Het is nu di sep 16, 2014 11:25 am

Forumoverzicht » RSIT/DDS/HijackThis logfiles » Opgeloste RSIT/DDS/HijackThis logfiles




Dit onderwerp is gesloten, je kunt geen berichten wijzigen of nieuwe antwoorden plaatsen  [ 17 berichten ]  Ga naar pagina 1, 2  Volgende
Auteur Bericht
BerichtGeplaatst: di maart 15, 2011 9:43 pm 
Offline
Lid

Geregistreerd: vr jan 02, 2009 9:40 pm
Berichten: 39
Mijn probleem staat al in de Topic titel, iedere keer wanneer ik een link bij google aanklik krijg ik een bericht van NOD32 dat een bepaald adres is geblokkeerd. Ook word ik soms naar een bepaalde site doorverwezen in plaats van de site die ik wil bezoeken. Erg irritant allemaal en geen enkele scan heeft tot nu toe geholpen. Hier mijn log.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:42:38, on 14-3-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Fam Jacobs\Application Data\dwm.exe
C:\Documents and Settings\Fam Jacobs\Application Data\Microsoft\conhost.exe
C:\DOCUME~1\FAMJAC~1\LOCALS~1\Temp\csrss.exe
C:\Program Files\Vtune\TBPanel.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\dgdersvc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Documents and Settings\Fam Jacobs\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\FRAPS\FRAPS.EXE
C:\Program Files\LOLReplay\LOLRecorder.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\League of Legends\lol.launcher.exe
C:\Program Files\League of Legends\Air\LOLClient.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:54889
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ThreeShips IEHelper - {17FDB9F8-DCC4-4F6A-AE07-B16018A48469} - C:\Program Files\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Gainward] C:\Program Files\Vtune\TBPanel.exe /A
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Launch LgDevAgt] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [UVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [MultiScreen]
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [conhost] C:\Documents and Settings\Fam Jacobs\Application Data\Microsoft\conhost.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\Fam Jacobs\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Fam Jacobs\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: LOLRecorder.lnk = C:\Program Files\LOLReplay\LOLRecorder.exe
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Fam Jacobs\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} (DyynoX Class) - http://webserver.dyyno.com/tng/dyyno-cl ... ynoCAB.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0489291656
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\WINDOWS\system32\dgdersvc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 13723 bytes

Dit is trouwens wat ik telkens te zien krijg van mijn virusscanner.

zonetf.com/index.html?tq=gKY0sHoL7L+N6yLhb...

IP-adres:
96.9.169.85.80


Omhoog
 Profiel  
 
BerichtGeplaatst: wo maart 16, 2011 10:18 am 
Offline
Moderator
Avatar gebruiker

Geregistreerd: za jul 14, 2007 10:22 am
Berichten: 11000
Woonplaats: Kapellen (B)
Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:54889
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKLM\..\Run: [MultiScreen]


Klik op 'Fix checked' om de items te verwijderen.

Download MBAM (Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".
Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.
Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.
MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.


Omhoog
 Profiel  
 
BerichtGeplaatst: wo maart 16, 2011 2:02 pm 
Offline
Lid

Geregistreerd: vr jan 02, 2009 9:40 pm
Berichten: 39
Malwarebytes log:

Malwarebytes' Anti-Malware 1.31
Database versie: 1597
Windows 5.1.2600 Service Pack 3

15-3-2011 12:58:57
mbam-log-2011-03-15 (12-58-57).txt

Scan type: Snelle Scan
Objecten gescand: 61515
Verstreken tijd: 6 minute(s), 6 second(s)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 1
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 1

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registerdata bestanden geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Data: c:\docume~1\famjac~1\locals~1\temp\csrss.exe -> Quarantined and deleted successfully.

Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Bestanden geïnfecteerd:
C:\Documents and Settings\Fam Jacobs\Local Settings\temp\csrss.exe (Trojan.Agent) -> Delete on reboot.

HiJackThis log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:04:16, on 15-3-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Fam Jacobs\Application Data\dwm.exe
C:\Documents and Settings\Fam Jacobs\Application Data\Microsoft\conhost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Vtune\TBPanel.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\dgdersvc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Documents and Settings\Fam Jacobs\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\FRAPS\FRAPS.EXE
C:\Program Files\LOLReplay\LOLRecorder.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Xfire\Xfire.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:54889
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ThreeShips IEHelper - {17FDB9F8-DCC4-4F6A-AE07-B16018A48469} - C:\Program Files\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Gainward] C:\Program Files\Vtune\TBPanel.exe /A
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Launch LgDevAgt] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [UVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [MultiScreen]
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [conhost] C:\Documents and Settings\Fam Jacobs\Application Data\Microsoft\conhost.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\Fam Jacobs\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Fam Jacobs\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: LOLRecorder.lnk = C:\Program Files\LOLReplay\LOLRecorder.exe
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Fam Jacobs\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} (DyynoX Class) - http://webserver.dyyno.com/tng/dyyno-cl ... ynoCAB.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0489291656
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\WINDOWS\system32\dgdersvc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 13485 bytes


Omhoog
 Profiel  
 
BerichtGeplaatst: wo maart 16, 2011 10:25 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: za jul 14, 2007 10:22 am
Berichten: 11000
Woonplaats: Kapellen (B)
Heb je inmiddels je PC al opnieuw opgestart :?: Zo ja, krijg je dan nu nog dezelfde meldingen van je virusscanner :?:


Omhoog
 Profiel  
 
BerichtGeplaatst: wo maart 16, 2011 10:37 pm 
Offline
Lid

Geregistreerd: vr jan 02, 2009 9:40 pm
Berichten: 39
2 maal ja.


Omhoog
 Profiel  
 
BerichtGeplaatst: do maart 17, 2011 10:59 am 
Offline
Moderator
Avatar gebruiker

Geregistreerd: za jul 14, 2007 10:22 am
Berichten: 11000
Woonplaats: Kapellen (B)
Keselo schreef:
2 maal ja.
Dat is kort en bondig ... maar ook heel duidelijk :)

Download ComboFix van één van deze locaties:

Link 1
Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:
Klik hier

Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.

2. Dubbelklik op ComboFix.exe en volg de meldingen op het scherm.
3. ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.

**Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.

4. Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.

Afbeelding

Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:

Afbeelding

Klik op Ja om verder te gaan met het scannen naar malware.

5. Wanneer ComboFix klaar is, zal het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.


Omhoog
 Profiel  
 
BerichtGeplaatst: do maart 17, 2011 12:41 pm 
Offline
Lid

Geregistreerd: vr jan 02, 2009 9:40 pm
Berichten: 39
Ik kan het programma niet installeren. Krijg de melding dat het geen geldige Win32-toepassing is.


Omhoog
 Profiel  
 
BerichtGeplaatst: do maart 17, 2011 12:43 pm 
Offline
Lid

Geregistreerd: vr jan 02, 2009 9:40 pm
Berichten: 39
Voorheen heb ik trouwens nooit problemen gehad met dit programma, het werkte altijd meteen.


Omhoog
 Profiel  
 
BerichtGeplaatst: do maart 17, 2011 1:33 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: za jul 14, 2007 10:22 am
Berichten: 11000
Woonplaats: Kapellen (B)
Probeer het eens in "veilige modus" :?:


Omhoog
 Profiel  
 
BerichtGeplaatst: do maart 17, 2011 3:17 pm 
Offline
Lid

Geregistreerd: vr jan 02, 2009 9:40 pm
Berichten: 39
Tijdens het verwijderen van geïnfecteerde bestanden door ComboFix is het uiteindelijk toch gelukt (in Veilige Modus).

Hier de log van ComboFix

ComboFix 11-03-16.03 - Fam Jacobs 17-03-2011 14:01:14.9.2 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2814.2485 [GMT 1:00]
Gestart vanuit: c:\documents and settings\Fam Jacobs\Bureaublad\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Fam Jacobs\Application Data\dwm.exe
c:\documents and settings\Fam Jacobs\Application Data\Microsoft\conhost.exe
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\config.md
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\ipdata.md
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-015153.000.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-015323.093.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-015333.125.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-015355.406.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-015355.812.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-015359.562.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-015430.656.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-020050.203.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-020050.640.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-020411.218.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-020412.500.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-032114.343.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-134151.281.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-135218.156.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-141804.937.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-152939.734.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090817-213947.796.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090818-030316.594.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090818-140537.703.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090818-155054.062.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090818-161130.312.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090818-164934.156.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090818-165259.312.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090818-165548.296.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090818-170016.156.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090818-170522.062.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090818-171858.046.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090818-172733.562.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090818-200222.625.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090819-010048.562.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090819-134228.468.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090819-143239.062.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090819-154113.265.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090819-174101.187.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090820-012820.765.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090820-013522.593.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090820-142055.421.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090820-142641.578.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090820-155738.828.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090820-174826.031.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090820-181501.843.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090820-183654.843.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090820-202053.843.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090820-215819.031.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090820-231550.953.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090821-204000.546.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090821-210714.093.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090821-235723.484.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090822-004453.062.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090822-013346.937.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090822-130049.984.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090822-130311.234.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090822-130357.015.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090822-130419.093.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090822-150745.546.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090822-161041.328.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090822-182627.281.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090822-185835.875.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090822-200706.984.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090822-201035.171.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\NP_20090823-132805.937.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Internet Saving Optimizer\3.6.3.4500\rstatus.md
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\config.md
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-015115.875.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-015152.828.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-015323.078.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-015333.125.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-015355.390.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-015355.796.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-015359.546.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-015430.640.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-020050.203.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-020050.625.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-020411.218.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-020412.500.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-032114.328.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-134151.203.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-135218.156.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-141804.921.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-152939.718.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090817-213947.796.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090818-030316.578.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090818-140537.687.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090818-155054.062.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090818-161130.296.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090818-164934.140.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090818-165259.296.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090818-165548.281.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090818-170016.156.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090818-170522.062.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090818-171858.031.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090818-172733.546.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090818-200222.625.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090819-010048.562.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090819-134228.453.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090819-143238.500.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090819-154113.250.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090819-174101.140.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090820-012820.703.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090820-013522.500.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090820-142055.390.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090820-142641.562.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090820-155738.640.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090820-174825.984.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090820-181501.843.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090820-183654.843.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090820-202053.828.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090820-215819.031.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090820-231550.937.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090821-204000.515.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090821-210714.078.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090821-235722.875.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090822-004453.062.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090822-013346.921.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090822-130049.968.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090822-130311.218.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090822-130357.000.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090822-130419.062.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090822-150745.546.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090822-161041.312.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090822-182627.281.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090822-185835.875.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090822-200706.968.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090822-201035.156.log
c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Media Access Startup\1.5.5.900\HJHP_20090823-132805.890.log
c:\program files\DoubleD
c:\program files\System Search Dispatcher
c:\program files\System Search Dispatcher\1.3.5.960\Data\eacore.mx
c:\program files\System Search Dispatcher\1.3.5.960\Data\URLDynamic.mx
c:\program files\System Search Dispatcher\1.3.5.960\Data\URLStatic.mx
c:\program files\System Search Dispatcher\1.3.5.960\unins000.dat
c:\program files\System Search Dispatcher\1.3.5.960\unins000.exe
c:\windows\system32\muzapp.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-02-17 to 2011-03-17 ))))))))))))))))))))))))))))))
.
.
2071-07-25 07:13 . 2006-11-21 18:48 203576 ------w- c:\program files\Microsoft Games\Age of Empires III\autopatcher2.exe
2011-03-17 12:42 . 2011-03-17 12:42 173 ----a-w- c:\documents and settings\Fam Jacobs\Application Data\Microsoft\gb_213359.bat
2011-03-14 23:03 . 2011-03-14 23:03 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2011-03-14 19:36 . 2011-03-14 19:36 388096 ----a-r- c:\documents and settings\Fam Jacobs\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-03-14 16:46 . 2011-03-16 16:15 -------- d--h--r- c:\documents and settings\Fam Jacobs\Onlangs geopend
2011-03-10 18:40 . 2011-03-10 18:40 -------- d-----w- c:\program files\Common Files\Skype
2011-02-27 15:29 . 2011-02-27 15:29 -------- d-----w- C:\My Games
2011-02-27 15:28 . 2011-02-27 15:28 -------- d-----w- c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2011-02-26 01:19 . 2011-02-26 01:19 41872 ----a-w- c:\windows\system32\xfcodec.dll
2011-02-22 20:14 . 2011-02-22 20:14 -------- d-sh--w- c:\documents and settings\Fam Jacobs\PrivacIE
2011-02-20 12:08 . 2011-02-20 12:08 -------- d-----w- c:\program files\LOLReplay
2011-02-18 14:20 . 2011-02-18 14:20 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-02-17 11:28 . 2011-02-17 11:28 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2011-02-17 07:02 . 2011-02-17 07:02 -------- d-----w- c:\program files\Viewet
2011-02-17 06:32 . 2011-02-17 06:32 -------- d-sh--w- c:\documents and settings\Fam Jacobs\IETldCache
2011-02-16 20:35 . 2011-02-16 20:36 -------- dc-h--w- c:\windows\ie8
2011-02-16 20:32 . 2010-10-18 11:10 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-02-16 20:32 . 2010-12-20 23:52 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-02-16 20:32 . 2010-12-20 23:52 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-02-16 20:32 . 2010-12-20 23:52 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-09 13:54 . 2006-03-02 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:54 . 2006-03-02 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 20:40 . 2010-07-06 12:14 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2008-01-24 19:18 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58 . 2008-01-16 12:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2008-01-16 12:35 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2006-03-02 12:00 441344 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-08 03:27 . 2011-01-24 21:09 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-01-08 03:27 . 2011-01-24 21:09 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-01-08 03:27 . 2009-12-14 20:34 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-01-08 03:27 . 2009-12-14 20:34 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-01-08 03:27 . 2009-08-16 22:57 2916968 ----a-w- c:\windows\system32\nvcuvid.dll
2011-01-08 03:27 . 2009-08-16 22:57 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-01-08 03:27 . 2009-01-15 07:19 4980736 ----a-w- c:\windows\system32\nvcuda.dll
2011-01-08 03:27 . 2007-11-28 08:02 9888672 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-01-08 03:27 . 2007-11-28 08:02 6397824 ----a-w- c:\windows\system32\nv4_disp.dll
2011-01-08 03:27 . 2007-11-28 08:02 1958400 ----a-w- c:\windows\system32\nvapi.dll
2011-01-08 03:27 . 2007-11-28 08:02 14671872 ----a-w- c:\windows\system32\nvoglnt.dll
2011-01-07 18:58 . 2011-01-07 18:58 282624 ----a-w- c:\windows\system32\nvrsel.dll
2011-01-07 18:58 . 2011-01-07 18:58 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2011-01-07 18:58 . 2011-01-07 18:58 253952 ----a-w- c:\windows\system32\nvrsth.dll
2011-01-07 18:58 . 2011-01-07 18:58 249856 ----a-w- c:\windows\system32\nvrseng.dll
2011-01-07 18:58 . 2011-01-07 18:58 126976 ----a-w- c:\windows\system32\nvrszht.dll
2011-01-07 18:58 . 2011-01-07 18:58 331776 ----a-w- c:\windows\system32\nvrshe.dll
2011-01-07 18:58 . 2011-01-07 18:58 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2011-01-07 18:58 . 2011-01-07 18:58 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2011-01-07 18:58 . 2011-01-07 18:58 270336 ----a-w- c:\windows\system32\nvrsru.dll
2011-01-07 18:58 . 2011-01-07 18:58 262144 ----a-w- c:\windows\system32\nvrshu.dll
2011-01-07 18:58 . 2011-01-07 18:58 258048 ----a-w- c:\windows\system32\nvrssl.dll
2011-01-07 18:58 . 2011-01-07 18:58 253952 ----a-w- c:\windows\system32\nvrsda.dll
2011-01-07 18:58 . 2011-01-07 18:58 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2011-01-07 18:58 . 2011-01-07 18:58 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2011-01-07 18:58 . 2011-01-07 18:58 335872 ----a-w- c:\windows\system32\nvrsar.dll
2011-01-07 18:58 . 2011-01-07 18:58 282624 ----a-w- c:\windows\system32\nvrses.dll
2011-01-07 18:58 . 2011-01-07 18:58 278528 ----a-w- c:\windows\system32\nvrsde.dll
2011-01-07 18:58 . 2011-01-07 18:58 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2011-01-07 18:58 . 2011-01-07 18:58 266240 ----a-w- c:\windows\system32\nvrsko.dll
2011-01-07 18:58 . 2011-01-07 18:58 258048 ----a-w- c:\windows\system32\nvrstr.dll
2011-01-07 18:58 . 2011-01-07 18:58 258048 ----a-w- c:\windows\system32\nvrssk.dll
2011-01-07 18:58 . 2011-01-07 18:58 253952 ----a-w- c:\windows\system32\nvrssv.dll
2011-01-07 18:58 . 2011-01-07 18:58 253952 ----a-w- c:\windows\system32\nvrsno.dll
2011-01-07 18:58 . 2011-01-07 18:58 249856 ----a-w- c:\windows\system32\nvrscs.dll
2011-01-07 18:58 . 2011-01-07 18:58 282624 ----a-w- c:\windows\system32\nvrsit.dll
2011-01-07 18:58 . 2011-01-07 18:58 274432 ----a-w- c:\windows\system32\nvrspt.dll
2011-01-07 18:58 . 2011-01-07 18:58 270336 ----a-w- c:\windows\system32\nvrsja.dll
2011-01-07 18:58 . 2011-01-07 18:58 258048 ----a-w- c:\windows\system32\nvrspl.dll
2011-01-07 18:58 . 2011-01-07 18:58 81920 ----a-w- c:\windows\system32\nvwddi.dll
2011-01-07 18:58 . 2011-01-07 18:58 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-01-07 18:58 . 2011-01-07 18:58 277608 ----a-w- c:\windows\system32\nvmccs.dll
2011-01-07 18:58 . 2011-01-07 18:58 156776 ----a-w- c:\windows\system32\nvsvc32.exe
2011-01-07 18:58 . 2011-01-07 18:58 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-01-07 18:58 . 2011-01-07 18:58 13880424 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-07 18:58 . 2011-01-07 18:58 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-01-07 14:09 . 2006-03-02 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:04 . 2006-03-02 12:00 1855104 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 2006-03-02 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:52 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:52 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2010-12-20 23:52 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:25 . 2006-03-02 12:00 735232 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec
2010-10-17 10:55 . 2010-10-17 10:47 810974743 ----a-w- c:\program files\HERO108.exe
2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 216064 --sh--r- c:\windows\system32\nbDX.dll
.
.
------- Sigcheck -------
.
[-] 2009-11-06 . D24EA301E2B36C4E975FD216CA85D8E7 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\TCPIP.SYS
[-] 2009-11-06 . D24EA301E2B36C4E975FD216CA85D8E7 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\TCPIP.SYS
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\ERDNT\cache\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\TCPIP.SYS
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 2321600]
"Octoshape Streaming Services"="c:\documents and settings\Fam Jacobs\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2009-01-08 70936]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"WhatPulse"="c:\program files\WhatPulse\WhatPulse.exe" [2009-04-08 2814976]
"Google Update"="c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-07-05 136176]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2010-07-28 3365176]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Fraps"="c:\fraps\FRAPS.EXE" [2010-03-31 2340784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gainward"="c:\program files\Vtune\TBPanel.exe" [2007-11-27 2162688]
"CTHelper"="CTHELPER.EXE" [2006-12-12 19456]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-12-12 20480]
"tsnp2std"="c:\windows\tsnp2std.exe" [2006-11-02 258048]
"snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 675840]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"Launch LgDevAgt"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2008-11-06 358920]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2008-11-06 1548296]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2008-11-06 2816520]
"UVS12 Preload"="c:\program files\Corel\Corel VideoStudio 12\uvPL.exe" [2008-06-09 397456]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-10-07 1461080]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2010-07-28 3365176]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Fam Jacobs\Menu Start\Programma's\Opstarten\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2011-1-24 576000]
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2011-2-26 3502992]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
LOLRecorder.lnk - c:\program files\LOLReplay\LOLRecorder.exe [2011-2-17 244736]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Fam Jacobs^Menu Start^Programma's^Opstarten^Last.fm Helper.lnk]
path=c:\documents and settings\Fam Jacobs\Menu Start\Programma's\Opstarten\Last.fm Helper.lnk
backup=c:\windows\pss\Last.fm Helper.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Fam Jacobs^Menu Start^Programma's^Opstarten^LimeWire On Startup.lnk]
path=c:\documents and settings\Fam Jacobs\Menu Start\Programma's\Opstarten\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Fam Jacobs^Menu Start^Programma's^Opstarten^RollerCoaster Tycoon 3_ Wild Registration.lnk]
path=c:\documents and settings\Fam Jacobs\Menu Start\Programma's\Opstarten\RollerCoaster Tycoon 3_ Wild Registration.lnk
backup=c:\windows\pss\RollerCoaster Tycoon 3_ Wild Registration.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
2007-03-01 08:37 2321600 ----a-r- c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTCheck]
2007-11-06 10:08 397312 ------w- c:\program files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
2007-07-17 10:03 868352 ------w- c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-01-17 16:51 486856 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-05-11 22:12 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-12-13 16:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeChat]
2008-08-21 09:16 267296 ----a-w- c:\program files\Microsoft LifeChat\LifeChat.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2008-08-03 23:02 36352 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Xfire\\xfire.exe"=
"c:\\Program Files\\Steam\\steamapps\\keselo\\team fortress 2\\hl2.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\Fam Jacobs\\Local Settings\\Application Data\\Dyyno Receiver\\DPPM.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Tortun\\gui.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Steam\\steamapps\\mimigirly\\team fortress 2\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\raycatcher demo\\Raycatcher.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\far cry 2\\bin\\FarCry2.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\far cry 2\\bin\\FC2Editor.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\far cry 2\\bin\\FC2BenchmarkTool.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\far cry 2\\bin\\FC2ServerLauncher.exe"=
"c:\\World of Warcraft\\WoW-3.2.0-enGB-downloader.exe"=
"c:\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"=
"c:\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"=
"c:\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"c:\\Program Files\\Corel\\DVD9\\WinDVD.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\trackmania united\\TmForever.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\trackmania united\\TmForeverLauncher.exe"=
"c:\\World of Warcraft\\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\peggle deluxe\\Peggle.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\bejeweled twist\\BejeweledTwist.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\osmos demo\\OsmosDemo.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Riot Games\\League of Legends\\air\\LolClient.exe"=
"c:\\Riot Games\\League of Legends\\game\\League of Legends.exe"=
"c:\\Program Files\\League of Legends\\Air\\LolClient.exe"=
"c:\\Program Files\\League of Legends\\Game\\League of Legends.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\Anno4.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\Anno4Web.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\eufloria - demo\\Eufloria.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\civilization iv colonization\\Colonization.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\sid meier's civilization iv\\Civilization4.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\sid meier's civilization iv warlords\\Warlords\\Civ4Warlords.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\sid meier's civilization iv warlords\\Warlords\\Civ4Warlords_PitBoss.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\the guild ii\\GuildII.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\the guild ii - pirates of the european seas\\GuildII.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10192-to-3.3.0.10958-enGB-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\america's army 3\\Binaries\\AA3Game.exe"=
"c:\\Program Files\\Spotify\\spotify.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\plants vs zombies\\PlantsVsZombies.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\battlefield bad company 2\\BFBC2Game.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\battlefield bad company 2\\Support\\EA Help\\Electronic_Arts_Technical_Support.htm"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty black ops\\BlackOpsMP.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty black ops\\BlackOps.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\sid meier's civilization v\\Launcher.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Steam\\steamapps\\keselo\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\monday night combat\\Binaries\\Win32\\mnc.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"8375:TCP"= 8375:TCP:League of Legends Launcher
"8375:UDP"= 8375:UDP:League of Legends Launcher
"8394:TCP"= 8394:TCP:League of Legends Launcher
"8394:UDP"= 8394:UDP:League of Legends Launcher
"8376:TCP"= 8376:TCP:League of Legends Launcher
"8376:UDP"= 8376:UDP:League of Legends Launcher
"8377:TCP"= 8377:TCP:League of Legends Launcher
"8377:UDP"= 8377:UDP:League of Legends Launcher
"8378:TCP"= 8378:TCP:League of Legends Launcher
"8378:UDP"= 8378:UDP:League of Legends Launcher
"8379:TCP"= 8379:TCP:League of Legends Launcher
"8379:UDP"= 8379:UDP:League of Legends Launcher
"56506:TCP"= 56506:TCP:Pando Media Booster
"56506:UDP"= 56506:UDP:Pando Media Booster
"8380:TCP"= 8380:TCP:League of Legends Launcher
"8380:UDP"= 8380:UDP:League of Legends Launcher
"8395:TCP"= 8395:TCP:League of Legends Launcher
"8395:UDP"= 8395:UDP:League of Legends Launcher
"8396:TCP"= 8396:TCP:League of Legends Launcher
"8396:UDP"= 8396:UDP:League of Legends Launcher
"6970:TCP"= 6970:TCP:League of Legends Launcher
"6970:UDP"= 6970:UDP:League of Legends Launcher
"8381:TCP"= 8381:TCP:League of Legends Launcher
"8381:UDP"= 8381:UDP:League of Legends Launcher
"6932:TCP"= 6932:TCP:League of Legends Launcher
"6932:UDP"= 6932:UDP:League of Legends Launcher
"6967:TCP"= 6967:TCP:League of Legends Launcher
"6967:UDP"= 6967:UDP:League of Legends Launcher
"56515:TCP"= 56515:TCP:Pando Media Booster
"56515:UDP"= 56515:UDP:Pando Media Booster
"6958:TCP"= 6958:TCP:League of Legends Launcher
"6958:UDP"= 6958:UDP:League of Legends Launcher
"6962:TCP"= 6962:TCP:League of Legends Launcher
"6962:UDP"= 6962:UDP:League of Legends Launcher
"6947:TCP"= 6947:TCP:League of Legends Launcher
"6947:UDP"= 6947:UDP:League of Legends Launcher
"6917:TCP"= 6917:TCP:League of Legends Launcher
"6917:UDP"= 6917:UDP:League of Legends Launcher
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21-1-2008 20:35 691696]
S1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [24-10-2008 20:53 35168]
S2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [26-7-2010 14:17 95568]
S2 EagleNTq;EagleNTq;\??\c:\windows\System32\DRIVERS\EagleNTq.sys --> c:\windows\System32\DRIVERS\EagleNTq.sys [?]
S2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [7-10-2009 8:16 472280]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [10-8-2010 16:58 217088]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [17-4-2007 20:09 11032]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [26-7-2010 14:17 18136]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [10-8-2010 16:58 36640]
S3 NinjaUSB;Freecom Turbo USB 2.0;c:\windows\system32\drivers\NinjaUSB.sys [5-12-2009 22:13 24704]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [13-9-2010 18:15 96488]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [13-9-2010 18:15 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [13-9-2010 18:15 121576]
S3 SynasUSB;SynasUSB;c:\windows\system32\drivers\synasUSB.sys [2-11-2009 17:00 18432]
S3 tapgamerail;GameRail Adapter;c:\windows\system32\drivers\tapgamerail.sys [10-1-2008 13:38 32280]
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - EAGLENTQ
*NewlyCreated* - PARPORT
.
Inhoud van de 'Gedeelde Taken' map
.
2011-03-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 10:34]
.
2011-03-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-2052111302-839522115-1004Core.job
- c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-05 20:30]
.
2011-03-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-2052111302-839522115-1004UA.job
- c:\documents and settings\Fam Jacobs\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-05 20:30]
.
2011-03-16 c:\windows\Tasks\HPpromotions journeysoftware.job
- c:\program files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 16:36]
.
.
------- Bijkomende Scan -------
.
uInternet Settings,ProxyServer = http=127.0.0.1:54889
IE: &Winamp Toolbar Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Fam Jacobs\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm
FF - ProfilePath - c:\documents and settings\Fam Jacobs\Application Data\Mozilla\Firefox\Profiles\crwm4vle.default\
FF - prefs.js: browser.startup.homepage - youtube.com
FF - prefs.js: keyword.URL -
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 54889
FF - prefs.js: network.proxy.type - 1
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Battlefield Heroes Updater: battlefieldheroespatcher@ea.com - %profile%\extensions\battlefieldheroespatcher@ea.com
FF - Ext: Simple Dyyno Launcher: NPDyyno@dyyno.com - %profile%\extensions\NPDyyno@dyyno.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: BitDefender QuickScanner: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v2.00.13
.
- - - - ORPHANS VERWIJDERD - - - -
.
HKLM-Run-MultiScreen - (no file)
HKLM-Run-DivXUpdate - c:\program files\DivX\DivX Update\DivXUpdate.exe
HKLM-Run-conhost - c:\documents and settings\Fam Jacobs\Application Data\Microsoft\conhost.exe
AddRemove-{C5096216-7703-409E-B85A-8A6EE7395128}}_is1 - c:\program files\System Search Dispatcher\1.3.5.960\unins000.exe
AddRemove-{D050D7362D214723AD585B541FFB6C11} - c:\program files\DivX\DivXContentUploaderUninstall.exe
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\SAMSUNG\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\SAMSUNG\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-17 14:11
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTHelper = CTHELPER.EXE?
CTxfiHlp = CTXFIHLP.EXE?
MultiScreen = ?\Program Files\MultiScreen\MultiScreen.exe???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-1292428093-2052111302-839522115-1004\Software\SecuROM\License information*]
"datasecu"=hex:1f,5d,59,d0,7e,d6,02,55,5c,6d,a6,e1,97,4b,7d,5a,a1,55,ee,ef,c9,
e9,38,a4,6c,89,da,74,88,89,98,ed,ce,83,4c,2c,2b,71,fe,e9,69,cc,05,86,18,87,\
"rkeysecu"=hex:2e,58,24,d2,c3,72,8d,b3,10,fd,db,46,23,9e,a8,0a
.
Voltooingstijd: 2011-03-17 14:12:29
ComboFix-quarantined-files.txt 2011-03-17 13:12
ComboFix2.txt 2010-05-08 10:53
.
Pre-Run: 188.325.638.144 bytes beschikbaar
Post-Run: 188.372.500.480 bytes beschikbaar
.
- - End Of File - - 3357F31F43A4FEDD13B67142B90C5E70


------------------------------------

Het probleem lijkt bij deze verholpen, ook al doet mijn Mozilla Firefox het niet meer als browser (kan geen verbinding maken) en durf ik het niet met zekerheid te stellen. Hartstikke bedankt voor je hulp kape :) :)


Omhoog
 Profiel  
 
BerichtGeplaatst: do maart 17, 2011 3:19 pm 
Offline
Lid

Geregistreerd: vr jan 02, 2009 9:40 pm
Berichten: 39
Ik bedoelde er in bovenstaande post dus te zeggen dat ik tot 2 maal toe een BSOD kreeg tijdens het verwijderen van de geïnfecteerde bestanden (terwijl ik niet in veilige modus werkte).


Omhoog
 Profiel  
 
BerichtGeplaatst: do maart 17, 2011 3:26 pm 
Offline
Lid

Geregistreerd: vr jan 02, 2009 9:40 pm
Berichten: 39
Firefox inmiddels weer werkend gekregen en ben er 100% zeker over dat het probleem verholpen is.

Hartstikke bedankt kape, voor alle hulp :D


Omhoog
 Profiel  
 
BerichtGeplaatst: do maart 17, 2011 5:13 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: za jul 14, 2007 10:22 am
Berichten: 11000
Woonplaats: Kapellen (B)
Doe toch nog even dit :

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::
c:\windows\System32\DRIVERS\EagleNTq.sys
c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP

Driver::
EagleNTq


Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe
Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.


Omhoog
 Profiel  
 
BerichtGeplaatst: vr maart 18, 2011 10:08 pm 
Offline
Lid

Geregistreerd: vr jan 02, 2009 9:40 pm
Berichten: 39
Ik krijg een BSOD tijdens het maken van de log. Ook in veilige modus.


Omhoog
 Profiel  
 
BerichtGeplaatst: vr maart 18, 2011 11:07 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: za jul 14, 2007 10:22 am
Berichten: 11000
Woonplaats: Kapellen (B)
Keselo schreef:
Ik krijg een BSOD tijdens het maken van de log. Ook in veilige modus.
Vreemd ... maar laat het dan even zo en bekijk verder enkele dagen hoe het loopt. Mocht er nog iets zijn bij de normale werking dan lezen we het wel hier :!:

Je kan ondertussen misschien dit nog eens uitvoeren :

Download ProxyFix naar het bureaublad.

  • Dubbelklik op "ProxyFix.exe" om de tool te starten.
  • Geef ik het keuzescherm de letter "A" op en druk op enter.
  • Plaats het logje wat nu opent in het volgende bericht.


Omhoog
 Profiel  
 
Geef de vorige berichten weer:  Sorteer op  
Dit onderwerp is gesloten, je kunt geen berichten wijzigen of nieuwe antwoorden plaatsen  [ 17 berichten ]  Ga naar pagina 1, 2  Volgende

Forumoverzicht » RSIT/DDS/HijackThis logfiles » Opgeloste RSIT/DDS/HijackThis logfiles


Wie is er online

Gebruikers op dit forum: Bing [Bot], Google [Bot] en 0 gasten


Je mag geen nieuwe onderwerpen in dit forum plaatsen
Je mag niet antwoorden op een onderwerp in dit forum
Je mag je berichten in dit forum niet wijzigen
Je mag je berichten niet uit dit forum verwijderen
Je mag geen bijlagen toevoegen in dit forum

Ga naar:  
Powered by phpBB® Forum Software © phpBB Group
phpBB.nl Vertaling