[ah24]

Hi guys,

Geplaatst op hier een tijdje terug met virus problemen op mijn laptop - Evil hielp massaal en de laptop draait perfect!

Maar .... nu is mijn bloedige desktop heeft iets

Vorige week kreeg ik een e-mail via Bebo van een van mijn kameraden zeggen check deze video van mij en de juffrouw van vrijdag (en ik wist dat ze was gegaan op vrijdag dus vond het eigenlijk met hem) anyways, open ik het hebben het installeren van een nieuwe speler .... en dat is waar ik denk dat het virus vandaan komt. Een doos komen met een lading van dingen die ik begreep toen ging het down hill vanaf daar ..

Nu heb ik cant get op bepaalde sites, dat of het duurt me te vernieuwen hit over een honderd keer! Soms is een site deelladingen ..... en mensen blijven die rare berichten van mij op facebook

Enig idee wat de hel is dit en hoe het te sorteren? Ook ben ik niet zeker of het verband zouden kunnen houden, maar aangezien dit alles, mijn Sky + box gewoon werkzaamheden?! Op dit moment niet eens aan gaat ... Ik twijfel zijn verbonden, maar dacht dat ik zou controleren ..

Help alsjeblieft!

[Hybr! D]

Volg de gids en na de log-bestanden als vroeger please.

[ah24]

Logbestand van Trend Micro HijackThis v2.0.2
Scan saved at 22:18:20, op 06/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Draaiende processen:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ PhotoshopElementsFileAgent.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
C: \ WINDOWS \ explorer.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ system32 \ igfxpers.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ WinZip \ WZQKPICK.EXE
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgam.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgrsx.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgnsx.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
C: \ Program Files \ AVG \ AVG8 \ avgtray.exe
C: \ Program Files \ AVG \ AVG8 \ avgui.exe
C: \ Program Files \ AVG \ AVG8 \ avgscanx.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/ig?hl=en
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (geen naam) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (geen file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / r
O4 - HKLM \ .. \ Run: [Realtime Monitor] C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe-s
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ apdproxy.exe"
O4 - HKLM \ .. \ Run: [AVG8_TRAY] C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Sony Ericsson PC Suite] "C: \ Program Files \ Sony Ericsson \ Sony Ericsson PC Suite \ SEPCSuite.exe" / systray / nologon
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C: \ Program Files \ WinZip \ WZQKPICK.EXE
O8 - Extra context menu item: E & xporteren naar Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office11 \ EXCEL.EXE/3000
O9 - Extra button: (geen naam) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: Onderzoek - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office11 \ REFIEBAR.DLL
O9 - Extra button: (geen naam) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Class) -- http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: (138E6DC9-722B-4F4B-B09D-95D191869696) (Bebo Uploader Control) -- http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG \ AVG8 \ avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Onbekende eigenaar - C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ PhotoshopElementsFileAgent.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
O23 - Service: AVG8 watchdog (avg8wd) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc - C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc - C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc - C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
O23 - Service: iPod Service - Apple Computer, Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
--
End of file - 7142 bytes

[evilfantasy]

U loopt twee antivirus op hetzelfde moment.

Ik (evenals Microsoft, McAfee en Symantec) Raden u DO NOT hebben meer dan een antivirus-product is geïnstalleerd en draait op uw computer op een moment.

De real-time bescherming van twee antivirusprogramma's niet in strijd mogen zijn met elkaar en leiden tot het volgende:

1) Valse alarmen: Wanneer de anti-virus software vertelt u dat uw pc heeft een virus, wanneer het eigenlijk niet.
2) Conflicten: Uw systeem kan crashen als gevolg van zowel producten proberen toegang te krijgen tot hetzelfde bestand tegelijk.
3) Prestaties: Meer dan een antivirusprogramma zal ertoe leiden dat uw computer wordt traag en het kan zelfs crash of blauw scherm.

Ik raad je sterk aan ofwel configureren slechts een antivirusprogramma automatische real-time scannen mogelijk te maken, en laat de rest met een handicap, ze te gebruiken voor on-demand scanners of ga naar Start > Control Panel > Software en verwijder alle behalve een antivirusprogramma.

Verwijder een nu om te voorkomen dat problemen met de scans en fixes we moeten maken.

----------

Downloaden Malwarebytes' Anti-Malware (MBAM)

• Dubbelklik op mbam-setup.exe en volg de instructies om het programma te installeren.
• Aan het eind, moet u een vinkje is geplaatst naast het volgende:
  • Update Malwarebytes' Anti-Malware
  • Start Malwarebytes' Anti-Malware
• Klik vervolgens op Voltooien.
• Als een update wordt gevonden, zal het downloaden en installeren van de nieuwste versie.
• Zodra het programma is geladen, selecteert u Voeren quick scanKlik vervolgens op Scan.
• Wanneer de scan is voltooid, klikt u op OK, Dan Toon resultaten om de resultaten.
• Zorg ervoor dat alles wordt gecontroleerd, en klik op Verwijder Geselecteerde.
• Wanneer ontsmettingswerkzaamheden voltooid is, een log zal openen in Kladblok en u wordt gevraagd opnieuw op te starten. (Zie extra opmerking)
• Het log wordt automatisch bewaard door MBAM en kan bekeken worden door te klikken op de Logs tab in MBAM.
• Kopieer en plak de hele rapport in je volgende antwoord.

Extra Opmerking: Indien MBAM ontmoetingen een bestand dat is moeilijk te verwijderen, wordt u aangeboden met 1 of 2 wordt gevraagd, klikt u op OK om beide en laat MBAM gaan met de ontsmetting proces, indien gevraagd om de computer te herstarten, doe dat dan meteen.

----------

Downloaden random het systeem informatie-instrument (RSIT) door random / willekeurig uit en sla het op uw bureaublad.

• Dubbelklik op RSIT.exe te lopen.
• Klik op Doorgaan op de disclaimer scherm.
• Zodra dit klaar is, zullen twee logs openen.
• log.txt <zal worden gemaximaliseerd en info.txt <wordt geminimaliseerd
• Please post de inhoud van beide logs in het volgende antwoord.

[ah24]

Ik zal uitschakelen en zich te ontdoen van AVG nu ...

Gewoon om u te laten weten, thats alleen hier ongeveer een uur of zo denk ik - iemand anders heeft aanbevolen dat, zodat ik snel het DL'd en heb niet ontdoen van het nog ...

Zal logs post in een paar minuten

[evilfantasy]

CA en AVG zijn ongeveer hetzelfde in mijn mening. Dus ik denk niet dat de installatie het zou doen geen goed.

[ah24]

RST De willekeurige log;

"Log.txt":

Logbestand van de random-systeem informatie-instrument 1,04 (geschreven door random / random)
Geleid door Adam op 2008-11-06 22:43:21
Microsoft Windows XP Professional Service Pack 2
System drive C: has 42 GB (57%) vrij van 73 GB
Totaal RAM: 510 MB (36% gratis)
Logbestand van Trend Micro HijackThis v2.0.2
Scan saved at 22:43:38, op 06/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Draaiende processen:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ PhotoshopElementsFileAgent.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ system32 \ igfxpers.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ WinZip \ WZQKPICK.EXE
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Malwarebytes' Anti-Malware \ mbam.exe
C: \ Documents and Settings \ Adam \ Desktop \ RSIT.exe
C: \ Program Files \ Trend Micro \ HijackThis \ Adam.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/ig?hl=en
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll (file missing)
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (geen naam) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (geen file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / r
O4 - HKLM \ .. \ Run: [Realtime Monitor] C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe-s
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ apdproxy.exe"
O4 - HKLM \ .. \ RunOnce: [Malwarebytes' Anti-Malware] C: \ Program Files \ Malwarebytes' Anti-Malware \ mbamgui.exe / install / silent
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Sony Ericsson PC Suite] "C: \ Program Files \ Sony Ericsson \ Sony Ericsson PC Suite \ SEPCSuite.exe" / systray / nologon
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C: \ Program Files \ WinZip \ WZQKPICK.EXE
O8 - Extra context menu item: E & xporteren naar Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office11 \ EXCEL.EXE/3000
O9 - Extra button: (geen naam) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: Onderzoek - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office11 \ REFIEBAR.DLL
O9 - Extra button: (geen naam) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Class) -- http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: (138E6DC9-722B-4F4B-B09D-95D191869696) (Bebo Uploader Control) -- http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Onbekende eigenaar - C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ PhotoshopElementsFileAgent.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc - C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc - C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc - C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
O23 - Service: iPod Service - Apple Computer, Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
--
End of file - 6709 bytes
====== Geplande taken map ======
C: \ WINDOWS \ taken \ AppleSoftwareUpdate.job
====== Registry dump ======
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3)]
Adobe PDF Reader Link Helper - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0)]
AVG Safe Search - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll []
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (5CA3D70E-1895-11CF-8E15-001234567890)]
DriveLetterAccess - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll [2004-08-13 118842]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (761497BB-D6F0-462C-B6EB-D4DAF1D92D43)]
SSVHelper Class - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (7E853D72-626A-48EC-A868-BA8D5E23E045)]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (9030D464-4C02-4ABF-8ECC-5164760863C6)]
Windows Live Sign-in Helper - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll [2006-07-07 324416]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Run]
"NeroFilterCheck" = C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe [2004-10-14 1404928]
"dla" = "C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup [2004-08-13 122939]
"SunJavaUpdateSched" = "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe [2004-01-07 110592]
"Realtime Monitor" = "C: \ PROGRA ~ 1 \ CA \ ETRUST ~ 1 \ realmon.exe [2004-04-06 504080]
"" = []
"IgfxTray" = C: \ WINDOWS \ system32 \ igfxtray.exe [2005-09-20 94208]
"ehTray" = "C: \ WINDOWS \ system32 \ hkcmd.exe [2005-09-20 77824]
"PinnacleDriverCheck" = C: \ WINDOWS \ system32 \ NeroCheck.exe [2005-09-20 114688]
"QuickTime Task" = C: \ Program Files \ QuickTime \ qttask.exe [2006-10-25 282624]
"iTunesHelper" = C: \ Program Files \ iTunes \ iTunesHelper.exe [2006-10-30 256576]
"SunJavaUpdateSched" = C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe [2008-06-10 144784]
"Adobe Photo Downloader" = "C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ apdproxy.exe [2006-09-14 61440]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ RunOnce]
"Malwarebytes 'Anti-Malware" = "C: \ Program Files \ Malwarebytes' Anti-Malware \ mbamgui.exe [2008-10-22 399504]
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"Ctfmon.exe" = C: \ WINDOWS \ system32 \ Ctfmon.exe [2004-08-04 15360]
"Sony Ericsson PC Suite" = "C: \ Program Files \ Sony Ericsson \ Sony Ericsson PC Suite \ SEPCSuite.exe [2007-10-18 356352]
C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup
Adobe Reader Speed Launch.lnk - C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe
Adobe Reader Synchronizer.lnk - C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
WinZip Quick Pick.lnk - C: \ Program Files \ WinZip \ WZQKPICK.EXE
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \ igfxcui]
C: \ WINDOWS \ system32 \ igfxdev.dll [2005-09-20 135168]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Policies \ System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"LegalNoticeText" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Policies \ Explorer]
"NoDriveTypeAutoRun" = 145
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Servic es \ SharedAccess \ Parameters \ firewallpolicy \ standaard profiel \ authorizedapplications \ list]
"% windir% \ system32 \ sessmgr.exe" = "% windir% \ system32 \ sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"C: \ Program Files \ Messenger \ msmsgs.exe" = "C: \ Program Files \ Messenger \ msmsgs.exe: *: Enabled: Windows Messenger"
"C: \ Program Files \ iTunes \ iTunes.exe" = "C: \ Program Files \ iTunes \ iTunes.exe: *: Enabled: iTunes"
"C: \ Program Files \ MSN Messenger \ msncall.exe" = "C: \ Program Files \ MSN Messenger \ msncall.exe: *: Enabled: Windows Live Messenger 8.0 (Phone)"
"C: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "C: \ Program Files \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"C: \ Program Files \ MSN Messenger \ livecall.exe" = "C: \ Program Files \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Phone)"
"% windir% \ Network Diagnostic \ xpnetdiag.exe" = "% windir% \ Network Diagnostic \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000"
"C: \ Program Files \ uTorrent \ uTorrent.exe" = "C: \ Program Files \ uTorrent \ uTorrent.exe: *: Enabled: μTorrent"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Servic es \ SharedAccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ list]
"% windir% \ system32 \ sessmgr.exe" = "% windir% \ system32 \ sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"C: \ Program Files \ MSN Messenger \ msncall.exe" = "C: \ Program Files \ MSN Messenger \ msncall.exe: *: Enabled: Windows Live Messenger 8.0 (Phone)"
"C: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "C: \ Program Files \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"C: \ Program Files \ MSN Messenger \ livecall.exe" = "C: \ Program Files \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Phone)"
"% windir% \ Network Diagnostic \ xpnetdiag.exe" = "% windir% \ Network Diagnostic \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000"
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mountpoints2 \ (069b2f09-8c7d-11dc-871c-0013205c16a9)]
shell \ Auto \ command - Start.exe
shell \ AutoRun \ command - C: \ WINDOWS \ system32 \ rundll32.exe shell32.dll, ShellExec_RunDLL Start.exe

====== File verenigingen ======
. js - bewerken - "C: \ Program Files \ Macromedia \ Dreamweaver 8 \ dreamweaver.exe" "% 1"
====== Lijst van bestanden / mappen die in de laatste 1 maanden ======
2008-11-06 22:43:21 ---- D ---- C: \ rsit
2008-11-06 22:42:18 ---- D ---- C: \ Documents and Settings \ Adam \ Application Data \ Malwarebytes
2008-11-06 22:42:13 ---- D ---- C: \ Program Files \ Malwarebytes 'Anti-Malware
2008-11-06 22:42:13 ---- D ---- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-11-06 22:36:21 ---- D ---- C: \ Documents and Settings \ All Users \ Application Data \ AVG8
2008-11-06 22:17:46 ---- D ---- C: \ Program Files \ Trend Micro
2008-11-06 21:25:12 ---- D ---- C: \ WINDOWS \ system32 \ AppMgmt
2008-11-06 21:22:34 ---- D ---- C: \ Documents and Settings \ Adam \ Application Data \ VersionTracker Pro
2008-11-06 21:22:08 ---- D ---- C: \ Program Files \ TechTracker
2008-11-06 19:31:45 ---- D ---- C: \ Program Files \ uTorrent
2008-11-06 19:31:45 ---- D ---- C: \ Documents and Settings \ Adam \ Application Data \ uTorrent
2008-11-06 19:31:43 ---- D ---- C: \ Program Files \ Avanquest update
2008-11-06 19:31:43 ---- D ---- C: \ Documents and Settings \ All Users \ Application Data \ BVRP Software
2008-11-06 19:31:40 ---- D ---- C: \ Program Files \ Free Audio Pack
2008-11-06 19:30:51 ---- D ---- C: \ Program Files \ Common Files \ SureThing Shared
2008-11-06 19:30:44 ---- D ---- C: \ Program Files \ Common Files \ Sonic
2008-11-05 13:26:28 ---- D ---- C: \ Documents and Settings \ All Users \ Application Data \ BVRP Software (2)
2008-11-04 23:51:31 ---- D ---- C: \ Program Files \ tinyproxy
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ javaws.exe
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ javaw.exe
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ java.exe
2008-10-26 11:00:26 ---- A ---- C: \ WINDOWS \ system32 \ PerfStringBackup.TMP
2008-10-25 22:30:23 ---- D ---- C: \ Program Files \ DSA Theory Test
2008-10-25 22:29:24 ---- D ---- C: \ Config.msi
2008-10-25 22:29:23 ---- D ---- C: \ WINDOWS \ VirtualEar
2008-10-25 19:02:44 ---- D ---- C: \ WINDOWS \ assembly
2008-10-25 19:01:55 ---- D ---- C: \ WINDOWS \ Microsoft.NET
2008-10-25 19:01:06 ---- D ---- C: \ Program Files \ Navman
2008-10-25 01:28:29 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB958644 $
2008-10-15 22:04:03 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB956803 $
2008-10-15 22:03:57 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB956391 $
2008-10-15 22:03:49 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB957095 $
2008-10-15 22:03:06 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB954211 $
2008-10-15 22:02:48 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB956841 $
====== Lijst van bestanden / mappen gewijzigd in de laatste 1 maanden ======
2008-11-06 22:42:16 ---- D ---- C: \ WINDOWS \ system32 \ drivers
2008-11-06 22:42:13 ---- RD ---- C: \ Program Files
2008-11-06 22:37:58 ---- D ---- C: \ WINDOWS \ Temp
2008-11-06 22:37:33 ---- D ---- C: \ WINDOWS \ system32
2008-11-06 22:36:49 ---- A ---- C: \ WINDOWS \ SchedLgU.txt
2008-11-06 22:36:16 ---- D ---- C: \ WINDOWS
2008-11-06 22:30:43 ---- RSHDC ---- C: \ WINDOWS \ system32 \ dllcache
2008-11-06 21:46:09 ---- D ---- C: \ WINDOWS \ Prefetch
2008-11-06 21:45:09 ---- SHD ---- C: \ WINDOWS \ Installer
2008-11-06 21:45:08 ---- D ---- C: \ WINDOWS \ WinSxS
2008-11-06 21:45:08 ---- D ---- C: \ Program Files \ Common Files \ Microsoft Shared
2008-11-06 21:24:57 ---- D ---- C: \ WINDOWS \ system32 \ CatRoot
2008-11-06 21:24:56 ---- D ---- C: \ WINDOWS \ system32 \ CatRoot2
2008-11-06 19:32:25 ---- D ---- C: \ WINDOWS \ system32 \ config
2008-11-06 19:32:11 ---- D ---- C: \ WINDOWS \ system32 \ wbem
2008-11-06 19:32:10 ---- D ---- C: \ WINDOWS \ Registration
2008-11-06 19:30:52 ---- HD ---- C: \ WINDOWS \ inf
2008-11-04 23:57:39 ---- D ---- C: \ Program Files \
2008-11-04 23:57:26 ---- D ---- C: \ Program Files \ Sonic
2008-11-04 23:56:21 ---- D ---- C: \ Program Files \ Common Files \ Macromedia
2008-11-04 23:56:20 ---- D ---- C: \ WINDOWS \ Downloaded Installations
2008-11-04 23:56:20 ---- D ---- C: \ Program Files \ Macromedia
2008-11-04 23:54:45 ---- HD ---- C: \ Program Files \ InstallShield Installation Information
2008-10-26 11:13:15 ---- D ---- C: \ Program Files \ Java
2008-10-25 22:29:27 ---- D ---- C: \ WINDOWS \ system32 \ dla
2008-10-25 22:29:26 ---- D ---- C: \ WINDOWS \ security
2008-10-25 22:28:47 ---- D ---- C: \ WINDOWS \ system32 \ Restore
2008-10-25 19:25:27 ---- D ---- C: \ Program Files \ Common Files \ InstallShield
2008-10-25 19:25:13 ---- D ---- C: \ WINDOWS \ system
2008-10-25 19:23:42 ---- D ---- C: \ Program Files \ MSN
2008-10-25 19:16:19 ---- SD ---- C: \ Documents and Settings \ Adam \ Application Data \ Microsoft
2008-10-25 19:01:59 ---- D ---- C: \ Program Files \ Internet Explorer
2008-10-25 01:28:39 ---- A ---- C: \ WINDOWS \ imsins.BAK
2008-10-25 01:27:53 ---- HD ---- C: \ WINDOWS \ $ hf_mig $
2008-10-25 00:58:29 ---- A ---- C: \ WINDOWS \ win.ini
2008-10-16 15:35:17 ---- A ---- C: \ WINDOWS \ system32 \ PerfStringBackup.INI
2008-10-15 16:57:55 ---- A ---- C: \ WINDOWS \ system32 \ Netapi32.dll
2008-10-15 16:57:55 ---- A ---- C: \ WINDOWS \ system32 \ netapi32 (2). Dll
====== Lijst van de bestuurders (R = Running, S = Stopped, 0 = Boot, 1 = System, 2 = Auto, 3 = Demand, 4 = Disabled )======
R1 intelppm; Intel Processor Driver; C: \ WINDOWS \ system32 \ drivers \ intelppm.sys [2004-08-04 36096]
R1 kbdhid; Keyboard HID Driver, C: \ WINDOWS \ system32 \ drivers \ kbdhid.sys [2004-08-04 14848]
R1 sscdbhk5; sscdbhk5 C: \ WINDOWS \ system32 \ drivers \ sscdbhk5.sys [2004-07-14 5627]
R1 ssrtln; ssrtln C: \ WINDOWS \ system32 \ drivers \ ssrtln.sys [2004-07-14 23545]
R2 drvnddm; drvnddm C: \ WINDOWS \ system32 \ drivers \ drvnddm.sys [2004-08-13 40544]
R2 INO_FLTR; INO_FLTR; \? \ C: \ WINDOWS \ system32 \ Drivers \ ino_fltr.sys []
R2 tfsnboio; tfsnboio C: \ WINDOWS \ system32 \ dla \ tfsnboio.sys [2004-08-13 25723]
R2 tfsncofs; tfsncofs C: \ WINDOWS \ system32 \ dla \ tfsncofs.sys [2004-08-13 34843]
R2 tfsndrct; tfsndrct C: \ WINDOWS \ system32 \ dla \ tfsndrct.sys [2004-08-13 4123]
R2 tfsndres; tfsndres C: \ WINDOWS \ system32 \ dla \ tfsndres.sys [2004-08-13 2239]
R2 tfsnifs; tfsnifs C: \ WINDOWS \ system32 \ dla \ tfsnifs.sys [2004-08-13 86202]
R2 tfsnopio; tfsnopio C: \ WINDOWS \ system32 \ dla \ tfsnopio.sys [2004-08-13 14715]
R2 tfsnpool; tfsnpool C: \ WINDOWS \ system32 \ dla \ tfsnpool.sys [2004-08-13 6363]
R2 tfsnudf; tfsnudf C: \ WINDOWS \ system32 \ dla \ tfsnudf.sys [2004-08-13 98714]
R2 tfsnudfa; tfsnudfa C: \ WINDOWS \ system32 \ dla \ tfsnudfa.sys [2004-08-13 100603]
R3 E100B; Intel (R) PRO Adapter Driver; C: \ WINDOWS \ system32 \ drivers \ e100b325.sys [2004-02-10 154112]
R3 GEARAspiWDM; GEARAspiWDM, C: \ WINDOWS \ System32 \ Drivers \ GEARAspiWDM.sys [2006-09-19 15664]
R3 hidusb; Microsoft HID Driver klasse, C: \ WINDOWS \ system32 \ drivers \ hidusb.sys [2004-08-04 9600]
R3 ialm; ialm C: \ WINDOWS \ system32 \ drivers \ ialmnt5.sys [2005-09-20 1302332]
R3 MBAMSwissArmy; MBAMSwissArmy; \? \ C: \ WINDOWS \ system32 \ drivers \ mbamswissarmy.sys []
R3 mouhid; Mouse HID Driver, C: \ WINDOWS \ system32 \ drivers \ mouhid.sys [2001-08-17 12160]
R3 senfilt; senfilt C: \ WINDOWS \ system32 \ drivers \ senfilt.sys [2004-09-17 732928]
R3 smwdm; smwdm C: \ WINDOWS \ system32 \ drivers \ smwdm.sys [2005-01-27 260352]
R3 usbehci; Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ drivers \ Usbehci.sys [2004-08-04 26624]
R3 usbhub; USB2 Enabled Hub, C: \ WINDOWS \ system32 \ drivers \ usbhub.sys [2004-08-04 57600]
R3 usbuhci; Microsoft USB Universal Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ drivers \ usbuhci.sys [2004-08-04 20480]
S3 usbccgp; Microsoft USB Generic Parent Driver; C: \ WINDOWS \ system32 \ drivers \ usbccgp.sys [2004-08-03 31616]
S3 usbprint; Microsoft USB PRINTER klasse, C: \ WINDOWS \ system32 \ drivers \ Usbprint.sys [2004-08-03 25856]
S3 USBSTOR; USB Mass Storage Driver, C: \ WINDOWS \ system32 \ drivers \ USBSTOR.SYS [2004-08-03 26496]
====== Lijst van diensten (R = Running, S = Stopped, 0 = Boot, 1 = System, 2 = Auto, 3 = Demand, 4 = Disabled )======
R2 AdobeActiveFileMonitor5.0; Adobe Active File Monitor V5 C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ PhotoshopElementsFileAgent.exe [2006-09-14 102400]
R2 InoRPC; eTrust Antivirus RPC Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe [2004-04-06 139536]
R2 InoRT; eTrust Antivirus Realtime Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe [2004-04-06 241936]
R2 InoTask; eTrust Antivirus Job Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe [2004-04-06 254224]
R2 UMWdf; Windows User Mode Driver Framework, C: \ WINDOWS \ system32 \ Wdfmgr.exe [2005-01-28 38912]
R3 iPod Service; iPod Service; C: \ Program Files \ iPod \ bin \ iPodService.exe [2006-10-30 492608]
S3 OSE; Office Source Engine, C: \ Program Files \ Common Files \ Microsoft Shared \ Source Engine \ OSE.EXE [2003-07-28 89136]
S3 usnjsvc; Messenger Sharing Folders USN Journal Reader service, C: \ Program Files \ MSN Messenger \ usnsvc.exe [2007-01-19 97136]
----------------- EOF -----------------



"Info.txt":

info.txt logfile van willekeurige systeem van informatie-instrument 1,04 2008-11-06 22:43:42
====== Uninstall list ======
-> C: \ Program Files \ DivX \ DivXConverterUninstall.exe / CONVERTER
-> C: \ WINDOWS \ system32 \ \ msiexec.exe / i (09DA4F91-2A09-4232-AB8C-6BC740096DE3) REMOVE = UpdateMgrFeature
-> C: \ WINDOWS \ system32 \ \ msiexec.exe / x (1206EF92-2E83-4859-ACCB-2048C3CB7DA6)
-> C: \ WINDOWS \ system32 \ \ msiexec.exe / x (9541FED0-327F-4df0-8B96-EF57EF622F19)
-> Msiexec.exe / i (C4CBAD7E-DF4a-4FEC-AC17-8BC709AFB844)
-> rundll32.exe setupapi.dll, InstallHinfSection DefaultUninstall 132 C: \ WINDOWS \ INF \ PCHealth.inf
Adobe Flash Player ActiveX -> C: \ WINDOWS \ system32 \ Macromed \ Flash \ uninstall_acti veX.exe
Adobe Help Center 2.1 -> msiexec.exe / i (25569723-DC5A-4467-A639-79535BF01B71)
Adobe Photoshop Elements 5.0 -> msiexec / I (A7B609FB-83D8-4FC3-8477-1BC65ECFE85B)
Adobe Reader 8 -> msiexec.exe / i (AC76BA86-7AD7-1033-7B44-A80000000002)
Apple Software Update -> msiexec.exe / i (B74F042E-E1B9-4A5B-8D46-387BB172F0A4)
Avanquest update -> C: \ Program Files \ InstallShield Installation Information \ (76E41F43-59D2-4F30-BA42-9A762EE1E8DE) \ Setup.exe-runfromtemp-l0x0009-removeonly
CA eTrust Antivirus -> msiexec.exe / x (99747F0D-D4F8-4877-9CA0-4AE96D963633)
Canon iP4200 -> C: \ WINDOWS \ system32 \ CNMCP78.exe "-PRINTERNAMECanon iP4200" "-HELPERDLLC: \ Documents and Settings \ All Users \ Application Data \ CanonBJ \ IJPrinter \ CNMWINDOWS \ Canon iP4200 Installer \ Inst2 \ cnmis.dll ""-RCDLLcnmi0409.dll "
DivX Codec -> C: \ Program Files \ DivX \ DivXCodecUninstall.exe / CODEC
DivX Content Uploader -> C: \ Program Files \ DivX \ DivXContentUploaderUninstall.exe / CUPLOADER
DivX Converter -> C: \ Program Files \ DivX \ DivXConverterUninstall.exe / CONVERTER
DivX Player -> C: \ Program Files \ DivX \ DivXPlayerUninstall.exe / PLAYER
DivX Web Player -> C: \ Program Files \ DivX \ DivXWebPlayerUninstall.exe / Plugin
DSA Theory Test -> C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ Driver \ 7 \ INTEL3 ~ 1 \ I Driver.exe / M (79D1BA4A-BEB4-4357-A431-C3EF58E72E6C)
Free Mp3 Wma Converter 1.7.2 V -> "C: \ Program Files \ Free Audio Pack \ unins000.exe"
HijackThis 2.0.2 -> "C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe" / uninstall
Hotfix voor Windows Internet Explorer 7 (KB947864 )-->" C: \ WINDOWS \ ie7updates \ KB947864-IE7 \ spuninst \ spuninst.exe "
Hotfix voor Windows XP (KB914440 )-->" C: \ WINDOWS \ $ NtUninstallKB914440 $ \ spuninst \ spunin st.exe "
Hotfix voor Windows XP (KB915865 )-->" C: \ WINDOWS \ $ NtUninstallKB915865 $ \ spuninst \ spunin st.exe "
Hotfix voor Windows XP (KB952287 )-->" C: \ WINDOWS \ $ NtUninstallKB952287 $ \ spuninst \ spunin st.exe "
Intel (R) Extreme Graphics 2 Driver -> RUNDLL32.EXE C: \ WINDOWS \ system32 \ ialmrem.dll, UninstallW2KIGfx PCI \ VEN_8086 & DEV_2572
Intel (R) PRO Network Adapters and Drivers -> Prounstl.exe
iTunes -> msiexec.exe / i (446DBFFA-4088-48E3-8932-74316BA4CAE4)
Java (TM) 6 Update 6 -> msiexec.exe / i (3248F0A8-6813-11D6-A77B-00B0D0160060)
Java (TM) 6 Update 7 -> msiexec.exe / i (3248F0A8-6813-11D6-A77B-00B0D0160070)
Macromedia Dreamweaver 8 -> msiexec.exe / i (0837A661-FEC3-48B3-876C-91E7D32048A9)
Macromedia Extension Manager -> msiexec.exe / i (5546CDB5-2CE2-498B-B059-5B3BF81FC41F)
Malwarebytes' Anti-Malware -> "C: \ Program Files \ Malwarebytes' Anti-Malware \ unins000.exe"
Microsoft Internationalized Domain Names Mitigation APIs -> "C: \ WINDOWS \ $ NtServicePackUninstallIDNMitigationA Pis $ \ spuninst \ spuninst.exe"
Microsoft National Language Support downlevel API's -> "C: \ WINDOWS \ $ NtServicePackUninstallNLSDownlevelMa pping $ \ spuninst \ spuninst.exe"
Microsoft Office Professional Edition 2003 -> msiexec.exe / i (90110409-6000-11D3-8CFE-0150048383C9)
Microsoft Visual C + + 2005 Redistributable -> msiexec.exe / X (7299052b-02a4-4627-81f2-1818da5d550d)
MSN -> C: \ Program Files \ MSN \ MsnInstaller \ msninst.exe / Actie: ARP
MSXML 4.0 SP2 (KB936181) -> msiexec.exe / i (C04E32E0-0416-434D-AFB9-6969D703A9EF)
PowerDVD -> Rundll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ instal ~ 1 \ engine \ 6 \ INTEL3 ~ 1 \ Ct or.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (6811CAA0-BF12 - 11D4-9EA1-0050BAE317E1) \ setup.exe "-uninstall
QuickTime -> msiexec.exe / i (50D8FFDD-90CD-4859-841F-AA1961C7767A)
Real Alternative 1.7.5 -> "C: \ Program Files \ Real Alternative \ unins000.exe"
Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127 )-->" C: \ WINDOWS \ ie7updates \ KB938127-IE7 \ spuninst \ spuninst.exe "
Beveiligingsupdate voor Windows Internet Explorer 7 (KB939653 )-->" C: \ WINDOWS \ ie7updates \ KB939653-IE7 \ spuninst \ spuninst.exe "
Beveiligingsupdate voor Windows Internet Explorer 7 (KB942615 )-->" C: \ WINDOWS \ ie7updates \ KB942615-IE7 \ spuninst \ spuninst.exe "
Beveiligingsupdate voor Windows Internet Explorer 7 (KB944533 )-->" C: \ WINDOWS \ ie7updates \ KB944533-IE7 \ spuninst \ spuninst.exe "
Beveiligingsupdate voor Windows Internet Explorer 7 (KB950759 )-->" C: \ WINDOWS \ ie7updates \ KB950759-IE7 \ spuninst \ spuninst.exe "
Beveiligingsupdate voor Windows Internet Explorer 7 (KB953838 )-->" C: \ WINDOWS \ ie7updates \ KB953838-IE7 \ spuninst \ spuninst.exe "
Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390 )-->" C: \ WINDOWS \ ie7updates \ KB956390-IE7 \ spuninst \ spuninst.exe "
Security Update for Windows Media Player (KB911564 )-->" C: \ WINDOWS \ $ NtUninstallKB911564 $ \ spuninst \ spunin st.exe "
Security Update for Windows Media Player 6.4 (KB925398 )-->" C: \ WINDOWS \ $ NtUninstallKB925398_WMP64 $ \ spuninst \ spuninst.exe "
Beveiligingsupdate voor Windows Media Player 9 (KB936782 )-->" C: \ WINDOWS \ $ NtUninstallKB936782_WMP9 $ \ spuninst \ s puninst.exe "
Beveiligingsupdate voor Windows XP (KB890046 )-->" C: \ WINDOWS \ $ NtUninstallKB890046 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB893756 )-->" C: \ WINDOWS \ $ NtUninstallKB893756 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB896358 )-->" C: \ WINDOWS \ $ NtUninstallKB896358 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB896423 )-->" C: \ WINDOWS \ $ NtUninstallKB896423 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB896428 )-->" C: \ WINDOWS \ $ NtUninstallKB896428 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB899587 )-->" C: \ WINDOWS \ $ NtUninstallKB899587 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB899591 )-->" C: \ WINDOWS \ $ NtUninstallKB899591 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB900725 )-->" C: \ WINDOWS \ $ NtUninstallKB900725 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB901017 )-->" C: \ WINDOWS \ $ NtUninstallKB901017 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB901190 )-->" C: \ WINDOWS \ $ NtUninstallKB901190 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB901214 )-->" C: \ WINDOWS \ $ NtUninstallKB901214 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB902400 )-->" C: \ WINDOWS \ $ NtUninstallKB902400 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB904706 )-->" C: \ WINDOWS \ $ NtUninstallKB904706 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB905414 )-->" C: \ WINDOWS \ $ NtUninstallKB905414 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB905749 )-->" C: \ WINDOWS \ $ NtUninstallKB905749 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB908519 )-->" C: \ WINDOWS \ $ NtUninstallKB908519 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB911562 )-->" C: \ WINDOWS \ $ NtUninstallKB911562 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB911927 )-->" C: \ WINDOWS \ $ NtUninstallKB911927 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB913580 )-->" C: \ WINDOWS \ $ NtUninstallKB913580 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB914388 )-->" C: \ WINDOWS \ $ NtUninstallKB914388 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB914389 )-->" C: \ WINDOWS \ $ NtUninstallKB914389 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB917344 )-->" C: \ WINDOWS \ $ NtUninstallKB917344 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB917953 )-->" C: \ WINDOWS \ $ NtUninstallKB917953 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB918118 )-->" C: \ WINDOWS \ $ NtUninstallKB918118 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB918439 )-->" C: \ WINDOWS \ $ NtUninstallKB918439 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB919007 )-->" C: \ WINDOWS \ $ NtUninstallKB919007 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB920213 )-->" C: \ WINDOWS \ $ NtUninstallKB920213 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB920670 )-->" C: \ WINDOWS \ $ NtUninstallKB920670 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB920683 )-->" C: \ WINDOWS \ $ NtUninstallKB920683 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB920685 )-->" C: \ WINDOWS \ $ NtUninstallKB920685 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB921503 )-->" C: \ WINDOWS \ $ NtUninstallKB921503 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB922819 )-->" C: \ WINDOWS \ $ NtUninstallKB922819 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB923191 )-->" C: \ WINDOWS \ $ NtUninstallKB923191 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB923414 )-->" C: \ WINDOWS \ $ NtUninstallKB923414 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB923689 )-->" C: \ WINDOWS \ $ NtUninstallKB923689 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB923789) -> C: \ WINDOWS \ system32 \ Macromed \ Flash \ genuinst.exe C: \ WINDOWS \ system32 \ Macromed \ Flash \ KB923789.inf
Beveiligingsupdate voor Windows XP (KB923980 )-->" C: \ WINDOWS \ $ NtUninstallKB923980 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB924270 )-->" C: \ WINDOWS \ $ NtUninstallKB924270 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB924496 )-->" C: \ WINDOWS \ $ NtUninstallKB924496 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB924667 )-->" C: \ WINDOWS \ $ NtUninstallKB924667 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB925902 )-->" C: \ WINDOWS \ $ NtUninstallKB925902 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB926255 )-->" C: \ WINDOWS \ $ NtUninstallKB926255 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB926436 )-->" C: \ WINDOWS \ $ NtUninstallKB926436 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB927779 )-->" C: \ WINDOWS \ $ NtUninstallKB927779 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB927802 )-->" C: \ WINDOWS \ $ NtUninstallKB927802 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB928255 )-->" C: \ WINDOWS \ $ NtUninstallKB928255 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB928843 )-->" C: \ WINDOWS \ $ NtUninstallKB928843 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB929123 )-->" C: \ WINDOWS \ $ NtUninstallKB929123 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB930178 )-->" C: \ WINDOWS \ $ NtUninstallKB930178 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB931261 )-->" C: \ WINDOWS \ $ NtUninstallKB931261 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB931784 )-->" C: \ WINDOWS \ $ NtUninstallKB931784 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB932168 )-->" C: \ WINDOWS \ $ NtUninstallKB932168 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB933729 )-->" C: \ WINDOWS \ $ NtUninstallKB933729 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB935839 )-->" C: \ WINDOWS \ $ NtUninstallKB935839 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB935840 )-->" C: \ WINDOWS \ $ NtUninstallKB935840 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB936021 )-->" C: \ WINDOWS \ $ NtUninstallKB936021 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB937894 )-->" C: \ WINDOWS \ $ NtUninstallKB937894 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB938127 )-->" C: \ WINDOWS \ $ NtUninstallKB938127 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB938464 )-->" C: \ WINDOWS \ $ NtUninstallKB938464 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB938829 )-->" C: \ WINDOWS \ $ NtUninstallKB938829 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB939653 )-->" C: \ WINDOWS \ $ NtUninstallKB939653 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB941202 )-->" C: \ WINDOWS \ $ NtUninstallKB941202 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB941568 )-->" C: \ WINDOWS \ $ NtUninstallKB941568 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB941569 )-->" C: \ WINDOWS \ $ NtUninstallKB941569 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB941644 )-->" C: \ WINDOWS \ $ NtUninstallKB941644 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB941693 )-->" C: \ WINDOWS \ $ NtUninstallKB941693 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB943055 )-->" C: \ WINDOWS \ $ NtUninstallKB943055 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB943460 )-->" C: \ WINDOWS \ $ NtUninstallKB943460 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB943485 )-->" C: \ WINDOWS \ $ NtUninstallKB943485 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB944653 )-->" C: \ WINDOWS \ $ NtUninstallKB944653 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB945553 )-->" C: \ WINDOWS \ $ NtUninstallKB945553 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB946026 )-->" C: \ WINDOWS \ $ NtUninstallKB946026 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB946648 )-->" C: \ WINDOWS \ $ NtUninstallKB946648 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB948590 )-->" C: \ WINDOWS \ $ NtUninstallKB948590 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB948881 )-->" C: \ WINDOWS \ $ NtUninstallKB948881 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB950749 )-->" C: \ WINDOWS \ $ NtUninstallKB950749 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB950760 )-->" C: \ WINDOWS \ $ NtUninstallKB950760 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB950762 )-->" C: \ WINDOWS \ $ NtUninstallKB950762 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB950974 )-->" C: \ WINDOWS \ $ NtUninstallKB950974 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB951066 )-->" C: \ WINDOWS \ $ NtUninstallKB951066 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB951376 )-->" C: \ WINDOWS \ $ NtUninstallKB951376 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB951376-v2 )-->" C: \ WINDOWS \ $ NtUninstallKB951376-v2 $ \ spuninst \ spuninst.exe "
Beveiligingsupdate voor Windows XP (KB951698 )-->" C: \ WINDOWS \ $ NtUninstallKB951698 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB951748 )-->" C: \ WINDOWS \ $ NtUninstallKB951748 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB952954 )-->" C: \ WINDOWS \ $ NtUninstallKB952954 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB953839 )-->" C: \ WINDOWS \ $ NtUninstallKB953839 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB954211 )-->" C: \ WINDOWS \ $ NtUninstallKB954211 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB956391 )-->" C: \ WINDOWS \ $ NtUninstallKB956391 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB956803 )-->" C: \ WINDOWS \ $ NtUninstallKB956803 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB956841 )-->" C: \ WINDOWS \ $ NtUninstallKB956841 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB957095 )-->" C: \ WINDOWS \ $ NtUninstallKB957095 $ \ spuninst \ spunin st.exe "
Beveiligingsupdate voor Windows XP (KB958644 )-->" C: \ WINDOWS \ $ NtUninstallKB958644 $ \ spuninst \ spunin st.exe "
Sonic DLA -> msiexec.exe / i (1206EF92-2E83-4859-ACCB-2048C3CB7DA6)
Sonic RecordNow! Plus -> msiexec.exe / i (9541FED0-327F-4DF0-8B96-EF57EF622F19)
Sonic Update Manager -> msiexec.exe / i (09DA4F91-2A09-4232-AB8C-6BC740096DE3)
Sony Ericsson PC Suite 3.102.00 -> C: \ Program Files \ InstallShield Installation Information \ (2FFE93F0-BB72-4E52-8761-354D1AAA9387) \ Setup.exe-runfromtemp-l0x0009-removeonly
SoundMAX -> rundll32 C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ profes ~ 1 \ RunTime \ 10 \ 00 \ Intel32 \ Ctor.dll, LaunchSetup "C: \ Program Files \ InstallShield Installation Information \ (F0A37341 -D692-11D4-A984-009027EC0A9C) \ SETUP.EXE "-l0x9-removeonly
Update voor Windows XP (KB894391 )-->" C: \ WINDOWS \ $ NtUninstallKB894391 $ \ spuninst \ spunin st.exe "
Update voor Windows XP (KB898461 )-->" C: \ WINDOWS \ $ NtUninstallKB898461 $ \ spuninst \ spunin st.exe "
Update voor Windows XP (KB900485 )-->" C: \ WINDOWS \ $ NtUninstallKB900485 $ \ spuninst \ spunin st.exe "
Update voor Windows XP (KB904942 )-->" C: \ WINDOWS \ $ NtUninstallKB904942 $ \ spuninst \ spunin st.exe "
Update voor Windows XP (KB908531 )-->" C: \ WINDOWS \ $ NtUninstallKB908531 $ \ spuninst \ spunin st.exe "
Update voor Windows XP (KB910437 )-->" C: \ WINDOWS \ $ NtUninstallKB910437 $ \ spuninst \ spunin st.exe "
Update voor Windows XP (KB911280 )-->" C: \ WINDOWS \ $ NtUninstallKB911280 $ \ spuninst \ spunin st.exe "
Update voor Windows XP (KB916595 )-->" C: \ WINDOWS \ $ NtUninstallKB916595 $ \ spuninst \ spunin st.exe "
Update voor Windows XP (KB920872 )-->" C: \ WINDOWS \ $ NtUninstallKB920872 $ \ spuninst \ spunin st.exe "
Update voor Windows XP (KB922582 )-->" C: \ WINDOWS \ $ NtUninstallKB922582 $ \ spuninst \ spunin st.exe "
Update voor Windows XP (KB927891 )-->" C: \ WINDOWS \ $ NtUninstallKB927891 $ \ spuninst \ spunin st.exe "
Update voor Windows XP (KB930916 )-->" C: \ WINDOWS \ $ NtUninstallKB930916 $ \ spuninst \ spunin st.exe "
Update voor Windows XP (KB932823-v3 )-->" C: \ WINDOWS \ $ NtUninstallKB932823-v3 $ \ spuninst \ spuninst.exe "
Update voor Windows XP (KB933360 )-->" C: \ WINDOWS \ $ NtUninstallKB933360 $ \ spuninst \ spunin st.exe "
Update voor Windows XP (KB936357 )-->" C: \ WINDOWS \ $ NtUninstallKB936357 $ \ spuninst \ spunin st.exe "
Update voor Windows XP (KB938828 )-->" C: \ WINDOWS \ $ NtUninstallKB938828 $ \ spuninst \ spunin st.exe "
Update voor Windows XP (KB942763 )-->" C: \ WINDOWS \ $ NtUninstallKB942763 $ \ spuninst \ spunin st.exe "
Update voor Windows XP (KB951072-v2 )-->" C: \ WINDOWS \ $ NtUninstallKB951072-v2 $ \ spuninst \ spuninst.exe "
Windows Installer 3.1 (KB893803 )-->" C: \ WINDOWS \ $ MSI31Uninstall_KB893803v2 $ \ spuninst \ spuninst.exe "
Windows Internet Explorer 7 -> "C: \ WINDOWS \ ie7 \ spuninst \ spuninst.exe"
Windows Live Messenger -> msiexec.exe / i (571700F0-DB9D-4B3A-B03D-35A14BB5939F)
Windows Live Sign-in Assistant -> msiexec.exe / i (22B3CC30-77B8-419C-AA4B-F571FDF5D66D)
Windows Media Format Runtime -> "C: \ Program Files \ Windows Media Player \ wmsetsdk.exe" / UninstallAll
Windows XP Hotfix - KB873339 -> C: \ WINDOWS \ $ NtUninstallKB873339 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - KB885835 -> C: \ WINDOWS \ $ NtUninstallKB885835 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - KB885836 -> C: \ WINDOWS \ $ NtUninstallKB885836 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - kb886185 -> C: \ WINDOWS \ $ NtUninstallKB886185 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - KB887472 -> C: \ WINDOWS \ $ NtUninstallKB887472 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - KB888302 -> C: \ WINDOWS \ $ NtUninstallKB888302 $ \ spuninst \ spunins t.exe
Windows XP Hotfix - KB890859 -> "C: \ WINDOWS \ $ NtUninstallKB890859 $ \ spuninst \ spunin st.exe"
Windows XP Hotfix - KB891781 -> C: \ WINDOWS \ $ NtUninstallKB891781 $ \ spuninst \ spunins t.exe
WinRAR archiver -> C: \ Program Files \ WinRAR \ uninstall.exe
WinZip -> "C: \ Program Files \ WinZip \ WINZIP32.EXE" / verwijderen
====== Environment variables ======
"ComSpec" =% SystemRoot% \ system32 \ cmd.exe
"Path" =% SystemRoot% \ system32;% SystemRoot%;% SystemR oot% \ System32 \ Wbem C: \ PROGRA ~ 1 \ CA \ SHARED ~ 1 \ SCANEN ~ 1 C: \ PROGRA ~ 1 \ CA \ ETRUST ~ 1 C: \ Program Files \ QuickTime \ QTSystem \
"windir" =% SystemRoot%
"FP_NO_HOST_CHECK" = NO
"OS" = Windows_NT
"PROCESSOR_ARCHITECTURE" = x86
"PROCESSOR_LEVEL" = 15
"PROCESSOR_IDENTIFIER" = x86 Family 15 Model 4 Stepping 1, GenuineIntel
"PROCESSOR_REVISION" = 0401
"NUMBER_OF_PROCESSORS" = 1
"PATHEXT" =. COM;. Exe;. BAT;. CMD;. VBS;. VBE;. JS;. JSE;. WSF;. WSH
"TEMP" =% SystemRoot% \ TEMP
"TMP" =% SystemRoot% \ TEMP
"AVENGINE" = C: \ PROGRA ~ 1 \ CA \ SHARED ~ 1 \ SCANEN ~ 1
"Inoculan" = C: \ PROGRA ~ 1 \ CA \ ETRUST ~ 1
"CLASSPATH" =., C: \ Program Files \ QuickTime \ QTSystem \ QTJava.zip
"QTJAVA" = C: \ Program Files \ QuickTime \ QTSystem \ QTJava.zip
----------------- EOF -----------------


Wachten Malwarebytes klaar:)

[ah24]

Malwarebytes' Anti-Malware 1.30
Database versie: 1370
Windows 5.1.2600 Service Pack 2
06/11/2008 22:51:35
mbam-log-2008-11-06 (22-51-35). txt
Scan type: Quick Scan
Objecten gescand: 52152
Verstreken tijd: 8 minute (s), 22 second (s),
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Geïnfecteerde bestanden: 2
Memory Processes Infected:
(Geen kwaadaardige items gedetecteerd)
Memory Modules Infected:
(Geen kwaadaardige items gedetecteerd)
Registry Keys Infected:
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0) (Adware.VideoEgg) -> quarantaine en verwijderd.
Registry Values Infected:
(Geen kwaadaardige items gedetecteerd)
Registry Data Items Infected:
(Geen kwaadaardige items gedetecteerd)
Folders Infected:
C: \ Program Files \ TinyProxy (Trojan.Proxy) -> Quarantined and deleted successfully.
Geïnfecteerde bestanden:
C: \ Program Files \ TinyProxy \ tinyproxy (2). Exe (Trojan.Proxy) -> Quarantined and deleted successfully.
C: \ WINDOWS \ fmark2.dat (Trojan.Vundo) -> Quarantined and deleted successfully.

[evilfantasy]

Ik had de Malwarebytes log eerste. Na het dan klaar is lopen RSIT een nieuwe scan en post het log. Het zal alleen maar leiden tot een log de tweede keer.

Start nu RSIT een nieuwe scan en post het log.

[ah24]

Daar ga je dude ..

Logbestand van de random-systeem informatie-instrument 1,04 (geschreven door random / random)
Geleid door Adam op 2008-11-06 23:00:19
Microsoft Windows XP Professional Service Pack 2
System drive C: has 42 GB (57%) vrij van 73 GB
Totaal RAM: 510 MB (40% gratis)
Logbestand van Trend Micro HijackThis v2.0.2
Scan saved at 23:00:23, op 06/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Draaiende processen:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ PhotoshopElementsFileAgent.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ system32 \ igfxpers.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ WinZip \ WZQKPICK.EXE
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Documents and Settings \ Adam \ Desktop \ RSIT.exe
C: \ Program Files \ Trend Micro \ HijackThis \ Adam.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/ig?hl=en
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll (file missing)
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (geen naam) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (geen file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / r
O4 - HKLM \ .. \ Run: [Realtime Monitor] C: \ PROGRA ~ 1 \ CA \ eTrust ~ 1 \ realmon.exe-s
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ apdproxy.exe"
O4 - HKLM \ .. \ RunOnce: [Malwarebytes' Anti-Malware] C: \ Program Files \ Malwarebytes' Anti-Malware \ mbamgui.exe / install / silent
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Sony Ericsson PC Suite] "C: \ Program Files \ Sony Ericsson \ Sony Ericsson PC Suite \ SEPCSuite.exe" / systray / nologon
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C: \ Program Files \ WinZip \ WZQKPICK.EXE
O8 - Extra context menu item: E & xporteren naar Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office11 \ EXCEL.EXE/3000
O9 - Extra button: (geen naam) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: Onderzoek - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office11 \ REFIEBAR.DLL
O9 - Extra button: (geen naam) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Class) -- http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: (138E6DC9-722B-4F4B-B09D-95D191869696) (Bebo Uploader Control) -- http://www.bebo.com/files/BeboUploader.5.1.4.cab
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Onbekende eigenaar - C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ PhotoshopElementsFileAgent.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc - C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc - C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc - C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe
O23 - Service: iPod Service - Apple Computer, Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
--
End of file - 6622 bytes
====== Geplande taken map ======
C: \ WINDOWS \ taken \ AppleSoftwareUpdate.job
====== Registry dump ======
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3)]
Adobe PDF Reader Link Helper - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0)]
AVG Safe Search - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll []
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (5CA3D70E-1895-11CF-8E15-001234567890)]
DriveLetterAccess - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll [2004-08-13 118842]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (761497BB-D6F0-462C-B6EB-D4DAF1D92D43)]
SSVHelper Class - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (7E853D72-626A-48EC-A868-BA8D5E23E045)]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (9030D464-4C02-4ABF-8ECC-5164760863C6)]
Windows Live Sign-in Helper - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll [2006-07-07 324416]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Run]
"NeroFilterCheck" = C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe [2004-10-14 1404928]
"dla" = "C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup [2004-08-13 122939]
"SunJavaUpdateSched" = "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe [2004-01-07 110592]
"Realtime Monitor" = "C: \ PROGRA ~ 1 \ CA \ ETRUST ~ 1 \ realmon.exe [2004-04-06 504080]
"" = []
"IgfxTray" = C: \ WINDOWS \ system32 \ igfxtray.exe [2005-09-20 94208]
"ehTray" = "C: \ WINDOWS \ system32 \ hkcmd.exe [2005-09-20 77824]
"PinnacleDriverCheck" = C: \ WINDOWS \ system32 \ NeroCheck.exe [2005-09-20 114688]
"QuickTime Task" = C: \ Program Files \ QuickTime \ qttask.exe [2006-10-25 282624]
"iTunesHelper" = C: \ Program Files \ iTunes \ iTunesHelper.exe [2006-10-30 256576]
"SunJavaUpdateSched" = C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe [2008-06-10 144784]
"Adobe Photo Downloader" = "C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ apdproxy.exe [2006-09-14 61440]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ RunOnce]
"Malwarebytes 'Anti-Malware" = "C: \ Program Files \ Malwarebytes' Anti-Malware \ mbamgui.exe [2008-10-22 399504]
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"Ctfmon.exe" = C: \ WINDOWS \ system32 \ Ctfmon.exe [2004-08-04 15360]
"Sony Ericsson PC Suite" = "C: \ Program Files \ Sony Ericsson \ Sony Ericsson PC Suite \ SEPCSuite.exe [2007-10-18 356352]
C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup
Adobe Reader Speed Launch.lnk - C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe
Adobe Reader Synchronizer.lnk - C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ AdobeCollabSync.exe
WinZip Quick Pick.lnk - C: \ Program Files \ WinZip \ WZQKPICK.EXE
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \ igfxcui]
C: \ WINDOWS \ system32 \ igfxdev.dll [2005-09-20 135168]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Policies \ System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"LegalNoticeText" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Policies \ Explorer]
"NoDriveTypeAutoRun" = 145
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Servic es \ SharedAccess \ Parameters \ firewallpolicy \ standaard profiel \ authorizedapplications \ list]
"% windir% \ system32 \ sessmgr.exe" = "% windir% \ system32 \ sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"C: \ Program Files \ Messenger \ msmsgs.exe" = "C: \ Program Files \ Messenger \ msmsgs.exe: *: Enabled: Windows Messenger"
"C: \ Program Files \ iTunes \ iTunes.exe" = "C: \ Program Files \ iTunes \ iTunes.exe: *: Enabled: iTunes"
"C: \ Program Files \ MSN Messenger \ msncall.exe" = "C: \ Program Files \ MSN Messenger \ msncall.exe: *: Enabled: Windows Live Messenger 8.0 (Phone)"
"C: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "C: \ Program Files \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"C: \ Program Files \ MSN Messenger \ livecall.exe" = "C: \ Program Files \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Phone)"
"% windir% \ Network Diagnostic \ xpnetdiag.exe" = "% windir% \ Network Diagnostic \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000"
"C: \ Program Files \ uTorrent \ uTorrent.exe" = "C: \ Program Files \ uTorrent \ uTorrent.exe: *: Enabled: μTorrent"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Servic es \ SharedAccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ list]
"% windir% \ system32 \ sessmgr.exe" = "% windir% \ system32 \ sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"C: \ Program Files \ MSN Messenger \ msncall.exe" = "C: \ Program Files \ MSN Messenger \ msncall.exe: *: Enabled: Windows Live Messenger 8.0 (Phone)"
"C: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "C: \ Program Files \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"C: \ Program Files \ MSN Messenger \ livecall.exe" = "C: \ Program Files \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Phone)"
"% windir% \ Network Diagnostic \ xpnetdiag.exe" = "% windir% \ Network Diagnostic \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000"
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mountpoints2 \ (069b2f09-8c7d-11dc-871c-0013205c16a9)]
shell \ Auto \ command - Start.exe
shell \ AutoRun \ command - C: \ WINDOWS \ system32 \ rundll32.exe shell32.dll, ShellExec_RunDLL Start.exe

====== File verenigingen ======
. js - bewerken - "C: \ Program Files \ Macromedia \ Dreamweaver 8 \ dreamweaver.exe" "% 1"
====== Lijst van bestanden / mappen die in de laatste 1 maanden ======
2008-11-06 22:43:21 ---- D ---- C: \ rsit
2008-11-06 22:42:18 ---- D ---- C: \ Documents and Settings \ Adam \ Application Data \ Malwarebytes
2008-11-06 22:42:13 ---- D ---- C: \ Program Files \ Malwarebytes 'Anti-Malware
2008-11-06 22:42:13 ---- D ---- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-11-06 22:36:21 ---- D ---- C: \ Documents and Settings \ All Users \ Application Data \ AVG8
2008-11-06 22:17:46 ---- D ---- C: \ Program Files \ Trend Micro
2008-11-06 21:25:12 ---- D ---- C: \ WINDOWS \ system32 \ AppMgmt
2008-11-06 21:22:34 ---- D ---- C: \ Documents and Settings \ Adam \ Application Data \ VersionTracker Pro
2008-11-06 21:22:08 ---- D ---- C: \ Program Files \ TechTracker
2008-11-06 19:31:45 ---- D ---- C: \ Program Files \ uTorrent
2008-11-06 19:31:45 ---- D ---- C: \ Documents and Settings \ Adam \ Application Data \ uTorrent
2008-11-06 19:31:43 ---- D ---- C: \ Program Files \ Avanquest update
2008-11-06 19:31:43 ---- D ---- C: \ Documents and Settings \ All Users \ Application Data \ BVRP Software
2008-11-06 19:31:40 ---- D ---- C: \ Program Files \ Free Audio Pack
2008-11-06 19:30:51 ---- D ---- C: \ Program Files \ Common Files \ SureThing Shared
2008-11-06 19:30:44 ---- D ---- C: \ Program Files \ Common Files \ Sonic
2008-11-05 13:26:28 ---- D ---- C: \ Documents and Settings \ All Users \ Application Data \ BVRP Software (2)
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ javaws.exe
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ javaw.exe
2008-10-26 11:13:15 ---- A ---- C: \ WINDOWS \ system32 \ java.exe
2008-10-26 11:00:26 ---- A ---- C: \ WINDOWS \ system32 \ PerfStringBackup.TMP
2008-10-25 22:30:23 ---- D ---- C: \ Program Files \ DSA Theory Test
2008-10-25 22:29:24 ---- D ---- C: \ Config.msi
2008-10-25 22:29:23 ---- D ---- C: \ WINDOWS \ VirtualEar
2008-10-25 19:02:44 ---- D ---- C: \ WINDOWS \ assembly
2008-10-25 19:01:55 ---- D ---- C: \ WINDOWS \ Microsoft.NET
2008-10-25 19:01:06 ---- D ---- C: \ Program Files \ Navman
2008-10-25 01:28:29 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB958644 $
2008-10-15 22:04:03 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB956803 $
2008-10-15 22:03:57 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB956391 $
2008-10-15 22:03:49 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB957095 $
2008-10-15 22:03:06 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB954211 $
2008-10-15 22:02:48 ---- HDC ---- C: \ WINDOWS \ $ NtUninstallKB956841 $
====== Lijst van bestanden / mappen gewijzigd in de laatste 1 maanden ======
2008-11-06 22:51:35 ---- RD ---- C: \ Program Files
2008-11-06 22:51:35 ---- D ---- C: \ WINDOWS
2008-11-06 22:42:16 ---- D ---- C: \ WINDOWS \ system32 \ drivers
2008-11-06 22:37:58 ---- D ---- C: \ WINDOWS \ Temp
2008-11-06 22:37:33 ---- D ---- C: \ WINDOWS \ system32
2008-11-06 22:36:49 ---- A ---- C: \ WINDOWS \ SchedLgU.txt
2008-11-06 22:30:43 ---- RSHDC ---- C: \ WINDOWS \ system32 \ dllcache
2008-11-06 21:46:09 ---- D ---- C: \ WINDOWS \ Prefetch
2008-11-06 21:45:09 ---- SHD ---- C: \ WINDOWS \ Installer
2008-11-06 21:45:08 ---- D ---- C: \ WINDOWS \ WinSxS
2008-11-06 21:45:08 ---- D ---- C: \ Program Files \ Common Files \ Microsoft Shared
2008-11-06 21:24:57 ---- D ---- C: \ WINDOWS \ system32 \ CatRoot
2008-11-06 21:24:56 ---- D ---- C: \ WINDOWS \ system32 \ CatRoot2
2008-11-06 19:32:25 ---- D ---- C: \ WINDOWS \ system32 \ config
2008-11-06 19:32:11 ---- D ---- C: \ WINDOWS \ system32 \ wbem
2008-11-06 19:32:10 ---- D ---- C: \ WINDOWS \ Registration
2008-11-06 19:30:53 ---- D ---- C: \ Program Files \ Common Files \ Macromedia
2008-11-06 19:30:52 ---- HD ---- C: \ WINDOWS \ inf
2008-11-04 23:57:39 ---- D ---- C: \ Program Files \
2008-11-04 23:57:26 ---- D ---- C: \ Program Files \ Sonic
2008-11-04 23:56:20 ---- D ---- C: \ WINDOWS \ Downloaded Installations
2008-11-04 23:56:20 ---- D ---- C: \ Program Files \ Macromedia
2008-11-04 23:54:45 ---- HD ---- C: \ Program Files \ InstallShield Installation Information
2008-10-26 11:13:15 ---- D ---- C: \ Program Files \ Java
2008-10-25 22:29:27 ---- D ---- C: \ WINDOWS \ system32 \ dla
2008-10-25 22:29:26 ---- D ---- C: \ WINDOWS \ security
2008-10-25 22:28:47 ---- D ---- C: \ WINDOWS \ system32 \ Restore
2008-10-25 19:25:27 ---- D ---- C: \ Program Files \ Common Files \ InstallShield
2008-10-25 19:25:13 ---- D ---- C: \ WINDOWS \ system
2008-10-25 19:23:42 ---- D ---- C: \ Program Files \ MSN
2008-10-25 19:16:19 ---- SD ---- C: \ Documents and Settings \ Adam \ Application Data \ Microsoft
2008-10-25 19:01:59 ---- D ---- C: \ Program Files \ Internet Explorer
2008-10-25 01:28:39 ---- A ---- C: \ WINDOWS \ imsins.BAK
2008-10-25 01:27:53 ---- HD ---- C: \ WINDOWS \ $ hf_mig $
2008-10-25 00:58:29 ---- A ---- C: \ WINDOWS \ win.ini
2008-10-16 15:35:17 ---- A ---- C: \ WINDOWS \ system32 \ PerfStringBackup.INI
2008-10-15 16:57:55 ---- A ---- C: \ WINDOWS \ system32 \ Netapi32.dll
2008-10-15 16:57:55 ---- A ---- C: \ WINDOWS \ system32 \ netapi32 (2). Dll
====== Lijst van de bestuurders (R = Running, S = Stopped, 0 = Boot, 1 = System, 2 = Auto, 3 = Demand, 4 = Disabled )======
R1 intelppm; Intel Processor Driver; C: \ WINDOWS \ system32 \ drivers \ intelppm.sys [2004-08-04 36096]
R1 kbdhid; Keyboard HID Driver, C: \ WINDOWS \ system32 \ drivers \ kbdhid.sys [2004-08-04 14848]
R1 sscdbhk5; sscdbhk5 C: \ WINDOWS \ system32 \ drivers \ sscdbhk5.sys [2004-07-14 5627]
R1 ssrtln; ssrtln C: \ WINDOWS \ system32 \ drivers \ ssrtln.sys [2004-07-14 23545]
R2 drvnddm; drvnddm C: \ WINDOWS \ system32 \ drivers \ drvnddm.sys [2004-08-13 40544]
R2 INO_FLTR; INO_FLTR; \? \ C: \ WINDOWS \ system32 \ Drivers \ ino_fltr.sys []
R2 tfsnboio; tfsnboio C: \ WINDOWS \ system32 \ dla \ tfsnboio.sys [2004-08-13 25723]
R2 tfsncofs; tfsncofs C: \ WINDOWS \ system32 \ dla \ tfsncofs.sys [2004-08-13 34843]
R2 tfsndrct; tfsndrct C: \ WINDOWS \ system32 \ dla \ tfsndrct.sys [2004-08-13 4123]
R2 tfsndres; tfsndres C: \ WINDOWS \ system32 \ dla \ tfsndres.sys [2004-08-13 2239]
R2 tfsnifs; tfsnifs C: \ WINDOWS \ system32 \ dla \ tfsnifs.sys [2004-08-13 86202]
R2 tfsnopio; tfsnopio C: \ WINDOWS \ system32 \ dla \ tfsnopio.sys [2004-08-13 14715]
R2 tfsnpool; tfsnpool C: \ WINDOWS \ system32 \ dla \ tfsnpool.sys [2004-08-13 6363]
R2 tfsnudf; tfsnudf C: \ WINDOWS \ system32 \ dla \ tfsnudf.sys [2004-08-13 98714]
R2 tfsnudfa; tfsnudfa C: \ WINDOWS \ system32 \ dla \ tfsnudfa.sys [2004-08-13 100603]
R3 E100B; Intel (R) PRO Adapter Driver; C: \ WINDOWS \ system32 \ drivers \ e100b325.sys [2004-02-10 154112]
R3 GEARAspiWDM; GEARAspiWDM, C: \ WINDOWS \ System32 \ Drivers \ GEARAspiWDM.sys [2006-09-19 15664]
R3 hidusb; Microsoft HID Driver klasse, C: \ WINDOWS \ system32 \ drivers \ hidusb.sys [2004-08-04 9600]
R3 ialm; ialm C: \ WINDOWS \ system32 \ drivers \ ialmnt5.sys [2005-09-20 1302332]
R3 mouhid; Mouse HID Driver, C: \ WINDOWS \ system32 \ drivers \ mouhid.sys [2001-08-17 12160]
R3 senfilt; senfilt C: \ WINDOWS \ system32 \ drivers \ senfilt.sys [2004-09-17 732928]
R3 smwdm; smwdm C: \ WINDOWS \ system32 \ drivers \ smwdm.sys [2005-01-27 260352]
R3 usbehci; Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ drivers \ Usbehci.sys [2004-08-04 26624]
R3 usbhub; USB2 Enabled Hub, C: \ WINDOWS \ system32 \ drivers \ usbhub.sys [2004-08-04 57600]
R3 usbuhci; Microsoft USB Universal Host Controller Miniport Driver; C: \ WINDOWS \ system32 \ drivers \ usbuhci.sys [2004-08-04 20480]
S3 usbccgp; Microsoft USB Generic Parent Driver; C: \ WINDOWS \ system32 \ drivers \ usbccgp.sys [2004-08-03 31616]
S3 usbprint; Microsoft USB PRINTER klasse, C: \ WINDOWS \ system32 \ drivers \ Usbprint.sys [2004-08-03 25856]
S3 USBSTOR; USB Mass Storage Driver, C: \ WINDOWS \ system32 \ drivers \ USBSTOR.SYS [2004-08-03 26496]
====== Lijst van diensten (R = Running, S = Stopped, 0 = Boot, 1 = System, 2 = Auto, 3 = Demand, 4 = Disabled )======
R2 AdobeActiveFileMonitor5.0; Adobe Active File Monitor V5 C: \ Program Files \ Adobe \ Photoshop Elements 5.0 \ PhotoshopElementsFileAgent.exe [2006-09-14 102400]
R2 InoRPC; eTrust Antivirus RPC Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoRpc.exe [2004-04-06 139536]
R2 InoRT; eTrust Antivirus Realtime Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoRT.exe [2004-04-06 241936]
R2 InoTask; eTrust Antivirus Job Server; C: \ Program Files \ CA \ eTrust Antivirus \ InoTask.exe [2004-04-06 254224]
R2 UMWdf; Windows User Mode Driver Framework, C: \ WINDOWS \ system32 \ Wdfmgr.exe [2005-01-28 38912]
R3 iPod Service; iPod Service; C: \ Program Files \ iPod \ bin \ iPodService.exe [2006-10-30 492608]
S3 OSE; Office Source Engine, C: \ Program Files \ Common Files \ Microsoft Shared \ Source Engine \ OSE.EXE [2003-07-28 89136]
S3 usnjsvc; Messenger Sharing Folders USN Journal Reader service, C: \ Program Files \ MSN Messenger \ usnsvc.exe [2007-01-19 97136]
----------------- EOF -----------------