —-a-w c:\windows\system32\gpkrsrc.dll
2008-04-14 20:04 . 2008-10-13 17:49 58112 —-a-w c:\windows\system32\drivers\redbook.sys
2008-04-14 20:03 . 2001-09-07 12:00 53504 —-a-w c:\windows\system32\drivers\volsnap.sys
2008-04-14 20:02 . 2001-09-07 12:00 44672 —-a-w c:\windows\system32\drivers\fips.sys
2008-04-14 20:02 . 2002-09-09 13:22 39936 —-a-w c:\windows\system32\drivers\processr.sys
2008-04-14 20:02 . 2002-09-09 12:05 8192 —-a-w c:\windows\system32\asferror.dll
2008-04-14 20:02 . 2002-09-09 13:20 41856 —-a-w c:\windows\system32\drivers\amdk7.sys
2008-04-14 20:01 . 2002-09-09 13:20 41472 —-a-w c:\windows\system32\drivers\amdk6.sys
2008-04-14 20:00 . 2002-09-09 13:51 23552 —-a-w c:\windows\system32\drivers\mouclass.sys
2008-04-14 20:00 . 2001-09-06 19:03 30336 —-a-w c:\windows\system32\drivers\modem.sys
2008-04-14 20:00 . 2002-09-09 11:18 188544 —-a-w c:\windows\system32\drivers\acpi.sys
2008-04-13 23:49 . 2004-03-16 08:58 146048 —-a-w c:\windows\system32\drivers\portcls.sys
2008-04-13 23:46 . 2008-10-13 16:20 141056 —-a-w c:\windows\system32\drivers\ks.sys
2008-04-13 23:15 . 2008-10-13 16:27 60160 —-a-w c:\windows\system32\drivers\drmk.sys
2008-04-13 23:15 . 2008-10-13 16:27 49408 —-a-w c:\windows\system32\drivers\stream.sys
2008-04-13 22:58 . 2002-08-28 23:58 175744 —-a-w c:\windows\system32\drivers\rdbss.sys
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
2009-01-22 14:41 408448 —-a-w c:\program files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
2009-03-04 12:50 251504 —-a-w c:\program files\Google\Google Toolbar\GoogleToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
2009-03-04 12:52 657904 —-a-w c:\program files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
2009-03-04 12:50 522224 —-a-w c:\program files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
2009-03-09 04:18 35840 —-a-w c:\program files\Java\jre6\bin\jp2ssv.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
2009-03-09 04:18 73728 —-a-w c:\program files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-28 68856]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation
Tune
TuneCmd.exe" [2007-09-04 81920]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Remote"="c:\program files\TVR\remote.exe" [2006-06-27 212992]
"RecSche"="c:\program files\TVR\RecSche.exe" [2006-10-05 454656]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-10-13 95848]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-10-14 134856]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-11-13 981904]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2007-12-20 37376]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-12 342312]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2008-04-09 515416]
"nwiz"="nwiz.exe" - c:\windows\system32
wiz.exe [2007-06-28 1626112]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-09-30 16864768]
c:\documents and settings\Media Center\Menu Start\Programma's\Opstarten\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"= {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - c:\windows\system32\webcheck.dll [2007-08-13 231424]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Symantec AntiVirus\\Rtvscan.exe"=
"c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R2 OMSCAN;OMSCAN; [x]
R3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
R3 PciCon;PciCon; [x]
R3 SavRoam;SavRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [2006-10-14 122056]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2008-04-09 64160]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2008-04-09 951632]
S2 TeamViewer;TeamViewer 3;c:\program files\TeamViewer3\TeamViewer_Host.exe [2008-03-12 181544]
S3 AVHybrid;AVHybrid service;c:\windows\system32\DRIVERS\AVHybrid.sys [2006-05-16 891776]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-03-01 101936]
.
Inhoud van de 'Gedeelde Taken' map
2008-04-16 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 12:14]
.
- - - - ORPHANS VERWIJDERD - - - -
HKLM-Run-WinDVRCtrl - c:\windows\WDVRCtrl.exe
ShellExecuteHooks-{AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
SSODL-CDBurn-{fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
.
——- Bijkomende Scan ——-
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {{FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\Messenger\msmsgs.exe
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - c:\windows\system32\urlmon.dll
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - c:\windows\system32\urlmon.dll
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - c:\windows\system32\urlmon.dll
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
Handler: http\[u:93dbb4f386]0[/u:93dbb4f386]x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\program files\Common Files\System\Ole DB\MSDAIPP.DLL
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - c:\program files\Common Files\System\Ole DB\MSDAIPP.DLL
Handler: https\[u:93dbb4f386]0[/u:93dbb4f386]x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\program files\Common Files\System\Ole DB\MSDAIPP.DLL
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - c:\program files\Common Files\System\Ole DB\MSDAIPP.DLL
Handler: ipp\[u:93dbb4f386]0[/u:93dbb4f386]x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\program files\Common Files\System\Ole DB\MSDAIPP.DLL
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - c:\windows\system32\itss.dll
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - c:\windows\system32\itss.dll
Handler: msdaipp\[u:93dbb4f386]0[/u:93dbb4f386]x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\program files\Common Files\System\Ole DB\MSDAIPP.DLL
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - c:\program files\Common Files\System\Ole DB\MSDAIPP.DLL
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - c:\windows\system32\msvidctl.dll
Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - c:\windows\system32\itss.dll
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game11.zylom.com/activex/zylomgamesplayer.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
FF - ProfilePath - c:\documents and settings\Media Center\Application Data\Mozilla\Firefox\Profiles\8ad3hcsq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.microsoft.com/isapi
edir.dll?prd=ie&pver=6&ar=msnhome
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-21 13:11
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen …
scannen van verborgen autostart items …
scannen van verborgen bestanden …
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OMSCAN]
"ImagePath"="\Sys"
.
——————— DLLs Geladen Onder Lopende Processen ———————
- - - - - - - > 'explorer.exe'(1424)
c:\windows\system32\ieframe.dll
.
Voltooingstijd: 2008-04-21 13:12
ComboFix-quarantined-files.txt 2008-04-21 11:11
Pre-Run: 27.524.964.352 bytes beschikbaar
Post-Run: 28.667.838.464 bytes beschikbaar
WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn /usepmtimer /numproc=2
377[/b:93dbb4f386] - Geen nieuw HJT logje ?
- daar had je niet om gevraagd (problemen nog steeds aanwezig), komt ie:
[b:c83175cdb0]Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:18:09, on 22-4-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation
Tune
TuneService.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\TeamViewer3\TeamViewer_Host.exe
C:\Program Files\TeamViewer3\TeamViewer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TVR\RecSche.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\TVR\remote.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Remote] "C:\Program Files\TVR\remote.exe"
O4 - HKLM\..\Run: [RecSche] "C:\Program Files\TVR\RecSche.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation
Tune
TuneCmd.exe" clear
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1223930890109
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation
Tune
TuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
–
End of file - 9307 bytes
[/b:c83175cdb0] - Logjes zijn schoon, het kan aan je zone alarm liggen trouwens.
- ik kan in zone alarm niks geks vinden, maar ik zal hem even opnieuw installen en melden of dat resultaat heeft geboden.
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.