Ga naar inhoud

Aanbevolen berichten

Geplaatst:

Klik op 'Fix checked' om de items te verwijderen.

Verwijder volgende vetgedrukte map met Windows Verkenner :

I:\Program Files\AskBarDis

Dit stukje krijg ik niet verwijderd hij geeft een melding zie bijlage.

  • Reacties 33
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Geplaatst:

Volgens mij is er geen bijlage meegekomen. Kan ik wel wel een bijlage meesturen? Ik wilde een print screen laten lezen.

---------- Bericht toegevoegd om 08:41 ---------- Vorig bericht was om 08:37 ----------

Het zegt : "kan het bestand niet verwijderen toegang geweigerd.Controleerd of de schijf vol is (dat is hij niet) of tegen schrijven beveiligd of in gebruikt is.

Geplaatst:
Het zegt : "kan het bestand niet verwijderen toegang geweigerd.Controleerd of de schijf vol is (dat is hij niet) of tegen schrijven beveiligd of in gebruikt is.
OK, dat volstaat wel :-)

Download Combofix naar je Bureaublad.

Lees hier meer over correct gebruik van Combofix.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.

Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!


  • Dubbelklik op Combofix.exe om het te starten.
    Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
    Volg de instructies, aanvaard de disclaimer door op Ja te klikken.
    Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster (enkel voor XP, niet voor VISTA).
    Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
    Klik na afloop terug op Ja om het scannen op malware te starten.
    Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Post dit logje in je volgende antwoord.

Geplaatst:

Na een diep scan van mijn virus scanner en menigmale opstarten van mijn pc heb ik geen gebruik hoeven te maken van "Combofix" ik kreeg hem aanvankelijk niet gedownload en later wel en toen was het niet nodig. De "AskBarDis" heb ik kunnen verwijderen. Ik moet zeggen dat ik geen last meer er van heb van die ongevraagde tabbladen. Was die combofix speciaal om die askbardis te verwijderen of is het een handig programma sowieso?

Ik heb inmiddels ook nog ander probleem erbij gekregen. Mag dat onder dit hoofdstuk of onder een ander? Het gaat over dat ik mijn schijven niet meer kan defragmenteren.

Geplaatst:

Weer een probleem met de schijven.

Laat die Combofix - voor alle zekerheid - toch even scannen. Misschien geeft die een aanzet tot het ontdekken van de schijfproblemen, misschien ook niet. Maar de moeite om te proberen, zeker.

Geplaatst:

Het heeft even geduurd door mijjn werkzaamheden maar ik heb combifix uitgevoerd en inderdaad ik kan weer mijn schijven defragmenteren. Ik heb toch voor de zekerheid het logje meegestuurd.

aComboFix 09-05-24.07 - Hill 31-05-2009 14:02.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2047.1609 [GMT 2:00]

Gestart vanuit: M:\ComboFix.exe

AV: Quick Heal 10.00 *On-access scanning enabled* (Outdated) {05C1329D-F0E0-4B19-9D15-54F9BC3ADE87}

FW: Quick Heal Firewall Pro *enabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\xcrashdump.dat

i:\windows\IE4 Error Log.txt

i:\windows\system32\drivers\ovfsthxtpmxarlp.sys

i:\windows\system32\ovfsthxnvhidddp.dat

i:\windows\system32\ovfsthxpstdinep.dll

i:\windows\system32\ovfsthxqgoasakc.dll

i:\windows\system32\ovfsthxujcjsnus.dat

i:\windows\system32\ovfsthxuwyerdks.dll

i:\windows\system32\uniq.tll

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_ovfsthxuntlmpai

-------\Legacy_IAS

-------\Legacy_PCM1394

-------\Service_Ias

-------\Service_pcm1394

-------\Service_WinDHCPsvc

(((((((((((((((((((( Bestanden Gemaakt van 2009-04-28 to 2009-05-31 ))))))))))))))))))))))))))))))

.

2009-05-27 16:07 . 2009-05-27 16:07 17408 ----a-w i:\windows\system32\b2.exe

2009-05-27 15:52 . 2009-05-27 15:52 107155 ----a-w i:\windows\system32\vic_setup.exe

2009-05-23 00:53 . 2009-05-23 10:00 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\RegTool

2009-05-15 21:42 . 2009-05-15 21:42 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\Malwarebytes

2009-05-15 21:42 . 2009-04-06 13:32 15504 ----a-w i:\windows\system32\drivers\mbam.sys

2009-05-15 21:42 . 2009-04-06 13:32 38496 ----a-w i:\windows\system32\drivers\mbamswissarmy.sys

2009-05-15 21:42 . 2009-05-15 21:42 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes

2009-05-15 21:22 . 2009-05-15 21:22 -------- d-----w i:\program files\The Weather Channel FW

2009-05-15 21:17 . 2009-05-15 21:17 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\Sammsoft

2009-05-15 21:16 . 2009-05-15 21:21 -------- d-----w i:\program files\Advanced Registry Optimizer

2009-05-15 21:13 . 2009-05-15 21:13 -------- d-----w i:\documents and settings\Hill.RICARDO\Local Settings\Application Data\The Weather Channel

2009-05-13 16:11 . 2009-05-13 16:16 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy

2009-05-13 16:06 . 2009-05-13 16:06 -------- d-----w i:\program files\TeaTimer (Spybot - Search & Destroy)

2009-05-13 16:06 . 2009-05-13 16:06 -------- d-----w i:\program files\SDHelper (Spybot - Search & Destroy)

2009-05-10 23:08 . 2008-12-11 10:57 333952 -c----w i:\windows\system32\dllcache\srv.sys

2009-05-10 23:08 . 2008-10-24 11:21 455296 -c----w i:\windows\system32\dllcache\mrxsmb.sys

2009-05-10 23:08 . 2008-10-15 16:37 337408 -c----w i:\windows\system32\dllcache\netapi32.dll

2009-05-10 23:07 . 2008-04-11 19:06 691712 -c----w i:\windows\system32\dllcache\inetcomm.dll

2009-05-10 23:07 . 2009-05-10 23:17 -------- d--h--w i:\windows\$hf_mig$

2009-05-10 23:07 . 2008-06-14 17:36 272640 -c----w i:\windows\system32\dllcache\bthport.sys

2009-05-10 23:07 . 2008-05-08 14:02 203136 -c----w i:\windows\system32\dllcache\rmcast.sys

2009-05-10 22:44 . 2009-05-15 21:50 -------- dc----w I:\ProgramData

2009-05-10 22:44 . 2009-05-10 22:44 -------- d-----w i:\program files\Angle Interactive

2009-05-08 08:27 . 2009-05-08 08:27 -------- d-----w i:\program files\Trend Micro

2009-05-03 16:09 . 2009-05-03 16:09 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\Nero

2009-05-03 15:16 . 2009-05-03 15:40 766 ----a-r i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_template_icon.exe

2009-05-03 15:16 . 2009-05-03 15:40 766 ----a-r i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_label_icon.exe

2009-05-03 15:16 . 2009-05-03 15:40 9158 ----a-r i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_cdrLabel_chm_icon.exe

2009-05-03 15:16 . 2009-05-03 15:40 7406 ----a-r i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_Register_url_icon.exe

2009-05-03 15:16 . 2009-05-03 15:40 7406 ----a-r i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_RegCL_exe_icon.exe

2009-05-03 15:16 . 2009-05-03 15:40 7406 ----a-r i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_cdrLabel_url_icon.exe

2009-05-03 15:16 . 2009-05-03 15:40 7398 ----a-r i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_cdrLabel_exe_icon.exe

2009-05-03 14:10 . 2009-05-03 14:10 82380 ----a-w i:\windows\system32\drivers\AFS2K.SYS

2009-05-03 14:05 . 2009-05-03 14:11 20480 ----a-w i:\windows\hpoins01.dat

2009-05-03 14:05 . 2003-04-06 04:33 16622 ------w i:\windows\hpomdl01.dat

2009-05-03 14:04 . 2003-03-09 20:31 81920 ----a-r i:\windows\system32\hpovst08.dll

2009-05-03 00:47 . 2009-05-03 15:56 28276 ----a-w i:\windows\system32\drivers\MxlW2k.sys

2009-05-03 00:46 . 2009-05-03 00:46 -------- d-----w i:\program files\MUSICMATCH

2009-05-02 23:46 . 2009-05-02 23:52 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\VERITAS

2009-05-02 23:46 . 2009-05-02 23:46 -------- d-----w i:\program files\VERITAS Software

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-05-31 12:17 . 2008-02-08 19:21 -------- d-----w i:\program files\SPAMfighter

2009-05-30 18:13 . 2008-02-26 02:32 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\Google Updater

2009-05-23 20:43 . 2008-02-27 23:11 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\Nokia

2009-05-23 20:27 . 2006-04-10 12:00 536884 ----a-w i:\windows\system32\perfh013.dat

2009-05-23 20:27 . 2006-04-10 12:00 101106 ----a-w i:\windows\system32\perfc013.dat

2009-05-23 16:01 . 2008-02-28 11:55 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\Skype

2009-05-23 01:09 . 2008-02-27 00:54 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\LimeWire

2009-05-15 23:07 . 2009-04-17 17:55 -------- d-----w i:\program files\PC Doc Pro

2009-05-15 20:07 . 2009-01-23 19:01 65144 ----a-w i:\windows\system32\drivers\catflt.sys

2009-05-14 20:20 . 2008-02-28 12:05 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\skypePM

2009-05-11 21:36 . 2009-04-17 17:55 -------- d---a-w i:\documents and settings\All Users.WINDOWS\Application Data\TEMP

2009-05-10 23:31 . 2008-02-25 22:58 70008 ----a-w i:\documents and settings\Hill.RICARDO\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-05-10 23:18 . 2008-02-25 22:19 86811 ----a-w i:\windows\pchealth\helpctr\OfflineCache\index.dat

2009-05-03 15:55 . 2008-01-26 16:58 -------- d-----w i:\program files\Common Files\Ahead

2009-05-03 00:46 . 2008-01-26 16:42 -------- d--h--w i:\program files\InstallShield Installation Information

2009-04-30 22:34 . 2009-04-30 22:34 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\Ahead

2009-04-30 09:00 . 2008-02-27 00:53 -------- d-----w i:\program files\Java

2009-04-30 08:59 . 2009-04-28 07:22 152576 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\jre1.6.0_13\lzma.dll

2009-04-29 08:38 . 2009-04-29 08:38 499712 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-56efb34e-n\msvcp71.dll

2009-04-29 08:38 . 2009-04-29 08:38 499712 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-56efb34e-n\jmc.dll

2009-04-29 08:38 . 2009-04-29 08:38 348160 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\33\258cea61-56efb34e-n\msvcr71.dll

2009-04-29 08:37 . 2008-06-04 16:58 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\Logishrd

2009-04-29 08:37 . 2008-06-04 16:58 -------- d-----w i:\program files\Common Files\LogiShrd

2009-04-29 08:34 . 2008-03-01 18:09 -------- d-----w i:\program files\Common Files\Logitech

2009-04-29 08:31 . 2008-02-06 00:51 -------- d-----w i:\program files\NCH Swift Sound

2009-04-29 08:26 . 2008-02-04 18:05 -------- d-----w i:\program files\Apple Software Update

2009-04-29 06:55 . 2009-04-29 06:55 24064 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\15\4e09eacf-4d454dc2-n\Decora-D3D.dll

2009-04-28 06:46 . 2008-01-26 17:10 -------- d-----w i:\program files\Common Files\Nokia

2009-04-28 06:46 . 2008-01-26 17:09 -------- d-----w i:\program files\Nokia

2009-04-28 06:46 . 2009-04-28 06:46 -------- d-----w i:\program files\PC Connectivity Solution

2009-04-28 06:44 . 2008-07-21 15:37 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\Installations

2009-04-28 06:44 . 2009-04-28 06:44 8192 ----a-w i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe

2009-04-28 06:44 . 2009-04-28 06:44 61440 ----a-w i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe

2009-04-28 06:44 . 2009-04-28 06:44 10240 ----a-w i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe

2009-04-28 06:42 . 2009-04-28 06:44 34150776 ----a-w i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_dut.exe

2009-04-27 16:23 . 2009-04-27 15:54 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\Spybot - Search & Destroy

2009-04-26 17:02 . 2009-04-15 21:02 -------- d-----w i:\program files\Common Files\Adobe

2009-04-25 22:39 . 2009-04-25 22:39 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\CyberLink

2009-04-25 22:39 . 2009-04-25 22:39 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\CyberLink

2009-04-25 22:38 . 2009-04-25 22:38 -------- d-----w i:\program files\Cyberlink

2009-04-22 14:01 . 2009-04-22 14:01 57344 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\50\5b902232-63dba348-n\Decora-SSE.dll

2009-04-18 10:25 . 2009-04-18 10:25 3351812 ----a-w i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\msxml6Exec.exe

2009-04-18 10:25 . 2009-04-18 10:25 36864 ----a-w i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\Sleep.exe

2009-04-18 10:25 . 2009-04-18 10:25 3181612 ----a-w i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\vcredistExec.exe

2009-04-18 10:24 . 2009-04-18 10:25 24528928 ----a-w i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\NokiaSoftwareUpdaterSetup_1.4.98NP.exe

2009-04-16 18:13 . 2009-04-16 18:13 -------- d-----w i:\program files\AOER

2009-04-16 17:59 . 2008-02-25 22:41 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help

2009-04-16 16:36 . 2009-04-16 16:36 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\Windows Search

2009-04-16 05:02 . 2009-04-16 05:02 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\Windows Desktop Search

2009-04-16 04:55 . 2009-04-15 19:58 -------- d-----w i:\program files\Downloaded Installers

2009-04-16 04:17 . 2008-01-26 17:37 -------- d-----w i:\program files\MSBuild

2009-04-16 04:17 . 2009-04-16 04:17 -------- d-----w i:\program files\Reference Assemblies

2009-04-15 21:45 . 2009-04-15 21:45 -------- d-----w i:\program files\Windows Desktop Search

2009-04-15 21:15 . 2009-04-15 21:15 315392 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-2bf90666-n\jogl.dll

2009-04-15 21:15 . 2009-04-15 21:15 20480 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-2bf90666-n\jogl_awt.dll

2009-04-15 21:15 . 2009-04-15 21:15 114688 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-2bf90666-n\jogl_cg.dll

2009-04-15 21:06 . 2009-04-15 21:06 20480 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\Deployment\cache\6.0\45\4f710eed-1dfd6847-n\gluegen-rt.dll

2009-04-15 21:04 . 2009-04-15 21:04 152576 ----a-w i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\jre1.6.0_12\lzma.dll

2009-04-15 20:21 . 2008-02-24 20:45 -------- d-----w i:\program files\internet explorer(2)

2009-04-15 20:21 . 2008-02-27 00:52 -------- d-----w i:\program files\LimeWire

2009-04-15 19:59 . 2009-04-15 16:40 -------- d-----w i:\program files\TweakNow RegCleaner Std

2009-04-14 23:16 . 2008-02-27 00:17 -------- d-----w i:\documents and settings\All Users.WINDOWS\Application Data\NCH Swift Sound

2009-04-14 22:37 . 2009-04-14 22:37 -------- d-----w i:\documents and settings\Hill.RICARDO\Application Data\Uniblue

2009-03-12 16:30 . 2009-03-12 16:30 133 ---ha-w I:\hpothb07.dat

2009-03-09 03:19 . 2009-02-01 13:22 410984 ----a-w i:\windows\system32\deploytk.dll

2009-03-06 14:23 . 2006-04-10 12:00 285696 ----a-w i:\windows\system32\pdh.dll

2009-03-03 00:16 . 2006-04-10 12:00 826368 ----a-w i:\windows\system32\wininet.dll

2008-03-01 13:58 . 2008-03-01 13:58 25605664 ----a-w i:\program files\qhntplus2008.exe

2008-02-26 01:34 . 2008-02-26 01:29 25212600 ----a-w i:\program files\qhnteval quick Heal.exe

2008-02-07 19:23 . 2008-02-07 19:23 387968 ----a-w i:\program files\spywarefighter.exe

2008-02-07 19:07 . 2008-02-07 23:45 1406096 ----a-w i:\program files\spamfighter_web.exe

2008-02-07 00:24 . 2008-02-07 00:24 870008 ------w i:\program files\Google Updater.exe

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="i:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"PopUpStopperFreeEdition"="e:\program files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe" [2005-03-17 536576]

"swg"="i:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-02 68856]

"OM_Monitor"="e:\backup g schijf bestuuring\Program Files\Monitor.exe" [2004-08-06 61440]

"OM2_Monitor"="i:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-05-15 95536]

"TomTomHOME.exe"="e:\backup g schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-04-08 251240]

"PC Suite Tray"="c:\program files\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]

"SpybotSD TeaTimer"="e:\backup k schijf applicaties\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

"AROReminder"="i:\program files\Advanced Registry Optimizer\aro.exe" [2008-08-22 2084480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="i:\windows\ehome\ehtray.exe" [2005-08-17 64512]

"GrooveMonitor"="i:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]

"NeroFilterCheck"="i:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-05-28 570664]

"StartCCC"="i:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]

"NSLauncher"="i:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2006-11-28 2658304]

"tsnpstd3"="i:\windows\tsnpstd3.exe" [2006-08-21 114688]

"QuickTime Task"="i:\program files\QuickTime\qttask.exe" [2008-05-27 413696]

"iTunesHelper"="i:\program files\iTunes\iTunesHelper.exe" [2008-07-30 289064]

"PAC207_Monitor"="i:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]

"Monitor"="i:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]

"Email Protection"="i:\progra~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE" [2009-01-23 267640]

"Update Scheduler"="i:\progra~1\QUICKH~1\QUICKH~1\UPSCHD.EXE" [2009-01-23 95608]

"Startup Scan"="i:\progra~1\QUICKH~1\QUICKH~1\Sensor.EXE" [2009-01-23 144760]

"ResumeQuickupDownload"="i:\progra~1\QUICKH~1\QUICKH~1\acappaa.exe" [2009-01-23 95608]

"Quick Heal Monitor"="i:\progra~1\QUICKH~1\QUICKH~2\op_mon.exe" [2008-07-31 1941504]

"RemoteControl"="E:\PDVDServ.exe" [2007-01-08 68640]

"LanguageShortcut"="e:\language\Language.exe" [2007-01-08 52256]

"Adobe Reader Speed Launcher"="i:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"SunJavaUpdateSched"="i:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]

"StorageGuard"="i:\program files\VERITAS Software\Update Manager\sgtray.exe" [2002-06-17 155648]

"MMTray"="i:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2003-03-14 143360]

"SPAMfighter Agent"="i:\program files\SPAMfighter\SFAgent.exe" [2009-03-12 326792]

"Resume Quickup"="i:\progra~1\QUICKH~1\QUICKH~1\QuickUp.exe" [2009-05-15 284024]

"RTHDCPL"="RTHDCPL.EXE" - i:\windows\RTHDCPL.exe [2006-10-30 16269312]

"SkyTel"="SkyTel.EXE" - i:\windows\SkyTel.exe [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Startup Scan"="i:\progra~1\QUICKH~1\QUICKH~1\Sensor.EXE" [2009-01-23 144760]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="i:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"svc"="c:\program files\ThunMail\testabd.exe" [2009-05-27 61440]

i:\documents and settings\Hill.RICARDO\Menu Start\Programma's\Opstarten\

OneNote 2007 Schermopname en Snel starten.lnk - i:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

i:\documents and settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\

hp psc 2000 Series.lnk - e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpobnz08.exe [2003-4-6 323646]

hpoddt01.exe.lnk - e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]

Windows Search.lnk - i:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

"NoSecCPL"= 0 (0x0)

"NoDevMgrPage"= 0 (0x0)

"NoConfigPage"= 0 (0x0)

"NoVirtMemPage"= 0 (0x0)

"NoFileSysPage"= 0 (0x0)

"NoNetSetup"= 0 (0x0)

"NoNetSetupIDPage"= 0 (0x0)

"NoNetSetupSecurityPage"= 0 (0x0)

"NoWorkgroupContents"= 0 (0x0)

"NoEntireNetwork"= 0 (0x0)

"NoFileSharingControl"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoThumbnailCache"= 1 (0x1)

"RestrictRun"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoSetActiveDesktop"= 1 (0x1)

"NoActiveDesktopChanges"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "i:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"i:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"i:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"i:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"i:\\Program Files\\LimeWire\\LimeWire.exe"=

"i:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"i:\\Program Files\\Messenger\\msmsgs.exe"=

"e:\\backup G Schijf bestuuring\\Program Files\\LimeWire pro\\LimeWire.exe"=

"i:\\Program Files\\iTunes\\iTunes.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"i:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 SandBox;SandBox;i:\windows\system32\drivers\SandBox.sys [23-1-2009 21:27 673920]

R2 acssrv;Quick Heal Client Security Service;i:\progra~1\QUICKH~1\QUICKH~2\acs.exe [23-1-2009 21:27 1224704]

R2 catflt;catflt;i:\windows\system32\drivers\catflt.sys [23-1-2009 21:01 65144]

R2 EMLSS;EMLSS;i:\windows\system32\drivers\EMLTDI.SYS [23-1-2009 21:01 28656]

R2 gearsec;gearsec;i:\windows\system32\gearsec.exe [30-11-2005 12:43 58952]

R2 Quick Heal Antivirus Plus Mail Protection;Quick Heal Antivirus Plus Mail Protection;i:\progra~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE [23-1-2009 21:01 50552]

R2 Quick Update Service;Quick Update Service;i:\progra~1\QUICKH~1\QUICKH~1\quhlpsvc.exe [23-1-2009 21:01 58744]

R2 SPAMfighter Update Service;SPAMfighter Update Service;i:\program files\SPAMfighter\sfus.exe [16-1-2009 11:11 184968]

R2 TomTomHOMEService;TomTomHOMEService;e:\backup g schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMEService.exe [8-4-2009 12:38 92008]

R3 afw;Agnitum firewall driver;i:\windows\system32\drivers\afw.sys [23-1-2009 21:27 30864]

R3 afwcore;afwcore;i:\windows\system32\drivers\afwcore.sys [23-1-2009 21:28 234640]

R3 PAC207;Trust 100K Series Webcam;i:\windows\system32\drivers\PFC027.SYS [1-1-2009 2:57 618112]

S3 hitmanpro3;Hitman Pro 3 Support Driver; [x]

S3 sndintd;sndintd; [x]

S3 SpyFighter;SpyFighter Guard Device;i:\program files\SPYWAREfighter\spyfighter.sys [21-2-2008 15:38 8336]

S3 SPYWAREfighterRP;SPYWAREfighterRP;i:\program files\SPYWAREfighter\spfprc.exe [21-2-2008 15:37 406160]

S4 Online Protection System;Online Protection System;i:\progra~1\QUICKH~1\QUICKH~1\opssvc.exe [23-1-2009 21:01 17272]

.

Inhoud van de 'Gedeelde Taken' map

2009-05-31 i:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job

- i:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 09:20]

2009-05-03 i:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 2100 series5E771253C1676EBED677BF361FDFC537825E15B8241360262.job

- e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]

2009-05-31 i:\windows\Tasks\Google Software Updater.job

- i:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-02-02 19:04]

2009-05-31 i:\windows\Tasks\RegTool Scan.job

- l:\bestanden en set ups\RegTool\RegTool.exe [2009-05-02 06:40]

.

- - - - ORPHANS VERWIJDERD - - - -

SafeBoot-procexp90.Sys

.

------- Bijkomende Scan -------

.

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uStart Page = about:blank

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - i:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2009-05-31 14:14

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(960)

i:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3108)

e:\program files\Panicware\Pop-Up Stopper Free Edition\XAHook.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

i:\windows\system32\ati2evxx.exe

i:\windows\system32\ati2evxx.exe

i:\program files\Bonjour\mDNSResponder.exe

i:\windows\ehome\ehRecvr.exe

i:\windows\ehome\ehSched.exe

i:\program files\Java\jre6\bin\jqs.exe

i:\program files\Common Files\LightScribe\LSSrvc.exe

i:\program files\Cyberlink\Shared Files\RichVideo.exe

i:\progra~1\QUICKH~1\QUICKH~1\SCANWSCS.EXE

i:\windows\ehome\mcrdsvc.exe

i:\windows\system32\searchindexer.exe

i:\windows\system32\dllhost.exe

i:\windows\system32\wscntfy.exe

i:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

i:\windows\ehome\ehmsas.exe

i:\program files\PC Connectivity Solution\ServiceLayer.exe

i:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe

i:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe

i:\windows\system32\msiexec.exe

i:\program files\iPod\bin\iPodService.exe

e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpoevm08.exe

i:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hposts08.exe

.

**************************************************************************

.

Voltooingstijd: 2009-05-31 14:21 - machine werd herstart

ComboFix-quarantined-files.txt 2009-05-31 12:21

Pre-Run: 5.442.093.056 bytes beschikbaar

Post-Run: 5.418.242.048 bytes beschikbaar

WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

i:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /fastdetect /NoExecute=OptIn

327 --- E O F --- 2009-05-23 01:17

Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

i:\windows\system32\b2.exe

i:\windows\system32\vic_setup.exe

i:\windows\Tasks\RegTool Scan.job

Folder::

i:\documents and settings\Hill.RICARDO\Application Data\RegTool

Driver::

sndintd

Registry::

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"svc"=-

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.

Geplaatst:

Bij deze het gevraagde.

Eerst van combofix

ComboFix 09-05-31.02 - Hill 01-06-2009 0:53.4 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2047.1283 [GMT 2:00]

Gestart vanuit: i:\documents and settings\Hill.RICARDO\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: i:\documents and settings\Hill.RICARDO\Bureaublad\CFScript.txt

AV: Quick Heal 10.00 *On-access scanning disabled* (Updated) {05C1329D-F0E0-4B19-9D15-54F9BC3ADE87}

FW: Quick Heal Firewall Pro *enabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}

FILE ::

"i:\windows\system32\b2.exe"

"i:\windows\system32\vic_setup.exe"

"i:\windows\Tasks\RegTool Scan.job"

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

i:\documents and settings\Hill.RICARDO\Application Data\RegTool

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-23 02-53-500.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-23 03-13-370.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-23 09-13-310.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-23 12-00-000.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-23 12-00-001.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-23 18-18-450.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-24 14-09-120.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-25 06-47-260.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-25 12-00-000.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-25 12-00-001.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-26 07-16-240.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-26 12-00-000.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-26 12-00-001.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-27 07-47-340.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-27 12-00-000.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-27 12-00-001.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-27 17-38-580.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-27 17-42-150.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-28 12-00-000.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-28 12-00-001.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-30 12-00-000.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-30 12-00-001.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-31 12-00-000.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Logs\2009-05-31 12-00-001.log

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 02-56-160\filelist.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\file0.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\file1.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\file2.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\file3.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\file4.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\filelist.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-0.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-1.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-10.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-11.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-12.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-13.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-14.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-2.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-3.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-4.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-5.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-6.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-7.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-8.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 03-04-020\regb-9.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\file0.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\filelist.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-0.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-1.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-10.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-11.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-12.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-13.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-14.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-15.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-16.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-17.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-18.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-19.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-2.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-20.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-21.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-22.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-23.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-24.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-25.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-26.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-3.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-4.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-5.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-6.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-7.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-8.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-23 17-59-570\regb-9.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\file0.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\file1.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\file2.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\file3.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\filelist.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-0.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-1.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-2.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-3.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-4.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-5.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-6.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-7.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-25 13-30-070\regb-8.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\file0.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\filelist.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\regb-0.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\regb-1.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\regb-2.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\regb-3.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\regb-4.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\regb-5.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\regb-6.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-26 19-08-330\regb-7.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\file0.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\file1.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\file2.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\filelist.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-0.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-1.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-10.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-11.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-2.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-3.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-4.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-5.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-6.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-7.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-8.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-27 17-34-130\regb-9.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-28 16-31-050\filelist.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-28 16-31-050\regb-0.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-28 16-31-050\regb-1.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-28 16-31-050\regb-2.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-28 16-31-050\regb-3.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-28 16-31-050\regb-4.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-28 16-31-050\regb-5.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-30 23-34-580\filelist.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-30 23-34-580\regb-0.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-30 23-34-580\regb-1.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-30 23-34-580\regb-2.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-30 23-34-580\regb-3.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-30 23-34-580\regb-4.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\QuarantineW\2009-05-30 23-34-580\regb-5.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Results\Evidence.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Results\Junk.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Results\Registry.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\Results\Update.db

i:\documents and settings\Hill.RICARDO\Application Data\RegTool\spy_ignore.db

i:\windows\system32\b2.exe

i:\windows\system32\vic_setup.exe

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_SNDINTD

-------\Service_sndintd

(((((((((((((((((((( Bestanden Gemaakt van 2009-04-28 to 2009-05-31 ))))))))))))))))))))))))))))))

.

2009-05-15 21:42 . 2009-05-15 21:42 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\Malwarebytes

2009-05-15 21:42 . 2009-04-06 13:32 15504 ----a-w- i:\windows\system32\drivers\mbam.sys

2009-05-15 21:42 . 2009-04-06 13:32 38496 ----a-w- i:\windows\system32\drivers\mbamswissarmy.sys

2009-05-15 21:42 . 2009-05-15 21:42 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes

2009-05-15 21:22 . 2009-05-15 21:22 -------- d-----w- i:\program files\The Weather Channel FW

2009-05-15 21:17 . 2009-05-15 21:17 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\Sammsoft

2009-05-15 21:16 . 2009-05-15 21:21 -------- d-----w- i:\program files\Advanced Registry Optimizer

2009-05-15 21:13 . 2009-05-15 21:13 -------- d-----w- i:\documents and settings\Hill.RICARDO\Local Settings\Application Data\The Weather Channel

2009-05-13 16:11 . 2009-05-13 16:16 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy

2009-05-13 16:06 . 2009-05-13 16:06 -------- d-----w- i:\program files\TeaTimer (Spybot - Search & Destroy)

2009-05-13 16:06 . 2009-05-13 16:06 -------- d-----w- i:\program files\SDHelper (Spybot - Search & Destroy)

2009-05-10 23:08 . 2008-12-11 10:57 333952 -c----w- i:\windows\system32\dllcache\srv.sys

2009-05-10 23:08 . 2008-10-24 11:21 455296 -c----w- i:\windows\system32\dllcache\mrxsmb.sys

2009-05-10 23:08 . 2008-10-15 16:37 337408 -c----w- i:\windows\system32\dllcache\netapi32.dll

2009-05-10 23:07 . 2008-04-11 19:06 691712 -c----w- i:\windows\system32\dllcache\inetcomm.dll

2009-05-10 23:07 . 2009-05-10 23:17 -------- d--h--w- i:\windows\$hf_mig$

2009-05-10 23:07 . 2008-06-14 17:36 272640 -c----w- i:\windows\system32\dllcache\bthport.sys

2009-05-10 23:07 . 2008-05-08 14:02 203136 -c----w- i:\windows\system32\dllcache\rmcast.sys

2009-05-10 22:44 . 2009-05-15 21:50 -------- dc----w- I:\ProgramData

2009-05-10 22:44 . 2009-05-10 22:44 -------- d-----w- i:\program files\Angle Interactive

2009-05-08 08:27 . 2009-05-08 08:27 -------- d-----w- i:\program files\Trend Micro

2009-05-03 16:09 . 2009-05-03 16:09 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\Nero

2009-05-03 15:16 . 2009-05-03 15:40 766 ----a-r- i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_template_icon.exe

2009-05-03 15:16 . 2009-05-03 15:40 766 ----a-r- i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_label_icon.exe

2009-05-03 15:16 . 2009-05-03 15:40 9158 ----a-r- i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_cdrLabel_chm_icon.exe

2009-05-03 15:16 . 2009-05-03 15:40 7406 ----a-r- i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_Register_url_icon.exe

2009-05-03 15:16 . 2009-05-03 15:40 7406 ----a-r- i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_RegCL_exe_icon.exe

2009-05-03 15:16 . 2009-05-03 15:40 7406 ----a-r- i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_cdrLabel_url_icon.exe

2009-05-03 15:16 . 2009-05-03 15:40 7398 ----a-r- i:\documents and settings\Hill.RICARDO\Application Data\Microsoft\Installer\{279FC9F9-1872-4927-AB0E-A93154F7D339}\_cdrLabel_exe_icon.exe

2009-05-03 14:10 . 2009-05-03 14:10 82380 ----a-w- i:\windows\system32\drivers\AFS2K.SYS

2009-05-03 14:05 . 2009-05-03 14:11 20480 ----a-w- i:\windows\hpoins01.dat

2009-05-03 14:05 . 2003-04-06 04:33 16622 ------w- i:\windows\hpomdl01.dat

2009-05-03 14:04 . 2003-03-09 20:31 81920 ----a-r- i:\windows\system32\hpovst08.dll

2009-05-03 00:47 . 2009-05-03 15:56 28276 ----a-w- i:\windows\system32\drivers\MxlW2k.sys

2009-05-03 00:46 . 2009-05-03 00:46 -------- d-----w- i:\program files\MUSICMATCH

2009-05-02 23:46 . 2009-05-02 23:52 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\VERITAS

2009-05-02 23:46 . 2009-05-02 23:46 -------- d-----w- i:\program files\VERITAS Software

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-05-31 23:00 . 2008-02-08 19:21 -------- d-----w- i:\program files\SPAMfighter

2009-05-31 20:56 . 2008-02-28 11:55 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\Skype

2009-05-31 19:14 . 2008-02-26 02:32 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\Google Updater

2009-05-31 15:56 . 2008-02-28 12:05 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\skypePM

2009-05-23 20:43 . 2008-02-27 23:11 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\Nokia

2009-05-23 20:27 . 2006-04-10 12:00 536884 ----a-w- i:\windows\system32\perfh013.dat

2009-05-23 20:27 . 2006-04-10 12:00 101106 ----a-w- i:\windows\system32\perfc013.dat

2009-05-23 01:09 . 2008-02-27 00:54 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\LimeWire

2009-05-15 20:07 . 2009-01-23 19:01 65144 ----a-w- i:\windows\system32\drivers\catflt.sys

2009-05-11 21:36 . 2009-04-17 17:55 -------- d---a-w- i:\documents and settings\All Users.WINDOWS\Application Data\TEMP

2009-05-10 23:31 . 2008-02-25 22:58 70008 ----a-w- i:\documents and settings\Hill.RICARDO\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-05-10 23:18 . 2008-02-25 22:19 86811 ----a-w- i:\windows\pchealth\helpctr\OfflineCache\index.dat

2009-05-03 15:55 . 2008-01-26 16:58 -------- d-----w- i:\program files\Common Files\Ahead

2009-05-03 00:46 . 2008-01-26 16:42 -------- d--h--w- i:\program files\InstallShield Installation Information

2009-04-30 22:34 . 2009-04-30 22:34 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\Ahead

2009-04-30 09:00 . 2008-02-27 00:53 -------- d-----w- i:\program files\Java

2009-04-30 08:59 . 2009-04-28 07:22 152576 ----a-w- i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\jre1.6.0_13\lzma.dll

2009-04-29 08:37 . 2008-06-04 16:58 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\Logishrd

2009-04-29 08:37 . 2008-06-04 16:58 -------- d-----w- i:\program files\Common Files\LogiShrd

2009-04-29 08:34 . 2008-03-01 18:09 -------- d-----w- i:\program files\Common Files\Logitech

2009-04-29 08:31 . 2008-02-06 00:51 -------- d-----w- i:\program files\NCH Swift Sound

2009-04-29 08:26 . 2008-02-04 18:05 -------- d-----w- i:\program files\Apple Software Update

2009-04-28 06:46 . 2008-01-26 17:10 -------- d-----w- i:\program files\Common Files\Nokia

2009-04-28 06:46 . 2008-01-26 17:09 -------- d-----w- i:\program files\Nokia

2009-04-28 06:46 . 2009-04-28 06:46 -------- d-----w- i:\program files\PC Connectivity Solution

2009-04-28 06:44 . 2008-07-21 15:37 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations

2009-04-28 06:44 . 2009-04-28 06:44 8192 ----a-w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe

2009-04-28 06:44 . 2009-04-28 06:44 61440 ----a-w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe

2009-04-28 06:44 . 2009-04-28 06:44 10240 ----a-w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe

2009-04-28 06:42 . 2009-04-28 06:44 34150776 ----a-w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_dut.exe

2009-04-27 16:23 . 2009-04-27 15:54 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\Spybot - Search & Destroy

2009-04-26 17:02 . 2009-04-15 21:02 -------- d-----w- i:\program files\Common Files\Adobe

2009-04-25 22:39 . 2009-04-25 22:39 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\CyberLink

2009-04-25 22:39 . 2009-04-25 22:39 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\CyberLink

2009-04-25 22:38 . 2009-04-25 22:38 -------- d-----w- i:\program files\Cyberlink

2009-04-18 10:25 . 2009-04-18 10:25 3351812 ----a-w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\msxml6Exec.exe

2009-04-18 10:25 . 2009-04-18 10:25 36864 ----a-w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\Sleep.exe

2009-04-18 10:25 . 2009-04-18 10:25 3181612 ----a-w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\Installer\CommonCustomActions\vcredistExec.exe

2009-04-18 10:24 . 2009-04-18 10:25 24528928 ----a-w- i:\documents and settings\All Users.WINDOWS\Application Data\Installations\{EF4F620F-F295-41D7-92C0-6B635709C850}\NokiaSoftwareUpdaterSetup_1.4.98NP.exe

2009-04-16 18:13 . 2009-04-16 18:13 -------- d-----w- i:\program files\AOER

2009-04-16 17:59 . 2008-02-25 22:41 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help

2009-04-16 16:36 . 2009-04-16 16:36 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\Windows Search

2009-04-16 05:02 . 2009-04-16 05:02 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\Windows Desktop Search

2009-04-16 04:55 . 2009-04-15 19:58 -------- d-----w- i:\program files\Downloaded Installers

2009-04-16 04:17 . 2008-01-26 17:37 -------- d-----w- i:\program files\MSBuild

2009-04-16 04:17 . 2009-04-16 04:17 -------- d-----w- i:\program files\Reference Assemblies

2009-04-15 21:45 . 2009-04-15 21:45 -------- d-----w- i:\program files\Windows Desktop Search

2009-04-15 21:04 . 2009-04-15 21:04 152576 ----a-w- i:\documents and settings\Hill.RICARDO\Application Data\Sun\Java\jre1.6.0_12\lzma.dll

2009-04-15 20:21 . 2008-02-24 20:45 -------- d-----w- i:\program files\internet explorer(2)

2009-04-15 20:21 . 2008-02-27 00:52 -------- d-----w- i:\program files\LimeWire

2009-04-14 23:16 . 2008-02-27 00:17 -------- d-----w- i:\documents and settings\All Users.WINDOWS\Application Data\NCH Swift Sound

2009-04-14 22:37 . 2009-04-14 22:37 -------- d-----w- i:\documents and settings\Hill.RICARDO\Application Data\Uniblue

2009-03-12 16:30 . 2009-03-12 16:30 133 ---ha-w- I:\hpothb07.dat

2009-03-09 03:19 . 2009-02-01 13:22 410984 ----a-w- i:\windows\system32\deploytk.dll

2009-03-06 14:23 . 2006-04-10 12:00 285696 ----a-w- i:\windows\system32\pdh.dll

2009-03-03 00:16 . 2006-04-10 12:00 826368 ----a-w- i:\windows\system32\wininet.dll

2008-03-01 13:58 . 2008-03-01 13:58 25605664 ----a-w- i:\program files\qhntplus2008.exe

2008-02-26 01:34 . 2008-02-26 01:29 25212600 ----a-w- i:\program files\qhnteval quick Heal.exe

2008-02-07 19:23 . 2008-02-07 19:23 387968 ----a-w- i:\program files\spywarefighter.exe

2008-02-07 19:07 . 2008-02-07 23:45 1406096 ----a-w- i:\program files\spamfighter_web.exe

2008-02-07 00:24 . 2008-02-07 00:24 870008 ------w- i:\program files\Google Updater.exe

.

((((((((((((((((((((((((((((( SnapShot@2009-05-31_12.14.41 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-05-31 22:57 . 2009-05-31 22:57 16384 i:\windows\Temp\Perflib_Perfdata_2d8.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="i:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"PopUpStopperFreeEdition"="e:\program files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe" [2005-03-17 536576]

"swg"="i:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-02 68856]

"OM_Monitor"="e:\backup g schijf bestuuring\Program Files\Monitor.exe" [2004-08-06 61440]

"OM2_Monitor"="i:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-05-15 95536]

"TomTomHOME.exe"="e:\backup g schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-04-08 251240]

"PC Suite Tray"="c:\program files\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]

"SpybotSD TeaTimer"="e:\backup k schijf applicaties\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

"AROReminder"="i:\program files\Advanced Registry Optimizer\aro.exe" [2008-08-22 2084480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="i:\windows\ehome\ehtray.exe" [2005-08-17 64512]

"GrooveMonitor"="i:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]

"NeroFilterCheck"="i:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-05-28 570664]

"StartCCC"="i:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]

"NSLauncher"="i:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2006-11-28 2658304]

"tsnpstd3"="i:\windows\tsnpstd3.exe" [2006-08-21 114688]

"QuickTime Task"="i:\program files\QuickTime\qttask.exe" [2008-05-27 413696]

"iTunesHelper"="i:\program files\iTunes\iTunesHelper.exe" [2008-07-30 289064]

"PAC207_Monitor"="i:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]

"Monitor"="i:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]

"Email Protection"="i:\progra~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE" [2009-01-23 267640]

"Update Scheduler"="i:\progra~1\QUICKH~1\QUICKH~1\UPSCHD.EXE" [2009-01-23 95608]

"Startup Scan"="i:\progra~1\QUICKH~1\QUICKH~1\Sensor.EXE" [2009-01-23 144760]

"ResumeQuickupDownload"="i:\progra~1\QUICKH~1\QUICKH~1\acappaa.exe" [2009-01-23 95608]

"Quick Heal Monitor"="i:\progra~1\QUICKH~1\QUICKH~2\op_mon.exe" [2008-07-31 1941504]

"RemoteControl"="E:\PDVDServ.exe" [2007-01-08 68640]

"LanguageShortcut"="e:\language\Language.exe" [2007-01-08 52256]

"Adobe Reader Speed Launcher"="i:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"SunJavaUpdateSched"="i:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]

"StorageGuard"="i:\program files\VERITAS Software\Update Manager\sgtray.exe" [2002-06-17 155648]

"MMTray"="i:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2003-03-14 143360]

"SPAMfighter Agent"="i:\program files\SPAMfighter\SFAgent.exe" [2009-03-12 326792]

"Resume Quickup"="i:\progra~1\QUICKH~1\QUICKH~1\QuickUp.exe" [2009-05-15 284024]

"On-Line Protection"="i:\progra~1\QUICKH~1\QUICKH~1\cateye.exe" [2009-05-15 210296]

"RTHDCPL"="RTHDCPL.EXE" - i:\windows\RTHDCPL.exe [2006-10-30 16269312]

"SkyTel"="SkyTel.EXE" - i:\windows\SkyTel.exe [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Startup Scan"="i:\progra~1\QUICKH~1\QUICKH~1\Sensor.EXE" [2009-01-23 144760]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="i:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

i:\documents and settings\Hill.RICARDO\Menu Start\Programma's\Opstarten\

OneNote 2007 Schermopname en Snel starten.lnk - i:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

i:\documents and settings\All Users.WINDOWS\Menu Start\Programma's\Opstarten\

hp psc 2000 Series.lnk - e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpobnz08.exe [2003-4-6 323646]

hpoddt01.exe.lnk - e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]

Windows Search.lnk - i:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

"NoSecCPL"= 0 (0x0)

"NoDevMgrPage"= 0 (0x0)

"NoConfigPage"= 0 (0x0)

"NoVirtMemPage"= 0 (0x0)

"NoFileSysPage"= 0 (0x0)

"NoNetSetup"= 0 (0x0)

"NoNetSetupIDPage"= 0 (0x0)

"NoNetSetupSecurityPage"= 0 (0x0)

"NoWorkgroupContents"= 0 (0x0)

"NoEntireNetwork"= 0 (0x0)

"NoFileSharingControl"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoThumbnailCache"= 1 (0x1)

"RestrictRun"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoSetActiveDesktop"= 1 (0x1)

"NoActiveDesktopChanges"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "i:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"i:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"i:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"i:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"i:\\Program Files\\LimeWire\\LimeWire.exe"=

"i:\\Program Files\\Messenger\\msmsgs.exe"=

"e:\\backup G Schijf bestuuring\\Program Files\\LimeWire pro\\LimeWire.exe"=

"i:\\Program Files\\iTunes\\iTunes.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"i:\\Program Files\\Skype\\Phone\\Skype.exe"=

"i:\\Program Files\\Bonjour\\mDNSResponder.exe"=

R1 SandBox;SandBox;i:\windows\system32\drivers\SandBox.sys [23-1-2009 21:27 673920]

R2 acssrv;Quick Heal Client Security Service;i:\progra~1\QUICKH~1\QUICKH~2\acs.exe [23-1-2009 21:27 1224704]

R2 catflt;catflt;i:\windows\system32\drivers\catflt.sys [23-1-2009 21:01 65144]

R2 EMLSS;EMLSS;i:\windows\system32\drivers\EMLTDI.SYS [23-1-2009 21:01 28656]

R2 gearsec;gearsec;i:\windows\system32\gearsec.exe [30-11-2005 12:43 58952]

R2 Online Protection System;Online Protection System;i:\progra~1\QUICKH~1\QUICKH~1\opssvc.exe [23-1-2009 21:01 17272]

R2 Quick Heal Antivirus Plus Mail Protection;Quick Heal Antivirus Plus Mail Protection;i:\progra~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE [23-1-2009 21:01 50552]

R2 Quick Update Service;Quick Update Service;i:\progra~1\QUICKH~1\QUICKH~1\quhlpsvc.exe [23-1-2009 21:01 58744]

R2 SPAMfighter Update Service;SPAMfighter Update Service;i:\program files\SPAMfighter\sfus.exe [16-1-2009 11:11 184968]

R2 TomTomHOMEService;TomTomHOMEService;e:\backup g schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMEService.exe [8-4-2009 12:38 92008]

R3 afw;Agnitum firewall driver;i:\windows\system32\drivers\afw.sys [23-1-2009 21:27 30864]

R3 afwcore;afwcore;i:\windows\system32\drivers\afwcore.sys [23-1-2009 21:28 234640]

R3 PAC207;Trust 100K Series Webcam;i:\windows\system32\drivers\PFC027.SYS [1-1-2009 2:57 618112]

S3 hitmanpro3;Hitman Pro 3 Support Driver; [x]

S3 SpyFighter;SpyFighter Guard Device;i:\program files\SPYWAREfighter\spyfighter.sys [21-2-2008 15:38 8336]

S3 SPYWAREfighterRP;SPYWAREfighterRP;i:\program files\SPYWAREfighter\spfprc.exe [21-2-2008 15:37 406160]

.

Inhoud van de 'Gedeelde Taken' map

2009-05-31 i:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job

- i:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 09:20]

2009-05-03 i:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 2100 series5E771253C1676EBED677BF361FDFC537825E15B8241360262.job

- e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]

2009-05-31 i:\windows\Tasks\Google Software Updater.job

- i:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-02-02 19:04]

.

.

------- Bijkomende Scan -------

.

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uStart Page = about:blank

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - i:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

.

**************************************************************************

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden:

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(960)

i:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3856)

e:\program files\Panicware\Pop-Up Stopper Free Edition\XAHook.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

i:\windows\system32\ati2evxx.exe

i:\windows\system32\ati2evxx.exe

i:\program files\Bonjour\mDNSResponder.exe

i:\windows\ehome\ehRecvr.exe

i:\windows\ehome\ehSched.exe

i:\program files\Java\jre6\bin\jqs.exe

i:\program files\Common Files\LightScribe\LSSrvc.exe

i:\program files\Cyberlink\Shared Files\RichVideo.exe

i:\progra~1\QUICKH~1\QUICKH~1\SCANWSCS.EXE

i:\windows\ehome\mcrdsvc.exe

i:\windows\system32\searchindexer.exe

i:\windows\system32\dllhost.exe

i:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

i:\windows\ehome\ehmsas.exe

i:\program files\PC Connectivity Solution\ServiceLayer.exe

i:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe

i:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe

i:\progra~1\QUICKH~1\QUICKH~1\onlinent.exe

i:\program files\iPod\bin\iPodService.exe

i:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

i:\windows\system32\msiexec.exe

e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpoevm08.exe

e:\backup g schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hposts08.exe

.

**************************************************************************

.

Voltooingstijd: 2009-05-31 1:02 - machine werd herstart

ComboFix-quarantined-files.txt 2009-05-31 23:02

ComboFix2.txt 2009-05-31 22:37

ComboFix3.txt 2009-05-31 22:26

ComboFix4.txt 2009-05-31 12:21

Pre-Run: 5.360.648.192 bytes beschikbaar

Post-Run: 5.365.350.400 bytes beschikbaar

432 --- E O F --- 2009-05-23 01:17

==============================================================

hijackThis

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 1:05:02, on 1-6-2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16827)

Boot mode: Normal

Running processes:

I:\WINDOWS\System32\smss.exe

I:\WINDOWS\system32\winlogon.exe

I:\WINDOWS\system32\services.exe

I:\WINDOWS\system32\lsass.exe

I:\WINDOWS\system32\Ati2evxx.exe

I:\WINDOWS\system32\svchost.exe

I:\WINDOWS\System32\svchost.exe

I:\WINDOWS\system32\Ati2evxx.exe

I:\WINDOWS\system32\spoolsv.exe

I:\Program Files\Bonjour\mDNSResponder.exe

I:\WINDOWS\eHome\ehRecvr.exe

I:\WINDOWS\eHome\ehSched.exe

I:\WINDOWS\system32\gearsec.exe

I:\Program Files\Java\jre6\bin\jqs.exe

I:\Program Files\Common Files\LightScribe\LSSrvc.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\opssvc.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE

I:\PROGRA~1\QUICKH~1\QUICKH~1\quhlpsvc.exe

I:\Program Files\Cyberlink\Shared Files\RichVideo.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\scanwscs.exe

I:\Program Files\SPAMfighter\sfus.exe

I:\WINDOWS\system32\svchost.exe

E:\backup G Schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMEService.exe

I:\WINDOWS\system32\SearchIndexer.exe

I:\WINDOWS\system32\dllhost.exe

I:\WINDOWS\ehome\ehtray.exe

I:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

I:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe

I:\WINDOWS\RTHDCPL.EXE

I:\WINDOWS\eHome\ehmsas.exe

I:\Program Files\PC Connectivity Solution\ServiceLayer.exe

I:\WINDOWS\tsnpstd3.exe

I:\Program Files\iTunes\iTunesHelper.exe

I:\WINDOWS\PixArt\PAC207\Monitor.exe

I:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE

I:\PROGRA~1\QUICKH~1\QUICKH~1\UPSCHD.EXE

I:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

E:\PDVDServ.exe

I:\Program Files\Java\jre6\bin\jusched.exe

I:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

I:\Program Files\SPAMfighter\SFAgent.exe

I:\PROGRA~1\QUICKH~1\QUICKH~1\OnlineNT.EXE

I:\WINDOWS\system32\ctfmon.exe

E:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe

I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

E:\backup G Schijf bestuuring\Program Files\Monitor.exe

I:\Program Files\iPod\bin\iPodService.exe

E:\backup G Schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\program Files\Nokia PC Suite 7\PCSuite.exe

I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

I:\WINDOWS\system32\msiexec.exe

E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpobnz08.exe

E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpotdd01.exe

I:\Program Files\Windows Desktop Search\WindowsSearch.exe

I:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpoevm08.exe

E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\Bin\hpoSTS08.exe

I:\WINDOWS\explorer.exe

I:\WINDOWS\system32\SearchProtocolHost.exe

I:\Program Files\Trend Micro\HijackThis\HijackThis.exe

I:\Program Files\Internet Explorer\IEXPLORE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - I:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\BA5FEC~1\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll

O2 - BHO: EmailBHO - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - E:\backup G Schijf bestuuring\Program Files\jZip\WebmailPlugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - I:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - I:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - I:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - I:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - I:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - I:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [ehTray] I:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [GrooveMonitor] "I:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] I:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [startCCC] I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKLM\..\Run: [NSLauncher] I:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [tsnpstd3] I:\WINDOWS\tsnpstd3.exe

O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "I:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [PAC207_Monitor] I:\WINDOWS\PixArt\PAC207\Monitor.exe

O4 - HKLM\..\Run: [Monitor] I:\WINDOWS\PixArt\PAC207\Monitor.exe

O4 - HKLM\..\Run: I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE

O4 - HKLM\..\Run: [update Scheduler] I:\PROGRA~1\QUICKH~1\QUICKH~1\UPSCHD.EXE /CHECK

O4 - HKLM\..\Run: [startup Scan] I:\PROGRA~1\QUICKH~1\QUICKH~1\Sensor.EXE /LOADRUN

O4 - HKLM\..\Run: [ResumeQuickupDownload] I:\PROGRA~1\QUICKH~1\QUICKH~1\acappaa.exe

O4 - HKLM\..\Run: [Quick Heal Monitor] I:\PROGRA~1\QUICKH~1\QUICKH~2\op_mon.exe /tray /noservice

O4 - HKLM\..\Run: [RemoteControl] E:\PDVDServ.exe

O4 - HKLM\..\Run: [LanguageShortcut] E:\Language\Language.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [storageGuard] "I:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [MMTray] I:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

O4 - HKLM\..\Run: [sPAMfighter Agent] "I:\Program Files\SPAMfighter\SFAgent.exe" update delay 60

O4 - HKLM\..\Run: [Resume Quickup] I:\PROGRA~1\QUICKH~1\QUICKH~1\QuickUp.exe /resumei /silent /show

O4 - HKLM\..\Run: [On-Line Protection] I:\PROGRA~1\QUICKH~1\QUICKH~1\cateye.exe

O4 - HKLM\..\RunOnce: [startup Scan] I:\PROGRA~1\QUICKH~1\QUICKH~1\Sensor.EXE /check

O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "E:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"

O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [OM_Monitor] E:\backup G Schijf bestuuring\Program Files\Monitor.exe

O4 - HKCU\..\Run: [OM2_Monitor] "I:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart

O4 - HKCU\..\Run: [TomTomHOME.exe] "E:\backup G Schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [PC Suite Tray] "C:\program Files\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKCU\..\Run: [spybotSD TeaTimer] E:\backup K Schijf applicaties\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [AROReminder] I:\Program Files\Advanced Registry Optimizer\aro.exe -rem

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = I:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: hp psc 2000 Series.lnk = E:\backup G Schijf bestuuring\Program Files\printer HP\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: hpoddt01.exe.lnk = ?

O4 - Global Startup: Windows Search.lnk = I:\Program Files\Windows Desktop Search\WindowsSearch.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\BA5FEC~1\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\BA5FEC~1\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1211811587296

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - I:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - I:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O23 - Service: Quick Heal Client Security Service (acssrv) - Quick Heal Technologies (P) Ltd. - I:\PROGRA~1\QUICKH~1\QUICKH~2\acs.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - I:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: gearsec - GEAR Software - I:\WINDOWS\system32\gearsec.exe

O23 - Service: Google Software Updater (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - I:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Online Protection System - Quick Heal Technologies (P) Ltd. - I:\PROGRA~1\QUICKH~1\QUICKH~1\opssvc.exe

O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Quick Heal Antivirus Plus Mail Protection - Quick Heal Technologies (P) Ltd. - I:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE

O23 - Service: Quick Update Service - Quick Heal Technologies (P) Ltd. - I:\PROGRA~1\QUICKH~1\QUICKH~1\quhlpsvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - I:\Program Files\Cyberlink\Shared Files\RichVideo.exe

O23 - Service: Quick Heal Helper Service WSC (ScanWscS) - Quick Heal Technologies (P) Ltd. - I:\PROGRA~1\QUICKH~1\QUICKH~1\scanwscs.exe

O23 - Service: ServiceLayer - Nokia. - I:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - I:\Program Files\SPAMfighter\sfus.exe

O23 - Service: SPYWAREfighterRP - SpamFighter APS - I:\Program Files\SPYWAREfighter\spfprc.exe

O23 - Service: TomTomHOMEService - TomTom - E:\backup G Schijf bestuuring\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--

End of file - 12838 bytes


×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.