Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

trojan

Anoniem
Brigitte_85
11 antwoorden
  • hoi na een scan met Malwarebytes' Anti-Malware zijn dr een aantal infecties gevonden, deze heeft ie nu in quarantaine staan, wie wilt ff mij HJT logje nakijken.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:53:34, on 19-5-2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\CyberLink\Shared files\brs.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    C:\Windows\Logi_MwX.Exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\AVG\AVG8\avgtray.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSUI.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
    C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSMonitor.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Windows Live\Mail\wlmail.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\system32\msfeedssync.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Users\Gebruiker\Desktop\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.msn.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" /f
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
    O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [BitTorrent] "G:\Downloads ~G~\Programs\Torrent\BitTorrent\bittorrent.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: Add to AMV Convert Tool… - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Download with Xilisoft YouTube Video Converter - C:\Program Files\Xilisoft\YouTube Video Converter\upod_link.HTM
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
    O8 - Extra context menu item: Zoeken op eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing)
    O9 - Extra 'Tools' menuitem: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://*.thepiratebay.org
    O15 - Trusted Zone: http://wustat.windows.com
    O15 - Trusted Zone: http://download.windowsupdate.com
    O15 - Trusted Zone: http://*.windowsupdate.com
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
    O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe
    O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\system32\bgsvcgen.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32
    vvsvc.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe


    End of file - 12967 bytes
  • Start Hijackthis op. Ben je gebruiker van Vista kies dan voor “Run as administrator" of "Uitvoeren als administrator". Selecteer “Do a system scan only”. Selecteer alleen de items die hieronder zijn genoemd:

    [b:94453c5a25]R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O9 - Extra button: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing)
    O9 - Extra 'Tools' menuitem: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing)[/b:94453c5a25]

    Klik op 'Fix checked' om de items te verwijderen.

    En laat dan even weten of er nog problemen zijn ?
  • Beste, Bedankt…
    het grootste probleem had ik gelukkig al kunnen verhelpen en ik heb die 6 items van Hijackthis verwijderd. alleen 't opstarten van de pc/windows gaat trager en bij Internet Explorer duurt t ook langer voordat een pagina geladen is… verder gaat 't tot nu toe weer prima…

    Brigitte
  • Misschien toch nog even verder kijken, dan ?

    Download [b:11fb069d83]Combofix[/b:11fb069d83] naar je Bureaublad.

    Lees [b:11fb069d83]hier[/b:11fb069d83] meer over correct gebruik van Combofix.

    OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en [b:11fb069d83]download Combofix opnieuw[/b:11fb069d83].
    Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen![list:11fb069d83]
    Dubbelklik op [b:11fb069d83]Combofix.exe[/b:11fb069d83] om het te starten.
    Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
    Volg de instructies, aanvaard de disclaimer door op [b:11fb069d83]Ja[/b:11fb069d83] te klikken.
    Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op [b:11fb069d83]JA[/b:11fb069d83] te klikken in het "Query - Recovery Console" venster (enkel voor XP, niet voor VISTA).
    Klik op [b:11fb069d83]OK[/b:11fb069d83] en [b:11fb069d83]Ja[/b:11fb069d83] om automatisch de Recovery Console te laten installeren.
    Klik na afloop terug op [b:11fb069d83]Ja[/b:11fb069d83] om het scannen op malware te starten.
    Tijdens het runnen van de fix, [b:11fb069d83]NIET[/b:11fb069d83] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:11fb069d83]
    Wanneer de fix voltooid is en na herstart, zal de log [b:11fb069d83]Combofix.txt[/b:11fb069d83] openen.

    Post dit logje in je volgende antwoord.
  • Hoi, hier het logje van Combofix:

    ComboFix 09-05-21.01 - Gebruiker 22-05-2009 12:09.1 - NTFSx86
    Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.31.1043.18.3326.1780 [GMT 2:00]
    Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\program files\INSTALL.LOG
    c:\users\Gebruiker\AppData\Roaming\addons.dat
    D:\Autorun.inf
    D:\resycled
    E:\Autorun.inf
    E:\resycled
    F:\Autorun.inf
    F:\desktop.ini
    F:\resycled
    G:\Autorun.inf
    G:\resycled
    g:\resycled\boot.com
    Z:\resycled

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2009-04-22 to 2009-05-22 ))))))))))))))))))))))))))))))
    .

    2009-05-22 07:41 . 2009-05-06 18:06 4784464 —-a-w c:\programdata\Microsoft\Windows Defender\Definition Updates\{4788B688-7DB7-4F46-B4AB-F232B7E8156D}\mpengine.dll
    2009-05-22 04:15 . 2009-05-22 04:15 ——– d—–w c:\windows\log
    2009-05-19 07:41 . 2009-05-19 07:42 398850 —-a-w c:\windows\system32\windows 7 ultimate screensaver full.scr
    2009-05-19 07:41 . 2009-05-19 07:41 ——– d—–w c:\program files\windows 7 ultimate screensaver full
    2009-05-19 07:17 . 2009-05-19 07:17 ——– d—–w c:\windows\Borealis 1.1 Uninstaller
    2009-05-19 07:17 . 2008-02-09 11:09 495104 —-a-w c:\windows\Borealis 1.1.exe
    2009-05-19 07:17 . 2008-02-09 11:08 903680 —-a-w c:\windows\Borealis 1.1.scr
    2009-05-19 07:11 . 2009-05-19 07:11 ——– d—–w c:\program files\YethzART
    2009-05-19 07:11 . 2009-05-19 07:11 1207555 —-a-w c:\windows\system32\Glowing Win Orb.scr
    2009-05-19 07:10 . 2009-05-19 07:11 ——– d—–w c:\users\Gebruiker\AppData\Local\Axialis
    2009-05-19 04:29 . 2009-04-29 21:42 312088 —-a-w c:\programdata\avg8\update\backup\avglngx.dll
    2009-05-19 04:28 . 2009-04-06 13:32 15504 —-a-w c:\windows\system32\drivers\mbam.sys
    2009-05-19 04:28 . 2009-04-06 13:32 38496 —-a-w c:\windows\system32\drivers\mbamswissarmy.sys
    2009-05-19 04:27 . 2009-04-29 21:34 1437464 —-a-w c:\programdata\avg8\update\backup\avgupd.dll
    2009-05-19 03:04 . 2009-05-19 04:00 ——– d—–w c:\users\Gebruiker\AppData\Local\Promosoft Corporation
    2009-05-18 21:51 . 2009-05-18 21:51 ——– d—–w c:\users\Gebruiker\AppData\Roaming\Malwarebytes
    2009-05-18 21:51 . 2009-05-19 04:28 ——– d—–w c:\program files\MALWAREBYTES ANTI-MALWARE
    2009-05-18 21:51 . 2009-05-18 21:51 ——– d—–w c:\programdata\Malwarebytes
    2009-05-18 21:51 . 2009-05-19 04:28 ——– d—–w c:\program files\Malwarebytes' Anti-Malware
    2009-05-17 06:37 . 2009-05-17 06:37 ——– d—–w c:\program files\Adobe Media Player
    2009-05-13 01:06 . 2009-05-13 01:05 2051864 —-a-w c:\programdata\avg8\update\backup\avgcorex.dll
    2009-05-13 01:06 . 2009-04-29 21:42 2302232 —-a-w c:\programdata\avg8\update\backup\avguiadv.dll
    2009-05-13 01:06 . 2009-04-29 21:42 3399960 —-a-w c:\programdata\avg8\update\backup\avgui.exe
    2009-05-13 01:06 . 2009-04-29 21:42 354584 —-a-w c:\programdata\avg8\update\backup\avgxch32.dll
    2009-05-13 01:06 . 2009-04-29 21:42 1224472 —-a-w c:\programdata\avg8\update\backup\avgspmui.dll
    2009-05-13 01:06 . 2009-04-29 21:42 3288344 —-a-w c:\programdata\avg8\update\backup\setup.exe
    2009-05-13 01:06 . 2009-04-29 21:42 424472 —-a-w c:\programdata\avg8\update\backup\avgwdwsc.dll
    2009-05-13 01:06 . 2009-04-29 21:42 1262880 —-a-w c:\programdata\avg8\update\backup\avgwd.dll
    2009-05-13 01:06 . 2009-04-29 21:42 486168 —-a-w c:\programdata\avg8\update\backup\avgrsx.exe
    2009-05-13 01:06 . 2009-04-29 21:42 177432 —-a-w c:\programdata\avg8\update\backup\avgmail.dll
    2009-05-13 01:06 . 2009-04-29 21:42 2291992 —-a-w c:\programdata\avg8\update\backup\avgfwui.dll
    2009-05-13 01:03 . 2009-04-29 21:34 1083672 —-a-w c:\programdata\avg8\update\backup\avgupd.exe
    2009-05-13 01:03 . 2009-04-29 21:34 755992 —-a-w c:\programdata\avg8\update\backup\avginet.dll
    2009-05-09 22:34 . 1999-10-15 10:50 1056768 —-a-w c:\windows\system32\ROBOEX32.DLL
    2009-05-09 22:34 . 1999-01-28 13:44 49152 —-a-w c:\windows\system32\INETWH32.dll
    2009-05-08 10:18 . 2009-05-19 04:18 ——– d—–w c:\programdata\VistaCodecs
    2009-05-04 00:37 . 2009-05-04 00:37 85504 —-a-w c:\windows\system32\ff_vfw.dll
    2009-05-02 10:56 . 1999-03-15 14:39 212992 —-a-w c:\windows\ALCHUNIN.EXE
    2009-05-02 10:56 . 2009-05-17 15:07 ——– d—–w c:\program files\Alchemy Mindworks
    2009-05-02 10:23 . 2009-05-02 10:23 ——– d—–w c:\program files\ProAnimator 4.0.2 PC
    2009-05-01 22:31 . 2009-05-19 04:19 ——– d—–w c:\users\Gebruiker\AppData\Roaming\Alchemy Mindworks
    2009-04-30 22:09 . 2009-04-30 22:22 ——– d—–w c:\program files\Flash-SWF to AVI-GIF
    2009-04-30 19:13 . 2009-04-30 19:25 ——– d—–w c:\users\Gebruiker\AppData\Roaming\XnView
    2009-04-30 03:00 . 2009-04-30 03:00 ——– d—–w C:\MoTemp
    2009-04-29 09:37 . 2009-04-29 09:37 ——– d—–w c:\windows\MSAgent
    2009-04-29 09:37 . 2009-04-29 09:37 ——– d—–w c:\windows\en-US
    2009-04-29 09:37 . 2009-04-29 09:37 ——– d—–w c:\windows\system32\MigWiz
    2009-04-29 09:37 . 2009-04-29 09:37 ——– d—–w c:\windows\system32\en
    2009-04-29 09:37 . 2009-04-29 09:37 ——– d—–w c:\windows\system32\drivers\en-US
    2009-04-29 09:37 . 2009-04-29 09:37 ——– d—–w c:\windows\system32\[u:37724d0a2e]0[/u:37724d0a2e]409
    2009-04-28 03:11 . 2009-04-28 03:11 ——– d—–w c:\program files\Microsoft Office Outlook Connector
    2009-04-28 03:09 . 2009-04-28 03:09 ——– d—–w c:\program files\MSECache
    2009-04-28 01:15 . 2009-05-17 06:36 38208 —-a-w c:\users\Gebruiker\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
    2009-04-25 13:47 . 2009-04-25 13:47 ——– d—–w c:\users\Gebruiker\AppData\Roaming\FastStone
    2009-04-25 13:47 . 2009-04-25 13:47 ——– d—–w c:\program files\FastStone Image Viewer
    2009-04-24 20:32 . 1996-10-30 07:35 32768 —-a-w c:\windows\system\PLUGIN.DLL
    2009-04-24 20:32 . 1993-07-23 16:31 210944 —-a-w c:\windows\system\MSVCRT10.DLL
    2009-04-24 01:31 . 2009-04-24 01:31 ——– d—–w c:\programdata\WinZip
    2009-04-22 18:59 . 2009-04-22 18:59 1033728 —-a-w c:\windows\system32\VSFilter.dll
    2009-04-22 13:37 . 2009-04-22 13:37 ——– d—–w c:\users\Gebruiker\AppData\Roaming\Jasc
    2009-04-22 13:27 . 2009-04-24 20:13 ——– d—–w c:\program files\Jasc Software Inc

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-05-22 10:11 . 2008-11-01 20:43 ——– d—–w c:\users\Gebruiker\AppData\Roaming\DNA
    2009-05-22 10:06 . 2008-11-01 20:43 ——– d—–w c:\users\Gebruiker\AppData\Roaming\BitTorrent
    2009-05-22 07:03 . 2008-11-19 20:39 9392 –sha-w c:\programdata\KGyGaAvL.sys
    2009-05-22 07:03 . 2008-11-19 20:39 9392 –sha-w c:\programdata\KGyGaAvL.sys
    2009-05-22 04:27 . 2006-11-02 16:18 755606 —-a-w c:\windows\system32\perfh013.dat
    2009-05-22 04:27 . 2006-11-02 16:18 159998 —-a-w c:\windows\system32\perfc013.dat
    2009-05-22 04:20 . 2008-11-01 20:43 ——– d—–w c:\program files\DNA
    2009-05-22 01:43 . 2008-10-27 17:43 1174480 —-a-w c:\users\Gebruiker\AppData\Local\GDIPFONTCACHEV1.DAT
    2009-05-19 04:19 . 2009-03-09 02:10 ——– d—–w c:\program files\CCleaner
    2009-05-17 06:37 . 2008-12-23 07:43 ——– d—–w c:\program files\Common Files\Adobe AIR
    2009-05-13 01:04 . 2008-10-27 17:52 ——– d—–w c:\programdata\Microsoft Help
    2009-05-13 01:00 . 2006-11-02 11:18 ——– d—–w c:\program files\Windows Mail
    2009-05-10 16:10 . 2008-11-21 23:50 ——– d—–w c:\programdata\Reprise
    2009-05-09 23:30 . 2008-11-07 16:56 ——– d—–w c:\programdata\CanonIJPLM
    2009-05-09 22:34 . 2008-10-27 18:00 ——– d–h–w c:\program files\InstallShield Installation Information
    2009-05-09 07:39 . 2008-10-27 17:47 ——– d—–w c:\program files\VistaCodecPack
    2009-05-08 10:24 . 2008-10-27 17:47 ——– d—–w c:\program files\Real Alternative
    2009-05-04 13:20 . 2008-12-11 11:57 ——– d—–w c:\programdata\DVD Shrink
    2009-04-29 21:42 . 2009-02-18 03:57 11952 —-a-w c:\windows\system32\avgrsstx.dll
    2009-04-29 21:42 . 2009-02-18 03:57 325896 —-a-w c:\windows\system32\drivers\avgldx86.sys
    2009-04-29 21:42 . 2009-02-18 03:57 27784 —-a-w c:\windows\system32\drivers\avgmfx86.sys
    2009-04-29 21:42 . 2009-02-18 03:57 23832 —-a-w c:\windows\system32\drivers\avgfwd6x.sys
    2009-04-29 21:42 . 2009-02-18 03:57 12552 —-a-w c:\windows\system32\drivers\avgrkx86.sys
    2009-04-29 21:42 . 2009-02-18 03:57 108552 —-a-w c:\windows\system32\drivers\avgtdix.sys
    2009-04-29 17:14 . 2008-01-08 16:06 ——– d—–w c:\program files\BitLocker
    2009-04-29 09:37 . 2006-11-02 12:35 ——– d—–w c:\program files\Windows Calendar
    2009-04-29 09:37 . 2006-11-02 12:35 ——– d—–w c:\program files\Windows Sidebar
    2009-04-29 09:37 . 2006-11-02 12:35 ——– d—–w c:\program files\Windows Photo Gallery
    2009-04-29 09:37 . 2006-11-02 12:35 ——– d—–w c:\program files\Windows Journal
    2009-04-29 09:37 . 2006-11-02 12:35 ——– d—–w c:\program files\Windows Defender
    2009-04-29 09:37 . 2006-11-02 12:35 ——– d—–w c:\program files\Windows Collaboration
    2009-04-29 09:36 . 2009-04-29 09:37 30674 —-a-w c:\windows\inf\PERFLIB\[u:37724d0a2e]0[/u:37724d0a2e]409\perfd.dat
    2009-04-29 09:36 . 2009-04-29 09:37 30674 —-a-w c:\windows\inf\PERFLIB\[u:37724d0a2e]0[/u:37724d0a2e]409\perfc.dat
    2009-04-29 09:36 . 2009-04-29 09:37 287440 —-a-w c:\windows\inf\PERFLIB\[u:37724d0a2e]0[/u:37724d0a2e]409\perfi.dat
    2009-04-29 09:36 . 2009-04-29 09:37 287440 —-a-w c:\windows\inf\PERFLIB\[u:37724d0a2e]0[/u:37724d0a2e]409\perfh.dat
    2009-04-29 09:29 . 2009-01-29 06:31 ——– d—–w c:\program files\Microsoft
    2009-04-29 09:26 . 2008-10-27 17:54 ——– d—–w c:\program files\Microsoft Works
    2009-04-24 20:13 . 2009-02-17 18:51 ——– d—–w c:\program files\Unlocker
    2009-04-21 09:04 . 2008-10-27 18:04 ——– d—–w c:\program files\Common Files\Adobe
    2009-04-20 12:04 . 2009-04-20 12:04 ——– d—–w c:\users\Gebruiker\AppData\Roaming\com.adobe.ExMan
    2009-04-20 10:18 . 2009-04-20 10:18 ——– d—–w c:\program files\Common Files\Macrovision Shared
    2009-04-19 05:55 . 2008-12-12 00:01 ——– d—–w c:\users\Gebruiker\AppData\Roaming\Ashampoo
    2009-04-19 05:53 . 2008-12-12 00:00 ——– d—–w c:\program files\Ashampoo
    2009-04-19 05:52 . 2009-04-17 23:10 ——– d—–w c:\program files\Pegasys Inc
    2009-04-19 05:37 . 2009-04-17 23:11 ——– d—–w c:\users\Gebruiker\AppData\Roaming\Pegasys Inc
    2009-04-18 21:54 . 2008-11-19 21:20 ——– d—–w c:\users\Gebruiker\AppData\Roaming\Download Manager
    2009-04-17 23:13 . 2009-04-17 23:13 ——– d—–w c:\users\Gebruiker\AppData\Roaming\LEAPS
    2009-04-17 23:09 . 2009-04-17 23:10 59488 —-a-w c:\windows\system32\GenSvcInst.exe
    2009-04-17 23:09 . 2009-04-17 23:10 33408 —-a-w c:\windows\system32\drivers\CDRBSDRV.SYS
    2009-04-17 23:09 . 2009-04-17 23:10 145504 —-a-w c:\windows\system32\bgsvcgen.exe
    2009-04-17 23:09 . 2008-10-27 19:34 ——– d—–w c:\program files\Common Files\InstallShield
    2009-04-17 23:03 . 2009-04-17 15:20 ——– d—–w c:\programdata\Ulead Systems
    2009-04-17 23:03 . 2008-11-19 20:31 ——– d—–w c:\program files\Corel
    2009-04-17 16:13 . 2009-04-16 10:47 ——– d—–w c:\program files\Avi2Dvd
    2009-04-17 15:55 . 2009-04-17 15:52 ——– d—–w c:\users\Gebruiker\AppData\Roaming\Ulead Systems
    2009-04-17 15:22 . 2009-04-17 15:22 ——– d—–w c:\program files\Windows Media Components
    2009-04-16 11:00 . 2009-04-16 11:00 ——– d—–w c:\program files\Common Files\Solveig Multimedia
    2009-04-16 11:00 . 2009-04-16 11:00 ——– d—–w c:\program files\Solveig Multimedia
    2009-04-16 10:48 . 2008-12-23 04:53 ——– d—–w c:\program files\AviSynth 2.5
    2009-04-16 08:58 . 2009-01-29 07:39 ——– d—–w c:\program files\Messenger Plus! Live
    2009-04-08 22:41 . 2008-10-29 03:37 ——– d—–w c:\program files\Google
    2009-04-08 21:25 . 2009-04-08 21:25 410984 —-a-w c:\windows\system32\deploytk.dll
    2009-04-08 21:24 . 2008-02-29 01:02 ——– d—–w c:\program files\Java
    2009-04-07 14:47 . 2008-12-26 01:39 758018 —-a-w c:\windows\system32\xvidcore.dll
    2009-03-29 23:57 . 2009-03-29 23:57 62149 —-a-w c:\windows\system32\pthreadGC2.dll
    2009-03-26 12:01 . 2009-03-26 12:01 ——– d—–w c:\programdata\FLEXnet
    2009-03-26 07:37 . 2009-03-26 07:37 ——– d—–w c:\programdata\Downloaded Installations
    2009-03-25 14:33 . 2009-03-25 14:33 21083176 —-a-w c:\programdata\Corel\Downloads\540225279_410012\1235587639613\PSPPX2ULRAW200904DEFIGS.exe
    2009-03-17 03:38 . 2009-04-15 06:29 13824 —-a-w c:\windows\system32\apilogen.dll
    2009-03-17 03:38 . 2009-04-15 06:29 24064 —-a-w c:\windows\system32\amxread.dll
    2009-03-08 11:34 . 2009-03-21 09:22 914944 —-a-w c:\windows\system32\wininet.dll
    2009-03-08 11:34 . 2009-03-21 09:22 43008 —-a-w c:\windows\system32\licmgr10.dll
    2009-03-08 11:33 . 2009-03-21 09:22 18944 —-a-w c:\windows\system32\corpol.dll
    2009-03-08 11:33 . 2009-03-21 09:22 109056 —-a-w c:\windows\system32\iesysprep.dll
    2009-03-08 11:33 . 2009-03-21 09:22 109568 —-a-w c:\windows\system32\PDMSetup.exe
    2009-03-08 11:33 . 2009-03-21 09:22 132608 —-a-w c:\windows\system32\ieUnatt.exe
    2009-03-08 11:33 . 2009-03-21 09:22 107520 —-a-w c:\windows\system32\RegisterIEPKEYs.exe
    2009-03-08 11:33 . 2009-03-21 09:22 107008 —-a-w c:\windows\system32\SetIEInstalledDate.exe
    2009-03-08 11:33 . 2009-03-21 09:22 103936 —-a-w c:\windows\system32\SetDepNx.exe
    2009-03-08 11:33 . 2009-03-21 09:22 420352 —-a-w c:\windows\system32\vbscript.dll
    2009-03-08 11:32 . 2009-03-21 09:22 72704 —-a-w c:\windows\system32\admparse.dll
    2009-03-08 11:32 . 2009-03-21 09:22 71680 —-a-w c:\windows\system32\iesetup.dll
    2009-03-08 11:32 . 2009-03-21 09:22 66560 —-a-w c:\windows\system32\wextract.exe
    2009-03-08 11:32 . 2009-03-21 09:22 169472 —-a-w c:\windows\system32\iexpress.exe
    2009-03-08 11:31 . 2009-03-21 09:22 34816 —-a-w c:\windows\system32\imgutil.dll
    2009-03-08 11:31 . 2009-03-21 09:22 48128 —-a-w c:\windows\system32\mshtmler.dll
    2009-03-08 11:31 . 2009-03-21 09:22 45568 —-a-w c:\windows\system32\mshta.exe
    2009-03-08 11:22 . 2009-03-21 09:22 156160 —-a-w c:\windows\system32\msls31.dll
    2009-03-07 03:06 . 2008-02-29 01:05 2484 —-a-w c:\windows\bthservsdp.dat
    2009-03-03 04:46 . 2009-04-15 06:29 3599328 —-a-w c:\windows\system32
    tkrnlpa.exe
    2009-03-03 04:46 . 2009-04-15 06:29 3547632 —-a-w c:\windows\system32
    toskrnl.exe
    2009-03-03 04:39 . 2009-04-15 06:29 183296 —-a-w c:\windows\system32\sdohlp.dll
    2009-03-03 04:39 . 2009-04-15 06:29 551424 —-a-w c:\windows\system32\rpcss.dll
    2009-03-03 04:39 . 2009-04-15 06:29 26112 —-a-w c:\windows\system32\printfilterpipelineprxy.dll
    2009-03-03 04:37 . 2009-04-15 06:29 98304 —-a-w c:\windows\system32\iasrecst.dll
    2009-03-03 04:37 . 2009-04-15 06:29 54784 —-a-w c:\windows\system32\iasads.dll
    2009-03-03 04:37 . 2009-04-15 06:29 44032 —-a-w c:\windows\system32\iasdatastore.dll
    2009-03-03 03:04 . 2009-04-15 06:29 666624 —-a-w c:\windows\system32\printfilterpipelinesvc.exe
    2009-03-03 02:38 . 2009-04-15 06:29 17408 —-a-w c:\windows\system32\iashost.exe
    2009-02-26 11:46 . 2009-02-26 11:46 74760 —-a-w c:\windows\system32\drivers\UniversalDD.sys
    2008-11-26 19:29 . 2008-11-26 19:13 88 –sha-r c:\windows\System32\70FA2B4B7A.sys
    2008-11-26 19:29 . 2008-11-26 19:13 1056 –sha-w c:\windows\System32\KGyGaAvL.sys
    .

    ——- Sigcheck ——-

    [-] 2008-01-08 16:29 70656 AA95F24946558AC70B89137BD11ABE06 c:\windows\System32\ctfmon.exe
    [-] 2008-01-08 16:29 70656 AA95F24946558AC70B89137BD11ABE06 c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-18 1233920]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
    "DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]
    "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-19 342848]
    "BitTorrent"="g:\downloads ~g~\Programs\Torrent\BitTorrent\bittorrent.exe" [2008-12-16 637232]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-29 39408]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
    "DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]
    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
    "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2008-04-09 87336]
    "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2008-02-22 62760]
    "BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2007-11-16 91432]
    "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
    "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
    "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 1848648]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13580832]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 92704]
    "Corel File Shell Monitor"="c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2008-08-18 16712]
    "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
    "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-04-29 1947928]
    "AVGIDS"="c:\program files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe" [2009-02-26 1579528]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-08 148888]
    "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-04-08 68592]
    "Corel Photo Downloader"="c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2008-08-18 532808]
    "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-04-06 401040]
    "Logitech Utility"="Logi_MwX.Exe" - c:\windows\Logi_MwX.Exe [2002-11-08 19968]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2008-12-18 76304]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-3-10 809488]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableInstallerDetection"= 0 (0x0)
    "EnableLUA"= 0 (0x0)
    "EnableSecureUIAPaths"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoResolveTrack"= 1 (0x1)
    "NoSimpleStartMenu"= 0 (0x0)

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoResolveTrack"= 1 (0x1)
    "NoSimpleStartMenu"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "TCP Query User{FA0D5289-0C1F-489E-8077-2C317FBE85B6}c:\\users\\gebruiker\\program files\\dna\\btdna.exe"= UDP:c:\users\gebruiker\program files\dna\btdna.exe:btdna.exe
    "UDP Query User{C00F19CB-E181-4DB7-864A-55AF3FE04D0E}c:\\users\\gebruiker\\program files\\dna\\btdna.exe"= TCP:c:\users\gebruiker\program files\dna\btdna.exe:btdna.exe
    "TCP Query User{475CBD0C-DD05-4EDE-A4EA-15B7F9166067}g:\\downloads ~g~\\Programs\\Torrent\\bittorrent\\bittorrent.exe"= UDP:g:\downloads ~g~\Programs\Torrent\bittorrent\bittorrent.exe:BitTorrent
    "UDP Query User{45648C65-6623-42FA-84D0-F73259FE3407}g:\\downloads ~g~\\Programs\\Torrent\\bittorrent\\bittorrent.exe"= TCP:g:\downloads ~g~\Programs\Torrent\bittorrent\bittorrent.exe:BitTorrent
    "TCP Query User{6EA56E00-B430-49A9-9CC2-7B274D39A223}c:\\users\\gebruiker\\program files\\dna\\btdna.exe"= UDP:c:\users\gebruiker\program files\dna\btdna.exe:btdna.exe
    "UDP Query User{1A75DE46-BB75-4673-A44D-E23312351023}c:\\users\\gebruiker\\program files\\dna\\btdna.exe"= TCP:c:\users\gebruiker\program files\dna\btdna.exe:btdna.exe
    "TCP Query User{6B766CBE-1067-454A-A0C3-84646B9C244D}g:\\downloads ~g~\\Programs\\Torrent\\bittorrent\\bittorrent.exe"= UDP:g:\downloads ~g~\Programs\Torrent\bittorrent\bittorrent.exe:BitTorrent
    "UDP Query User{4EBEEDE1-0BEF-4645-97DE-2A431AEA5D26}g:\\downloads ~g~\\Programs\\Torrent\\bittorrent\\bittorrent.exe"= TCP:g:\downloads ~g~\Programs\Torrent\bittorrent\bittorrent.exe:BitTorrent
    "TCP Query User{D4128A50-D1A3-43ED-A481-A41AF9D862DE}c:\\program files\\windows live\\messenger\\msnmsgr.exe"= UDP:c:\program files\windows live\messenger\msnmsgr.exe:Windows Live Messenger
    "{22141B8E-8929-461B-BAB5-3823DF4FEAC9}"= c:\program files\AVG\AVG8\avgdiag.exe:avgdiag.exe
    "{CE695A24-862A-482A-AA01-131078DE0235}"= c:\program files\AVG\AVG8\avgdiagex.exe:avgdiagex.exe
    "{2E1CA409-B285-4B4E-BFDB-60DBC79B2482}"= c:\program files\AVG\AVG8\avgam.exe:avgam.exe
    "{B0B82490-67F8-4E98-BC50-CC25D8B9EAF0}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe
    "{1CE1BC72-E025-4CED-A66D-2AC00212EA6A}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
    "{9CCD5669-0A12-4B7A-83DC-4DF0C7C965CE}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
    "{4EF286F5-F7CD-4C30-80A9-96DF8E4E8D2F}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
    "{FC90502C-404F-4A96-988B-D04AD9EF64DD}"= UDP:g:\downloads ~g~\Programs\Torrent\BitTorrent\bittorrent.exe:BitTorrent (TCP-In)
    "{C3826E93-F70C-4BB7-AFC1-2A66B44690B9}"= TCP:g:\downloads ~g~\Programs\Torrent\BitTorrent\bittorrent.exe:BitTorrent (UDP-In)
    "{B15A1912-443D-484F-8B11-4D05CCEF3876}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
    "{62F46CD5-00C5-4A86-9C0D-DE45DC3D75D3}"= Disabled:UDP:c:\users\Gebruiker\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer
    "{C9455834-48E9-41C4-928F-236D85B35B4C}"= Disabled:TCP:c:\users\Gebruiker\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer
    "{C3E229B4-7837-4A2C-9304-655E93FDBE36}"= UDP:5353:Adobe CSI CS4
    "{7CD4BA49-129B-4EF0-9597-E3025F108C94}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
    "{1BB42E51-19C7-4A8D-97C9-42F64F4D1B50}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
    "{CB66A93E-B7F5-4924-9CD3-30BDC9923AF8}"= UDP:c:\program files\DivX\DivX Player\DivX Player.exe:DivX Player
    "{DA1FE1F7-6736-44CA-AF78-963F52494AA3}"= TCP:c:\program files\DivX\DivX Player\DivX Player.exe:DivX Player
    "TCP Query User{BA5A204F-C198-4410-89CD-9503EEF2263D}c:\\users\\gebruiker\\pictures\\winks\\mco.exe"= UDP:c:\users\gebruiker\pictures\winks\mco.exe:mco.exe
    "UDP Query User{678D4DFE-2700-4602-A9D2-2A07F5BD4586}c:\\users\\gebruiker\\pictures\\winks\\mco.exe"= TCP:c:\users\gebruiker\pictures\winks\mco.exe:mco.exe
    "TCP Query User{9F350B6F-E0A6-4E24-A48E-ECCFBAFB011D}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
    "UDP Query User{F86EE6EC-7FAB-4B88-A18D-777D82B21142}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
    "{DF64930F-6BA0-4989-A394-8238CAADD08A}"= UDP:c:\program files\Windows Live\Messenger\wlcstart.exe:Windows Live Call
    "{00B09FDC-9BB6-4060-BD38-C8AE8AE06012}"= TCP:c:\program files\Windows Live\Messenger\wlcstart.exe:Windows Live Call

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "g:\\Downloads ~G~\\Programs\\Torrent\\BitTorrent\\bittorrent.exe"= g:\downloads ~g~\Programs\Torrent\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

    R0 AVGIDSErHr;AVGIDSErHr;c:\windows\System32\drivers\AVGIDSErHr.sys [26-2-2009 13:46 25608]
    R0 AvgRkx86;avgrkx86.sys;c:\windows\System32\drivers\avgrkx86.sys [18-2-2009 5:57 12552]
    R1 Avgfwfd;AVG network filter service;c:\windows\System32\drivers\avgfwd6x.sys [18-2-2009 5:57 23832]
    R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [18-2-2009 5:57 325896]
    R1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [18-2-2009 5:57 108552]
    R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [29-4-2009 23:42 908568]
    R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [18-2-2009 5:57 298776]
    R2 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [29-4-2009 23:42 1366904]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe [26-2-2009 13:46 5576712]
    R2 AVGIDSWatcher;AVGIDSWatcher;c:\program files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe [26-2-2009 13:46 563720]
    R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [19-5-2009 6:28 179856]
    R3 AVGIDSDriver;AVGIDSDriver;c:\program files\AVG\AVG8\IdentityProtection\agent\driver\platform_VISTA\AVGIDSDriver.sys [26-2-2009 13:46 121352]
    R3 AVGIDSFilter;AVGIDSFilter;c:\program files\AVG\AVG8\IdentityProtection\agent\driver\platform_VISTA\AVGIDSFilter.sys [26-2-2009 13:46 30216]
    R3 AVGIDSShim;AVGIDSShim;c:\program files\AVG\AVG8\IdentityProtection\agent\driver\platform_VISTA\AVGIDSShim.sys [26-2-2009 13:46 29136]
    R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [19-5-2009 6:28 15504]
    S3 BTHprint;Microsoft Bluetooth-printerklasse;c:\windows\System32\drivers\BTHPRINT.SYS [29-2-2008 1:51 29696]
    S3 IAMT03;Stuurprogramma voor Intel(R) Active Management Technology - KCS;c:\windows\System32\drivers\IAMT03.sys [29-2-2008 10:37 40848]
    S3 IAMTV;Stuurprogramma voor Intel(R) Active Management Technology - KCS;c:\windows\System32\drivers\IAMTV.sys [29-2-2008 10:37 38288]
    S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\System32\drivers
    disprot.sys [29-11-2008 17:37 29184]
    S3 WlanUIG;NB 802.11g Wireless LAN USB Adapter Driver;c:\windows\System32\drivers\WlanUIG.sys [31-3-2009 13:44 379456]
    S3 WMSvc;Web Management-service;c:\windows\System32\inetsrv\WMSvc.exe [29-2-2008 1:50 11264]
    S4 hcw99rc;Hauppauge Nova-DT IR Driver;c:\windows\System32\drivers\hcw99rc.sys [29-2-2008 10:37 10368]
    S4 IAMTXP;Stuurprogramma voor Intel(R) Active Management Technology - KCS;c:\windows\System32\drivers\IAMTXP.sys [29-2-2008 10:37 47496]
    S4 ioatdma;Intel(R) QuickData Technology Device;c:\windows\System32\drivers\ioatdma.sys [29-2-2008 10:37 36744]
    S4 iSSetup;Intel(R) PRO/1000 iSCSI Setup Driver;c:\windows\System32\drivers\iSSetup.sys [29-2-2008 10:37 75672]
    S4 m5287;m5287;c:\windows\System32\drivers\m5287.sys [29-2-2008 10:37 104320]
    S4 m5288;m5288;c:\windows\System32\drivers\m5288.sys [29-2-2008 10:37 211072]
    S4 m5289;m5289;c:\windows\System32\drivers\m5289.sys [29-2-2008 10:37 52480]
    S4 SI3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\System32\drivers\SI3112r.sys [29-2-2008 10:37 110128]
    S4 SI3114;SiI-3114 SATALink Controller;c:\windows\System32\drivers\SI3114.sys [29-2-2008 10:37 68912]
    S4 SI3124;SiI-3124 SATALink Controller;c:\windows\System32\drivers\SI3124.sys [29-2-2008 10:37 76208]
    S4 Si3124r5;SiI-3124 SoftRaid 5 Controller;c:\windows\System32\drivers\Si3124r5.sys [29-2-2008 10:37 207152]
    S4 Si3132r5;SiI-3132 SoftRaid 5 Controller;c:\windows\System32\drivers\Si3132r5.sys [29-2-2008 10:37 215856]
    S4 Si3531;SiI-3531 SATA Controller;c:\windows\System32\drivers\Si3531.sys [29-2-2008 10:37 210736]
    S4 ViBus;ViBus;c:\windows\System32\drivers\ViBus.sys [29-2-2008 10:37 16896]
    S4 ViPrt;VIA SATA IDE Device Driver;c:\windows\System32\drivers\ViPrt.sys [29-2-2008 10:37 52736]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
    %SystemRoot%\system32\soundschemes.exe /AddRegistration

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
    %SystemRoot%\system32\soundschemes2.exe /AddRegistration
    .
    Inhoud van de 'Gedeelde Taken' map

    2009-05-21 c:\windows\Tasks\Malwarebytes' Scheduled Update for Gebruiker.job
    - c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-05-19 13:32]

    2009-05-22 c:\windows\Tasks\User_Feed_Synchronization-{9D2C9BB4-6A54-4BC9-95FA-E34EFE1291D7}.job
    - c:\windows\system32\msfeedssync.exe [2009-03-21 11:31]
    .
    - - - - ORPHANS VERWIJDERD - - - -

    HKCU-Run-AdobeBridge - (no file)


    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.nl/
    mStart Page = hxxp://www.google.com
    uInternet Settings,ProxyOverride = localhost
    IE: Add to AMV Convert Tool… - c:\program files\MP3 Player Utilities 4.00\AMVConverter\grab.html
    IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Download with Xilisoft YouTube Video Converter - c:\program files\Xilisoft\YouTube Video Converter\upod_link.HTM
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
    IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.00\MediaManager\grab.html
    IE: Zoeken op eBay - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    Trusted Zone: megaupload.com\www
    Trusted Zone: microsoft.com\*.update
    Trusted Zone: microsoft.com\*.windowsupdate
    Trusted Zone: microsoft.com\download
    Trusted Zone: microsoft.com
    tservicepack
    Trusted Zone: microsoft.com\update
    Trusted Zone: microsoft.com\windowsupdate
    Trusted Zone: microsoft.com\www
    Trusted Zone: thepiratebay.org
    Trusted Zone: windows.com\wustat
    Trusted Zone: windowsupdate.com
    Trusted Zone: windowsupdate.com\download
    Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-05-22 12:13
    Windows 6.0.6001 Service Pack 1 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
    "ImagePath"="\??\c:\program files\CyberLink\PowerDVD\[u:37724d0a2e]0[/u:37724d0a2e]00.fcl"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u:37724d0a2e]0[/u:37724d0a2e]000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u:37724d0a2e]0[/u:37724d0a2e]001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    Voltooingstijd: 2009-05-22 12:16
    ComboFix-quarantined-files.txt 2009-05-22 10:16

    Pre-Run: 8.731.963.392 bytes beschikbaar
    Post-Run: 8.633.249.792 bytes beschikbaar

    399 — E O F — 2009-05-22 07:41



  • Verwijder dit bestand met Windows Verkenner :

    c:\windows\System32\[b:5cf135c00d]70FA2B4B7A.sys [/b:5cf135c00d]

    en laat dan even weten hoe het nu staat met de snelheid ?
  • gevonden… ff testen of t nu wat sneller gaat allemaal…
  • gaat het ook sneller, en stabieler?
  • hoi,
    Nee t is d'r nog niet echt beter op geworden. Bij IE is t zelfs zo, dat 't openen van een pagina echt heel lang op zich wachten of zelfs helemaal niet… zowel openen met een nieuw venster als openen met een nieuw tabblad….
  • dat heb ik ook bij IE8.

    ie8 is verreweg de traagste browser die er bestaat. Zelfs met ramdisk is de browser traag
  • [quote:35dbcc1754="GD1972"]dat heb ik ook bij IE8.

    ie8 is verreweg de traagste browser die er bestaat. Zelfs met ramdisk is de browser traag[/quote:35dbcc1754] Dat ligt dan toch echt aan je computer. Ik heb geheel geen problemen. :roll:

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.