mindere aandelenkarakter

Magazine
Go Back   Computer Juice > Computer Software > Virus, spyware & Security
Reload this Page

Virus: iexplore.exe als systeemproces

Registreer Site Spy Leden Lijst Doneer Zoeken Today's Posts Markeer forums als gelezen Forum Regels

Register


 Default 

Virus: iexplore.exe als systeemproces




Reply
Pagina 1 van 2 1 2
 
Thread Tools
  #1  
Old 6 november 2008, 02:16
Nieuw Lid Fractie
  
Ik kan niet lijkt te sluiten iexplore.exe, zelfs als er geen windows verkenner geopend. Advertenties altijd pop-up van tijd tot tijd. Ik hoor trouwens ook ad stemmen / geluiden in de achtergrond. Het is vervelend en ik voel me als het systeem de prestaties had vertraagd. Please help. Dit is mijn HiJackThis log:

Logfile van HijackThis v1.99.1
Scan saved at 4:15:28 AM, op 11.6.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Draaiende processen:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe
C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe
C: \ WINDOWS \ RTHDCPL.EXE
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ ASUS \ AASP \ 1.00.61 \ aaCenter.exe
C: \ WINDOWS \ system32 \ RUNDLL32.EXE
C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe
C: \ PROGRA ~ 1 \ COMMON ~ 1 \ Nokia \ MPAPI \ MPAPI3s.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ System32 \ PSIService.exe
C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Winamp \ winamp.exe
C: \ Program Files \ Real \ RealPlayer \ RealPlay.exe
C: \ WINDOWS \ system32 \ s1S8Dh6X.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ HijackThis \ HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: IE2EMBHO Class - (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E) - C: \ Program Files \ easyMule \ modules \ IE2EM.dll
O2 - BHO: RealPlayer Download and Record Plugin voor Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: (geen naam) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (geen file)
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [Ai Nap] "C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe"
O4 - HKLM \ .. \ Run: [CPU Power Monitor] "C: \ Program Files \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe"
O4 - HKLM \ .. \ Run: [CPU Level Up helpen] C: \ Program Files \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe
O4 - HKLM \ .. \ Run: [ASUS Energy Saving] "C: \ Program Files \ ASUS \ Ai Suite \ energiebesparing \ PwSave.exe"
O4 - HKLM \ .. \ Run: [Ulead AutoDetector v2] C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [NSLauncher] C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe / startup
O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKLM \ .. \ Run: [\ \ MING3 \ EPSON Stylus C120 Series] "C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATIC CA.EXE / FU" C: \ DOCUME ~ 1 \ MKJ \ LOCALS ~ 1 \ Temp \ E_S13.tmp "/ EF" HKCU "
O4 - HKCU \ .. \ Run: [PcSync] C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe / NoDialog
O8 - Extra context menu item: Add to Google Photos Screensa & ver - res: / / C: \ WINDOWS \ system32 \ GPhotos.scr/200
O8 - Extra context menu item: Download door easyMule - C: \ Program Files \ easyMule \ IE2EM.htm
O9 - Extra button: (geen naam) - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing)
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O10 - Unknown file in Winsock LSP: c: \ program files \ bonjour \ mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International *
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5 Control) -- http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://www.update.microsoft.com/wind...?1224821007296
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1224825458984
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: livecall - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.dll
O18 - Protocol: msnim - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.dll
O20 - Winlogon Notify: dimsntfy -% SystemRoot% \ System32 \ dimsntfy.dll (bestand ontbreekt)
O20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ system32 \ WgaLogon.dll
O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - Onbekende eigenaar - C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe "/ service (file missing)
O23 - Service: avast! Web Scanner - Onbekende eigenaar - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe "/ service (file missing)
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: ProtexisLicensing - Onbekende eigenaar - C: \ WINDOWS \ System32 \ PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
  #2  
Old 6 november 2008, 09:37
Moderator Groep
  
Downloaden CCleaner Slim en sla het op uw bureaublad.
Wanneer het bestand is opgeslagen, gaat u naar uw bureaublad en dubbelklik op ccsetupxxx_slim.exe
Volg de aanwijzingen om het programma te installeren.
Voltooi de installatie vervolgens:
  • Dubbelklik op het CCleaner snelkoppeling op het bureaublad om het programma te starten.
  • Klik op de Opties blok aan de linkerkant, kies dan Cookies.
    • Onder Cookies verwijderenMarkeer alle cookies die u wilt behouden permanent
    • Klik op de pijl naar rechts > om ze te verplaatsen naar de Cookies om Bewaar venster.
  • Ga naar Opties > Geavanceerd uncontroleren Alleen verwijderen van bestanden in Windows Temp mappen die ouder zijn dan 48 uur
  • Klik op Cleaner aan de linkerkant dan Run Cleaner inzake het recht op het programma.
  • Belangrijk: Zorg ervoor dat ALLE browservensters gesloten zijn voordat de selectie Run Cleaner
  • Let op: Het is niet aan te bevelen dat u gebruik maken van de 'Registry' functie, tenzij u zeer vertrouwd met het register.
  • Afsluiten CCleaner nadat zij heeft haar proces.

----------

Installeer nu de nieuwe versie van HijackThis en post de log van.

Downloaden TrendMicro HijackThis.exe (HJT) naar het bureaublad.
  • Dubbelklik op HJTInstall.
  • Klik op de Installeer knop.
  • Het zal automatisch plaats HJT in C: \ Program Files \ TrendMicro \ HijackThis \ HijackThis.exe.
  • Bij het installeren, HijackThis moet open voor je.
  • Klik op de Doe een systeem scannen en opslaan van een log-bestand knop
  • HijackThis scant en vervolgens een log zal openen in Kladblok.
  • Kopieer en plak de volledige inhoud van de log in je post.
  • Niet hebben HijackThis repareren alles nog. De meeste van wat hij vaststelt zal onschadelijk of zelfs vereist.
__________________
  #3  
Old 6 november 2008, 16:19
Nieuw Lid Fractie
  
Ik rende de CCleaner en opnieuw de nieuwe versie van HijackThis.

Logbestand van Trend Micro HijackThis v2.0.2
Scan saved at 6:18:15 PM, op 11.6.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Draaiende processen:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe
C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe
C: \ WINDOWS \ RTHDCPL.EXE
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ ASUS \ AASP \ 1.00.61 \ aaCenter.exe
C: \ WINDOWS \ system32 \ RUNDLL32.EXE
C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ System32 \ PSIService.exe
C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ s1S8Dh6X.exe
C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ AcroRd32.exe
C: \ PROGRA ~ 1 \ COMMON ~ 1 \ pcsuite \ DATALA ~ 1 \ DATALA ~ 1.EXE
C: \ WINDOWS \ system32 \ conime.exe
C: \ Program Files \ CCleaner \ CCleaner.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: IE2EMBHO Class - (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E) - C: \ Program Files \ easyMule \ modules \ IE2EM.dll
O2 - BHO: RealPlayer Download and Record Plugin voor Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: (geen naam) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (geen file)
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [Ai Nap] "C: \ Program Files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe"
O4 - HKLM \ .. \ Run: [CPU Power Monitor] "C: \ Program Files \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe"
O4 - HKLM \ .. \ Run: [CPU Level Up helpen] C: \ Program Files \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe
O4 - HKLM \ .. \ Run: [ASUS Energy Saving] "C: \ Program Files \ ASUS \ Ai Suite \ energiebesparing \ PwSave.exe"
O4 - HKLM \ .. \ Run: [Ulead AutoDetector v2] C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [NSLauncher] C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe / startup
O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKLM \ .. \ Run: [\ \ MING3 \ EPSON Stylus C120 Series] "C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATIC CA.EXE / FU" C: \ DOCUME ~ 1 \ MKJ \ LOCALS ~ 1 \ Temp \ E_S13.tmp "/ EF" HKCU "
O4 - HKCU \ .. \ Run: [PcSync] C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe / NoDialog
O4 - HKLM \ .. \ Run: [Uniblue RegistryBooster 2009] C: \ Program Files \ Uniblue \ RegistryBooster \ RegistryBooster.exe / S
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa & ver - res: / / C: \ WINDOWS \ system32 \ GPhotos.scr/200
O8 - Extra context menu item: Download door easyMule - C: \ Program Files \ easyMule \ IE2EM.htm
O9 - Extra button: (geen naam) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O15 - ESC Trusted Zone: http:// *. update.microsoft.com
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5 Control) -- http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://www.update.microsoft.com/wind...?1224821007296
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1224825458984
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: ProtexisLicensing - Onbekende eigenaar - C: \ WINDOWS \ System32 \ PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
--
End of file - 7422 bytes



Wat is de volgende stap?

Bedankt voor je hulp.
  #4  
Old 6 november 2008, 16:53
Moderator Groep
  
Verdachte bestanden te scannen

Ga naar VirSCAN.org gratis online scan service
(Indien meer dan een bestand moet gescand moeten worden gedaan afzonderlijk en logs geplaatst voor elk een)

1. Kopieer en plak het volgende bestand pad in de Verdachte bestanden te scannen vak aan de bovenkant van de pagina.
Code:
C: \ WINDOWS \ system32 \ s1S8Dh6X.exe
2. Op de upload site, klik dan eenmaal in het venster naast Bladeren.
3. Druk op Ctrl + V op het toetsenbord (beide tegelijk) om te plakken het pad in het venster.
4. Klik op de Uploaden knop.
Dit zal het uitvoeren van een scan op meerdere verschillende viruscontroleprogramma motoren.
Uw bestand zal mogelijk worden opgenomen in een wachtrij die normaliter minder dan een minuut duidelijk.
Belangrijk: Wacht tot alle motoren van het scannen te voltooien.
5. Zodra de scan is voltooid, bladert u omlaag en klikt u op de Kopiëren naar klembord knop. Dit kopieert de link van het verslag in het Klembord.
6. Plak de inhoud van het klembord in je volgende antwoord.
__________________
  #5  
Old De 6 nov 2008, 17:19
Nieuw Lid Fractie
  
Hier is het klembord info voor het bestand s1S8Dh6X.exe.

Bestand informatie Bestandsnaam: s1S8Dh6X.exeFile Grootte: 62464 byteFile Type: PE32 uitvoerbaar voor MS Windows (GUI) Intel 80386 32-bitMD5: 895f4e2eed5a30e317460e66989042d0SHA1: 8d133ba222ce2d511ff28d900586e79041a8b4cfScanner resultaten Scanner resultaten: 8% Scanner (3 / 39) gevonden malware! Time: 2008 / 11/06 19:15:08 (EST)ScannerMotor VerSig VerSig DatumScan resultaatTijda-squared4.0.0.232008.11.032008-11-03--
1.832AhnLab V32008.11.07.012008.11.072008-11-07--
0.987AntiVir7.9.0.267.1.0.492008-11-06--
1.503Antiy2.0.1820081106.15602992008-11-06--
0.122Arcavir1.0.52008110611442008-11-06--
1.227Authentium5.1.12008110611422008-11-06--
1.367AVAST! 3.0.1081106-02008-11-06--
0.725AVG7.5.52.442270.9.0/17722008-11-06Clicker.TXO
1.691BitDefender7.60825.20709477.217192008-11-07--
3.401CA (VET) 9.0.0.14331.6.61952008-11-06--
7.230ClamAV0.9485842008-11-07--
0.021Comodo2.112.0.0.6992008-11-06--
0.422CP Secure1.1.0.7152008.11.062008-11-06--
6.447Dr.Web4.44.0.91702008.11.062008-11-06--
3.465ewido4.0.0.22008.11.062008-11-06--
3.024F-Prot4.4.4.56200811062008-11-06--
1.293F-Secure5.51.61002008.11.06.112008-11-06--
3.681Fortinet2.81-3.1179.6922008-11-06--
0.215GData19.1393/19.94200811072008-11-07--
2.739IkarusT3.1.01.452008.11.06.718072008-11-06--
3.517JiangMin11.0.7062008.11.062008-11-06--
1.312Kaspersky5.5.102008.11.062008-11-06--
0.034KingSoft2008.9.8.182008.11.6.202008-11-06--
0.690McAfee5.3.0054262008-11-06--
2.352Microsoft1.41042008.11.072008-11-07--
8.785mks_vir2.012008.11.062008-11-06--
2.720Norman5.93.015.93.002008-11-06--
5.480nProtect2008-11-06,0023828662008-11-06--
5.379Panda9.05.012008.11.062008-11-06--
3.744Quick Heal9.502008.09.122008-09-12--
2.520Rising20.021.02.32.002008-11-06--
3.054Sophos2.80.04.352008-11-07Mal / EncPk-CZ
1.881Sunbelt3.1.1783.223742008-11-04--
1.058Symantec1.3.0.2420081106.0042008-11-06Infostealer
0.046The Hacker6.3.1.1v001432008-11-06--
0.445Trend Micro8.700-10045.642.172008-11-06--
0.028VBA323.12.8.920081106.17172008-11-06--
1.390ViRobot200811052008.11.052008-11-05--
0.398VirusBuster4.5.11.1010.90.27/6712492008-11-06--
0.876Thanks
  #6  
Old 6 november 2008, 17:30
Nieuw Lid Fractie
  
http://virscan.org/report/3510c11282...b9674c0c1.html

thats de link naar het gescande bestand.
  #7  
Old 6 november 2008, 17:39
Moderator Groep
  
Download ComboFix door subs uit een van de onderstaande links. Wees er zeker boven op te slaan op de Desktop.

Link # 1
Link # 2

** Opmerking: Het is belangrijk dat het is opgeslagen rechtstreeks op uw bureaublad

Sluit alle open web browsers. (Firefox, Internet Explorer, enz.) voordat u begint ComboFix.

Tijdelijk uitschakelen je antivirus, En eventuele antispyware real-time bescherming voordat het uitvoeren van een scan. Klik op deze link om een lijst van programma's die de veiligheid moeten worden uitgeschakeld en het uitschakelen van hen.

Dubbelklik op combofix.exe en volg de instructies.

Voor Windows XP-systemen installeren van de herstelconsole:

- Als u Windows XP gebruikt en niet al de Recovery Console geïnstalleerd, zorg dan dat uw Internet-verbinding actief is (indien mogelijk) en klik op Ja.
- Indien om een of andere reden uw Internet niet werkt klik Nee.
-- Als u Windows XP niet gebruikt, zult u niet worden gevraagd.
- Wanneer u wordt gevraagd om de EULA klik OK.
- Accepteer Microsoft EULA (Klik Ja).
- Als u verteld dat de RC correct is geïnstalleerd klikt u op JA om verder te gaan scannen voor malware.

Wanneer u klaar bent ComboFix zal een log voor je.
Post de ComboFix log in je volgende antwoord.

Belangrijk: Niet muisklik ComboFix het venster terwijl het draait. Dat kan leiden tot stilstand.

Vergeet niet om opnieuw inschakelen van uw antivirus-en antispyware-bescherming wanneer ComboFix is voltooid.
__________________
  #8  
Old 6 november 2008, 17:57
Nieuw Lid Fractie
  
ComboFix Aanmelden

ComboFix 08-11-05.02 - MKJ 2008-11-06 19:51:34.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3144 [GMT -5:00]
Running from: C: \ Documents and Settings \ MKJ \ Desktop \ ComboFix.exe
.
((((((((((((((((((((((((( Bestanden Gemaakt van 2008-10-07 tot 2008-11-07 ))))))))))) ))))))))))))))))))))
.
2008-11-06 18:15. 2008-11-06 18:15 <DIR> d -------- c: \ program files \ CCleaner
2008-11-06 03:51. 2008-11-06 03:51 <DIR> d -------- c: \ program files \ Trend Micro
2008-11-06 03:22. 2008-11-06 03:22 <DIR> d -------- c: \ program files \ Alwil Software
2008-11-06 02:10. 2008-11-06 02:10 <DIR> d -------- c: \ program files \ Reference Assemblies
2008-11-06 02:07. 2008-11-06 02:07 <DIR> dr-h ----- C: \ AHCache
2008-11-05 23:11. 2008-11-06 02:12 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Uniblue
2008-11-05 22:05. 2008-11-05 22:05 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Malwarebytes
2008-11-05 22:04. 2008-11-05 22:04 <DIR> d -------- C: \ Documents and Settings \ Administrator
2008-11-05 16:34. 2008-11-05 16:34 <DIR> d -------- c: \ program files \ Xanga Uploader
2008-11-05 16:34. 2008-11-05 16:34 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \. Xuploader
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- c: \ program files \ Malwarebytes 'Anti-Malware
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Malwarebytes
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-11-05 16:08. 2008-10-22 16:10 38.496 - a ------ c: \ windows \ system32 \ drivers \ mbamswissarmy.sys
2008-11-05 16:08. 2008-10-22 16:10 15.504 - a ------ c: \ windows \ system32 \ drivers \ mbam.sys
2008-11-05 15:38. 2008-11-05 15:38 62.464 - a ------ c: \ windows \ system32 \ s1S8Dh6X.exe
2008-11-01 16:18. 2008-11-01 16:18 <DIR> d -------- c: \ windows \ system32 \ iosubsys
2008-11-01 16:18. 2008-11-01 16:18 <DIR> d -------- c: \ program files \ Google
2008-10-28 02:00. 2008-10-28 02:00 <DIR> d -------- c: \ program files \ MSXML 4.0
2008-10-28 01:19. 2008-10-28 01:19 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Nokia
2008-10-28 01:19. 2008-10-28 01:19 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Datalayer
2008-10-28 01:18. 2008-10-30 05:43 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Phone Browser
2008-10-28 00:55. 2008-10-28 00:55 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ DivX
2008-10-28 00:54. 2008-10-28 00:54 <DIR> d -------- c: \ program files \ Windows Media Components
2008-10-28 00:54. 2005-06-10 09:43 73.728 - a ------ c: \ windows \ system32 \ ISUSPM.cpl
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- c: \ program files \ DIFX
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- c: \ program files \ common files \ Nokia
2008-10-28 00:50. 2008-10-28 00:58 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ PC Suite
2008-10-28 00:50. 2008-10-28 00:58 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PC Suite
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Downloaded Installations
2008-10-28 00:50. 2006-05-29 07:26 127.488 - a ------ c: \ windows \ system32 \ drivers \ nmwcd.sys
2008-10-28 00:50. 2006-05-29 07:26 50.688 - a ------ c: \ windows \ system32 \ nmwcdcls.dll
2008-10-28 00:50. 2006-05-29 07:26 30.720 - a ------ c: \ windows \ system32 \ nmwcdcocls.dll
2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ c: \ windows \ system32 \ drivers \ nmwcdcm.sys
2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ c: \ windows \ system32 \ drivers \ nmwcdcj.sys
2008-10-28 00:50. 2006-05-29 07:26 8.704 - a ------ c: \ windows \ system32 \ drivers \ nmwcdc.sys
2008-10-28 00:50. 2006-05-29 07:26 4.608 - a ------ c: \ windows \ system32 \ nmwcdlog.dll
2008-10-28 00:49. 2008-10-28 00:49 <DIR> d -------- C: \ WINDOWS \ Downloaded Installations
2008-10-28 00:49. 2008-10-28 00:51 <DIR> d -------- c: \ program files \ Nokia
2008-10-28 00:49. 2008-10-28 00:50 <DIR> d -------- c: \ program files \ common files \ pcsuite
2008-10-27 23:54. 2008-10-27 23:54 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ EPSON
2008-10-27 21:55. 2008-10-27 21:55 <DIR> d -------- c: \ program files \ Ventrilo
2008-10-27 21:55. 2008-10-27 21:55 <DIR> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard
2008-10-27 21:55. 2008-10-27 21:56 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Ventrilo
2008-10-27 21:13. 2008-11-06 19:50 160.100 - a ------ c: \ windows \ system32 \ nvapps.xml
2008-10-27 21:05. 2008-11-05 16:09 <DIR> da ------ C: \ Documents and Settings \ All Users \ Application Data \ TEMP
2008-10-26 23:48. 2008-11-06 05:29 <DIR> d -------- c: \ program files \ easyMule
2008-10-26 13:53. 2008-10-26 13:53 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Viewpoint
2008-10-25 19:37. 2008-10-25 19:37 <DIR> d -------- c: \ program files \ iPod
2008-10-25 19:37. 2008-10-25 19:37 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Apple Computer
2008-10-25 19:37. 2008-04-17 12:12 107.368 - a ------ c: \ windows \ system32 \ GEARAspi.dll
2008-10-25 19:37. 2008-04-17 12:12 15.464 - a ------ c: \ windows \ system32 \ drivers \ GEARAspiWDM.sys
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- c: \ program files \ QuickTime
2008-10-25 19:36. 2008-10-25 19:37 <DIR> d -------- c: \ program files \ iTunes
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- c: \ program files \ Bonjour
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- c: \ program files \ Apple Software Update
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple Computer
2008-10-25 19:36. 2008-10-25 19:37 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ () 3276BE95_AF08_429F_A64F_CA64CB79BCF6
2008-10-25 19:35. 2008-10-25 19:36 <DIR> d -------- c: \ program files \ common files \ Apple
2008-10-25 19:35. 2008-10-25 19:35 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple
2008-10-24 18:11. 2007-07-30 18:19 271.224 - a ------ c: \ windows \ system32 \ mucltui.dll
2008-10-24 18:11. 2007-07-30 18:19 30.072 - a ------ c: \ windows \ system32 \ mucltui.dll.mui
2008-10-24 15:39. 2008-10-24 15:39 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Blizzard
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- c: \ program files \ Real
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- c: \ program files \ common files \ xing shared
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- c: \ program files \ common files \ Real
2008-10-24 14:07. 2008-10-24 14:07 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Logs
2008-10-24 13:59. 2008-10-24 13:59 <DIR> d -------- C: \ Logs
2008-10-24 10:05. 2008-10-27 21:15 <DIR> d -------- c: \ windows \ nView
2008-10-24 10:05. 2008-01-10 01:30 442.368-ra ------ c: \ windows \ system32 \ nvusmb.exe
2008-10-24 10:05. 2008-03-06 15:23 442.368 - a ------ c: \ windows \ system32 \ NVUNINST.EXE
2008-10-24 10:05. 2008-03-19 04:04 442.368 - a ------ c: \ windows \ system32 \ nvudisp.exe
2008-10-24 10:05. 2007-09-27 22:32 356.352-ra ------ c: \ windows \ system32 \ nvusmu.exe
2008-10-24 10:05. 2008-01-03 17:26 17.737 - a ------ c: \ windows \ system32 \ nvdisp.nvu
2008-10-24 10:05. 2007-10-12 03:53 13.312-ra ------ c: \ windows \ system32 \ drivers \ nvsmu.sys
2008-10-24 10:05. 2007-12-07 03:12 5.836 - a ------ c: \ windows \ system32 \ nvnrm.nvu
2008-10-24 10:05. 2008-01-16 17:17 3.948-ra ------ c: \ windows \ system32 \ drivers \ nvphy.bin
2008-10-24 10:05. 2007-12-07 01:34 2.016-ra ------ c: \ windows \ system32 \ nvsmb.nvu
2008-10-24 10:05. 2007-09-12 01:14 659-ra ------ c: \ windows \ system32 \ nvsmu.nvu
2008-10-24 10:04. 2008-10-23 22:44 35.647 - a ------ c: \ windows \ Ascd_log.ini
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-06 10:37 --------- d ----- wc: \ program files \ AIMTunes
2008-11-04 21:36 --------- d ----- wc: \ program files \ World of Warcraft
2008-10-28 05:55 --------- d ----- wc: \ Program Files \ Common Files \ Ulead Systems
2008-10-28 05:55 --------- d ----- wc: \ Documents and Settings \ MKJ \ Application Data \ Ulead Systems
2008-10-28 05:54 --------- d ----- wc: \ program files \ Ulead Systems
2008-10-28 05:54 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Ulead Systems
2008-10-28 05:53 --------- d - h - wc: \ program files \ InstallShield Installation Information
2008-10-28 05:02 --------- d ----- wc: \ Program Files \ Common Files \ Adobe
2008-10-24 19:24 499.712 ---- aw c: \ windows \ system32 \ msvcp71.dll
2008-10-24 19:24 348.160 ---- aw c: \ windows \ system32 \ msvcr71.dll
2008-10-24 14:51 --------- d ----- wc: \ Program Files \ Microsoft FrontPage
2008-10-24 07:55 --------- d ----- wc: \ program files \ MSN Messenger
2008-10-24 06:09 --------- d ----- wc: \ Program Files \ Microsoft CAPICOM 2.1.0.2
2008-10-24 05:44 --------- d ----- wc: \ program files \ Winamp
2008-10-24 05:44 --------- d ----- wc: \ Documents and Settings \ MKJ \ Application Data \ Winamp
2008-10-24 05:40 --------- ----- wc: \ documents and settings d \ MKJ \ Application Data \ acccore
2008-10-24 05:39 --------- d ----- wc: \ program files \ AIM6
2008-10-24 05:39 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads
2008-10-24 05:38 --------- d ----- wc: \ program files \ Viewpoint
2008-10-24 05:38 --------- d ----- wc: \ program files \ common files \ AOL
2008-10-24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Viewpoint
2008-10-24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL OCP
2008-10-24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL
2008-10-24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ acccore
2008-10-24 05:32 --------- d ----- wc: \ Program Files \ Common Files \ Blizzard Entertainment
2008-10-24 05:20 --------- d ----- wc: \ Program Files \ Windows Media Connect 2
2008-10-24 05:10 --------- d ----- wc: \ program files \ DivX
2008-10-24 05:08 --------- d ----- wc: \ program files \ DefilerPak
2008-10-24 04:37 --------- d ----- wc: \ program files \ Realtek
2008-10-24 04:33 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Symantec
2008-10-24 04:18 --------- d ----- wc: \ program files \ common files \ Symantec Shared
2008-10-24 03:58 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ InstallShield
2008-10-24 03:57 --------- d ----- wc: \ Program Files \ Common Files \ InstallShield
2008-10-24 03:54 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Corel
2008-10-24 03:33 --------- d ----- wc: \ program files \ ASUS
2008-10-24 03:08 315.392 ---- aw c: \ windows \ HideWin.exe
2008-10-24 03:08 --------- d ----- wc: \ program files \ profiel
2008-10-24 00:18 2.302.017 ---- aw c: \ windows \ system32 \ GPhotos.scr
2008-09-23 22:46 245.408 ---- aw c: \ windows \ system32 \ unicows.dll
2008-09-15 12:12 1,846,400 ---- aw c: \ windows \ system32 \ Win32k.sys
2008-09-08 10:41 333.824 ---- aw c: \ windows \ system32 \ drivers \ Srv.sys
2008-08-29 14:18 87.336 ---- aw c: \ windows \ system32 \ dns-sd.exe
2008-08-29 13:53 61.440 ---- aw c: \ windows \ system32 \ dnssd.dll
2008-08-26 07:24 826,368 ---- aw c: \ windows \ system32 \ Wininet.dll
2008-08-14 10:09 2.145.280 ---- aw c: \ windows \ system32 \ ntoskrnl.exe
2008-08-14 09:33 2.023.936 ---- aw c: \ windows \ system32 \ ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & legit default entries worden niet weergegeven
REGEDIT4
[HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E)]
2008-10-23 02:37 147928 - a ------ c: \ program files \ easyMule \ modules \ IE2EM.dll
[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"CTFMON.EXE" = "c: \ windows \ system32 \ ctfmon.exe" [2008-04-13 15360]
"\ \ MING3 \ EPSON Stylus C120 Series "=" C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATICCA.EXE "[2007-03-12 182272]
"PcSync" = "C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe" [2006-06-27 1449984]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"PHIME2002ASync" = "c: \ windows \ system32 \ IME \ TINTLGNT \ nwiz.exe" [2004-08-04 455168]
"PHIME2002A" = "c: \ windows \ system32 \ IME \ TINTLGNT \ TIN TSETP.EXE" [2004-08-04 455168]
"Ai Nap" = "c: \ program files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe" [2008-01-28 1413120]
"CPU Power Monitor" = "c: \ program files \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe" [2008-01-09 627200]
"CPU Level Up helpen" = "c: \ program files \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe" [2007-11-30 881152]
"ASUS Energy Saving" = "c: \ program files \ ASUS \ Ai Suite \ energiebesparing \ PwSave.exe" [2008-01-28 1352704]
"Ulead AutoDetector v2" = "c: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe" [2006-11-29 90112]
"NvMediaCenter" = "C: \ Program Files \ Common Files \ \ jusched.exe" [2008-10-24 185872]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008-09-06 413696]
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008-10-01 289576]
"NvCplDaemon" = "c: \ windows \ system32 \ NvCpl.dll" [2008-01-03 13508608]
"NvMediaCenter" = "c: \ windows \ system32 \ NvMcTray. Dll" [2008-01-03 86016]
"Adobe Reader Speed Launcher" = "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe" [2008-01-11 39792]
"NSLauncher" = "C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe" [2006-11-28 2658304]
"avast!" = "c: \ progra ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp. exe" [2008-07-19 78008]
"SoundMan" = "SOUNDMAN.EXE" [2008-05-07 c: \ windows \ SOUNDMAN.EXE]
"nwiz" = "nwiz.exe" [2008-01-03 c: \ windows \ system32 \ nwiz.exe]
[HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ Run]
"CTFMON.EXE" = "C: \ WINDOWS \ system32 \ CTFMON.EXE" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ drivers32]
"msacm.dvacm" = c: \ progra ~ 1 \ COMMON ~ 1 \ ULEADS ~ 1 \ Vio \ Dvacm.acm
"msacm.divxa32" = DivXa32.acm
"msacm.ulmp3acm" = c: \ progra ~ 1 \ COMMON ~ 1 \ ULEADS ~ 1 \ MPEG \ ulmp3acm.acm
"msacm.mpegacm" = c: \ progra ~ 1 \ COMMON ~ 1 \ ULEADS ~ 1 \ MPEG \ mpegacm.acm
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnet3.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnet3 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnet3 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx30SP1setup.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx30SP1setup [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx30SP1setup [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx35.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx35setup.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx35setup [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx35setup [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx35 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx35 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3setup.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3setup [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3setup [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3_ia64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3_ia64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3_ia64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3_x64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3_x64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3_x64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_ia64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_ia64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_ia64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_x64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_x64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_x64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_x86.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_x86 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_x86 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_ia64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_ia64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_ia64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_x64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_x64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_x64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_x86.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_x86 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_x86 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx30SP1_x64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx30SP1_x64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx30SP1_x64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx30SP1_x86.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx30SP1_x86 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx30SP1_x86 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_ia64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_ia64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_ia64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_x64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_x64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_x64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_x86.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_x86 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_x86 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo antonny \ standardprofile \ AuthorizedApplications \ List]
"% windir% \ \ system32 \ \ sessmgr.exe" =
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"c: \ \ Program Files \ \ AIM6 \ \ aim6.exe" =
"c: \ \ Program Files \ \ World of Warcraft \ \ WoW-2.3.0-enUS-downloader.exe" =
"c: \ \ Program Files \ \ MSN Messenger \ \ msnmsgr.exe" =
"c: \ \ Program Files \ \ MSN Messenger \ \ livecall.exe" =
"c: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" =
"c: \ \ Program Files \ \ iTunes \ \ iTunes.exe" =
"c: \ \ Program Files \ \ easyMule \ \ emule.exe" =
[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo antonny \ standardprofile \ GloballyOpenPorts \ List]
"3724: TCP" = 3724: TCP: Blizzard Downloader: 3724
"12178: TCP" = 12178: TCP: BitComet 12178 TCP
"12178: UDP" = 12178: UDP: BitComet 12178 UDP
R1 aswSP; avast! Self Protection; c: \ windows \ system32 \ drivers \ aswSP.sys [2008-07-19 78416]
R2 aswFsBlk; aswFsBlk c: \ windows \ system32 \ drivers \ aswF sBlk.sys [2008-07-19 20560]
R2 Viewpoint Manager Service; Viewpoint Manager Service; c: \ program files \ Viewpoint \ Common \ ViewpointService.exe [2007-01-04 24652]
R3 NVHDA; Dienst voor NVIDIA High Definition Audio Driver: c: \ windows \ system32 \ drivers \ nvhda32.sys [2008-05-04 38560]
.
Inhoud van de 'Geplande taken' map
2008-11-01 c: \ windows \ Tasks \ AppleSoftwareUpdate.job
- C: \ Program Files \ Apple Software Update \ SoftwareUpdate.exe [2008-07-30 11:34]
2008-11-06 c: \ windows \ Tasks \ At1.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At10.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At11.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At12.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At13.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At14.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At15.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At16.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At17.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At18.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At19.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At2.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-07 c: \ windows \ Tasks \ At20.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At21.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At22.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At23.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At24.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At3.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At4.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At5.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At6.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At7.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At8.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
2008-11-06 c: \ windows \ Tasks \ At9.job
- C: \ windows \ system32 \ s1S8Dh6X.exe [2008-11-05 15:38]
.
- - - - WEZEN REMOVED - - - --
HKCU-Run-Uniblue RegistryBooster 2009 - C: \ Program Files \ Uniblue \ RegistryBooster \ RegistryBooster.exe
MSConfigStartUp-SunJavaUpdateSched 2009 - c: \ program files \ Uniblue \ RegistryBooster \ RegistryBooster.exe

.
------- Bijkomende Scan -------
.
R0 -: HKCU-Main, Start Page = ongeveer: blank
R1 -: HKCU-Internet Settings, ProxyOverride = *. lokale
O8 -: Add to Google Photos Screensa & ver - c: \ windows \ system32 \ GPhotos.scr/200
O8 -: Download door easyMule - c: \ program files \ easyMule \ IE2EM.htm
.
************************************************** ************************
CatchMe 0.3.1367 W2K/XP/Vista - rootkit / stealth malware detector, Gmer, http://www.gmer.net
Rootkit scan 2008-11-06 19:54:20
Windows 5.1.2600 Service Pack 3 NTFS
het scannen van verborgen processen ...
het scannen van verborgen autostart items ...
het scannen van verborgen bestanden ...
scannen is voltooid
verborgen bestanden: 0
************************************************** ************************
.
Voltooingstijd: 2008-11-06 19:54:45
ComboFix-quarantined-files.txt 2008-11-07 00:54:42
Pre-Run: 41621639168 bytes vrij
Post-Run: 41699291136 bytes vrij
396 --- EOF --- 2008-10-28 07:00:21
  #9  
Old 6 november 2008, 18:28
Moderator Groep
  
Opmerking: de onderstaande instructies zijn die speciaal voor deze gebruiker. Als u geen gebruiker, DO NOT Volg deze aanwijzingen als ze kunnen schade toebrengen aan de werking van uw systeem

Verwijder deze bestanden / mappen, als volgt:

1. Ga naar Start > Rennen > Type Notepad.exe en klik op OK Kladblok te openen.
Het moet worden Kladblok, Wordpad niet.
2. Kopieer de tekst in de onderstaande code vak door alle tekst en drukken Ctrl + C

Code:
Killall:: File:: c: \ windows \ system32 \ s1S8Dh6X.exe c: \ windows \ Tasks \ At1.job c: \ windows \ Tasks \ At10.job C: \ WINDOWS \ Tasks \ At11.job C: \ WINDOWS \ Tasks \ At12.job C: \ WINDOWS \ Tasks \ At13.job C: \ WINDOWS \ Tasks \ At14.job C: \ WINDOWS \ Tasks \ At15.job C: \ WINDOWS \ Tasks \ At16.job C: \ WINDOWS \ Tasks \ At17.job C: \ WINDOWS \ Tasks \ At18.job C: \ WINDOWS \ Tasks \ At19.job C: \ WINDOWS \ Tasks \ At2.job c: \ WINDOWS \ Tasks \ At20.job C: \ WINDOWS \ Tasks \ At21.job C: \ WINDOWS \ Tasks \ At22.job C: \ WINDOWS \ Tasks \ At23.job C: \ WINDOWS \ Tasks \ At24.job C: \ WINDOWS \ Tasks \ At3.job c: \ windows \ Tasks \ At4.job c: \ windows \ Tasks \ At5.job c: \ windows \ Tasks \ At6.job c: \ windows \ Tasks \ At7.job c: \ windows \ Tasks \ At8.job c: \ windows \ Tasks \ At9.job
3. Ga naar het Kladblok-venster en klik op Bewerken > Plakken
4. Klik vervolgens op Bestand > Redden
5. Geef het bestand de naam CFScript.txt - Sla het bestand op uw bureaublad
6. Vervolgens sleept u de CFScript (houd de linker muisknop te slepen, terwijl het bestand) en de daling van het (laat de linker muisknop) in ComboFix.exe zoals je kunt zien in het screenshot hieronder. Belangrijk: Voer deze instructie zorgvuldig!



ComboFix zal beginnen uit te voeren, volg de instructies.
Na een reboot (in geval er gevraagd om opnieuw op te starten), zal een log voor je.
Post dat log (Combofix.txt) in je volgende antwoord.

Opmerking: Niet muisklik ComboFix het venster terwijl het draait. Dat kan ertoe leiden dat uw systeem te bevriezen
__________________
  #10  
Old 6 november 2008, 18:37
Nieuw Lid Fractie
  
ComboFix Aanmelden

ComboFix 08-11-05.02 - MKJ 2008-11-06 20:31:01.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2458 [GMT -5:00]
Running from: C: \ Documents and Settings \ MKJ \ Desktop \ ComboFix.exe
Command switches used:: c: \ Documents and Settings \ MKJ \ Desktop \ CFScript.txt
* Gemaakt van een nieuw herstelpunt
FILE:
c: \ windows \ system32 \ s1S8Dh6X.exe
c: \ windows \ Opdrachten \ At1.job
c: \ windows \ Tasks \ At10.job
c: \ windows \ Tasks \ At11.job
c: \ windows \ Tasks \ At12.job
c: \ windows \ Tasks \ At13.job
c: \ windows \ Tasks \ At14.job
c: \ windows \ Tasks \ At15.job
c: \ windows \ Tasks \ At16.job
c: \ windows \ Tasks \ At17.job
c: \ windows \ Tasks \ At18.job
c: \ windows \ Tasks \ At19.job
c: \ windows \ Tasks \ At2.job
c: \ windows \ Tasks \ At20.job
c: \ windows \ Tasks \ At21.job
c: \ windows \ Tasks \ At22.job
c: \ windows \ Tasks \ At23.job
c: \ windows \ Tasks \ At24.job
c: \ windows \ Tasks \ At3.job
c: \ windows \ Tasks \ At4.job
c: \ windows \ Tasks \ At5.job
c: \ windows \ Tasks \ At6.job
c: \ windows \ Tasks \ At7.job
c: \ windows \ Tasks \ At8.job
c: \ windows \ Tasks \ At9.job
.
((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))) ))))))))))))))))))))))))))))))))))))))))
.
c: \ windows \ system32 \ s1S8Dh6X.exe
c: \ windows \ Opdrachten \ At1.job
c: \ windows \ Tasks \ At10.job
c: \ windows \ Tasks \ At11.job
c: \ windows \ Tasks \ At12.job
c: \ windows \ Tasks \ At13.job
c: \ windows \ Tasks \ At14.job
c: \ windows \ Tasks \ At15.job
c: \ windows \ Tasks \ At16.job
c: \ windows \ Tasks \ At17.job
c: \ windows \ Tasks \ At18.job
c: \ windows \ Tasks \ At19.job
c: \ windows \ Tasks \ At2.job
c: \ windows \ Tasks \ At20.job
c: \ windows \ Tasks \ At21.job
c: \ windows \ Tasks \ At22.job
c: \ windows \ Tasks \ At23.job
c: \ windows \ Tasks \ At24.job
c: \ windows \ Tasks \ At3.job
c: \ windows \ Tasks \ At4.job
c: \ windows \ Tasks \ At5.job
c: \ windows \ Tasks \ At6.job
c: \ windows \ Tasks \ At7.job
c: \ windows \ Tasks \ At8.job
c: \ windows \ Tasks \ At9.job
.
((((((((((((((((((((((((( Bestanden Gemaakt van 2008-10-07 tot 2008-11-07 ))))))))))) ))))))))))))))))))))
.
2008-11-06 18:15. 2008-11-06 18:15 <DIR> d -------- c: \ program files \ CCleaner
2008-11-06 03:51. 2008-11-06 03:51 <DIR> d -------- c: \ program files \ Trend Micro
2008-11-06 03:22. 2008-11-06 03:22 <DIR> d -------- c: \ program files \ Alwil Software
2008-11-06 02:10. 2008-11-06 02:10 <DIR> d -------- c: \ program files \ Reference Assemblies
2008-11-06 02:07. 2008-11-06 02:07 <DIR> dr-h ----- C: \ AHCache
2008-11-05 23:11. 2008-11-06 02:12 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Uniblue
2008-11-05 22:05. 2008-11-05 22:05 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Malwarebytes
2008-11-05 22:04. 2008-11-05 22:04 <DIR> d -------- C: \ Documents and Settings \ Administrator
2008-11-05 16:34. 2008-11-05 16:34 <DIR> d -------- c: \ program files \ Xanga Uploader
2008-11-05 16:34. 2008-11-05 16:34 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \. Xuploader
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- c: \ program files \ Malwarebytes 'Anti-Malware
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Malwarebytes
2008-11-05 16:08. 2008-11-05 16:08 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-11-05 16:08. 2008-10-22 16:10 38.496 - a ------ c: \ windows \ system32 \ drivers \ mbamswissarmy.sys
2008-11-05 16:08. 2008-10-22 16:10 15.504 - a ------ c: \ windows \ system32 \ drivers \ mbam.sys
2008-11-01 16:18. 2008-11-01 16:18 <DIR> d -------- c: \ windows \ system32 \ iosubsys
2008-11-01 16:18. 2008-11-01 16:18 <DIR> d -------- c: \ program files \ Google
2008-10-28 02:00. 2008-10-28 02:00 <DIR> d -------- c: \ program files \ MSXML 4.0
2008-10-28 01:19. 2008-10-28 01:19 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Nokia
2008-10-28 01:19. 2008-10-28 01:19 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Datalayer
2008-10-28 01:18. 2008-10-30 05:43 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Phone Browser
2008-10-28 00:55. 2008-10-28 00:55 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ DivX
2008-10-28 00:54. 2008-10-28 00:54 <DIR> d -------- c: \ program files \ Windows Media Components
2008-10-28 00:54. 2005-06-10 09:43 73.728 - a ------ c: \ windows \ system32 \ ISUSPM.cpl
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- c: \ program files \ DIFX
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- c: \ program files \ common files \ Nokia
2008-10-28 00:50. 2008-10-28 00:58 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ PC Suite
2008-10-28 00:50. 2008-10-28 00:58 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PC Suite
2008-10-28 00:50. 2008-10-28 00:50 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Downloaded Installations
2008-10-28 00:50. 2006-05-29 07:26 127.488 - a ------ c: \ windows \ system32 \ drivers \ nmwcd.sys
2008-10-28 00:50. 2006-05-29 07:26 50.688 - a ------ c: \ windows \ system32 \ nmwcdcls.dll
2008-10-28 00:50. 2006-05-29 07:26 30.720 - a ------ c: \ windows \ system32 \ nmwcdcocls.dll
2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ c: \ windows \ system32 \ drivers \ nmwcdcm.sys
2008-10-28 00:50. 2006-05-29 07:26 13.312 - a ------ c: \ windows \ system32 \ drivers \ nmwcdcj.sys
2008-10-28 00:50. 2006-05-29 07:26 8.704 - a ------ c: \ windows \ system32 \ drivers \ nmwcdc.sys
2008-10-28 00:50. 2006-05-29 07:26 4.608 - a ------ c: \ windows \ system32 \ nmwcdlog.dll
2008-10-28 00:49. 2008-10-28 00:49 <DIR> d -------- C: \ WINDOWS \ Downloaded Installations
2008-10-28 00:49. 2008-10-28 00:51 <DIR> d -------- c: \ program files \ Nokia
2008-10-28 00:49. 2008-10-28 00:50 <DIR> d -------- c: \ program files \ common files \ pcsuite
2008-10-27 23:54. 2008-10-27 23:54 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ EPSON
2008-10-27 21:55. 2008-10-27 21:55 <DIR> d -------- c: \ program files \ Ventrilo
2008-10-27 21:55. 2008-10-27 21:55 <DIR> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard
2008-10-27 21:55. 2008-10-27 21:56 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Ventrilo
2008-10-27 21:13. 2008-11-06 20:34 160.100 - a ------ c: \ windows \ system32 \ nvapps.xml
2008-10-27 21:05. 2008-11-05 16:09 <DIR> da ------ C: \ Documents and Settings \ All Users \ Application Data \ TEMP
2008-10-26 23:48. 2008-11-06 05:29 <DIR> d -------- c: \ program files \ easyMule
2008-10-26 13:53. 2008-10-26 13:53 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Viewpoint
2008-10-25 19:37. 2008-10-25 19:37 <DIR> d -------- c: \ program files \ iPod
2008-10-25 19:37. 2008-10-25 19:37 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Apple Computer
2008-10-25 19:37. 2008-04-17 12:12 107.368 - a ------ c: \ windows \ system32 \ GEARAspi.dll
2008-10-25 19:37. 2008-04-17 12:12 15.464 - a ------ c: \ windows \ system32 \ drivers \ GEARAspiWDM.sys
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- c: \ program files \ QuickTime
2008-10-25 19:36. 2008-10-25 19:37 <DIR> d -------- c: \ program files \ iTunes
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- c: \ program files \ Bonjour
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- c: \ program files \ Apple Software Update
2008-10-25 19:36. 2008-10-25 19:36 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple Computer
2008-10-25 19:36. 2008-10-25 19:37 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ () 3276BE95_AF08_429F_A64F_CA64CB79BCF6
2008-10-25 19:35. 2008-10-25 19:36 <DIR> d -------- c: \ program files \ common files \ Apple
2008-10-25 19:35. 2008-10-25 19:35 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple
2008-10-24 18:11. 2007-07-30 18:19 271.224 - a ------ c: \ windows \ system32 \ mucltui.dll
2008-10-24 18:11. 2007-07-30 18:19 30.072 - a ------ c: \ windows \ system32 \ mucltui.dll.mui
2008-10-24 15:39. 2008-10-24 15:39 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Blizzard
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- c: \ program files \ Real
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- c: \ program files \ common files \ xing shared
2008-10-24 14:24. 2008-10-24 14:24 <DIR> d -------- c: \ program files \ common files \ Real
2008-10-24 14:07. 2008-10-24 14:07 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Logs
2008-10-24 13:59. 2008-10-24 13:59 <DIR> d -------- C: \ Logs
2008-10-24 10:05. 2008-10-27 21:15 <DIR> d -------- c: \ windows \ nView
2008-10-24 10:05. 2008-01-10 01:30 442.368-ra ------ c: \ windows \ system32 \ nvusmb.exe
2008-10-24 10:05. 2008-03-06 15:23 442.368 - a ------ c: \ windows \ system32 \ NVUNINST.EXE
2008-10-24 10:05. 2008-03-19 04:04 442.368 - a ------ c: \ windows \ system32 \ nvudisp.exe
2008-10-24 10:05. 2007-09-27 22:32 356.352-ra ------ c: \ windows \ system32 \ nvusmu.exe
2008-10-24 10:05. 2008-01-03 17:26 17.737 - a ------ c: \ windows \ system32 \ nvdisp.nvu
2008-10-24 10:05. 2007-10-12 03:53 13.312-ra ------ c: \ windows \ system32 \ drivers \ nvsmu.sys
2008-10-24 10:05. 2007-12-07 03:12 5.836 - a ------ c: \ windows \ system32 \ nvnrm.nvu
2008-10-24 10:05. 2008-01-16 17:17 3.948-ra ------ c: \ windows \ system32 \ drivers \ nvphy.bin
2008-10-24 10:05. 2007-12-07 01:34 2.016-ra ------ c: \ windows \ system32 \ nvsmb.nvu
2008-10-24 10:05. 2007-09-12 01:14 659-ra ------ c: \ windows \ system32 \ nvsmu.nvu
2008-10-24 10:04. 2008-10-23 22:44 35.647 - a ------ c: \ windows \ Ascd_log.ini
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-06 10:37 --------- d ----- wc: \ program files \ AIMTunes
2008-11-04 21:36 --------- d ----- wc: \ program files \ World of Warcraft
2008-10-28 05:55 --------- d ----- wc: \ Program Files \ Common Files \ Ulead Systems
2008-10-28 05:55 --------- d ----- wc: \ Documents and Settings \ MKJ \ Application Data \ Ulead Systems
2008-10-28 05:54 --------- d ----- wc: \ program files \ Ulead Systems
2008-10-28 05:54 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Ulead Systems
2008-10-28 05:53 --------- d - h - wc: \ program files \ InstallShield Installation Information
2008-10-28 05:02 --------- d ----- wc: \ Program Files \ Common Files \ Adobe
2008-10-24 19:24 499.712 ---- aw c: \ windows \ system32 \ msvcp71.dll
2008-10-24 19:24 348.160 ---- aw c: \ windows \ system32 \ msvcr71.dll
2008-10-24 14:51 --------- d ----- wc: \ Program Files \ Microsoft FrontPage
2008-10-24 07:55 --------- d ----- wc: \ program files \ MSN Messenger
2008-10-24 06:09 --------- d ----- wc: \ Program Files \ Microsoft CAPICOM 2.1.0.2
2008-10-24 05:44 --------- d ----- wc: \ program files \ Winamp
2008-10-24 05:44 --------- d ----- wc: \ Documents and Settings \ MKJ \ Application Data \ Winamp
2008-10-24 05:40 --------- ----- wc: \ documents and settings d \ MKJ \ Application Data \ acccore
2008-10-24 05:39 --------- d ----- wc: \ program files \ AIM6
2008-10-24 05:39 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads
2008-10-24 05:38 --------- d ----- wc: \ program files \ Viewpoint
2008-10-24 05:38 --------- d ----- wc: \ program files \ common files \ AOL
2008-10-24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Viewpoint
2008-10-24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL OCP
2008-10-24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL
2008-10-24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ acccore
2008-10-24 05:32 --------- d ----- wc: \ Program Files \ Common Files \ Blizzard Entertainment
2008-10-24 05:20 --------- d ----- wc: \ Program Files \ Windows Media Connect 2
2008-10-24 05:10 --------- d ----- wc: \ program files \ DivX
2008-10-24 05:08 --------- d ----- wc: \ program files \ DefilerPak
2008-10-24 04:37 --------- d ----- wc: \ program files \ Realtek
2008-10-24 04:33 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Symantec
2008-10-24 04:18 --------- d ----- wc: \ program files \ common files \ Symantec Shared
2008-10-24 03:58 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ InstallShield
2008-10-24 03:57 --------- d ----- wc: \ Program Files \ Common Files \ InstallShield
2008-10-24 03:54 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Corel
2008-10-24 03:33 --------- d ----- wc: \ program files \ ASUS
2008-10-24 03:08 315.392 ---- aw c: \ windows \ HideWin.exe
2008-10-24 03:08 --------- d ----- wc: \ program files \ profiel
2008-10-24 00:18 2.302.017 ---- aw c: \ windows \ system32 \ GPhotos.scr
2008-09-23 22:46 245.408 ---- aw c: \ windows \ system32 \ unicows.dll
2008-09-15 12:12 1,846,400 ---- aw c: \ windows \ system32 \ Win32k.sys
2008-09-08 10:41 333.824 ---- aw c: \ windows \ system32 \ drivers \ Srv.sys
2008-08-29 14:18 87.336 ---- aw c: \ windows \ system32 \ dns-sd.exe
2008-08-29 13:53 61.440 ---- aw c: \ windows \ system32 \ dnssd.dll
2008-08-26 07:24 826,368 ---- aw c: \ windows \ system32 \ Wininet.dll
2008-08-14 10:09 2.145.280 ---- aw c: \ windows \ system32 \ ntoskrnl.exe
2008-08-14 09:33 2.023.936 ---- aw c: \ windows \ system32 \ ntkrnlpa.exe
.
((((((((((((((((((((((((((((( Snapshot@2008-11-06_19.54.31.75 )))))))))) )))))))))))))))))))))))))))))))
.
- 2008-11-06 23:26:54 49.198 ---- aw c: \ windows \ system32 \ Perfc009.dat
+ 2008-11-07 00:54:48 49.198 ---- aw c: \ windows \ system32 \ Perfc009.dat
- 2008-11-06 23:26:54 390.094 ---- aw c: \ windows \ system32 \ Perfh009.dat
+ 2008-11-07 00:54:48 390.094 ---- aw c: \ windows \ system32 \ Perfh009.dat
+ 2008-11-07 01:33:47 16.384 ---- atw c: \ windows \ Temp \ Perflib_Perfdata_584.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & legit default entries worden niet weergegeven
REGEDIT4
[HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (0A0DDBD3-6641-40B9-873F-BBDD26D6C14E)]
2008-10-23 02:37 147928 - a ------ c: \ program files \ easyMule \ modules \ IE2EM.dll
[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"CTFMON.EXE" = "c: \ windows \ system32 \ ctfmon.exe" [2008-04-13 15360]
"\ \ MING3 \ EPSON Stylus C120 Series "=" C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATICCA.EXE "[2007-03-12 182272]
"PcSync" = "C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe" [2006-06-27 1449984]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"PHIME2002ASync" = "c: \ windows \ system32 \ IME \ TINTLGNT \ nwiz.exe" [2004-08-04 455168]
"PHIME2002A" = "c: \ windows \ system32 \ IME \ TINTLGNT \ TIN TSETP.EXE" [2004-08-04 455168]
"Ai Nap" = "c: \ program files \ ASUS \ Ai Suite \ AiNap \ AiNap.exe" [2008-01-28 1413120]
"CPU Power Monitor" = "c: \ program files \ ASUS \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe" [2008-01-09 627200]
"CPU Level Up helpen" = "c: \ program files \ ASUS \ Ai Suite \ CpuLevelUpHelp.exe" [2007-11-30 881152]
"ASUS Energy Saving" = "c: \ program files \ ASUS \ Ai Suite \ energiebesparing \ PwSave.exe" [2008-01-28 1352704]
"Ulead AutoDetector v2" = "c: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe" [2006-11-29 90112]
"NvMediaCenter" = "C: \ Program Files \ Common Files \ \ jusched.exe" [2008-10-24 185872]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008-09-06 413696]
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008-10-01 289576]
"NvCplDaemon" = "c: \ windows \ system32 \ NvCpl.dll" [2008-01-03 13508608]
"NvMediaCenter" = "c: \ windows \ system32 \ NvMcTray. Dll" [2008-01-03 86016]
"Adobe Reader Speed Launcher" = "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe" [2008-01-11 39792]
"NSLauncher" = "C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe" [2006-11-28 2658304]
"SoundMan" = "SOUNDMAN.EXE" [2008-05-07 c: \ windows \ SOUNDMAN.EXE]
"nwiz" = "nwiz.exe" [2008-01-03 c: \ windows \ system32 \ nwiz.exe]
[HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ Run]
"CTFMON.EXE" = "C: \ WINDOWS \ system32 \ CTFMON.EXE" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ drivers32]
"msacm.dvacm" = c: \ progra ~ 1 \ COMMON ~ 1 \ ULEADS ~ 1 \ Vio \ Dvacm.acm
"msacm.divxa32" = DivXa32.acm
"msacm.ulmp3acm" = c: \ progra ~ 1 \ COMMON ~ 1 \ ULEADS ~ 1 \ MPEG \ ulmp3acm.acm
"msacm.mpegacm" = c: \ progra ~ 1 \ COMMON ~ 1 \ ULEADS ~ 1 \ MPEG \ mpegacm.acm
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnet3.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnet3 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnet3 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx30SP1setup.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx30SP1setup [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx30SP1setup [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx35.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx35setup.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx35setup [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx35setup [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx35 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx35 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3setup.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3setup [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3setup [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3_ia64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3_ia64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3_ia64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3_x64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3_x64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx3_x64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ dotnetfx [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_ia64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_ia64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_ia64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_x64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_x64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_x64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_x86.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_x86 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP1_x86 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_ia64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_ia64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_ia64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_x64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_x64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_x64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_x86.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_x86 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx20SP2_x86 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx30SP1_x64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx30SP1_x64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx30SP1_x64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx30SP1_x86.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx30SP1_x86 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx30SP1_x86 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_ia64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_ia64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_ia64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_x64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_x64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_x64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_x86.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_x86 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx35_x86 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx64.exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx64 [1]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file uitvoering options \ NetFx64 [2]. Exe]
"Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe
[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo antonny \ standardprofile \ AuthorizedApplications \ List]
"% windir% \ \ system32 \ \ sessmgr.exe" =
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"c: \ \ Program Files \ \ AIM6 \ \ aim6.exe" =
"c: \ \ Program Files \ \ World of Warcraft \ \ WoW-2.3.0-enUS-downloader.exe" =
"c: \ \ Program Files \ \ MSN Messenger \ \ msnmsgr.exe" =
"c: \ \ Program Files \ \ MSN Messenger \ \ livecall.exe" =
"c: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" =
"c: \ \ Program Files \ \ iTunes \ \ iTunes.exe" =
"c: \ \ Program Files \ \ easyMule \ \ emule.exe" =
[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo antonny \ standardprofile \ GloballyOpenPorts \ List]
"3724: TCP" = 3724: TCP: Blizzard Downloader: 3724
"12178: TCP" = 12178: TCP: BitComet 12178 TCP
"12178: UDP" = 12178: UDP: BitComet 12178 UDP
R1 aswSP; avast! Self Protection; c: \ windows \ system32 \ drivers \ aswSP.sys [2008-07-19 78416]
R2 aswFsBlk; aswFsBlk c: \ windows \ system32 \ drivers \ aswF sBlk.sys [2008-07-19 20560]
R2 Viewpoint Manager Service; Viewpoint Manager Service; c: \ program files \ Viewpoint \ Common \ ViewpointService.exe [2007-01-04 24652]
R3 NVHDA; Dienst voor NVIDIA High Definition Audio Driver: c: \ windows \ system32 \ drivers \ nvhda32.sys [2008-05-04 38560]
.
Inhoud van de 'Geplande taken' map
2008-11-01 c: \ windows \ Tasks \ AppleSoftwareUpdate.job
- C: \ Program Files \ Apple Software Update \ SoftwareUpdate.exe [2008-07-30 11:34]
.
************************************************** ************************
CatchMe 0.3.1367 W2K/XP/Vista - rootkit / stealth malware detector, Gmer, http://www.gmer.net
Rootkit scan 2008-11-06 20:34:11
Windows 5.1.2600 Service Pack 3 NTFS
het scannen van verborgen processen ...
het scannen van verborgen autostart items ...
het scannen van verborgen bestanden ...
scannen is voltooid
verborgen bestanden: 0
************************************************** ************************
.
------------------------ Other Running Processes ----------------------- --
.
C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
c: \ windows \ system32 \ nvsvc32.exe
c: \ windows \ system32 \ PSIService.exe
c: \ program files \ ASUS \ AASP \ 1.00.61 \ aaCenter.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
c: \ windows \ system32 \ rundll32.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe
c: \ progra ~ 1 \ COMMON ~ 1 \ Nokia \ MPAPI \ MPAPI3s.exe
.
************************************************** ************************
.
Voltooingstijd: 2008-11-06 20:36:06 - machine was rebooted
ComboFix-quarantined-files.txt 2008-11-07 01:36:02
ComboFix2.txt 2008-11-07 00:54:46
Pre-Run: 41668276224 bytes vrij
Post-Run: 41678303232 bytes vrij
418 --- EOF --- 2008-10-28 07:00:21

Bedankt
Reply
Pagina 1 van 2 1 2

Register
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Juice.
Contact -- Privacy -- Sitemap -- Top

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO by vBSEO © 2009, Crawlability, Inc