Ga naar inhoud

Lorent

Lid
  • Items

    8
  • Registratiedatum

  • Laatst bezocht

Over Lorent

  • Verjaardag 13-07-1982

Lorent's prestaties

  1. Alles is opgelost, computer draait weer goed en snel genoeg, bedankt pc-helpers
  2. Inderdaad, bedankt aarondk1, ziet er goed uit Ik zal het eens uitvoeren.
  3. Ok, bestanden Fixed vanuit Hijackthis. En mljighe.dll is niet meer te vinden in dossier C:\WINDOWS\system32\ Ik ga nu de computer nog es heropstarten, en nog eens een scan maken op Hijakthis om te zien als alles wel goed weg blijft. En op je vraag : Neen, "Schijfbewaker" ken ik echt niet, de naam zelf is zo onvertrouwbaar omdat het in nederlands staat, ik zie liever Engelse titles als programmas, meer vertrouwbaar, alhoewel... lol , maar niemand heeft deze programma ingesteld op de computer, bestanden komen altijd via via binnen op een computer, alsof het een blok kaas met gaatjes is. Toch al een hartelijk bedankt kape, je hebt me echt wel goed vooruit geholpen, zonder jouw hulp stond ik nog te jammeren, + een 'verdiend' bedankje !
  4. - Alles is gedaan zoals gevraagd, alleen deze stap kon ik niet uitvoeren omdat deze er niet meer in stonden : VundoFix log : VundoFix V6.7.8 Checking Java version... Scan started at 15:15:35 7/02/2008 Listing files found while scanning.... C:\WINDOWS\system32\mljighe.dll Beginning removal... Attempting to delete C:\WINDOWS\system32\mljighe.dll C:\WINDOWS\system32\mljighe.dll Could not be deleted. Performing Repairs to the registry. Done! Beginning removal... Attempting to delete C:\WINDOWS\system32\mljighe.dll C:\WINDOWS\system32\mljighe.dll Has been deleted! Performing Repairs to the registry. Done! HJT log : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:11:52, on 7/02/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Dell\Media Experience\PCMService.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe C:\WINDOWS\System32\CTHELPER.EXE C:\WINDOWS\System32\CTXFIHLP.EXE C:\WINDOWS\System32\WLTRAY.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [u.S. Robotics Wireless Manager UI] C:\WINDOWS\System32\WLTRAY O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C64 Series" /O5 "LPT1:" /M "Stylus C64" O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Netlog 24] "C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1202341215924 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O20 - Winlogon Notify: mljighe - C:\WINDOWS\ O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: U.S. Robotics Wireless LAN Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE -- End of file - 6212 bytes ComboFix log : ComboFix 08-02.05.3 - Di-Angelo 2008-02-07 16:59:32.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1043.18.444 [GMT 1:00] Gestart vanuit: C:\Documents and Settings\Di-Angelo\Bureaublad\ComboFix.exe Command switches used :: \\Lorent\share\CFScript.txt * Nieuw herstelpunt werd aangemaakt WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! FILE C:\WINDOWS\imsins.BAK C:\WINDOWS\SYSTEM32\mljighe.dll C:\WINDOWS\System32\vtuts.dll C:\WINDOWS\Tasks\1-Click Maintenance.job" C:\WINDOWS\Tasks\At1.job" C:\WINDOWS\Tasks\At10.job" C:\WINDOWS\Tasks\At11.job" C:\WINDOWS\Tasks\At12.job" C:\WINDOWS\Tasks\At13.job" C:\WINDOWS\Tasks\At14.job" C:\WINDOWS\Tasks\At15.job" C:\WINDOWS\Tasks\At16.job" C:\WINDOWS\Tasks\At17.job" C:\WINDOWS\Tasks\At18.job" C:\WINDOWS\Tasks\At19.job" C:\WINDOWS\Tasks\At2.job" C:\WINDOWS\Tasks\At20.job" C:\WINDOWS\Tasks\At21.job" C:\WINDOWS\Tasks\At22.job" C:\WINDOWS\Tasks\At23.job" C:\WINDOWS\Tasks\At24.job" C:\WINDOWS\Tasks\At3.job" C:\WINDOWS\Tasks\At4.job" C:\WINDOWS\Tasks\At5.job" C:\WINDOWS\Tasks\At6.job" C:\WINDOWS\Tasks\At7.job" C:\WINDOWS\Tasks\At8.job" C:\WINDOWS\Tasks\At9.job" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\System32\vtuts.dll C:\WINDOWS\imsins.BAK C:\WINDOWS\SYSTEM32\stutv.ini C:\WINDOWS\SYSTEM32\stutv.ini2 C:\WINDOWS\System32\vtuts.dll C:\WINDOWS\Tasks\1-Click Maintenance.job C:\WINDOWS\Tasks\At1.job C:\WINDOWS\Tasks\At10.job C:\WINDOWS\Tasks\At11.job C:\WINDOWS\Tasks\At12.job C:\WINDOWS\Tasks\At13.job C:\WINDOWS\Tasks\At14.job C:\WINDOWS\Tasks\At15.job C:\WINDOWS\Tasks\At16.job C:\WINDOWS\Tasks\At17.job C:\WINDOWS\Tasks\At18.job C:\WINDOWS\Tasks\At19.job C:\WINDOWS\Tasks\At2.job C:\WINDOWS\Tasks\At20.job C:\WINDOWS\Tasks\At21.job C:\WINDOWS\Tasks\At22.job C:\WINDOWS\Tasks\At23.job C:\WINDOWS\Tasks\At24.job C:\WINDOWS\Tasks\At3.job C:\WINDOWS\Tasks\At4.job C:\WINDOWS\Tasks\At5.job C:\WINDOWS\Tasks\At6.job C:\WINDOWS\Tasks\At7.job C:\WINDOWS\Tasks\At8.job C:\WINDOWS\Tasks\At9.job . (((((((((((((((((((( Bestanden Gemaakt van 2008-01-07 to 2008-02-07 )))))))))))))))))))))))))))))) . 2008-02-07 15:15 . 2008-02-07 16:45 <DIR> d-------- C:\VundoFix Backups 2008-02-07 13:49 . 2003-07-23 22:01 386,560 --a------ C:\kmd.exe 2008-02-07 12:02 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SDTHOOK.SYS 2008-02-07 12:01 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\lssmftbltxie.sys 2008-02-07 11:47 . 2008-02-07 13:35 <DIR> d-------- C:\WINDOWS\SYSTEM32\ActiveScan 2008-02-07 11:47 . 2008-02-07 11:47 <DIR> d-------- C:\WINDOWS\LastGood 2008-02-07 11:47 . 2008-02-07 11:47 30,590 --a------ C:\WINDOWS\SYSTEM32\pavas.ico 2008-02-07 11:47 . 2008-02-07 11:48 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstall.ico 2008-02-07 11:47 . 2008-02-07 11:47 1,406 --a------ C:\WINDOWS\SYSTEM32\Help.ico 2008-02-07 03:28 . 2008-02-07 17:03 1,080 --a------ C:\WINDOWS\SYSTEM32\settingsbkup.sfm 2008-02-07 03:28 . 2008-02-07 17:03 1,080 --a------ C:\WINDOWS\SYSTEM32\settings.sfm 2008-02-07 03:16 . 2008-02-07 03:17 <DIR> d-------- C:\WINDOWS\LastGood.Tmp 2008-02-07 03:16 . 2002-08-29 02:01 134,272 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\portcls.sys 2008-02-07 03:16 . 2002-08-29 02:01 134,272 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\portcls.sys 2008-02-07 03:16 . 2002-08-29 01:32 57,856 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\drmk.sys 2008-02-07 03:16 . 2002-08-29 01:32 57,856 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\drmk.sys 2008-02-07 03:16 . 2001-09-06 21:27 22,016 --a------ C:\WINDOWS\SYSTEM32\wdmaud.drv 2008-02-07 02:55 . 2008-02-07 02:55 <DIR> d-------- C:\Program Files\Trend Micro 2008-02-07 00:46 . 2005-06-28 08:21 22,752 --a------ C:\WINDOWS\SYSTEM32\spupdsvc.exe 2008-02-07 00:45 . 2008-02-07 00:45 <DIR> d-------- C:\WINDOWS\SYSTEM32\bits 2008-02-07 00:41 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\SYSTEM32\wuaucpl.cpl 2008-02-07 00:25 . 2008-02-07 16:49 <DIR> dr-h----- C:\Documents and Settings\Di-Angelo\Onlangs geopend 2008-02-06 22:30 . 2004-07-17 11:40 19,528 --a------ C:\WINDOWS\002326_.tmp 2008-02-06 22:28 . 2003-07-23 22:22 6,788 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\secupd.sig 2008-02-06 22:28 . 2003-07-23 22:22 4,573 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\secupd.dat 2008-02-06 22:27 . 2003-07-23 22:08 766,934 --a------ C:\WINDOWS\SYSTEM32\instcat.sql 2008-02-06 22:27 . 2003-07-23 22:13 294,912 --a------ C:\WINDOWS\SYSTEM32\msaud32.acm 2008-02-06 22:27 . 2003-07-23 22:10 290,816 --a------ C:\WINDOWS\SYSTEM32\l3codeca.acm 2008-02-06 22:27 . 2003-07-23 22:01 24,576 --a------ C:\WINDOWS\SYSTEM32\cliconfg.rll 2008-02-06 22:27 . 2003-07-23 22:08 14,848 --a------ C:\WINDOWS\SYSTEM32\imaadp32.acm 2008-02-06 22:27 . 2003-07-23 22:13 13,312 --a------ C:\WINDOWS\SYSTEM32\msadp32.acm 2008-02-06 22:27 . 2003-07-23 22:03 1,740 --a------ C:\WINDOWS\SYSTEM32\dcache.bin 2008-02-06 22:26 . 2003-07-23 22:18 235,296 --a------ C:\ntldr 2008-02-06 22:26 . 2003-07-23 22:10 209,010 --a------ C:\WINDOWS\SYSTEM32\locale.nls 2008-02-06 22:26 . 2003-07-23 22:24 98,304 --a------ C:\WINDOWS\SYSTEM32\sqlsrv32.rll 2008-02-06 22:26 . 2003-07-23 22:23 86,016 --a------ C:\WINDOWS\SYSTEM32\sl_anet.acm 2008-02-06 22:26 . 2003-07-23 22:24 21,116 --a------ C:\WINDOWS\SYSTEM32\sorttbls.nls 2008-02-06 20:41 . 2004-03-30 02:51 253,952 --a------ C:\WINDOWS\SYSTEM32\h323(3).tsp 2008-02-06 20:40 . 2004-03-30 02:51 440,832 --a------ C:\WINDOWS\SYSTEM32\ipnathlp(3).dll 2008-02-06 20:40 . 2004-03-30 02:51 306,176 --a------ C:\WINDOWS\SYSTEM32\netapi32(3).dll 2008-02-06 19:11 . 2006-09-13 06:10 1,110,528 --a------ C:\WINDOWS\SYSTEM32\msxml3.dll 2008-02-06 19:10 . 2005-06-17 23:27 1,018,368 --a------ C:\WINDOWS\SYSTEM32\BROWSEUI(2).DLL 2008-02-06 19:10 . 2006-06-23 12:29 580,096 --a------ C:\WINDOWS\SYSTEM32\WININET.DLL 2008-02-06 19:10 . 2006-06-23 12:29 580,096 --a------ C:\WINDOWS\SYSTEM32\WININET(3).DLL 2008-02-06 19:10 . 2006-08-31 06:57 463,360 --a------ C:\WINDOWS\SYSTEM32\URLMON(3).DLL 2008-02-06 19:08 . 2005-07-26 05:39 1,190,400 --a------ C:\WINDOWS\SYSTEM32\ole32.dll 2008-02-06 19:07 . 2004-10-28 02:31 687,104 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\lsasrv.dll 2008-02-06 19:06 . 2006-03-17 06:07 8,398,848 --a------ C:\WINDOWS\SYSTEM32\shell32(3).dll 2008-02-06 19:06 . 2006-06-26 18:49 140,288 --a------ C:\WINDOWS\SYSTEM32\dnsapi(3).dll 2008-02-06 19:06 . 2006-03-01 20:46 83,456 --a------ C:\WINDOWS\SYSTEM32\mtxoci.dll 2008-02-06 19:06 . 2006-03-01 20:46 83,456 --a------ C:\WINDOWS\SYSTEM32\mtxoci(3).dll 2008-02-06 19:06 . 2006-03-01 20:46 64,512 --a------ C:\WINDOWS\SYSTEM32\mtxclu.dll 2008-02-06 19:06 . 2006-03-01 20:46 64,512 --a------ C:\WINDOWS\SYSTEM32\mtxclu(3).dll 2008-02-06 19:06 . 2006-03-17 01:49 25,600 --------- C:\WINDOWS\SYSTEM32\verclsid.exe 2008-02-06 19:06 . 2006-06-26 18:49 6,144 --a------ C:\WINDOWS\SYSTEM32\rasadhlp(3).dll 2008-02-06 18:54 . 2008-02-07 01:37 <DIR> d-------- C:\WINDOWS\$hf_mig$ 2008-02-06 18:50 . 2004-07-01 23:10 360,448 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\qmgr.dll 2008-02-06 18:50 . 2004-07-01 23:10 331,776 --a------ C:\WINDOWS\SYSTEM32\winhttp.dll 2008-02-06 18:50 . 2004-07-01 23:10 331,776 --a------ C:\WINDOWS\SYSTEM32\winhttp(2).dll 2008-02-06 18:50 . 2004-07-01 23:10 331,776 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\winhttp.dll 2008-02-06 18:50 . 2004-07-01 23:10 17,408 --a------ C:\WINDOWS\SYSTEM32\qmgrprxy.dll 2008-02-06 18:50 . 2004-07-01 23:10 17,408 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\qmgrprxy.dll 2008-02-06 18:50 . 2004-07-01 23:10 7,680 -----c--- C:\WINDOWS\SYSTEM32\DLLCACHE\bitsprx2.dll 2008-02-06 18:50 . 2004-07-01 23:10 7,680 --------- C:\WINDOWS\SYSTEM32\bitsprx2.dll 2008-02-06 18:50 . 2004-07-01 23:10 7,168 -----c--- C:\WINDOWS\SYSTEM32\DLLCACHE\bitsprx3.dll 2008-02-06 18:50 . 2004-07-01 23:10 7,168 --------- C:\WINDOWS\SYSTEM32\bitsprx3.dll 2008-02-06 18:46 . 2008-02-07 00:25 <DIR> d-------- C:\Program Files\CCleaner 2008-02-06 15:58 . 2008-02-07 17:03 64,756 --a------ C:\WINDOWS\SYSTEM32\DVCState-{00000001-00000000-00000004-00001102-00000005-00231102}.rfx 2008-02-06 15:58 . 2008-02-07 17:03 54,928 --a------ C:\WINDOWS\SYSTEM32\BMXStateBkp-{00000001-00000000-00000004-00001102-00000005-00231102}.rfx 2008-02-06 15:58 . 2008-02-07 17:03 54,928 --a------ C:\WINDOWS\SYSTEM32\BMXState-{00000001-00000000-00000004-00001102-00000005-00231102}.rfx 2008-02-06 15:56 . 2001-09-06 21:27 22,016 --a------ C:\WINDOWS\SYSTEM32\wdmaud(3).drv 2008-02-06 15:45 . 2003-05-30 09:00 1,962,496 --a------ C:\WINDOWS\SYSTEM32\quartz(2).dll 2008-02-06 15:45 . 2003-05-30 09:00 797,184 --a------ C:\WINDOWS\SYSTEM32\d3dim700(2).dll 2008-02-06 15:45 . 2002-12-12 00:14 355,328 --a------ C:\WINDOWS\SYSTEM32\dsound(2).dll 2008-02-06 15:45 . 2002-12-12 00:14 284,160 --a------ C:\WINDOWS\SYSTEM32\ddraw(2).dll 2008-02-06 15:45 . 2003-05-30 09:00 132,608 --a------ C:\WINDOWS\SYSTEM32\devenum(2).dll 2008-02-06 15:45 . 2003-03-24 09:00 68,096 --a------ C:\WINDOWS\SYSTEM32\dpnhupnp(2).dll 2008-02-06 15:45 . 2002-12-12 00:14 13,312 --a------ C:\WINDOWS\SYSTEM32\msdmo(2).dll 2008-02-05 23:53 . 2008-02-05 23:53 29 --a------ C:\WINDOWS\sfbm.INI 2008-02-05 22:22 . 2008-02-05 22:22 1,374 --a------ C:\WINDOWS\SYSTEM32\wpa.bak 2008-02-05 21:25 . 2003-10-02 14:17 155,648 --a------ C:\WINDOWS\SYSTEM32\igfxres.dll 2008-02-05 17:00 . 2003-07-23 21:58 150,016 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\winzm.ime 2008-02-05 17:00 . 2003-07-23 21:58 150,016 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\winsp.ime 2008-02-05 16:58 . 2003-07-23 21:57 13,463,552 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\hwxjpn.dll 2008-02-05 16:57 . 2003-07-23 21:57 10,096,640 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\hwxcht.dll 2008-02-05 16:56 . 2003-07-23 22:04 1,293,824 --a------ C:\WINDOWS\SYSTEM32\dsound3d.dll 2008-02-05 16:55 . 2003-07-23 22:02 561,152 --a------ C:\WINDOWS\SYSTEM32\crypt32.dll 2008-02-05 16:55 . 2003-07-23 22:02 561,152 --a------ C:\WINDOWS\SYSTEM32\crypt32(3).dll 2008-02-05 16:54 . 2003-07-23 22:33 318,976 --a------ C:\WINDOWS\SYSTEM32\zipfldr.dll 2008-02-05 16:52 . 2003-07-23 22:22 129,536 --a------ C:\WINDOWS\SYSTEM32\shmedia.dll 2008-02-05 16:51 . 2003-07-23 22:17 1,635,840 --a------ C:\WINDOWS\SYSTEM32\netshell.dll 2008-02-05 16:51 . 2003-07-23 22:17 1,635,840 --a------ C:\WINDOWS\SYSTEM32\netshell(3).dll 2008-02-05 16:51 . 2003-07-23 22:24 264,704 --a------ C:\WINDOWS\SYSTEM32\wzcsvc.dll 2008-02-05 16:51 . 2003-07-23 22:24 264,704 --a------ C:\WINDOWS\SYSTEM32\wzcsvc(3).dll 2008-02-05 16:51 . 2003-07-23 22:16 167,552 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ndis.sys 2008-02-05 16:51 . 2003-07-23 22:31 57,344 --a------ C:\WINDOWS\SYSTEM32\wzcdlg.dll 2008-02-05 16:51 . 2003-07-23 22:24 23,552 --a------ C:\WINDOWS\SYSTEM32\wzcsapi.dll 2008-02-05 16:51 . 2003-07-23 22:24 12,288 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ndisuio.sys 2008-02-05 16:49 . 2006-07-14 16:37 519,168 --a------ C:\WINDOWS\SYSTEM32\hhctrl.ocx 2008-02-05 16:49 . 2005-05-27 03:04 143,872 --a------ C:\WINDOWS\SYSTEM32\itircl.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-07 16:05 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-02-07 12:42 90,112 ----a-w C:\WINDOWS\UpdReg.EXE 2008-02-07 12:13 --------- d-----w C:\Program Files\Norton AntiVirus 2008-02-07 12:13 --------- d-----w C:\Program Files\MSN Messenger 2008-02-07 04:57 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-02-07 01:58 --------- d-----w C:\Program Files\Notepad++ 2008-02-07 01:58 --------- d-----w C:\Documents and Settings\Di-Angelo\Application Data\Notepad++ 2008-02-06 23:27 --------- d-----w C:\Program Files\Creative 2008-02-05 22:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Creative 2008-02-05 03:42 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-05 03:42 --------- d-----w C:\Program Files\Atari 2008-02-05 03:40 --------- d-----w C:\Documents and Settings\Di-Angelo\Application Data\Atari 2008-02-04 22:34 --------- d-----w C:\Documents and Settings\Di-Angelo\Application Data\uTorrent 2007-12-23 14:28 --------- d-----w C:\Documents and Settings\Di-Angelo\Application Data\Raptisoft 2007-12-21 21:37 --------- d-----w C:\Program Files\SchijfBewaker 2007-12-20 18:23 --------- d-----w C:\Documents and Settings\Di-Angelo\Application Data\schijfbewaker 2007-12-20 18:18 --------- d-----r C:\Documents and Settings\All Users\Application Data\schijfbewaker 2007-12-20 18:18 --------- d-----r C:\Documents and Settings\All Users\Application Data\SalesMon 2007-12-20 18:14 257,552 ----a-w C:\Documents and Settings\Di-Angelo\Application Data\setup_nl[1].exe 2007-12-18 17:24 --------- d-----w C:\Program Files\Macrogaming 2007-12-15 20:30 --------- d-----w C:\Program Files\VirtualDJ 2007-12-15 14:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus! 2007-12-15 13:45 --------- d-----w C:\Program Files\Netlog 24 2007-12-15 13:44 --------- d-----w C:\Program Files\Windows Live 2007-07-02 17:21 745,694 ----a-w C:\Program Files\SFX_Machine_Pro_1.10.exe 2007-06-18 11:49 17,874,288 ----a-w C:\Program Files\Install_Messenger.exe 2005-04-09 16:10 2,204 ----a-w C:\Program Files\unins000.dat 2003-06-16 13:23 131,072 -c--a-w C:\Program Files\T2DXi.dll 2003-06-16 13:17 4,317,184 ----a-w C:\Program Files\Triangle II.dll 2003-06-03 10:33 90,112 ----a-w C:\Program Files\Triangle II.exe 2002-12-17 01:00 82,253 ----a-w C:\Program Files\unins000.exe 2004-01-23 00:57 32 --sha-w C:\WINDOWS\{E64CC7F2-30BC-41F9-AE18-42A7D6B141F7}.dat 2004-01-23 00:57 32 --sha-w C:\WINDOWS\SYSTEM32\{FF3EBA0E-B375-40B2-9329-EF200E0D6781}.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2003-07-23 22:02 13312] "Netlog 24"="C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe" [2008-02-07 00:54 1380352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2003-10-02 14:37 155648] "HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-10-02 14:19 118784] "StorageGuard"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-02-13 02:01 155648] "PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2003-08-26 20:47 204800] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2002-12-06 10:28 54496] "ccRegVfy"="C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" [2002-12-06 10:29 58592] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648] "H2O"="C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [2008-02-07 13:22 200069] "AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 18:25 49152] "VolPanel"="C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-07-11 11:34 122880] "CTHelper"="CTHELPER.EXE" [2006-12-12 10:46 19456 C:\WINDOWS\SYSTEM32\CtHelper.exe] "CTxfiHlp"="CTXFIHLP.EXE" [2006-12-12 10:46 20480 C:\WINDOWS\SYSTEM32\Ctxfihlp.exe] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [2008-02-07 13:42 90112] "PinnacleDriverCheck"="C:\WINDOWS\System32\PSDrvCheck.exe" [2003-12-04 12:34 406016] "U.S. Robotics Wireless Manager UI"="C:\WINDOWS\System32\WLTRAY" [ ] "EPSON Stylus C64 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe" [2003-05-27 04:08 99840] "CTDVDDET"="C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 01:00 45056] "RCSystem"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 18:25 49152] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2003-07-23 22:02 13312] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 18:05:56 65588] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljighe] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\System32\vtuts.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^MA003DMN.LNK] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\MA003DMN.LNK backup=C:\WINDOWS\pss\MA003DMN.LNKCommon Startup R3 CLEDX;Team H2O CLEDX service;C:\WINDOWS\System32\DRIVERS\cledx.sys [2005-05-09 19:08] R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\System32\drivers\ha20x2k.sys [2006-12-19 08:36] S2 UxTuneUp;TuneUp Thema-uitbreiding;C:\WINDOWS\System32\svchost.exe [2003-07-23 22:25] S3 autorun;autorun;c:\huadio.tmp [2004-05-10 18:14] S3 CCCP106;TRUST 120 SPACEC@M;C:\WINDOWS\System32\DRIVERS\cccp106.sys [2003-04-09 10:17] S3 ma763003;M-Audio Audiophile;C:\WINDOWS\System32\drivers\MA763003.sys [2005-11-12 15:31] S3 MADFU003;MADFU003;C:\WINDOWS\System32\DRIVERS\MADFU003.sys [2005-11-12 15:31] S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\System32\Drivers\PCASp50.sys [2004-09-07 15:42] S3 RD1009;EDIROL UM-1 USB Driver;C:\WINDOWS\System32\Drivers\rdwm1009.sys [2001-07-23 12:59] S3 RDID1020;EDIROL UM-550;C:\WINDOWS\System32\Drivers\rdwm1020.sys [2002-02-20 10:24] S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-02-05 00:43] S3 USBNP4X4;M-Audio Audiophile USB Midi;C:\WINDOWS\System32\drivers\usbnp4x4.sys [2005-11-12 15:31] . Inhoud van de 'Gedeelde Taken' map "2008-01-18 19:13:49 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen.job" - C:\PROGRA~1\NORTON~1\NAVW32.exe "2004-04-18 14:18:54 C:\WINDOWS\Tasks\Symantec NetDetect.job" - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-07 17:05:19 Windows 5.1.2600 Service Pack 1 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\System32\WLTRAY.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe C:\Program Files\Messenger\msmsgs.exe . ************************************************************************** . Voltooingstijd: 2008-02-07 17:10:21 - machine was rebooted ComboFix-quarantined-files.txt 2008-02-07 16:10:03 ComboFix2.txt 2008-02-07 13:04:04 ComboFix3.txt 2008-02-06 18:37:09 . 2008-02-07 00:38:37 --- E O F --- Het opstarten van Windows gaat al veel sneller, ik merk direct het verschil, het ziet er echt al prima uit. Verder zijn er geen problemen meer, heel aangenamer. Ik weet niet als er nog iets moet gedaan worden ?
  5. Alles wat er gevraagd was (door kape), is nu gedaan. Online scan Panda duurde wel redelijk lang, en heeft er wel t'één en t'ander gevonden. Panda log : Incident Status Location Potentially unwanted tool:Application/SystemOrdnare Not disinfected C:\Documents and Settings\Di-Angelo\Application Data\setup_nl[1].exe Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Di-Angelo\Cookies\di-angelo@ad.yieldmanager[1].txt Spyware:Cookie/AdvancedCleaner Not disinfected C:\Documents and Settings\Di-Angelo\Cookies\di-angelo@advancedcleaner[1].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Di-Angelo\Cookies\di-angelo@atdmt[2].txt Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Di-Angelo\Cookies\di-angelo@bluestreak[2].txt Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Di-Angelo\Cookies\di-angelo@bs.serving-sys[2].txt Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Di-Angelo\Cookies\di-angelo@doubleclick[1].txt Spyware:Cookie/MetriWeb Not disinfected C:\Documents and Settings\Di-Angelo\Cookies\di-angelo@metriweb[1].txt Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Di-Angelo\Cookies\di-angelo@serving-sys[1].txt Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Di-Angelo\Cookies\di-angelo@zedo[2].txt Possible Virus. Not disinfected C:\Documents and Settings\Di-Angelo\Local Settings\Temporary Internet Files\Content.IE5\812RWLYZ\AntiVirusInstallFreeNM_en[1].exe Virus:Generic Trojan Disinfected C:\Documents and Settings\Di-Angelo\Mijn documenten\Mijn afbeeldingen\visual 1.exe Adware:Adware/Trymedia Not disinfected C:\Downloads\CabelasGrandSlamHunting2-dm[1].exe Adware:Adware/AVSystemCare Not disinfected C:\Program Files\Common Files\SchijfBewaker\strpmon.exe Virus:W32/ZlFake.A Disinfected C:\Program Files\Syncrosoft\POS\H2O\cledx.exe Spyware:Spyware/New.net Not disinfected C:\Program Files\themexp\Themexp.org File\NNWDAB638.EXE Adware:Adware/ClockSync Not disinfected C:\Program Files\themexp\Themexp.org File\VVSNInst.exe Spyware:Spyware/New.net Not disinfected C:\WINDOWS\NDNuninstall6_38.exe Spyware:Spyware/New.net Not disinfected C:\WINDOWS\NDNuninstall7_14.exe Spyware:Spyware/New.net Not disinfected C:\WINDOWS\NDNuninstall7_48.exe Virus:W32/ZLFake.A.drp Disinfected C:\WINDOWS\SYSTEM32\i5N7jA13.exe Virus:Trj/BHO.O Disinfected C:\WINDOWS\SYSTEM32\mFn1VdE5.dll Adware:Adware/WinAntiVirus2007 Not disinfected C:\WINDOWS\SYSTEM32\mljighe.dll Virus:W32/ZlFake.A Disinfected C:\WINDOWS\UpdReg.EXE HJT log : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:47:58, on 7/02/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Dell\Media Experience\PCMService.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe C:\WINDOWS\System32\CTHELPER.EXE C:\WINDOWS\System32\CTXFIHLP.EXE C:\WINDOWS\System32\WLTRAY.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE C:\Program Files\Common Files\SchijfBewaker\strpmon.exe C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell België - startpagina - Computers, computerapparatuur, electronics en services. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [u.S. Robotics Wireless Manager UI] C:\WINDOWS\System32\WLTRAY O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C64 Series" /O5 "LPT1:" /M "Stylus C64" O4 - HKLM\..\Run: [salestart] "C:\Program Files\Common Files\SchijfBewaker\strpmon.exe" dm=http://schijfbewaker.com ad=http://schijfbewaker.com sd=http://inlog.schijfbewaker.com O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKLM\..\Run: [540585bb] rundll32.exe "C:\WINDOWS\System32\aqsaiagw.dll",b O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Netlog 24] "C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1202341215924 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: U.S. Robotics Wireless LAN Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE -- End of file - 6559 bytes ComboFix log : ComboFix 08-02.05.3 - Di-Angelo 2008-02-07 13:51:22.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1043.18.365 [GMT 1:00] Gestart vanuit: C:\Documents and Settings\Di-Angelo\Bureaublad\ComboFix.exe * Nieuw herstelpunt werd aangemaakt WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\cookies.ini C:\WINDOWS\msettings.ini C:\WINDOWS\NDNuninstall6_38.exe C:\WINDOWS\NDNuninstall7_14.exe C:\WINDOWS\NDNuninstall7_48.exe C:\WINDOWS\system32\aqsaiagw.dll C:\WINDOWS\system32\drivers\fad.sys C:\WINDOWS\system32\lsprst7.dll C:\WINDOWS\system32\ssprs.dll C:\WINDOWS\SYSTEM32\stutv.ini C:\WINDOWS\SYSTEM32\stutv.ini2 C:\WINDOWS\SYSTEM32\wgaiasqa.ini . (((((((((((((((((((( Bestanden Gemaakt van 2008-01-07 to 2008-02-07 )))))))))))))))))))))))))))))) . 2008-02-07 12:02 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SDTHOOK.SYS 2008-02-07 12:01 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\lssmftbltxie.sys 2008-02-07 11:47 . 2008-02-07 13:35 <DIR> d-------- C:\WINDOWS\SYSTEM32\ActiveScan 2008-02-07 11:47 . 2008-02-07 11:47 <DIR> d-------- C:\WINDOWS\LastGood 2008-02-07 11:47 . 2008-02-07 11:47 30,590 --a------ C:\WINDOWS\SYSTEM32\pavas.ico 2008-02-07 11:47 . 2008-02-07 11:48 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstall.ico 2008-02-07 11:47 . 2008-02-07 11:47 1,406 --a------ C:\WINDOWS\SYSTEM32\Help.ico 2008-02-07 03:28 . 2008-02-07 13:56 1,080 --a------ C:\WINDOWS\SYSTEM32\settingsbkup.sfm 2008-02-07 03:28 . 2008-02-07 13:56 1,080 --a------ C:\WINDOWS\SYSTEM32\settings.sfm 2008-02-07 03:16 . 2008-02-07 03:17 <DIR> d-------- C:\WINDOWS\LastGood.Tmp 2008-02-07 03:16 . 2002-08-29 02:01 134,272 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\portcls.sys 2008-02-07 03:16 . 2002-08-29 02:01 134,272 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\portcls.sys 2008-02-07 03:16 . 2002-08-29 01:32 57,856 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\drmk.sys 2008-02-07 03:16 . 2002-08-29 01:32 57,856 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\drmk.sys 2008-02-07 03:16 . 2001-09-06 21:27 22,016 --a------ C:\WINDOWS\SYSTEM32\wdmaud.drv 2008-02-07 02:55 . 2008-02-07 02:55 <DIR> d-------- C:\Program Files\Trend Micro 2008-02-07 00:46 . 2005-06-28 08:21 22,752 --a------ C:\WINDOWS\SYSTEM32\spupdsvc.exe 2008-02-07 00:45 . 2008-02-07 00:45 <DIR> d-------- C:\WINDOWS\SYSTEM32\bits 2008-02-07 00:41 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\SYSTEM32\wuaucpl.cpl 2008-02-07 00:25 . 2008-02-07 00:25 <DIR> d-------- C:\Program Files\themexp 2008-02-07 00:25 . 2008-02-07 13:48 <DIR> dr-h----- C:\Documents and Settings\Di-Angelo\Onlangs geopend 2008-02-06 22:30 . 2004-07-17 11:40 19,528 --a------ C:\WINDOWS\002326_.tmp 2008-02-06 22:28 . 2003-07-23 22:22 6,788 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\secupd.sig 2008-02-06 22:28 . 2003-07-23 22:22 4,573 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\secupd.dat 2008-02-06 22:27 . 2003-07-23 22:08 766,934 --a------ C:\WINDOWS\SYSTEM32\instcat.sql 2008-02-06 22:27 . 2003-07-23 22:13 294,912 --a------ C:\WINDOWS\SYSTEM32\msaud32.acm 2008-02-06 22:27 . 2003-07-23 22:10 290,816 --a------ C:\WINDOWS\SYSTEM32\l3codeca.acm 2008-02-06 22:27 . 2003-07-23 22:01 24,576 --a------ C:\WINDOWS\SYSTEM32\cliconfg.rll 2008-02-06 22:27 . 2003-07-23 22:08 14,848 --a------ C:\WINDOWS\SYSTEM32\imaadp32.acm 2008-02-06 22:27 . 2003-07-23 22:13 13,312 --a------ C:\WINDOWS\SYSTEM32\msadp32.acm 2008-02-06 22:27 . 2003-07-23 22:03 1,740 --a------ C:\WINDOWS\SYSTEM32\dcache.bin 2008-02-06 22:26 . 2003-07-23 22:18 235,296 --a------ C:\ntldr 2008-02-06 22:26 . 2003-07-23 22:10 209,010 --a------ C:\WINDOWS\SYSTEM32\locale.nls 2008-02-06 22:26 . 2003-07-23 22:24 98,304 --a------ C:\WINDOWS\SYSTEM32\sqlsrv32.rll 2008-02-06 22:26 . 2003-07-23 22:23 86,016 --a------ C:\WINDOWS\SYSTEM32\sl_anet.acm 2008-02-06 22:26 . 2003-07-23 22:24 21,116 --a------ C:\WINDOWS\SYSTEM32\sorttbls.nls 2008-02-06 20:41 . 2004-03-30 02:51 253,952 --a------ C:\WINDOWS\SYSTEM32\h323(3).tsp 2008-02-06 20:40 . 2004-03-30 02:51 440,832 --a------ C:\WINDOWS\SYSTEM32\ipnathlp(3).dll 2008-02-06 20:40 . 2004-03-30 02:51 306,176 --a------ C:\WINDOWS\SYSTEM32\netapi32(3).dll 2008-02-06 20:39 . 2008-02-07 01:37 1,355 --a------ C:\WINDOWS\imsins.BAK 2008-02-06 19:11 . 2006-09-13 06:10 1,110,528 --a------ C:\WINDOWS\SYSTEM32\msxml3.dll 2008-02-06 19:10 . 2005-06-17 23:27 1,018,368 --a------ C:\WINDOWS\SYSTEM32\BROWSEUI(2).DLL 2008-02-06 19:10 . 2006-06-23 12:29 580,096 --a------ C:\WINDOWS\SYSTEM32\WININET.DLL 2008-02-06 19:10 . 2006-06-23 12:29 580,096 --a------ C:\WINDOWS\SYSTEM32\WININET(3).DLL 2008-02-06 19:10 . 2006-08-31 06:57 463,360 --a------ C:\WINDOWS\SYSTEM32\URLMON(3).DLL 2008-02-06 19:08 . 2005-07-26 05:39 1,190,400 --a------ C:\WINDOWS\SYSTEM32\ole32.dll 2008-02-06 19:07 . 2004-10-28 02:31 687,104 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\lsasrv.dll 2008-02-06 19:06 . 2006-03-17 06:07 8,398,848 --a------ C:\WINDOWS\SYSTEM32\shell32(3).dll 2008-02-06 19:06 . 2006-06-26 18:49 140,288 --a------ C:\WINDOWS\SYSTEM32\dnsapi(3).dll 2008-02-06 19:06 . 2006-03-01 20:46 83,456 --a------ C:\WINDOWS\SYSTEM32\mtxoci.dll 2008-02-06 19:06 . 2006-03-01 20:46 83,456 --a------ C:\WINDOWS\SYSTEM32\mtxoci(3).dll 2008-02-06 19:06 . 2006-03-01 20:46 64,512 --a------ C:\WINDOWS\SYSTEM32\mtxclu.dll 2008-02-06 19:06 . 2006-03-01 20:46 64,512 --a------ C:\WINDOWS\SYSTEM32\mtxclu(3).dll 2008-02-06 19:06 . 2006-03-17 01:49 25,600 --------- C:\WINDOWS\SYSTEM32\verclsid.exe 2008-02-06 19:06 . 2006-06-26 18:49 6,144 --a------ C:\WINDOWS\SYSTEM32\rasadhlp(3).dll 2008-02-06 18:54 . 2008-02-07 01:37 <DIR> d-------- C:\WINDOWS\$hf_mig$ 2008-02-06 18:50 . 2004-07-01 23:10 360,448 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\qmgr.dll 2008-02-06 18:50 . 2004-07-01 23:10 331,776 --a------ C:\WINDOWS\SYSTEM32\winhttp.dll 2008-02-06 18:50 . 2004-07-01 23:10 331,776 --a------ C:\WINDOWS\SYSTEM32\winhttp(2).dll 2008-02-06 18:50 . 2004-07-01 23:10 331,776 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\winhttp.dll 2008-02-06 18:50 . 2004-07-01 23:10 17,408 --a------ C:\WINDOWS\SYSTEM32\qmgrprxy.dll 2008-02-06 18:50 . 2004-07-01 23:10 17,408 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\qmgrprxy.dll 2008-02-06 18:50 . 2004-07-01 23:10 7,680 -----c--- C:\WINDOWS\SYSTEM32\DLLCACHE\bitsprx2.dll 2008-02-06 18:50 . 2004-07-01 23:10 7,680 --------- C:\WINDOWS\SYSTEM32\bitsprx2.dll 2008-02-06 18:50 . 2004-07-01 23:10 7,168 -----c--- C:\WINDOWS\SYSTEM32\DLLCACHE\bitsprx3.dll 2008-02-06 18:50 . 2004-07-01 23:10 7,168 --------- C:\WINDOWS\SYSTEM32\bitsprx3.dll 2008-02-06 18:46 . 2008-02-07 00:25 <DIR> d-------- C:\Program Files\CCleaner 2008-02-06 15:58 . 2008-02-07 13:56 64,756 --a------ C:\WINDOWS\SYSTEM32\DVCState-{00000001-00000000-00000004-00001102-00000005-00231102}.rfx 2008-02-06 15:58 . 2008-02-07 13:56 54,928 --a------ C:\WINDOWS\SYSTEM32\BMXStateBkp-{00000001-00000000-00000004-00001102-00000005-00231102}.rfx 2008-02-06 15:58 . 2008-02-07 13:56 54,928 --a------ C:\WINDOWS\SYSTEM32\BMXState-{00000001-00000000-00000004-00001102-00000005-00231102}.rfx 2008-02-06 15:56 . 2001-09-06 21:27 22,016 --a------ C:\WINDOWS\SYSTEM32\wdmaud(3).drv 2008-02-06 15:45 . 2003-05-30 09:00 1,962,496 --a------ C:\WINDOWS\SYSTEM32\quartz(2).dll 2008-02-06 15:45 . 2003-05-30 09:00 797,184 --a------ C:\WINDOWS\SYSTEM32\d3dim700(2).dll 2008-02-06 15:45 . 2002-12-12 00:14 355,328 --a------ C:\WINDOWS\SYSTEM32\dsound(2).dll 2008-02-06 15:45 . 2002-12-12 00:14 284,160 --a------ C:\WINDOWS\SYSTEM32\ddraw(2).dll 2008-02-06 15:45 . 2003-05-30 09:00 132,608 --a------ C:\WINDOWS\SYSTEM32\devenum(2).dll 2008-02-06 15:45 . 2003-03-24 09:00 68,096 --a------ C:\WINDOWS\SYSTEM32\dpnhupnp(2).dll 2008-02-06 15:45 . 2002-12-12 00:14 13,312 --a------ C:\WINDOWS\SYSTEM32\msdmo(2).dll 2008-02-05 23:53 . 2008-02-05 23:53 29 --a------ C:\WINDOWS\sfbm.INI 2008-02-05 22:22 . 2008-02-05 22:22 1,374 --a------ C:\WINDOWS\SYSTEM32\wpa.bak 2008-02-05 21:25 . 2003-10-02 14:17 155,648 --a------ C:\WINDOWS\SYSTEM32\igfxres.dll 2008-02-05 17:00 . 2003-07-23 21:58 150,016 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\winzm.ime 2008-02-05 17:00 . 2003-07-23 21:58 150,016 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\winsp.ime 2008-02-05 16:58 . 2003-07-23 21:57 13,463,552 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\hwxjpn.dll 2008-02-05 16:57 . 2003-07-23 21:57 10,096,640 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\hwxcht.dll 2008-02-05 16:56 . 2003-07-23 22:04 1,293,824 --a------ C:\WINDOWS\SYSTEM32\dsound3d.dll 2008-02-05 16:55 . 2003-07-23 22:02 561,152 --a------ C:\WINDOWS\SYSTEM32\crypt32.dll 2008-02-05 16:55 . 2003-07-23 22:02 561,152 --a------ C:\WINDOWS\SYSTEM32\crypt32(3).dll 2008-02-05 16:54 . 2003-07-23 22:33 318,976 --a------ C:\WINDOWS\SYSTEM32\zipfldr.dll 2008-02-05 16:52 . 2003-07-23 22:22 129,536 --a------ C:\WINDOWS\SYSTEM32\shmedia.dll 2008-02-05 16:51 . 2003-07-23 22:17 1,635,840 --a------ C:\WINDOWS\SYSTEM32\netshell.dll 2008-02-05 16:51 . 2003-07-23 22:17 1,635,840 --a------ C:\WINDOWS\SYSTEM32\netshell(3).dll 2008-02-05 16:51 . 2003-07-23 22:24 264,704 --a------ C:\WINDOWS\SYSTEM32\wzcsvc.dll 2008-02-05 16:51 . 2003-07-23 22:24 264,704 --a------ C:\WINDOWS\SYSTEM32\wzcsvc(3).dll 2008-02-05 16:51 . 2003-07-23 22:16 167,552 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ndis.sys 2008-02-05 16:51 . 2003-07-23 22:31 57,344 --a------ C:\WINDOWS\SYSTEM32\wzcdlg.dll 2008-02-05 16:51 . 2003-07-23 22:24 23,552 --a------ C:\WINDOWS\SYSTEM32\wzcsapi.dll 2008-02-05 16:51 . 2003-07-23 22:24 12,288 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ndisuio.sys 2008-02-05 16:49 . 2006-07-14 16:37 519,168 --a------ C:\WINDOWS\SYSTEM32\hhctrl.ocx 2008-02-05 16:49 . 2005-05-27 03:04 143,872 --a------ C:\WINDOWS\SYSTEM32\itircl.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-07 12:58 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-02-07 12:42 90,112 ----a-w C:\WINDOWS\UpdReg.EXE 2008-02-07 12:13 --------- d-----w C:\Program Files\Norton AntiVirus 2008-02-07 12:13 --------- d-----w C:\Program Files\MSN Messenger 2008-02-07 11:44 --------- d-----w C:\Program Files\Common Files\SchijfBewaker 2008-02-07 04:57 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-02-07 01:58 --------- d-----w C:\Program Files\Notepad++ 2008-02-07 01:58 --------- d-----w C:\Documents and Settings\Di-Angelo\Application Data\Notepad++ 2008-02-06 23:27 --------- d-----w C:\Program Files\Creative 2008-02-05 22:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Creative 2008-02-05 03:42 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-05 03:42 --------- d-----w C:\Program Files\Atari 2008-02-05 03:40 --------- d-----w C:\Documents and Settings\Di-Angelo\Application Data\Atari 2008-02-04 22:34 --------- d-----w C:\Documents and Settings\Di-Angelo\Application Data\uTorrent 2007-12-23 14:28 --------- d-----w C:\Documents and Settings\Di-Angelo\Application Data\Raptisoft 2007-12-21 21:37 --------- d-----w C:\Program Files\SchijfBewaker 2007-12-20 18:23 --------- d-----w C:\Documents and Settings\Di-Angelo\Application Data\schijfbewaker 2007-12-20 18:18 --------- d-----r C:\Documents and Settings\All Users\Application Data\schijfbewaker 2007-12-20 18:18 --------- d-----r C:\Documents and Settings\All Users\Application Data\SalesMon 2007-12-20 18:14 257,552 ----a-w C:\Documents and Settings\Di-Angelo\Application Data\setup_nl[1].exe 2007-12-18 17:24 --------- d-----w C:\Program Files\Macrogaming 2007-12-15 20:30 --------- d-----w C:\Program Files\VirtualDJ 2007-12-15 14:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus! 2007-12-15 13:45 --------- d-----w C:\Program Files\Netlog 24 2007-12-15 13:44 --------- d-----w C:\Program Files\Windows Live 2007-07-02 17:21 745,694 ----a-w C:\Program Files\SFX_Machine_Pro_1.10.exe 2007-06-18 11:49 17,874,288 ----a-w C:\Program Files\Install_Messenger.exe 2005-04-09 16:10 2,204 ----a-w C:\Program Files\unins000.dat 2003-06-16 13:23 131,072 -c--a-w C:\Program Files\T2DXi.dll 2003-06-16 13:17 4,317,184 ----a-w C:\Program Files\Triangle II.dll 2003-06-03 10:33 90,112 ----a-w C:\Program Files\Triangle II.exe 2002-12-17 01:00 82,253 ----a-w C:\Program Files\unins000.exe 2004-01-23 00:57 32 --sha-w C:\WINDOWS\{E64CC7F2-30BC-41F9-AE18-42A7D6B141F7}.dat 2004-01-23 00:57 32 --sha-w C:\WINDOWS\SYSTEM32\{FF3EBA0E-B375-40B2-9329-EF200E0D6781}.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3FD7F26F-FF98-4AC2-95F0-2D2AA6F6EAA2}] 2007-12-27 17:30 314752 --a------ C:\WINDOWS\System32\vtuts.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}] 2007-12-27 17:25 24288 --a------ C:\WINDOWS\system32\mljighe.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2003-07-23 22:02 13312] "Netlog 24"="C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe" [2008-02-07 00:54 1380352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2003-10-02 14:37 155648] "HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-10-02 14:19 118784] "StorageGuard"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-02-13 02:01 155648] "PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2003-08-26 20:47 204800] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2002-12-06 10:28 54496] "ccRegVfy"="C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" [2002-12-06 10:29 58592] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648] "H2O"="C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [2008-02-07 13:22 200069] "AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 18:25 49152] "VolPanel"="C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-07-11 11:34 122880] "CTHelper"="CTHELPER.EXE" [2006-12-12 10:46 19456 C:\WINDOWS\SYSTEM32\CtHelper.exe] "CTxfiHlp"="CTXFIHLP.EXE" [2006-12-12 10:46 20480 C:\WINDOWS\SYSTEM32\Ctxfihlp.exe] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [2008-02-07 13:42 90112] "PinnacleDriverCheck"="C:\WINDOWS\System32\PSDrvCheck.exe" [2003-12-04 12:34 406016] "U.S. Robotics Wireless Manager UI"="C:\WINDOWS\System32\WLTRAY" [ ] "EPSON Stylus C64 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe" [2003-05-27 04:08 99840] "CTDVDDET"="C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 01:00 45056] "RCSystem"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 18:25 49152] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2003-07-23 22:02 13312] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 18:05:56 65588] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"= C:\WINDOWS\system32\mljighe.dll [2007-12-27 17:25 24288] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljighe] mljighe.dll 2007-12-27 17:25 24288 C:\WINDOWS\SYSTEM32\mljighe.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\System32\vtuts.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^MA003DMN.LNK] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\MA003DMN.LNK backup=C:\WINDOWS\pss\MA003DMN.LNKCommon Startup R3 CLEDX;Team H2O CLEDX service;C:\WINDOWS\System32\DRIVERS\cledx.sys [2005-05-09 19:08] R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\System32\drivers\ha20x2k.sys [2006-12-19 08:36] S2 UxTuneUp;TuneUp Thema-uitbreiding;C:\WINDOWS\System32\svchost.exe [2003-07-23 22:25] S3 autorun;autorun;c:\huadio.tmp [2004-05-10 18:14] S3 CCCP106;TRUST 120 SPACEC@M;C:\WINDOWS\System32\DRIVERS\cccp106.sys [2003-04-09 10:17] S3 ma763003;M-Audio Audiophile;C:\WINDOWS\System32\drivers\MA763003.sys [2005-11-12 15:31] S3 MADFU003;MADFU003;C:\WINDOWS\System32\DRIVERS\MADFU003.sys [2005-11-12 15:31] S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\System32\Drivers\PCASp50.sys [2004-09-07 15:42] S3 RD1009;EDIROL UM-1 USB Driver;C:\WINDOWS\System32\Drivers\rdwm1009.sys [2001-07-23 12:59] S3 RDID1020;EDIROL UM-550;C:\WINDOWS\System32\Drivers\rdwm1020.sys [2002-02-20 10:24] S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-02-05 00:43] S3 USBNP4X4;M-Audio Audiophile USB Midi;C:\WINDOWS\System32\drivers\usbnp4x4.sys [2005-11-12 15:31] . Inhoud van de 'Gedeelde Taken' map "2008-02-04 23:43:34 C:\WINDOWS\Tasks\1-Click Maintenance.job" - C:\Program Files\TuneUp Utilities 2008\OneClick.exe "2008-02-06 23:02:02 C:\WINDOWS\Tasks\At1.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-07 08:02:12 C:\WINDOWS\Tasks\At10.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-07 09:01:00 C:\WINDOWS\Tasks\At11.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-07 10:01:05 C:\WINDOWS\Tasks\At12.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-07 11:02:10 C:\WINDOWS\Tasks\At13.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-07 12:01:01 C:\WINDOWS\Tasks\At14.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-07 13:00:00 C:\WINDOWS\Tasks\At15.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At16.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-06 15:01:57 C:\WINDOWS\Tasks\At17.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-06 16:01:02 C:\WINDOWS\Tasks\At18.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-06 17:01:01 C:\WINDOWS\Tasks\At19.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-07 00:01:01 C:\WINDOWS\Tasks\At2.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-06 18:01:01 C:\WINDOWS\Tasks\At20.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-06 19:01:02 C:\WINDOWS\Tasks\At21.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-06 20:01:02 C:\WINDOWS\Tasks\At22.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-06 21:02:14 C:\WINDOWS\Tasks\At23.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-06 22:46:15 C:\WINDOWS\Tasks\At24.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-07 01:02:03 C:\WINDOWS\Tasks\At3.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-07 02:02:14 C:\WINDOWS\Tasks\At4.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-07 03:02:13 C:\WINDOWS\Tasks\At5.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-07 04:01:00 C:\WINDOWS\Tasks\At6.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-07 05:01:00 C:\WINDOWS\Tasks\At7.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-07 06:01:00 C:\WINDOWS\Tasks\At8.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At9.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-01-18 19:13:49 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen.job" - C:\PROGRA~1\NORTON~1\NAVW32.exeG/task:C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\NORTON~1\Tasks\mycomp.sca "2004-04-18 14:18:54 C:\WINDOWS\Tasks\Symantec NetDetect.job" - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-07 13:59:11 Windows 5.1.2600 Service Pack 1 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- PROCESS: C:\WINDOWS\system32\winlogon.exe -> C:\WINDOWS\system32\mljighe.dll PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.1106] -> C:\WINDOWS\System32\vtuts.dll PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2800.1106] -> C:\WINDOWS\System32\vtuts.dll -> C:\WINDOWS\system32\mljighe.dll . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\System32\WLTRAY.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe C:\Program Files\Messenger\msmsgs.exe . ************************************************************************** . Voltooingstijd: 2008-02-07 14:04:03 - machine was rebooted ComboFix-quarantined-files.txt 2008-02-07 13:03:56 ComboFix2.txt 2008-02-06 18:37:09 . 2008-02-07 00:38:37 --- E O F ---
  6. Ok kape, had gisteren niet veel tijd meer, maar kijk, ik ga er nu direct aan beginnen. Dank u.
  7. Hallo aarondk1 en bedankt voor je antwoord,ik heb alles gedaan wat je me vroeg en computer heropgestart,niks te merken, alles ziet er goed uit. Maar tijdens de bewerkingen kreeg ik het volgende bericht : Ook heb ik Spyware Doctor, en ik krijg constant waarschuwingen, zoals je kan merken op deze afbeelding : die blijven constant opkomen, tot gans boven het scherm (zoals msn aanmeldingen) Ook heb ik een ComboFix log : ComboFix 08-02.05.3 - Di-Angelo 2008-02-06 19:11:11.1 - NTFSx86 Gestart vanuit: C:\Documents and Settings\Di-Angelo\Bureaublad\ComboFix.exe * Nieuw herstelpunt werd aangemaakt WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\cookies.ini C:\WINDOWS\system32\drivers\fad.sys C:\WINDOWS\system32\lsprst7.dll C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\opjhylwr.dll C:\WINDOWS\SYSTEM32\rwlyhjpo.ini C:\WINDOWS\system32\ssprs.dll C:\WINDOWS\SYSTEM32\stutv.ini C:\WINDOWS\SYSTEM32\stutv.ini2 . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_NNSERV -------\NNServ (((((((((((((((((((( Bestanden Gemaakt van 2008-01-06 to 2008-02-06 )))))))))))))))))))))))))))))) . 2008-02-06 19:00 . 2008-02-06 19:19 <DIR> dr-h----- C:\Documents and Settings\Di-Angelo\Onlangs geopend 2008-02-06 18:54 . 2008-02-06 19:17 <DIR> d--h----- C:\WINDOWS\$hf_mig$ 2008-02-06 18:54 . 2005-02-25 04:35 22,752 --a------ C:\WINDOWS\SYSTEM32\spupdsvc.exe 2008-02-06 18:53 . 2008-02-06 18:53 <DIR> d-------- C:\WINDOWS\SYSTEM32\bits 2008-02-06 18:50 . 2004-07-01 23:10 360,448 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\qmgr.dll 2008-02-06 18:50 . 2004-07-01 23:10 331,776 --a------ C:\WINDOWS\SYSTEM32\winhttp.dll 2008-02-06 18:50 . 2004-07-01 23:10 331,776 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\winhttp.dll 2008-02-06 18:50 . 2004-06-30 17:00 192,512 --------- C:\WINDOWS\SYSTEM32\xpob2res.dll 2008-02-06 18:50 . 2004-07-01 23:10 17,408 --a------ C:\WINDOWS\SYSTEM32\qmgrprxy.dll 2008-02-06 18:50 . 2004-07-01 23:10 17,408 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\qmgrprxy.dll 2008-02-06 18:50 . 2004-07-01 23:10 7,680 -----c--- C:\WINDOWS\SYSTEM32\DLLCACHE\bitsprx2.dll 2008-02-06 18:50 . 2004-07-01 23:10 7,680 --------- C:\WINDOWS\SYSTEM32\bitsprx2.dll 2008-02-06 18:50 . 2004-07-01 23:10 7,168 -----c--- C:\WINDOWS\SYSTEM32\DLLCACHE\bitsprx3.dll 2008-02-06 18:50 . 2004-07-01 23:10 7,168 --------- C:\WINDOWS\SYSTEM32\bitsprx3.dll 2008-02-06 18:46 . 2008-02-06 18:46 <DIR> d-------- C:\Program Files\CCleaner 2008-02-06 17:02 . 2008-02-06 17:02 <DIR> d-------- C:\Documents and Settings\Di-Angelo\Application Data\PC Tools 2008-02-06 17:02 . 2007-12-10 14:53 81,288 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\iksyssec.sys 2008-02-06 17:02 . 2007-12-10 14:53 66,952 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\iksysflt.sys 2008-02-06 17:02 . 2007-12-10 14:53 41,864 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ikfilesec.sys 2008-02-06 17:02 . 2007-12-10 14:53 29,576 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\kcom.sys 2008-02-06 16:25 . 2008-02-06 18:53 <DIR> d-------- C:\WINDOWS\LastGood 2008-02-06 16:25 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\SYSTEM32\wuaucpl.cpl 2008-02-06 15:58 . 2008-02-06 19:22 64,988 --a------ C:\WINDOWS\SYSTEM32\DVCState-{00000001-00000000-00000004-00001102-00000005-00231102}.rfx 2008-02-06 15:58 . 2008-02-06 19:22 54,904 --a------ C:\WINDOWS\SYSTEM32\BMXStateBkp-{00000001-00000000-00000004-00001102-00000005-00231102}.rfx 2008-02-06 15:58 . 2008-02-06 19:22 54,904 --a------ C:\WINDOWS\SYSTEM32\BMXState-{00000001-00000000-00000004-00001102-00000005-00231102}.rfx 2008-02-06 15:58 . 2008-02-06 19:22 1,080 --a------ C:\WINDOWS\SYSTEM32\settingsbkup.sfm 2008-02-06 15:58 . 2008-02-06 19:22 1,080 --a------ C:\WINDOWS\SYSTEM32\settings.sfm 2008-02-06 15:57 . 2005-07-13 10:18 340,704 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\ctdvda2k.sys 2008-02-06 15:54 . 2005-08-07 23:18 11,776 --a------ C:\WINDOWS\INRES.DLL 2008-02-06 15:54 . 2005-08-07 23:10 3,072 --a------ C:\WINDOWS\CTXFIRES.DLL 2008-02-06 00:02 . 2008-02-06 00:02 347 --a------ C:\WINDOWS\CTWave32.INI 2008-02-05 23:53 . 2008-02-05 23:53 29 --a------ C:\WINDOWS\sfbm.INI 2008-02-05 22:22 . 2008-02-05 22:22 1,374 --a------ C:\WINDOWS\SYSTEM32\wpa.bak 2008-02-05 21:25 . 2003-10-02 14:17 155,648 --a------ C:\WINDOWS\SYSTEM32\igfxres.dll 2008-02-05 17:00 . 2003-07-23 21:58 150,016 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\winzm.ime 2008-02-05 17:00 . 2003-07-23 21:58 150,016 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\winsp.ime 2008-02-05 16:58 . 2003-07-23 21:57 13,463,552 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\hwxjpn.dll 2008-02-05 16:57 . 2003-07-23 21:57 10,096,640 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\hwxcht.dll 2008-02-05 16:56 . 2002-11-14 14:02 848,384 --a------ C:\WINDOWS\SYSTEM32\ir41_32.ax 2008-02-05 16:55 . 2003-07-23 22:02 561,152 --a------ C:\WINDOWS\SYSTEM32\crypt32.dll 2008-02-05 16:54 . 2003-07-23 22:33 318,976 --a------ C:\WINDOWS\SYSTEM32\zipfldr.dll 2008-02-05 16:52 . 2003-07-23 22:22 129,536 --a------ C:\WINDOWS\SYSTEM32\shmedia.dll 2008-02-05 16:51 . 2003-07-23 22:17 1,635,840 --a------ C:\WINDOWS\SYSTEM32\netshell.dll 2008-02-05 16:51 . 2003-03-06 11:29 532,992 --a------ C:\WINDOWS\SYSTEM32\xpsp2res.dll 2008-02-05 16:51 . 2003-07-23 22:24 264,704 --a------ C:\WINDOWS\SYSTEM32\wzcsvc.dll 2008-02-05 16:51 . 2003-07-23 22:16 167,552 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ndis.sys 2008-02-05 16:51 . 2003-07-23 22:31 57,344 --a------ C:\WINDOWS\SYSTEM32\wzcdlg.dll 2008-02-05 16:51 . 2003-07-23 22:24 23,552 --a------ C:\WINDOWS\SYSTEM32\wzcsapi.dll 2008-02-05 16:51 . 2003-07-23 22:24 12,288 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ndisuio.sys 2008-02-05 16:49 . 2003-07-23 22:06 511,560 --a------ C:\WINDOWS\SYSTEM32\hhctrl.ocx 2008-02-05 16:49 . 2003-07-23 22:09 143,872 --a------ C:\WINDOWS\SYSTEM32\itircl.dll 2008-02-05 16:49 . 2003-07-23 22:09 122,368 --a------ C:\WINDOWS\SYSTEM32\itss.dll 2008-02-05 16:49 . 2003-07-23 22:06 37,888 --a------ C:\WINDOWS\SYSTEM32\hhsetup.dll 2008-02-05 16:49 . 2003-07-23 22:06 10,752 --a------ C:\WINDOWS\hh.exe 2008-02-05 16:48 . 2003-07-23 22:18 212,992 --a------ C:\WINDOWS\SYSTEM32\osk.exe 2008-02-05 16:47 . 2003-07-23 22:21 530,432 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll 2008-02-05 16:42 . 2008-02-05 16:42 749 -rah----- C:\WINDOWS\WindowsShell.Manifest 2008-02-05 16:42 . 2008-02-05 16:42 749 -rah----- C:\WINDOWS\SYSTEM32\wuaucpl.cpl.manifest 2008-02-05 16:42 . 2008-02-05 16:42 749 -rah----- C:\WINDOWS\SYSTEM32\sapi.cpl.manifest 2008-02-05 16:42 . 2008-02-05 16:42 749 -rah----- C:\WINDOWS\SYSTEM32\ncpa.cpl.manifest 2008-02-05 16:42 . 2008-02-05 16:42 488 -rah----- C:\WINDOWS\SYSTEM32\logonui.exe.manifest 2008-02-05 16:41 . 2003-07-23 22:07 159,744 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\icwhelp.dll 2008-02-05 16:41 . 2003-07-23 22:07 73,728 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\icwtutor.exe 2008-02-05 16:41 . 2003-07-23 22:07 65,536 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\icwres.dll 2008-02-05 16:41 . 2003-07-23 22:07 57,344 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\icwconn.dll 2008-02-05 16:41 . 2003-07-23 22:07 45,056 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\icwutil.dll 2008-02-05 16:41 . 2003-07-23 22:26 40,960 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\trialoc.dll 2008-02-05 16:41 . 2003-07-23 22:07 24,576 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\icwrmind.exe 2008-02-05 16:40 . 2007-07-30 19:19 1,712,984 --a------ C:\WINDOWS\SYSTEM32\wuaueng.dll 2008-02-05 16:40 . 2007-07-30 19:19 1,712,984 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wuaueng.dll 2008-02-05 16:40 . 2007-07-30 19:19 53,080 --a------ C:\WINDOWS\SYSTEM32\wuauclt.exe 2008-02-05 16:40 . 2007-07-30 19:19 53,080 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wuauclt.exe 2008-02-05 16:30 . 2003-07-23 22:24 24,661 --a------ C:\WINDOWS\SYSTEM32\spxcoins.dll 2008-02-05 16:30 . 2003-07-23 22:24 24,661 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\spxcoins.dll 2008-02-05 16:30 . 2003-07-23 22:08 13,312 --a------ C:\WINDOWS\SYSTEM32\irclass.dll 2008-02-05 16:30 . 2003-07-23 22:08 13,312 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\irclass.dll 2008-02-05 15:27 . 2008-02-05 14:23 <DIR> d--h----- C:\Documents and Settings\Administrator.ANGELO\Sjablonen 2008-02-05 15:27 . 2004-01-23 01:16 <DIR> dr-h----- C:\Documents and Settings\Administrator.ANGELO\Onlangs geopend 2008-02-05 15:27 . 2004-01-23 01:16 <DIR> d--h----- C:\Documents and Settings\Administrator.ANGELO\Netwerkprinteromgeving 2008-02-05 15:27 . 2004-01-23 01:55 <DIR> dr------- C:\Documents and Settings\Administrator.ANGELO\Mijn documenten 2008-02-05 15:27 . 2004-01-23 01:16 <DIR> dr------- C:\Documents and Settings\Administrator.ANGELO\Menu Start 2008-02-05 15:27 . 2004-01-23 01:16 <DIR> dr------- C:\Documents and Settings\Administrator.ANGELO\Favorieten 2008-02-05 15:27 . 2008-02-05 14:39 <DIR> dr------- C:\Documents and Settings\Administrator.ANGELO\Bureaublad 2008-02-05 15:27 . 2004-01-23 01:56 <DIR> d-------- C:\Documents and Settings\Administrator.ANGELO\Application Data\Symantec 2008-02-05 15:27 . 2004-01-23 01:58 <DIR> d-------- C:\Documents and Settings\Administrator.ANGELO\Application Data\Sonic 2008-02-05 15:15 . 2008-02-05 15:15 <DIR> d-------- C:\WINDOWS\java 2008-02-05 14:35 . 2003-07-23 22:17 157,696 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\npdrmv2.dll 2008-02-05 14:35 . 2003-07-23 22:17 8,223 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\npwmsdrm.dll 2008-02-05 14:23 . 2003-07-23 22:18 1,086,182 -ra------ C:\WINDOWS\SET5C.tmp 2008-02-05 14:23 . 2003-07-23 21:55 415,154 -ra------ C:\WINDOWS\SET8A.tmp 2008-02-05 14:23 . 2003-07-23 22:08 13,923 -ra------ C:\WINDOWS\SET68.tmp 2008-02-05 14:23 . 2003-07-23 22:33 7,046 -ra------ C:\WINDOWS\SET7A.tmp 2008-02-05 14:23 . 2008-02-05 16:30 34 --a------ C:\WINDOWS\SYSTEM\oeminfo.ini 2008-02-05 14:22 . 2008-02-05 16:14 1,222,321 --a------ C:\WINDOWS\setupapi.old 2008-02-05 02:55 . 2008-02-05 03:04 <DIR> d-------- C:\Program Files\Auslogics 2008-02-05 00:43 . 2008-02-05 00:43 <DIR> d-------- C:\Documents and Settings\Di-Angelo\Application Data\TuneUp Software 2008-02-05 00:43 . 2008-02-05 00:43 306,432 --a------ C:\WINDOWS\SYSTEM32\TuneUpDefragService.exe 2008-02-05 00:43 . 2007-12-20 10:41 29,440 --a------ C:\WINDOWS\SYSTEM32\uxtuneup.dll 2008-02-05 00:42 . 2008-02-05 00:43 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008 2008-02-05 00:42 . 2008-02-05 00:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-06 18:26 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-02-06 14:57 81,920 ----a-w C:\WINDOWS\SYSTEM32\OpenAL32.dll 2008-02-06 14:57 233,472 ----a-w C:\WINDOWS\SYSTEM32\wrap_oal.dll 2008-02-05 23:11 --------- d-----w C:\Program Files\Creative 2008-02-05 22:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Creative 2008-02-05 03:42 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-05 03:42 --------- d-----w C:\Program Files\Atari 2008-02-05 03:40 --------- d-----w C:\Documents and Settings\Di-Angelo\Application Data\Atari 2008-02-04 22:34 --------- d-----w C:\Documents and Settings\Di-Angelo\Application Data\uTorrent 2007-12-27 16:30 314,752 ----a-w C:\WINDOWS\SYSTEM32\vtuts.dll 2007-12-27 16:25 24,288 ----a-w C:\WINDOWS\SYSTEM32\mljighe.dll 2007-12-23 14:28 --------- d-----w C:\Documents and Settings\Di-Angelo\Application Data\Raptisoft 2007-12-23 13:50 --------- d-----w C:\Program Files\MSN Messenger 2007-12-23 13:50 --------- d-----w C:\Program Files\Messenger Plus! Live 2007-12-21 21:37 --------- d-----w C:\Program Files\SchijfBewaker 2007-12-20 18:23 --------- d-----w C:\Documents and Settings\Di-Angelo\Application Data\schijfbewaker 2007-12-20 18:18 --------- d-----w C:\Program Files\Common Files\SchijfBewaker 2007-12-20 18:18 --------- d-----r C:\Documents and Settings\All Users\Application Data\schijfbewaker 2007-12-20 18:18 --------- d-----r C:\Documents and Settings\All Users\Application Data\SalesMon 2007-12-20 18:14 257,552 ----a-w C:\Documents and Settings\Di-Angelo\Application Data\setup_nl[1].exe 2007-12-18 17:24 --------- d-----w C:\Program Files\Macrogaming 2007-12-15 20:30 --------- d-----w C:\Program Files\VirtualDJ 2007-12-15 14:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus! 2007-12-15 13:45 159,744 ----a-w C:\WINDOWS\SYSTEM32\Netlog24Uninstaller.exe 2007-12-15 13:45 --------- d-----w C:\Program Files\Netlog 24 2007-12-15 13:44 --------- d-----w C:\Program Files\Windows Live 2007-07-02 17:21 745,694 ----a-w C:\Program Files\SFX_Machine_Pro_1.10.exe 2007-06-18 11:49 17,874,288 ----a-w C:\Program Files\Install_Messenger.exe 2005-04-09 16:10 2,204 ----a-w C:\Program Files\unins000.dat 2003-06-16 13:23 131,072 -c--a-w C:\Program Files\T2DXi.dll 2003-06-16 13:17 4,317,184 ----a-w C:\Program Files\Triangle II.dll 2003-06-03 10:33 90,112 ----a-w C:\Program Files\Triangle II.exe 2002-12-17 01:00 82,253 ----a-w C:\Program Files\unins000.exe 2004-01-23 00:57 32 --sha-w C:\WINDOWS\{E64CC7F2-30BC-41F9-AE18-42A7D6B141F7}.dat 2006-05-03 09:06 163,328 --sha-r C:\WINDOWS\SYSTEM32\flvDX.dll 2007-02-21 10:47 31,232 --sha-r C:\WINDOWS\SYSTEM32\msfDX.dll 2004-01-23 00:57 32 --sha-w C:\WINDOWS\SYSTEM32\{FF3EBA0E-B375-40B2-9329-EF200E0D6781}.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}] 2007-12-27 17:25 24288 --a------ C:\WINDOWS\system32\mljighe.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8A816CA2-F152-4603-97EA-54DA2CE4C640}] 2007-12-27 17:30 314752 --a------ C:\WINDOWS\System32\vtuts.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2003-07-23 22:02 13312] "Netlog 24"="C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe" [2007-12-15 14:45 1331200] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2007-10-14 18:09 103712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2003-10-02 14:37 155648] "HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-10-02 14:19 118784] "StorageGuard"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-02-13 02:01 155648] "PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2003-08-26 20:47 204800] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2002-12-06 10:28 54496] "ccRegVfy"="C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" [2002-12-06 10:29 58592] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648] "H2O"="C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [2005-05-11 02:46 208261] "AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 18:25 49152] "CTHelper"="CTHELPER.EXE" [2005-08-07 23:10 16384 C:\WINDOWS\CTHELPER.EXE] "CTxfiHlp"="CTXFIHLP.EXE" [2005-08-07 23:10 18944 C:\WINDOWS\SYSTEM32\CTXFIHLP.EXE] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112] "PinnacleDriverCheck"="C:\WINDOWS\System32\PSDrvCheck.exe" [2003-12-04 12:34 406016] "U.S. Robotics Wireless Manager UI"="C:\WINDOWS\System32\WLTRAY" [ ] "EPSON Stylus C64 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe" [2003-05-27 04:08 99840] "CTDVDDET"="C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 01:00 45056] "RCSystem"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 18:25 49152] "VolPanel"="C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-07-11 11:34 122880] "ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2007-12-10 14:53 1103752] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2003-07-23 22:02 13312] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 18:05:56 65588] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"= C:\WINDOWS\system32\mljighe.dll [2007-12-27 17:25 24288] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mljighe] mljighe.dll 2007-12-27 17:25 24288 C:\WINDOWS\SYSTEM32\mljighe.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\System32\vtuts.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^MA003DMN.LNK] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\MA003DMN.LNK backup=C:\WINDOWS\pss\MA003DMN.LNKCommon Startup . Inhoud van de 'Gedeelde Taken' map "2008-02-04 23:43:34 C:\WINDOWS\Tasks\1-Click Maintenance.job" - C:\Program Files\TuneUp Utilities 2008\OneClick.exe "2008-02-05 23:03:01 C:\WINDOWS\Tasks\At1.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At10.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At11.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At12.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At13.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At14.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At15.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At16.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-06 15:01:57 C:\WINDOWS\Tasks\At17.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-06 16:01:02 C:\WINDOWS\Tasks\At18.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-06 17:01:01 C:\WINDOWS\Tasks\At19.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-06 00:03:00 C:\WINDOWS\Tasks\At2.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-06 18:01:01 C:\WINDOWS\Tasks\At20.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 19:01:34 C:\WINDOWS\Tasks\At21.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 20:01:00 C:\WINDOWS\Tasks\At22.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At23.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At24.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-06 01:03:00 C:\WINDOWS\Tasks\At3.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At4.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At5.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At6.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At7.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At8.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-02-05 16:03:33 C:\WINDOWS\Tasks\At9.job" - C:\WINDOWS\System32\i5N7jA13.exe "2008-01-18 19:13:49 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen.job" - C:\PROGRA~1\NORTON~1\NAVW32.exeG/task:C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\NORTON~1\Tasks\mycomp.sca "2004-04-18 14:18:54 C:\WINDOWS\Tasks\Symantec NetDetect.job" - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-06 19:26:00 Windows 5.1.2600 Service Pack 1 NTFS detected NTDLL code modification: ZwClose scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2800.1106] -> C:\WINDOWS\System32\vtuts.dll -> C:\WINDOWS\system32\mljighe.dll . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\WINDOWS\System32\WLTRAY.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe C:\Program Files\Messenger\msmsgs.exe . ************************************************************************** . Voltooingstijd: 2008-02-06 19:37:05 - machine was rebooted ComboFix-quarantined-files.txt 2008-02-06 18:36:49 Bedankt
  8. Hallo iedereen, het opstarten van mijn windows duurt een tijdje vooraleer ik op windows mag beginnen werken, weet iemand soms de boosdoener of kan iemand me helpen ? Dank bij voorbaat CPU : 2.40Ghz RAM : 768Mb Alvast hier een log van hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 16:22:37, on 6/02/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\NewDotNet\nnrun.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\System32\hkcmd.exe C:\Program Files\NewDotNet\nnrun.exe C:\Program Files\Dell\Media Experience\PCMService.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\WINDOWS\CTHELPER.EXE C:\WINDOWS\System32\CTXFIHLP.EXE C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\WINDOWS\System32\WLTRAY.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE C:\Program Files\Common Files\SchijfBewaker\strpmon.exe C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe C:\WINDOWS\explorer.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Di-Angelo\Bureaublad\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell België - startpagina - Computers, computerapparatuur, electronics en services. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [u.S. Robotics Wireless Manager UI] C:\WINDOWS\System32\WLTRAY O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C64 Series" /O5 "LPT1:" /M "Stylus C64" O4 - HKLM\..\Run: [salestart] "C:\Program Files\Common Files\SchijfBewaker\strpmon.exe" dm=http://schijfbewaker.com ad=http://schijfbewaker.com sd=http://inlog.schijfbewaker.com O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Netlog 24] C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/games/hamsterball/en/raptisoftgameloader.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NNServ - Unknown owner - C:\Program Files\NewDotNet\nnrun.exe" "C:\Program Files\NewDotNet\nncore.dll" ServiceStart (file missing) O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: U.S. Robotics Wireless LAN Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.