Vraag & Antwoord

Beveiliging & privacy

spyware hijack geplaatst

Anoniem
None
6 antwoorden
  • Hallo kan iemand hier even naar kijken.
    Zit wat spyware op.

    Logfile of Trend Micro HijackThis v2.0.3 (BETA)
    Scan saved at 17:13:46, on 17-3-2010
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    G:\WINDOWS\System32\smss.exe
    G:\WINDOWS\system32\winlogon.exe
    G:\WINDOWS\system32\services.exe
    G:\WINDOWS\system32\lsass.exe
    G:\WINDOWS\system32\Ati2evxx.exe
    G:\WINDOWS\system32\svchost.exe
    G:\WINDOWS\System32\svchost.exe
    G:\WINDOWS\system32\Ati2evxx.exe
    G:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    G:\Program Files\Alwil Software\Avast4\ashServ.exe
    G:\WINDOWS\Explorer.EXE
    G:\WINDOWS\system32\spoolsv.exe
    G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    G:\WINDOWS\System32\CTsvcCDA.EXE
    G:\WINDOWS\system32\FsUsbExService.Exe
    G:\Program Files\CDBurnerXP\NMSAccessU.exe
    G:\WINDOWS\system32\PnkBstrA.exe
    G:\WINDOWS\system32\PnkBstrB.exe
    G:\Program Files\SPAMfighter\sfus.exe
    G:\WINDOWS\System32\svchost.exe
    G:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    G:\WINDOWS\system32\wuauclt.exe
    G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    G:\WINDOWS\System32\svchost.exe
    G:\Documents and Settings\LocalService\Local Settings\Application Data\ave.exe
    G:\WINDOWS\System32\svchost.exe
    G:\WINDOWS\system32\wuauclt.exe
    G:\WINDOWS\System32\svchost.exe
    G:\Documents and Settings\ralph marijnissen\Local Settings\Application Data\ave.exe
    G:\Documents and Settings\ralph marijnissen\Local Settings\Application Data\ave.exe
    G:\WINDOWS\System32\msiexec.exe
    G:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
    G:\Documents and Settings\ralph marijnissen\Local Settings\Application Data\ave.exe
    G:\Program Files\Mozilla Firefox\firefox.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.home.nl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
    O3 - Toolbar: (no name) - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - (no file)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [CTDVDDET] "G:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
    O4 - HKLM\..\Run: [RCSystem] "G:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
    O4 - HKLM\..\Run: [AudioDrvEmulator] "G:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "G:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
    O4 - HKLM\..\Run: [VolPanel] "G:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [UpdReg] G:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "G:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "G:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ASUS Probe] G:\Program Files\ASUS\Asus Probe\AsusProb.exe
    O4 - HKLM\..\Run: [ScreenPrint32] G:\Program Files\ScreenPrint32 v3\ScreenPrint32.exe -startup
    O4 - HKLM\..\Run: [DAEMON Tools] "G:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SPAMfighter Agent] "G:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [avast!] G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [CanonSolutionMenu] G:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
    O4 - HKLM\..\Run: [CanonMyPrinter] G:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [nmctxth] "G:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
    O4 - HKLM\..\Run: [nmapp] "G:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
    O4 - HKLM\..\Run: [syncman] g:\windows\system32\wuaucldt.exe
    O4 - HKLM\..\Run: [Regedit32] G:\WINDOWS\system32\regedit.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Creative Detector] "G:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
    O4 - HKCU\..\Run: [swg] "G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [StartCCC] G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKCU\..\Run: [KCeasy] G:\Program Files\KCeasy\KCeasy.exe /hide
    O4 - HKCU\..\Run: [MsnMsgr] "G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "G:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "G:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - HKCU\..\Run: [H/PC Connection Agent] "G:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [AutoStartNPSAgent] G:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
    O4 - HKCU\..\Run: [syncman] g:\documents and settings\ralph marijnissen\wuaucldt.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] G:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - S-1-5-18 Startup: LimeWire On Startup.lnk = G:\Program Files\LimeWire\LimeWire.exe (User 'SYSTEM')
    O4 - S-1-5-18 Startup: monnwb32.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: LimeWire On Startup.lnk = G:\Program Files\LimeWire\LimeWire.exe (User 'Default user')
    O4 - .DEFAULT Startup: monnwb32.exe (User 'Default user')
    O4 - Startup: LimeWire On Startup.lnk = G:\Program Files\LimeWire\LimeWire.exe
    O4 - Startup: monnwb32.exe
    O4 - Global Startup: Harman Kardon TC 30 Remote.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = G:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki… - res://G:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Mobiele favorieten maken… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O20 - Winlogon Notify: !SASWinLogon - G:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - G:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - G:\WINDOWS\System32\browseui.dll
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - G:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - G:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - G:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - G:\WINDOWS\System32\CTsvcCDA.EXE
    O23 - Service: FsUsbExService - Teruten - G:\WINDOWS\system32\FsUsbExService.Exe
    O23 - Service: Google Updateservice (gupdate1ca185afa58314c) (gupdate1ca185afa58314c) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - G:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NMSAccessU - Unknown owner - G:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - G:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    O23 - Service: PnkBstrA - Unknown owner - G:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - G:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: ServiceLayer - Nokia. - G:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - G:\Program Files\SPAMfighter\sfus.exe


    End of file - 12684 bytes
  • Ik ga even kijken of ik wat zie.
  • Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:
    [b:f46898a78a]
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O3 - Toolbar: (no name) - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - (no file)
    O4 - HKLM\..\Run: [syncman] g:\windows\system32\wuaucldt.exe
    O4 - HKLM\..\Run: [Regedit32] G:\WINDOWS\system32\regedit.exe
    O4 - HKCU\..\Run: [syncman] g:\documents and settings\ralph marijnissen\wuaucldt.exe
    O4 - S-1-5-18 Startup: monnwb32.exe (User 'SYSTEM')
    O4 - Startup: monnwb32.exe
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
    [/b:f46898a78a]
    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.

    Download LopSD naar je Bureaublad[list:f46898a78a]

    [*:f46898a78a]Kies Optie [b:f46898a78a] N [/b:f46898a78a] en Enter
    [*:f46898a78a]Klik OK bij het informatie venter
    [*:f46898a78a]Kies Optie [b:f46898a78a] 2 [/b:f46898a78a] (Fix + Hosts), en Enter
    [*:f46898a78a]Aan het eind verschijnt een log ([b:f46898a78a] LopR.txt [/b:f46898a78a]) plaats de inhoud ervan in je volgende antwoord[/list:u:f46898a78a][i:f46898a78a]Vista gebruikers:rechtsklik op LopSD en kies voor "Als Administrator uitvoeren”[/i:f46898a78a]
    Note:LopSD wordt door sommige virusscanners als virus gezien,deactiveer daarom je scanner

    Plaats een nieuwe HijackThis logje.
  • Heb de aangegeven dingen verwijderd.

    Heb nu al diverse anti mailware programmas laten lopen als:
    adaware van lavasoft, spybot, super anti spyware maar krijg telkens die leuke Xp smart security [b:daba799f4e] terug.

    Deze heeft ook de firewall uitgezet.

    Logfile of Trend Micro HijackThis v2.0.3 (BETA)
    Scan saved at 19:39:08, on 18-3-2010
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    G:\WINDOWS\System32\smss.exe
    G:\WINDOWS\system32\csrss.exe
    G:\WINDOWS\system32\winlogon.exe
    G:\WINDOWS\system32\services.exe
    G:\WINDOWS\system32\lsass.exe
    G:\WINDOWS\system32\Ati2evxx.exe
    G:\WINDOWS\system32\svchost.exe
    G:\WINDOWS\system32\svchost.exe
    G:\WINDOWS\System32\svchost.exe
    G:\WINDOWS\System32\svchost.exe
    G:\WINDOWS\System32\svchost.exe
    G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    G:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    G:\WINDOWS\system32\Ati2evxx.exe
    G:\Program Files\Alwil Software\Avast4\ashServ.exe
    G:\WINDOWS\Explorer.EXE
    G:\WINDOWS\system32\spoolsv.exe
    G:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
    G:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
    G:\WINDOWS\CTHELPER.EXE
    G:\WINDOWS\system32\CTXFIHLP.EXE
    G:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    G:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    G:\WINDOWS\SYSTEM32\CTXFISPI.EXE
    G:\Program Files\iTunes\iTunesHelper.exe
    G:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    G:\Program Files\ASUS\Asus Probe\AsusProb.exe
    G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    G:\Program Files\ScreenPrint32 v3\ScreenPrint32.exe
    G:\Program Files\SPAMfighter\SFAgent.exe
    G:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
    G:\WINDOWS\System32\CTsvcCDA.EXE
    G:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
    G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    G:\WINDOWS\system32\FsUsbExService.Exe
    G:\Program Files\CDBurnerXP\NMSAccessU.exe
    G:\Program Files\Canon\MyPrinter\BJMyPrt.exe
    G:\WINDOWS\system32\PnkBstrA.exe
    G:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
    G:\WINDOWS\system32\PnkBstrB.exe
    G:\Program Files\Pure Networks\Network Magic\nmapp.exe
    G:\WINDOWS\system32\ctfmon.exe
    G:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    G:\Program Files\SPAMfighter\sfus.exe
    G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    G:\WINDOWS\System32\svchost.exe
    G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    G:\Program Files\TomTom HOME 2\HOMERunner.exe
    G:\Program Files\DAEMON Tools Lite\DTLite.exe
    G:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    G:\Program Files\Microsoft ActiveSync\wcescomm.exe
    G:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
    G:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    G:\WINDOWS\system32\wuauclt.exe
    G:\PROGRA~1\MI3AA1~1\rapimgr.exe
    G:\Program Files\Harman Kardon\Remote Control\HarmonyClient.exe
    G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    G:\Program Files\Logitech\SetPoint\SetPoint.exe
    G:\Program Files\LimeWire\LimeWire.exe
    G:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    G:\Program Files\Common Files\Teleca Shared\Generic.exe
    G:\WINDOWS\System32\wbem\unsecapp.exe
    G:\WINDOWS\System32\wbem\wmiprvse.exe
    G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    G:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    G:\WINDOWS\System32\msiexec.exe
    G:\Program Files\iPod\bin\iPodService.exe
    G:\WINDOWS\System32\svchost.exe
    G:\WINDOWS\system32\wuauclt.exe
    G:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    G:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe
    G:\WINDOWS\System32\wbem\wmiprvse.exe
    G:\WINDOWS\System32\svchost.exe
    G:\WINDOWS\System32\svchost.exe
    G:\Documents and Settings\LocalService\Local Settings\Application Data\ave.exe
    G:\Program Files\Mozilla Firefox\firefox.exe
    G:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
    G:\Program Files\Alwil Software\Avast4\setup\avast.setup

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.home.nl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [CTDVDDET] "G:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
    O4 - HKLM\..\Run: [RCSystem] "G:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
    O4 - HKLM\..\Run: [AudioDrvEmulator] "G:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "G:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
    O4 - HKLM\..\Run: [VolPanel] "G:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [UpdReg] G:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "G:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "G:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ASUS Probe] G:\Program Files\ASUS\Asus Probe\AsusProb.exe
    O4 - HKLM\..\Run: [ScreenPrint32] G:\Program Files\ScreenPrint32 v3\ScreenPrint32.exe -startup
    O4 - HKLM\..\Run: [DAEMON Tools] "G:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SPAMfighter Agent] "G:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [avast!] G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [CanonSolutionMenu] G:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
    O4 - HKLM\..\Run: [CanonMyPrinter] G:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [nmctxth] "G:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
    O4 - HKLM\..\Run: [nmapp] "G:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
    O4 - HKLM\..\Run: [syncman] g:\windows\system32\wuaucldt.exe
    O4 - HKLM\..\Run: [Regedit32] G:\WINDOWS\system32\regedit.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Creative Detector] "G:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
    O4 - HKCU\..\Run: [swg] "G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [StartCCC] G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKCU\..\Run: [KCeasy] G:\Program Files\KCeasy\KCeasy.exe /hide
    O4 - HKCU\..\Run: [MsnMsgr] "G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "G:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "G:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - HKCU\..\Run: [H/PC Connection Agent] "G:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [AutoStartNPSAgent] G:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] G:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - S-1-5-18 Startup: LimeWire On Startup.lnk = G:\Program Files\LimeWire\LimeWire.exe (User 'SYSTEM')
    O4 - S-1-5-18 Startup: monnwb32.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: LimeWire On Startup.lnk = G:\Program Files\LimeWire\LimeWire.exe (User 'Default user')
    O4 - .DEFAULT Startup: monnwb32.exe (User 'Default user')
    O4 - Startup: LimeWire On Startup.lnk = G:\Program Files\LimeWire\LimeWire.exe
    O4 - Startup: monnwb32.exe
    O4 - Global Startup: Harman Kardon TC 30 Remote.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = G:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki… - res://G:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Mobiele favorieten maken… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - G:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O20 - Winlogon Notify: !SASWinLogon - G:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - G:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - G:\WINDOWS\System32\browseui.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - G:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - G:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - G:\WINDOWS\System32\CTsvcCDA.EXE
    O23 - Service: FsUsbExService - Teruten - G:\WINDOWS\system32\FsUsbExService.Exe
    O23 - Service: Google Updateservice (gupdate1ca185afa58314c) (gupdate1ca185afa58314c) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - G:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - G:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: NMSAccessU - Unknown owner - G:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - G:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    O23 - Service: PnkBstrA - Unknown owner - G:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - G:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: ServiceLayer - Nokia. - G:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - G:\Program Files\SPAMfighter\sfus.exe


    End of file - 14670 bytes
    [/b:daba799f4e]
  • ——————–\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.40GHz )
    BIOS : BIOS Date: 09/14/04 14:38:31 Ver: 08.00.09
    USER : ralph marijnissen ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1335 [VPS 100318-1] 4.8.1335 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:76 Go (Free:3 Go)
    D:\ (Local Disk) - NTFS - Total:0 Go (Free:0 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    G:\ (Local Disk) - NTFS - Total:298 Go (Free:72 Go)
    H:\ (Local Disk) - NTFS - Total:298 Go (Free:265 Go)
    I:\ (CD or DVD)
    J:\ (CD or DVD)

    "G:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( do 18-03-2010|19:42 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    ——————–\\ Beschrijving van mappen in APPLIC~1

    [13-01-2007|12:55] G:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [0|bestand(en)] G:\DOCUME~1\ADMINI~1\APPLIC~1\bytes
    [3|map(pen)] G:\DOCUME~1\ADMINI~1\APPLIC~1\bytes beschikbaar

    [17-03-2010|18:29] G:\DOCUME~1\ALLUSE~1\APPLIC~1\{52AC600B-5800-407E-99FF-83CD0669760B}
    [07-05-2008|10:02] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [28-08-2007|17:18] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [28-08-2007|17:20] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [11-06-2009|20:12] G:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
    [24-01-2009|22:33] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
    [09-11-2009|12:38] G:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
    [22-01-2010|18:01] G:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonIJScan
    [08-12-2007|22:57] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Comodo
    [11-11-2008|18:49] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
    [09-02-2010|22:41] G:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Lite
    [03-02-2010|19:50] G:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    [19-02-2009|01:05] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [08-02-2010|17:54] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
    [17-12-2007|12:48] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Hema Album Software Advanced
    [24-04-2008|22:26] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Kazaa
    [26-08-2008|22:39] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [08-11-2007|18:22] G:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
    [08-11-2007|18:22] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
    [17-03-2010|19:23] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [20-01-2010|21:11] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [09-11-2009|16:54] G:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
    [18-11-2007|12:26] G:\DOCUME~1\ALLUSE~1\APPLIC~1\NexonUS
    [14-01-2007|02:41] G:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
    [17-02-2010|22:23] G:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
    [10-11-2009|19:05] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Pure Networks
    [24-04-2008|22:01] G:\DOCUME~1\ALLUSE~1\APPLIC~1\REFLEX
    [29-01-2007|22:23] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
    [12-01-2010|11:41] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [16-03-2010|19:59] G:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
    [29-01-2007|22:23] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
    [18-11-2009|14:18] G:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [24-01-2009|21:58] G:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
    [13-01-2007|15:04] G:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [20-08-2008|17:39] G:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [0|bestand(en)] G:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes
    [37|map(pen)] G:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes beschikbaar

    [11-12-2009|17:30] G:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [13-01-2007|12:55] G:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [0|bestand(en)] G:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes
    [4|map(pen)] G:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes beschikbaar

    [15-03-2010|16:36] G:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [14-01-2007|02:15] G:\DOCUME~1\LOCALS~1\APPLIC~1\Webroot
    [0|bestand(en)] G:\DOCUME~1\LOCALS~1\APPLIC~1\bytes
    [4|map(pen)] G:\DOCUME~1\LOCALS~1\APPLIC~1\bytes beschikbaar

    [13-01-2007|12:57] G:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
    [01-02-2008|19:37] G:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire
    [0|bestand(en)] G:\DOCUME~1\NETWOR~1\APPLIC~1\bytes
    [4|map(pen)] G:\DOCUME~1\NETWOR~1\APPLIC~1\bytes beschikbaar

    [13-12-2008|17:41] G:\DOCUME~1\RALPHM~1\APPLIC~1\Adobe
    [20-03-2007|16:41] G:\DOCUME~1\RALPHM~1\APPLIC~1\AdobeAUM
    [01-07-2007|21:56] G:\DOCUME~1\RALPHM~1\APPLIC~1\AdobeUM
    [14-09-2007|21:38] G:\DOCUME~1\RALPHM~1\APPLIC~1\Ahead
    [22-09-2008|20:54] G:\DOCUME~1\RALPHM~1\APPLIC~1\Any Video Converter
    [29-01-2007|22:27] G:\DOCUME~1\RALPHM~1\APPLIC~1\Apple Computer
    [04-05-2007|21:46] G:\DOCUME~1\RALPHM~1\APPLIC~1\ATI
    [17-03-2010|18:51] G:\DOCUME~1\RALPHM~1\APPLIC~1\AVI ReComp
    [15-03-2010|23:09] G:\DOCUME~1\RALPHM~1\APPLIC~1\AVS4YOU
    [24-01-2009|22:44] G:\DOCUME~1\RALPHM~1\APPLIC~1\Azureus
    [31-03-2009|14:56] G:\DOCUME~1\RALPHM~1\APPLIC~1\Belastingdienst
    [15-03-2010|22:09] G:\DOCUME~1\RALPHM~1\APPLIC~1\BSplayer
    [15-03-2010|22:04] G:\DOCUME~1\RALPHM~1\APPLIC~1\BSplayer Pro
    [31-05-2009|20:39] G:\DOCUME~1\RALPHM~1\APPLIC~1\Canneverbe_Limited
    [22-01-2010|18:01] G:\DOCUME~1\RALPHM~1\APPLIC~1\Canon
    [10-03-2007|00:34] G:\DOCUME~1\RALPHM~1\APPLIC~1\Command & Conquer 3 Tiberium Wars Demo
    [08-12-2007|22:57] G:\DOCUME~1\RALPHM~1\APPLIC~1\Comodo
    [22-12-2009|22:09] G:\DOCUME~1\RALPHM~1\APPLIC~1\Creative
    [09-02-2010|22:41] G:\DOCUME~1\RALPHM~1\APPLIC~1\DAEMON Tools Lite
    [27-02-2007|22:28] G:\DOCUME~1\RALPHM~1\APPLIC~1\DeepBurner
    [29-12-2009|13:27] G:\DOCUME~1\RALPHM~1\APPLIC~1\dvdcss
    [08-11-2007|18:31] G:\DOCUME~1\RALPHM~1\APPLIC~1\Gearbox Software
    [04-02-2007|03:00] G:\DOCUME~1\RALPHM~1\APPLIC~1\Google
    [27-07-2008|18:39] G:\DOCUME~1\RALPHM~1\APPLIC~1\GrabIt
    [17-11-2009|21:13] G:\DOCUME~1\RALPHM~1\APPLIC~1\Help
    [13-01-2007|12:58] G:\DOCUME~1\RALPHM~1\APPLIC~1\Identities
    [11-11-2008|19:37] G:\DOCUME~1\RALPHM~1\APPLIC~1\InstallShield
    [29-03-2008|22:48] G:\DOCUME~1\RALPHM~1\APPLIC~1\Kazaa Lite
    [11-03-2007|17:00] G:\DOCUME~1\RALPHM~1\APPLIC~1\Lavasoft
    [14-09-2007|19:50] G:\DOCUME~1\RALPHM~1\APPLIC~1\Leadertech
    [11-11-2008|19:44] G:\DOCUME~1\RALPHM~1\APPLIC~1\LG Electronics
    [12-12-2009|23:53] G:\DOCUME~1\RALPHM~1\APPLIC~1\LimeWirePlus
    [08-11-2007|18:24] G:\DOCUME~1\RALPHM~1\APPLIC~1\Logitech
    [13-01-2007|13:08] G:\DOCUME~1\RALPHM~1\APPLIC~1\Macromedia
    [17-03-2010|19:24] G:\DOCUME~1\RALPHM~1\APPLIC~1\Malwarebytes
    [17-02-2010|21:01] G:\DOCUME~1\RALPHM~1\APPLIC~1\Microsoft
    [29-08-2008|17:24] G:\DOCUME~1\RALPHM~1\APPLIC~1\Mozilla
    [09-11-2009|16:54] G:\DOCUME~1\RALPHM~1\APPLIC~1\MSN6
    [27-07-2008|17:56] G:\DOCUME~1\RALPHM~1\APPLIC~1\NewsLeecher
    [17-02-2010|22:23] G:\DOCUME~1\RALPHM~1\APPLIC~1\PC Suite
    [17-02-2010|21:00] G:\DOCUME~1\RALPHM~1\APPLIC~1\Samsung
    [24-04-2007|10:16] G:\DOCUME~1\RALPHM~1\APPLIC~1\SecondLife
    [22-05-2007|16:16] G:\DOCUME~1\RALPHM~1\APPLIC~1\SecuROM
    [29-01-2007|22:24] G:\DOCUME~1\RALPHM~1\APPLIC~1\Sony Ericsson
    [01-07-2007|19:22] G:\DOCUME~1\RALPHM~1\APPLIC~1\SPAMfighter
    [07-02-2007|11:33] G:\DOCUME~1\RALPHM~1\APPLIC~1\Sun
    [16-03-2010|19:59] G:\DOCUME~1\RALPHM~1\APPLIC~1\SUPERAntiSpyware.com
    [19-09-2007|10:37] G:\DOCUME~1\RALPHM~1\APPLIC~1\SystemRequirementsLab
    [29-01-2007|22:25] G:\DOCUME~1\RALPHM~1\APPLIC~1\Teleca
    [24-01-2009|21:56] G:\DOCUME~1\RALPHM~1\APPLIC~1\TomTom
    [17-03-2010|22:44] G:\DOCUME~1\RALPHM~1\APPLIC~1\uTorrent
    [16-03-2010|19:01] G:\DOCUME~1\RALPHM~1\APPLIC~1\vlc
    [17-03-2010|18:35] G:\DOCUME~1\RALPHM~1\APPLIC~1\WinRAR
    [0|bestand(en)] G:\DOCUME~1\RALPHM~1\APPLIC~1\bytes
    [55|map(pen)] G:\DOCUME~1\RALPHM~1\APPLIC~1\bytes beschikbaar

    ——————–\\ Geplande Taken gelocaliseerd in G:\WINDOWS\Tasks

    [18-03-2010 19:33][–a——] G:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    [18-03-2010 19:36][–a——] G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [18-03-2010 19:28][–a——] G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [18-03-2010 19:35][–a——] G:\WINDOWS\tasks\Google Software Updater.job
    [27-02-2010 19:29][–a——] G:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [18-03-2010 19:28][–ah—–] G:\WINDOWS\tasks\SA.DAT
    [08-04-2003 13:00][-r-h—–] G:\WINDOWS\tasks\desktop.ini

    ——————–\\ Beschrijving van mappen in G:\Program Files

    [13-01-2007|15:11] G:\Program Files\2BrightSparks
    [20-08-2008|20:11] G:\Program Files\Adobe
    [18-11-2007|10:09] G:\Program Files\AGEIA Technologies
    [14-09-2007|21:37] G:\Program Files\Ahead
    [14-03-2007|15:39] G:\Program Files\AIDA32 - Enterprise System Information
    [18-06-2008|21:05] G:\Program Files\ALCATech
    [13-01-2007|13:16] G:\Program Files\Alwil Software
    [22-09-2008|20:37] G:\Program Files\Any Video Converter
    [08-11-2007|21:42] G:\Program Files\Apple Software Update
    [27-02-2007|22:00] G:\Program Files\Astonsoft
    [08-11-2007|19:44] G:\Program Files\ASUS
    [17-11-2007|23:38] G:\Program Files\Atari
    [04-05-2007|21:44] G:\Program Files\ATI Technologies
    [09-03-2007|23:13] G:\Program Files\ATITool
    [17-03-2010|18:51] G:\Program Files\AVI ReComp
    [17-03-2010|18:50] G:\Program Files\AviSynth 2.5
    [17-03-2010|17:54] G:\Program Files\AVS4YOU
    [05-03-2007|17:31] G:\Program Files\AVSMedia
    [28-12-2008|14:56] G:\Program Files\Belastingdienst
    [17-03-2010|18:50] G:\Program Files\Burn4Free
    [09-11-2009|12:50] G:\Program Files\Canon
    [09-11-2009|12:37] G:\Program Files\CanonBJ
    [08-11-2007|16:41] G:\Program Files\Casema
    [24-11-2009|20:41] G:\Program Files\CCleaner
    [31-05-2009|20:39] G:\Program Files\CDBurnerXP
    [21-03-2008|18:03] G:\Program Files\CodiNET
    [20-01-2010|21:05] G:\Program Files\Common Files
    [10-12-2007|20:14] G:\Program Files\Comodo
    [13-01-2007|12:53] G:\Program Files\ComPlus Applications
    [13-01-2007|13:50] G:\Program Files\Creative
    [09-02-2010|22:41] G:\Program Files\DAEMON Tools Lite
    [28-01-2008|18:45] G:\Program Files\data
    [17-02-2010|21:00] G:\Program Files\DIFX
    [29-01-2007|22:34] G:\Program Files\Disc2Phone
    [13-08-2009|19:01] G:\Program Files\DVD Decrypter
    [05-03-2007|17:30] G:\Program Files\DVD Shrink
    [23-03-2008|22:22] G:\Program Files\EA GAMES
    [18-06-2008|21:22] G:\Program Files\Eidos
    [23-03-2008|22:50] G:\Program Files\Electronic Arts
    [18-06-2008|21:22] G:\Program Files\FMS
    [09-03-2007|19:05] G:\Program Files\Futuremark
    [17-03-2010|18:51] G:\Program Files\Gabest
    [18-06-2008|21:21] G:\Program Files\GameShadow
    [02-10-2007|12:47] G:\Program Files\GameSpy
    [23-03-2008|22:31] G:\Program Files\GameSpy Arcade
    [08-02-2010|18:31] G:\Program Files\Google
    [27-07-2008|18:19] G:\Program Files\GrabIt
    [01-03-2009|19:27] G:\Program Files\Harman Kardon
    [17-12-2007|12:48] G:\Program Files\Hema Album Software Advanced
    [11-03-2007|16:55] G:\Program Files\Hitman Pro
    [07-07-2008|17:25] G:\Program Files\Incomplete
    [17-02-2010|22:23] G:\Program Files\InstallShield Installation Information
    [11-03-2007|18:39] G:\Program Files\Intel
    [18-11-2007|11:52] G:\Program Files\Intel Corporation
    [13-10-2007|21:20] G:\Program Files\Internet Explorer
    [08-11-2007|21:51] G:\Program Files\iPod
    [08-11-2007|21:51] G:\Program Files\iTunes
    [27-04-2008|21:56] G:\Program Files\Java
    [18-06-2008|21:21] G:\Program Files\Kazaa Lite K++
    [17-03-2010|18:29] G:\Program Files\Lavasoft
    [11-11-2008|19:38] G:\Program Files\LG Electronics
    [11-11-2008|19:38] G:\Program Files\LG PC Suite 2
    [10-01-2010|12:30] G:\Program Files\LimeWire
    [07-07-2008|17:25] G:\Program Files\LimeWire Plus
    [28-04-2008|17:06] G:\Program Files\LimewirePlus
    [10-11-2009|19:01] G:\Program Files\Linksys
    [08-11-2007|18:24] G:\Program Files\Logitech
    [17-03-2010|19:24] G:\Program Files\Malwarebytes' Anti-Malware
    [17-02-2010|20:59] G:\Program Files\MarkAny
    [17-02-2010|22:22] G:\Program Files\MarkAnyContentSAFER
    [13-01-2007|20:05] G:\Program Files\Messenger
    [20-01-2010|21:14] G:\Program Files\Microsoft
    [17-02-2010|20:53] G:\Program Files\Microsoft ActiveSync
    [13-01-2007|12:55] G:\Program Files\microsoft frontpage
    [13-01-2007|13:30] G:\Program Files\Microsoft Office
    [20-01-2010|21:14] G:\Program Files\Microsoft Silverlight
    [20-08-2008|17:28] G:\Program Files\Microsoft SQL Server Compact Edition
    [28-01-2008|18:45] G:\Program Files\models
    [13-01-2007|15:16] G:\Program Files\Movie Maker
    [11-03-2008|21:03] G:\Program Files\MozBackup
    [18-03-2010|19:37] G:\Program Files\Mozilla Firefox
    [30-06-2009|09:27] G:\Program Files\MSBuild
    [13-01-2007|12:53] G:\Program Files\MSN
    [13-01-2007|12:53] G:\Program Files\MSN Gaming Zone
    [04-02-2007|03:23] G:\Program Files\MSXML 4.0
    [30-06-2009|09:23] G:\Program Files\MSXML 6.0
    [13-01-2007|15:16] G:\Program Files\NetMeeting
    [27-07-2008|17:51] G:\Program Files\NewsLeecher
    [13-01-2007|12:53] G:\Program Files\Online Services
    [21-03-2008|17:51] G:\Program Files\OpenAL
    [16-06-2007|19:02] G:\Program Files\Outlook Express
    [25-02-2007|13:31] G:\Program Files\Panasonic
    [17-02-2010|21:00] G:\Program Files\PC Connectivity Solution
    [27-11-2009|12:01] G:\Program Files\PhoenixRC
    [13-01-2007|14:00] G:\Program Files\PowerQuest
    [14-11-2007|19:52] G:\Program Files\PowerStrip
    [10-11-2009|18:55] G:\Program Files\Pure Networks
    [08-11-2007|21:50] G:\Program Files\QuickTime
    [28-03-2009|22:24] G:\Program Files\RealFlightG4
    [30-06-2009|09:27] G:\Program Files\Reference Assemblies
    [09-03-2007|23:19] G:\Program Files\RivaTuner v2.0 RC 15.4
    [17-02-2010|21:01] G:\Program Files\Samsung
    [18-02-2010|17:25] G:\Program Files\ScreenPrint32 v3
    [31-05-2009|20:41] G:\Program Files\SlySoft
    [29-01-2007|22:23] G:\Program Files\Sony Ericsson
    [18-03-2010|19:32] G:\Program Files\SPAMfighter
    [13-01-2010|12:14] G:\Program Files\Spybot - Search & Destroy
    [16-03-2010|19:59] G:\Program Files\SUPERAntiSpyware
    [24-04-2008|21:32] G:\Program Files\SVKSystems
    [28-01-2008|18:44] G:\Program Files\text
    [28-03-2007|15:20] G:\Program Files\The Sir. Community
    [28-04-2008|20:31] G:\Program Files\ThrustHP
    [03-03-2008|21:50] G:\Program Files\Thrustmaster
    [24-01-2009|21:56] G:\Program Files\TomTom HOME 2
    [25-04-2008|23:18] G:\Program Files\Trend Micro
    [17-03-2010|17:11] G:\Program Files\TrendMicro
    [28-01-2008|18:44] G:\Program Files\txd
    [18-06-2008|21:17] G:\Program Files\Ubi Soft
    [21-02-2009|22:24] G:\Program Files\Ubisoft
    [13-01-2007|12:58] G:\Program Files\Uninstall Information
    [08-02-2009|22:57] G:\Program Files\uTorrent
    [18-11-2007|14:37] G:\Program Files\Valve
    [29-12-2009|13:21] G:\Program Files\VideoLAN
    [24-01-2009|22:45] G:\Program Files\Vuze
    [17-03-2010|21:08] G:\Program Files\WebEx
    [15-03-2010|22:04] G:\Program Files\Webteh
    [20-01-2010|21:14] G:\Program Files\Windows Live
    [20-01-2010|21:11] G:\Program Files\Windows Live SkyDrive
    [15-03-2010|16:35] G:\Program Files\Windows Media Connect 2
    [15-03-2010|16:35] G:\Program Files\Windows Media Player
    [17-02-2010|20:52] G:\Program Files\Windows Mobile Device Handbook
    [13-01-2007|15:16] G:\Program Files\Windows NT
    [13-01-2007|12:53] G:\Program Files\WindowsUpdate
    [17-03-2010|18:35] G:\Program Files\WinRAR
    [13-01-2007|12:55] G:\Program Files\xerox
    [17-03-2010|18:51] G:\Program Files\Xvid
    [0|bestand(en)] G:\Program Files\bytes
    [138|map(pen)] G:\Program Files\bytes beschikbaar

    ——————–\\ Beschrijving van mappen in G:\Program Files\Common Files

    [07-05-2008|10:02] G:\Program Files\Common Files\Adobe
    [14-09-2007|21:37] G:\Program Files\Common Files\Ahead
    [28-08-2007|17:18] G:\Program Files\Common Files\Apple
    [16-04-2009|15:17] G:\Program Files\Common Files\Application
    [09-03-2007|20:15] G:\Program Files\Common Files\ATI Technologies
    [17-03-2010|17:54] G:\Program Files\Common Files\AVSMedia
    [09-11-2009|12:41] G:\Program Files\Common Files\CANON
    [13-01-2007|13:30] G:\Program Files\Common Files\Designer
    [12-08-2008|17:02] G:\Program Files\Common Files\Futuremark Shared
    [13-01-2007|13:58] G:\Program Files\Common Files\InstallShield
    [29-01-2007|18:43] G:\Program Files\Common Files\Java
    [28-03-2009|22:50] G:\Program Files\Common Files\KnifeEdge
    [08-11-2007|18:24] G:\Program Files\Common Files\LogiShared
    [08-11-2007|18:23] G:\Program Files\Common Files\Logitech
    [15-03-2010|23:09] G:\Program Files\Common Files\Microsoft Shared
    [13-01-2007|12:53] G:\Program Files\Common Files\MSSoap
    [13-01-2007|13:49] G:\Program Files\Common Files\ODBC
    [10-11-2009|18:54] G:\Program Files\Common Files\Pure Networks Shared
    [13-01-2007|12:54] G:\Program Files\Common Files\Services
    [13-01-2007|13:49] G:\Program Files\Common Files\SpeechEngines
    [16-06-2007|19:02] G:\Program Files\Common Files\System
    [29-01-2007|22:23] G:\Program Files\Common Files\Teleca Shared
    [20-01-2010|21:05] G:\Program Files\Common Files\Windows Live
    [20-08-2008|17:26] G:\Program Files\Common Files\WindowsLiveInstaller
    [17-03-2010|18:28] G:\Program Files\Common Files\Wise Installation Wizard
    [0|bestand(en)] G:\Program Files\Common Files\bytes
    [27|map(pen)] G:\Program Files\Common Files\bytes beschikbaar

    ——————–\\ Process

    ( 82 Processes )

    … OK !

    ——————–\\ Zoeken met S_Lop

    Geen Lop mappen gevonden !

    ——————–\\ Zoeken naar Lop Bestanden - Mappen

    Geen Lop mappen gevonden !

    ——————–\\ Zoeken doorheen het Register

    ….. OK !

    ——————–\\ Nazicht van het Hosts bestand

    Hosts bestand IN ORDE


    ——————–\\ Zoeken naar verborgen bestanden met Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-03-18 19:44:55
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes …
    scanning hidden files …
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    ——————–\\ Zoeken naar andere infecties

    ——————–\\ Cracks & Keygens ..

    G:\DOCUME~1\RALPHM~1\Mijn documenten\gedownload programma's\nero demo+ keygen full
    G:\DOCUME~1\RALPHM~1\Mijn documenten\gedownload programma's\nero demo+ keygen full\Nero 63
    G:\DOCUME~1\RALPHM~1\Mijn documenten\gedownload programma's\nero demo+ keygen full\Nero 63\Nero 6300 Serial und dvd video plug in.txt
    G:\DOCUME~1\RALPHM~1\Mijn documenten\gedownload programma's\nero demo+ keygen full\Nero 63\nero6302.exe
    G:\DOCUME~1\RALPHM~1\Mijn documenten\gedownload programma's\nero demo+ keygen full\Nero 63\Nero63_Keygen.exe
    G:\DOCUME~1\RALPHM~1\Mijn documenten\gedownload programma's\nero demo+ keygen full\Nero 63\NVE2104.exe
    G:\DOCUME~1\RALPHM~1\Mijn documenten\gedownloade spellen\brother in arms demo 2\Texture\t_map_18_crackofdawn.utx.uz2
    G:\DOCUME~1\RALPHM~1\Mijn documenten\Incomplete\T-202477-Ahead Nero v7 5 9 0 + Keygen rar[==www mgatorrents co uk==].zip
    G:\DOCUME~1\RALPHM~1\Mijn documenten\Incomplete\T-202477-Nero 7 5 9 0 Incl Keygen.zip
    G:\DOCUME~1\RALPHM~1\Mijn documenten\Incomplete\T-202477-Nero Keygen ALL VERSIONS zip.zip
    G:\DOCUME~1\RALPHM~1\Mijn documenten\Incomplete\T-233472-Nero Full Multi Keygenerator.exe
    G:\DOCUME~1\RALPHM~1\Mijn documenten\Incomplete\T-81299617-Nero.v7.Ultra.Edition.Multilangages.Incl-Keygen.par.eMule-Paradise.com.rar
    G:\DOCUME~1\RALPHM~1\Mijn documenten\kerstmuziek\Nero 7.0.1.2 Ultra Edition with Keygen - English.zip
    G:\DOCUME~1\RALPHM~1\Mijn documenten\My Shared Folder\ partition magic keygenerator jerk ja.asf
    G:\DOCUME~1\RALPHM~1\Mijn documenten\My Shared Folder\BPM Studio Professional 4.9.1_Full Crack.zip
    G:\DOCUME~1\RALPHM~1\Mijn documenten\My Shared Folder\Nero 7.0.1.2 Ultra Edition with Keygen - English.zip
    G:\DOCUME~1\RALPHM~1\Mijn documenten\My Shared Folder\nero keygenerator.wm


    [F:42][D:30]-> G:\DOCUME~1\RALPHM~1\LOCALS~1\Temp
    [F:33][D:0]-> G:\DOCUME~1\RALPHM~1\Cookies
    [F:2443][D:4]-> G:\DOCUME~1\RALPHM~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "G:\Lop SD\LopR_1.txt" - wo 17-03-2010|21:21 - Option : [2]
    2 - "G:\Lop SD\LopR_2.txt" - do 18-03-2010|19:46 - Option : [2]

    ——————–\\ Scan voltooid om 19:46:20
  • 1) Zet

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.