wesley89

ja gelukkig wel !! okeej ik zal cf gaan verwijderen en ccleaner is al geinstalleerd dus ik zal hem zijn werk laten doen en de herstelpunten gaan verwijderen. ik dank je hartelijk voor je hulp heeft enorm geholpen aangezien ik niks meer kon opzoeken. dus kortom bedankt!! mvgr wesley

ja gaat goed zo heb er geen last meer van dus das mooi! dus ik zeg bedankt voor je hulp !!! gr wesley

hier dan de 2 logjes: Malwarebytes' Anti-Malware 1.46 Malwarebytes Databaseversie: 4244 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 26-6-2010 20:26:40 mbam-log-2010-06-26 (20-26-40).txt Scantype: Snelle scan Objecten gescand: 135147 Verstreken tijd: 5 minuut/minuten, 58 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 1 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\EBUNWVLUMV (Trojan.FakeAlert) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) /---------------------------------------------------------------------/ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:29:24, on 26-6-2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVG\AVG9\avgtray.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\taskhost.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\Steam\Steam.exe C:\Users\wesley\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Users\wesley\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe C:\Users\wesley\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\wesley\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\wesley\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\wesley\Downloads\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [Google Update] "C:\Users\wesley\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O8 - Extra context menu item: &D&ownload &met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload alle video met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload alles met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - libusb-Win32 - C:\Windows\system32\libusbd-nt.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 9950 bytes ps: die 2 017 files die ik moest verwijderen waren er inmiddels al niet meer. gr wesley

hoi kape ik heb je advies opgevolgd en dit is het combofix log file ComboFix 10-06-25.01 - wesley 26-06-2010 0:14.3.2 - x86 Microsoft Windows 7 Professional 6.1.7600.0.1252.31.1043.18.2046.1210 [GMT 2:00] Gestart vanuit: c:\users\wesley\Desktop\combofix.exe gebruikte Opdracht switches :: c:\users\wesley\Desktop\CFScript.txt FILE :: "c:\users\wesley\AppData\Roaming\b5b951bd.exe" "c:\windows\DelMR.bat" "c:\windows\pw32a.dll" "c:\windows\system32\copytowin.bat" "c:\windows\system32\pw32a.dll" "c:\windows\Tasks\At1.job" "c:\windows\Tasks\b5b951bd.job" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\WebScout Toolbar c:\program files\WebScout Toolbar\affid.dat c:\program files\WebScout Toolbar\alert_plugin.dll c:\program files\WebScout Toolbar\basis.xml c:\program files\WebScout Toolbar\icons.bmp c:\program files\WebScout Toolbar\info.txt c:\program files\WebScout Toolbar\install.ico c:\program files\WebScout Toolbar\MacroParserPlugin.dll c:\program files\WebScout Toolbar\mbback.bmp c:\program files\WebScout Toolbar\mbbigopen.bmp c:\program files\WebScout Toolbar\mbclose.bmp c:\program files\WebScout Toolbar\mbfwd.bmp c:\program files\WebScout Toolbar\mbsep.bmp c:\program files\WebScout Toolbar\nav1c.bmp c:\program files\WebScout Toolbar\somoto.dll c:\program files\WebScout Toolbar\TbCommonUtils.dll c:\program files\WebScout Toolbar\tbcore3.dll c:\program files\WebScout Toolbar\tbcore3.inf c:\program files\WebScout Toolbar\TbHelper2.exe c:\program files\WebScout Toolbar\uninstall.exe c:\program files\WebScout Toolbar\UninstallToolbar.exe c:\program files\WebScout Toolbar\update.exe c:\program files\WebScout Toolbar\version.txt c:\windows\DelMR.bat c:\windows\pw32a.dll c:\windows\system32\copytowin.bat c:\windows\system32\pw32a.dll c:\windows\Tasks\At1.job c:\windows\Tasks\b5b951bd.job . (((((((((((((((((((( Bestanden Gemaakt van 2010-05-25 to 2010-06-25 )))))))))))))))))))))))))))))) . 2010-06-25 22:21 . 2010-06-25 22:21 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-06-25 22:21 . 2010-06-25 22:21 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-06-25 21:58 . 2010-06-23 04:29 50176 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\U5mY5.dll 2010-06-25 03:32 . 2010-06-25 03:32 -------- d-----w- c:\program files\Common Files\Microsoft Games 2010-06-25 02:57 . 2010-06-25 02:57 -------- d-----w- c:\program files\Microsoft Games 2010-06-25 02:50 . 2010-06-23 04:29 50176 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\uO317i3.dll 2010-06-25 02:48 . 2010-06-25 02:48 -------- d-----w- c:\program files\PowerISO 2010-06-25 01:13 . 2010-06-23 04:29 50176 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\7iQ1793.dll 2010-06-25 01:09 . 2010-06-25 01:10 -------- d-----w- c:\program files\DAEMON Tools Pro 2010-06-25 01:09 . 2010-06-25 01:15 -------- d-----w- c:\users\wesley\AppData\Roaming\DAEMON Tools Pro 2010-06-25 01:09 . 2010-06-25 01:09 -------- d-----w- c:\programdata\DAEMON Tools Pro 2010-06-25 00:13 . 2010-06-25 22:21 -------- d-----w- c:\users\wesley\AppData\Local\temp 2010-06-24 00:23 . 2010-06-24 00:27 -------- d-----w- c:\program files\BitComet Turbo Accelerator 2010-06-23 03:24 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll 2010-06-23 03:24 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll 2010-06-23 03:24 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll 2010-06-23 03:19 . 2010-06-25 04:05 -------- d-----w- c:\program files\Codemasters 2010-06-23 01:01 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-06-23 01:01 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll 2010-06-23 01:01 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll 2010-06-23 01:01 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2010-06-23 01:01 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll 2010-06-22 18:51 . 2010-03-24 06:37 1286456 ----a-w- c:\windows\system32\ntdll.dll 2010-06-22 18:51 . 2010-05-09 09:14 641536 ----a-w- c:\windows\system32\CPFilters.dll 2010-06-22 18:51 . 2010-05-09 09:14 417792 ----a-w- c:\windows\system32\msdri.dll 2010-06-21 00:43 . 2010-06-21 00:43 -------- d-----w- c:\program files\Xvid 2010-06-21 00:43 . 2009-06-07 14:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll 2010-06-21 00:43 . 2009-06-07 14:16 819200 ----a-w- c:\windows\system32\xvidcore.dll 2010-06-21 00:41 . 2010-06-21 00:41 -------- d-----w- c:\program files\AVIcodec 2010-06-21 00:24 . 2007-05-19 14:33 31232 ----a-w- c:\windows\system\vdremote.dll 2010-06-21 00:24 . 2007-05-19 14:33 25088 ----a-w- c:\windows\system\vdsvrlnk.dll 2010-06-20 06:03 . 2010-06-20 06:03 -------- d-----w- c:\program files\Convert AVI to MP4 2010-06-20 05:42 . 2010-06-20 05:42 -------- d-----w- c:\program files\URUSoft 2010-06-20 05:32 . 2005-09-14 06:16 205824 ----a-w- c:\windows\patchw32.dll 2010-06-20 04:27 . 2010-06-20 04:27 -------- d-----w- c:\program files\Lead Pursuit 2010-06-18 18:39 . 2010-06-25 21:58 -------- d-----w- c:\users\wesley\Tracing 2010-06-18 18:38 . 2010-06-18 18:38 -------- d-----w- c:\program files\Microsoft 2010-06-18 18:38 . 2010-06-18 18:38 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-06-18 18:38 . 2010-06-18 18:39 -------- d-----w- c:\program files\Windows Live 2010-06-18 18:34 . 2010-06-18 18:34 -------- d-----w- c:\program files\Common Files\Windows Live 2010-06-15 18:17 . 2010-06-15 18:17 -------- d-----w- c:\windows\system32\Wat 2010-06-11 18:51 . 2010-06-11 18:51 -------- d-----w- c:\programdata\Apple 2010-06-11 18:50 . 2010-05-01 14:49 2326528 ----a-w- c:\windows\system32\win32k.sys 2010-06-11 18:49 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll 2010-06-11 18:49 . 2010-05-21 05:18 977920 ----a-w- c:\windows\system32\wininet.dll 2010-06-11 18:49 . 2010-05-27 07:24 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-06-11 18:49 . 2010-05-27 03:49 293888 ----a-w- c:\windows\system32\atmfd.dll 2010-06-08 11:21 . 2010-06-08 11:21 -------- d-sh--w- c:\windows\ftpcache 2010-06-08 11:21 . 2010-06-08 11:21 -------- d-----w- c:\programdata\Ubisoft 2010-06-08 11:20 . 2010-06-22 04:13 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2010-06-08 11:20 . 2010-06-22 04:13 22328 ----a-w- c:\users\wesley\AppData\Roaming\PnkBstrK.sys 2010-06-08 11:20 . 2010-06-22 04:13 107832 ----a-w- c:\windows\system32\PnkBstrB.exe 2010-06-08 11:20 . 2010-06-22 04:13 2250024 ----a-w- c:\windows\system32\pbsvc.exe 2010-06-08 11:20 . 2010-06-08 11:20 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2010-06-08 11:01 . 2010-06-22 04:06 -------- d-----w- c:\program files\Ubisoft 2010-06-07 16:27 . 2010-06-07 16:27 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-06-07 16:27 . 2010-06-20 22:09 -------- d-----w- c:\users\wesley\AppData\Roaming\skypePM 2010-06-07 15:45 . 2010-06-20 23:40 -------- d-----w- c:\users\wesley\AppData\Roaming\Skype 2010-06-07 15:44 . 2010-06-07 15:44 -------- d-----w- c:\program files\Common Files\Skype 2010-06-07 15:44 . 2010-06-07 15:44 -------- d-----r- c:\program files\Skype 2010-06-07 15:43 . 2010-06-07 15:44 -------- d-----w- c:\programdata\Skype 2010-06-06 12:31 . 2010-06-06 12:31 -------- d-----w- c:\program files\Lionhead Studios 2010-06-06 11:15 . 2010-06-06 11:15 -------- d-----w- c:\program files\AutoUnpack 2010-06-04 19:38 . 2010-06-04 19:38 -------- d-----w- c:\program files\Microsoft Synchronization Services 2010-06-04 19:38 . 2010-06-04 19:38 -------- d-----w- c:\windows\PCHEALTH 2010-06-04 19:38 . 2010-06-04 19:38 -------- d-----w- c:\program files\Microsoft.NET 2010-06-04 19:38 . 2010-06-04 19:38 -------- d-----w- c:\program files\Microsoft Sync Framework 2010-06-04 19:38 . 2010-06-04 19:38 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-06-04 19:37 . 2010-06-04 19:37 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2010-06-04 19:36 . 2010-06-04 19:36 -------- d-----w- c:\program files\Microsoft Analysis Services 2010-06-04 19:35 . 2010-06-04 19:35 -------- d-----r- C:\MSOCache 2010-06-03 17:54 . 2010-06-03 18:21 -------- d-----w- c:\program files\Electronic Arts 2010-06-01 17:48 . 2010-06-02 15:08 -------- d-----w- c:\programdata\Electronic Arts 2010-05-31 20:05 . 2010-05-31 20:05 -------- d-----w- c:\program files\VirtualDJ 2010-05-30 13:13 . 2010-06-11 18:56 923456 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-25 22:09 . 2010-01-21 12:09 -------- d-----w- c:\program files\Steam 2010-06-25 03:32 . 2010-01-20 20:28 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-06-25 02:55 . 2010-05-23 12:49 -------- d-----w- c:\program files\Common Files\InstallShield 2010-06-25 02:47 . 2010-03-07 17:56 -------- d-----w- c:\users\wesley\AppData\Roaming\BitComet 2010-06-25 01:10 . 2010-01-19 21:40 697328 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-06-23 04:46 . 2009-07-14 08:10 691728 ----a-w- c:\windows\system32\perfh013.dat 2010-06-23 04:46 . 2009-07-14 08:10 130232 ----a-w- c:\windows\system32\perfc013.dat 2010-06-20 01:12 . 2010-01-20 18:50 -------- d-----w- c:\program files\QuickPar 2010-06-18 17:46 . 2010-05-19 21:00 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2010-06-17 18:25 . 2010-05-20 14:39 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2010-06-17 18:25 . 2010-05-19 21:00 923456 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2010-06-11 19:05 . 2010-06-11 18:54 -------- d-----w- c:\users\wesley\AppData\Roaming\Apple Computer 2010-06-11 19:04 . 2010-01-19 11:36 109592 ----a-w- c:\users\wesley\AppData\Local\GDIPFONTCACHEV1.DAT 2010-06-11 18:54 . 2010-06-11 18:54 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-06-11 18:54 . 2010-06-11 18:54 -------- d-----w- c:\program files\iTunes 2010-06-11 18:54 . 2010-06-11 18:54 -------- d-----w- c:\program files\iPod 2010-06-11 18:54 . 2010-06-11 18:52 -------- d-----w- c:\programdata\Apple Computer 2010-06-11 18:54 . 2010-06-11 18:51 -------- d-----w- c:\program files\Common Files\Apple 2010-06-11 18:53 . 2010-06-11 18:52 -------- d-----w- c:\program files\QuickTime 2010-06-11 18:52 . 2010-06-11 18:52 -------- d-----w- c:\program files\Apple Software Update 2010-06-11 18:52 . 2010-06-11 18:52 -------- d-----w- c:\program files\Bonjour 2010-06-08 11:22 . 2010-01-21 12:11 -------- d-----w- c:\program files\Activision 2010-06-05 06:32 . 2010-04-16 07:58 -------- d-----w- c:\program files\Microsoft Silverlight 2010-06-04 19:43 . 2010-05-17 17:57 -------- d-----w- c:\programdata\Microsoft Help 2010-06-04 19:39 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild 2010-06-04 08:08 . 2010-03-30 10:35 -------- d-----w- c:\users\wesley\AppData\Roaming\Belastingdienst 2010-06-02 15:13 . 2010-01-19 20:58 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-06-02 15:13 . 2010-01-19 20:58 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-05-30 19:46 . 2010-05-30 19:46 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf 2010-05-23 12:50 . 2010-01-20 20:56 -------- d--h--w- c:\program files\Temp 2010-05-21 12:14 . 2010-01-19 19:56 221568 ------w- c:\windows\system32\MpSigStub.exe 2010-05-20 19:43 . 2010-05-20 19:42 -------- d-----w- c:\users\wesley\AppData\Roaming\vlc 2010-05-20 19:42 . 2010-05-20 19:42 -------- d-----w- c:\program files\VLC Player 2010-05-20 19:42 . 2010-05-20 19:42 -------- d-----w- c:\program files\Conduit 2010-05-20 19:42 . 2010-05-20 19:42 -------- d-----w- c:\program files\myBabylon_English 2010-05-20 19:42 . 2010-05-20 19:42 -------- d-----w- c:\program files\Babylon 2010-05-20 11:48 . 2010-05-20 11:48 -------- d-----w- c:\users\wesley\AppData\Roaming\BlackBean 2010-05-20 11:42 . 2010-05-20 11:42 -------- d-----w- c:\program files\BlackBeanGames 2010-05-17 19:54 . 2010-05-17 19:54 -------- d-----w- c:\program files\Gabest 2010-05-16 09:34 . 2010-01-19 20:14 -------- d-----w- c:\program files\Google 2010-05-13 13:36 . 2010-03-01 21:14 -------- d-----w- c:\program files\Common Files\Motorola Shared 2010-05-13 13:34 . 2010-05-08 16:28 -------- d-----w- c:\program files\Mio Technology 2010-05-12 12:33 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail 2010-05-11 11:28 . 2010-05-11 11:28 -------- d-----w- c:\program files\CCleaner 2010-05-08 15:06 . 2010-05-08 15:03 -------- d-----w- c:\program files\Common Files\Adobe AIR 2010-05-08 15:05 . 2010-05-08 15:04 38784 ----a-w- c:\users\wesley\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-05-08 15:05 . 2010-05-08 15:03 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-05-03 17:05 . 2010-05-02 20:14 -------- d-----w- c:\program files\MagicISO 2010-05-02 18:01 . 2010-05-02 18:01 10134 ----a-r- c:\users\wesley\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe 2010-05-02 18:01 . 2010-05-02 18:01 -------- d-----w- c:\program files\Microsoft WSE 2010-04-30 15:25 . 2010-05-23 12:49 58400 ----a-w- c:\windows\system32\RtkCoInst.dll 2010-04-30 15:25 . 2010-05-23 12:49 1775136 ----a-w- c:\windows\system32\RtkPgExt.dll 2010-04-30 15:24 . 2010-05-23 12:49 367136 ----a-w- c:\windows\system32\RtkApoApi.dll 2010-04-30 15:24 . 2010-05-23 12:49 3583008 ----a-w- c:\windows\system32\RtkAPO.dll 2010-04-30 14:59 . 2010-05-23 12:49 3086752 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys 2010-04-28 16:45 . 2010-05-23 12:49 1251872 ----a-w- c:\windows\RtlExUpd.dll 2010-04-28 13:45 . 2010-04-28 13:45 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe 2010-04-27 12:45 . 2010-04-27 12:45 72856 ----a-w- c:\windows\system32\xliveinstallhost.exe 2010-04-27 12:45 . 2010-04-27 12:45 187544 ----a-w- c:\windows\system32\xliveinstall.dll 2010-04-23 07:13 . 2010-05-26 18:38 2048 ----a-w- c:\windows\system32\tzres.dll 2010-04-18 18:52 . 2010-04-18 18:53 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-04-16 20:12 . 2010-04-16 20:12 48464 ----a-w- c:\windows\system32\sirenacm.dll 2010-04-08 11:20 . 2010-04-08 11:20 91424 ----a-w- c:\windows\system32\dnssd.dll 2010-04-08 11:20 . 2010-04-08 11:20 107808 ----a-w- c:\windows\system32\dns-sd.exe 2010-04-02 15:17 . 2010-04-02 15:17 15426200 ----a-w- c:\windows\system32\xlive.dll 2010-04-02 15:17 . 2010-04-02 15:17 13642904 ----a-w- c:\windows\system32\xlivefnt.dll 2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat 2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe . ((((((((((((((((((((((((((((( SnapShot@2010-06-25_00.11.47 ))))))))))))))))))))))))))))))))))))))))) . + 2010-06-25 02:57 . 2010-06-25 02:57 65536 c:\windows\winsxs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_45e008191e507087\vcomp.dll + 2010-06-25 02:57 . 2010-06-25 02:57 49152 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80KOR.dll + 2010-06-25 02:57 . 2010-06-25 02:57 49152 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80JPN.dll + 2010-06-25 02:57 . 2010-06-25 02:57 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ITA.dll + 2010-06-25 02:57 . 2010-06-25 02:57 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80FRA.dll + 2010-06-25 02:57 . 2010-06-25 02:57 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ESP.dll + 2010-06-25 02:57 . 2010-06-25 02:57 57344 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ENU.dll + 2010-06-25 02:57 . 2010-06-25 02:57 65536 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80DEU.dll + 2010-06-25 02:57 . 2010-06-25 02:57 45056 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80CHT.dll + 2010-06-25 02:57 . 2010-06-25 02:57 40960 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80CHS.dll + 2010-06-25 02:57 . 2010-06-25 02:57 57344 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfcm80u.dll + 2010-06-25 02:57 . 2010-06-25 02:57 69632 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfcm80.dll + 2010-06-25 02:57 . 2010-06-25 02:57 95744 c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1\ATL80.dll + 2010-06-25 03:28 . 2010-06-25 03:28 37888 c:\windows\winsxs\x86_microsoft.flightsimulator.simconnect_67c7c14424d61b5b_10.0.60905.0_none_dd92b94d8a196297\SimConnect.dll + 2010-01-19 13:21 . 2010-06-25 22:09 42600 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 04:55 . 2010-06-25 22:09 41378 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-01-19 11:31 . 2010-06-25 02:52 12180 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4163138912-3793513249-2779747837-1000_UserData.bin + 2009-07-27 02:43 . 2009-07-27 02:43 58908 c:\windows\System32\drivers\scdemu.sys + 2010-01-19 11:25 . 2010-06-25 22:00 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-01-19 11:25 . 2010-06-25 00:02 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-01-19 11:25 . 2010-06-25 00:02 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2010-01-19 11:25 . 2010-06-25 22:00 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:41 . 2010-06-25 22:00 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:41 . 2010-06-25 00:02 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-01-19 19:04 . 2010-06-25 22:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-01-19 19:04 . 2010-06-25 00:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:34 . 2010-06-25 22:15 83384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat - 2009-07-14 04:34 . 2010-06-23 04:49 83384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat + 2010-01-19 19:04 . 2010-06-25 22:10 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2010-01-19 19:04 . 2010-06-25 00:05 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2010-01-19 19:04 . 2010-06-25 22:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2010-01-19 19:04 . 2010-06-25 00:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-01-19 11:37 . 2010-06-25 22:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-01-19 11:37 . 2010-06-25 00:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-01-19 19:06 . 2010-06-25 00:05 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat + 2010-01-19 19:06 . 2010-06-25 22:00 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat + 2010-01-19 19:06 . 2010-06-25 22:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat - 2010-01-19 19:06 . 2010-06-25 00:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat + 2010-01-19 19:06 . 2010-06-25 22:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat - 2010-01-19 19:06 . 2010-06-25 00:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat - 2010-01-19 11:37 . 2010-06-25 00:05 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2010-01-19 11:37 . 2010-06-25 22:10 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2010-01-19 11:37 . 2010-06-25 00:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-01-19 11:37 . 2010-06-25 22:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-06-25 03:32 . 2010-06-25 03:32 32768 c:\windows\Installer\{716E0306-8318-4364-8B8F-0CC4E9376BAC}\icon.exe + 2010-06-25 03:10 . 2010-06-25 03:10 92496 c:\windows\assembly\GAC_32\Microsoft.FlightSimulator.SimConnect\10.0.60905.0__31bf3856ad364e35\Microsoft.FlightSimulator.SimConnect.dll - 2010-06-23 03:24 . 2010-06-23 03:24 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll + 2010-06-25 03:32 . 2010-06-25 03:32 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll - 2010-06-23 03:24 . 2010-06-23 03:24 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll + 2010-06-25 03:32 . 2010-06-25 03:32 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll + 2010-06-25 22:07 . 2010-06-25 22:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2010-06-25 00:01 . 2010-06-25 00:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2010-06-25 00:01 . 2010-06-25 00:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2010-06-25 22:07 . 2010-06-25 22:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-07-14 04:33 . 2010-06-25 21:57 412712 c:\windows\System32\FNTCACHE.DAT + 2009-07-14 04:47 . 2010-06-25 22:06 407028 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2010-06-25 03:27 . 2010-06-25 03:27 126976 c:\windows\Installer\{9527A496-5DF9-412A-ADC7-168BA5379CA6}\ARPPRODUCTICON.exe + 2010-06-25 03:32 . 2010-06-25 03:32 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll + 2010-06-25 03:32 . 2010-06-25 03:32 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll - 2010-06-23 03:24 . 2010-06-23 03:24 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll + 2010-06-25 03:32 . 2010-06-25 03:32 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll + 2010-06-25 03:32 . 2010-06-25 03:32 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll - 2010-06-23 03:24 . 2010-06-23 03:24 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll - 2010-06-23 03:24 . 2010-06-23 03:24 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll + 2010-06-25 03:32 . 2010-06-25 03:32 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll + 2010-06-25 03:32 . 2010-06-25 03:32 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll - 2010-06-23 03:24 . 2010-06-23 03:24 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll + 2010-06-25 02:57 . 2010-06-25 02:57 1079808 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80u.dll + 2010-06-25 02:57 . 2010-06-25 02:57 1093632 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80.dll + 2010-06-25 03:28 . 2010-06-25 03:28 1230336 c:\windows\winsxs\x86_microsoft.msxml2_6bd6b9abf345378f_4.1.0.0_none_6c030d6fdc86522c\msxml4.dll + 2009-07-14 02:03 . 2010-06-25 11:30 7077888 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT - 2009-07-14 02:03 . 2010-06-24 04:21 7077888 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT + 2009-07-14 04:34 . 2010-06-25 21:59 3852188 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat - 2009-07-14 04:34 . 2010-06-23 01:22 3852188 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2006-09-09 11:15 . 2006-09-09 11:15 5289984 c:\windows\Installer\5a124.msi + 2005-09-23 05:48 . 2005-09-23 05:48 2483200 c:\windows\Installer\5a11a.msi + 2010-06-25 03:32 . 2010-06-25 03:32 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2009-07-14 08:09 . 2010-06-25 03:28 30872835 c:\windows\winsxs\ManifestCache\e4e8be02b8fae2a7_blobs.bin + 2010-04-29 20:33 . 2010-06-25 22:06 30520796 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4163138912-3793513249-2779747837-1000-12288.dat + 2006-09-09 10:15 . 2006-09-09 10:15 79256064 c:\windows\Installer\5a11e.msi . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] 2010-02-28 00:20 561552 ----a-w- c:\progra~1\MICROS~4\Office14\URLREDIR.DLL [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-19 39408] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] "Steam"="c:\program files\Steam\Steam.exe" [2010-05-08 1238352] "Google Update"="c:\users\wesley\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-03-14 135664] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTAgent.exe" [2010-04-15 427328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-02 2065248] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120] c:\users\wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-19 135664] R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-09-24 22528] R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-08-26 25480] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1343400] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-06-25 697328] S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-09-24 19592] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-03-14 216200] S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-06-02 242896] S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-03-14 916760] S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-14 308064] S2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;c:\windows\system32\libusbd-nt.exe [2005-03-09 18944] S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-12-03 625224] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2005-03-09 33792] S3 netw5v32;Intel® Wireless WiFi Link adapter stuurprogramma onder Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2010-01-13 6628352] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-11-27 233472] --- Andere Services/Drivers In Geheugen --- *NewlyCreated* - PCIIDE [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . Inhoud van de 'Gedeelde Taken' map 2010-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-19 20:15] 2010-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-19 20:15] 2010-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4163138912-3793513249-2779747837-1000Core.job - c:\users\wesley\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-14 13:53] 2010-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4163138912-3793513249-2779747837-1000UA.job - c:\users\wesley\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-14 13:53] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://search.babylon.com/home/?ai=13054 mStart Page = hxxp://www.foozir.com/ uInternet Settings,ProxyOverride = *.local IE: &D&ownload &met BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload alle video met BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: &D&ownload alles met BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: &Verzenden naar OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL . - - - - ORPHANS VERWIJDERD - - - - AddRemove-Colin McRae DiRT 2_is1 - c:\program files\Codemasters\Colin McRae DiRT 2\Uninstall\unins000.exe AddRemove-WebScout Toolbar - c:\program files\WebScout Toolbar\UninstallToolbar.exe AddRemove-{52D1D62C-FEAB-4580-849E-1DB624BADBBD} - c:\program files\InstallShield Installation Information\{52D1D62C-FEAB-4580-849E-1DB624BADBBD}\setup.exe . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-4163138912-3793513249-2779747837-1000\Software\SecuROM\License information*] "datasecu"=hex:29,13,9b,3c,62,a5,42,71,1d,ad,2c,5c,a6,af,bf,31,d9,0c,53,2e,d5, 6a,de,a3,19,98,65,b2,6e,d7,cf,5d,7f,b7,97,8b,b4,da,5f,38,b0,16,7f,49,97,ba,\ "rkeysecu"=hex:de,34,91,4d,d1,8b,3f,6d,35,56,33,ca,ac,82,3b,4f [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2010-06-26 00:23:51 ComboFix-quarantined-files.txt 2010-06-25 22:23 ComboFix2.txt 2010-06-25 00:13 Pre-Run: 23.965.442.048 bytes beschikbaar Post-Run: 23.687.962.624 bytes beschikbaar - - End Of File - - EEA48FCF6CA582B0139E41FDB381C172 rn dit is het hijackthis log file Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 0:26:43, on 26-6-2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\wesley\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Windows\explorer.exe C:\Users\wesley\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\wesley\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\wesley\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\wesley\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\wesley\Downloads\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Foozir.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\WebScout Toolbar\tbcore3.dll (file missing) O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [Google Update] "C:\Users\wesley\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O8 - Extra context menu item: &D&ownload &met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload alle video met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload alles met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll/206 (file missing) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.162.54,93.188.161.184 O17 - HKLM\System\CS2\Services\Tcpip\..\{5B4A4D56-AFF7-486D-B336-D6A8F8C1937C}: NameServer = 93.188.162.54,93.188.161.184 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - libusb-Win32 - C:\Windows\system32\libusbd-nt.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 10528 bytes wederom alvast bedankt!! gr wesley ---------- Post toegevoegd om 22:29 ---------- Vorige post was om 22:27 ---------- hoi kape ik heb je advies opgevolgd en dit is het combofix log file ComboFix 10-06-25.01 - wesley 26-06-2010 0:14.3.2 - x86 Microsoft Windows 7 Professional 6.1.7600.0.1252.31.1043.18.2046.1210 [GMT 2:00] Gestart vanuit: c:\users\wesley\Desktop\combofix.exe gebruikte Opdracht switches :: c:\users\wesley\Desktop\CFScript.txt FILE :: "c:\users\wesley\AppData\Roaming\b5b951bd.exe" "c:\windows\DelMR.bat" "c:\windows\pw32a.dll" "c:\windows\system32\copytowin.bat" "c:\windows\system32\pw32a.dll" "c:\windows\Tasks\At1.job" "c:\windows\Tasks\b5b951bd.job" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\WebScout Toolbar c:\program files\WebScout Toolbar\affid.dat c:\program files\WebScout Toolbar\alert_plugin.dll c:\program files\WebScout Toolbar\basis.xml c:\program files\WebScout Toolbar\icons.bmp c:\program files\WebScout Toolbar\info.txt c:\program files\WebScout Toolbar\install.ico c:\program files\WebScout Toolbar\MacroParserPlugin.dll c:\program files\WebScout Toolbar\mbback.bmp c:\program files\WebScout Toolbar\mbbigopen.bmp c:\program files\WebScout Toolbar\mbclose.bmp c:\program files\WebScout Toolbar\mbfwd.bmp c:\program files\WebScout Toolbar\mbsep.bmp c:\program files\WebScout Toolbar\nav1c.bmp c:\program files\WebScout Toolbar\somoto.dll c:\program files\WebScout Toolbar\TbCommonUtils.dll c:\program files\WebScout Toolbar\tbcore3.dll c:\program files\WebScout Toolbar\tbcore3.inf c:\program files\WebScout Toolbar\TbHelper2.exe c:\program files\WebScout Toolbar\uninstall.exe c:\program files\WebScout Toolbar\UninstallToolbar.exe c:\program files\WebScout Toolbar\update.exe c:\program files\WebScout Toolbar\version.txt c:\windows\DelMR.bat c:\windows\pw32a.dll c:\windows\system32\copytowin.bat c:\windows\system32\pw32a.dll c:\windows\Tasks\At1.job c:\windows\Tasks\b5b951bd.job . (((((((((((((((((((( Bestanden Gemaakt van 2010-05-25 to 2010-06-25 )))))))))))))))))))))))))))))) . 2010-06-25 22:21 . 2010-06-25 22:21 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-06-25 22:21 . 2010-06-25 22:21 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-06-25 21:58 . 2010-06-23 04:29 50176 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\U5mY5.dll 2010-06-25 03:32 . 2010-06-25 03:32 -------- d-----w- c:\program files\Common Files\Microsoft Games 2010-06-25 02:57 . 2010-06-25 02:57 -------- d-----w- c:\program files\Microsoft Games 2010-06-25 02:50 . 2010-06-23 04:29 50176 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\uO317i3.dll 2010-06-25 02:48 . 2010-06-25 02:48 -------- d-----w- c:\program files\PowerISO 2010-06-25 01:13 . 2010-06-23 04:29 50176 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\7iQ1793.dll 2010-06-25 01:09 . 2010-06-25 01:10 -------- d-----w- c:\program files\DAEMON Tools Pro 2010-06-25 01:09 . 2010-06-25 01:15 -------- d-----w- c:\users\wesley\AppData\Roaming\DAEMON Tools Pro 2010-06-25 01:09 . 2010-06-25 01:09 -------- d-----w- c:\programdata\DAEMON Tools Pro 2010-06-25 00:13 . 2010-06-25 22:21 -------- d-----w- c:\users\wesley\AppData\Local\temp 2010-06-24 00:23 . 2010-06-24 00:27 -------- d-----w- c:\program files\BitComet Turbo Accelerator 2010-06-23 03:24 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll 2010-06-23 03:24 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll 2010-06-23 03:24 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll 2010-06-23 03:19 . 2010-06-25 04:05 -------- d-----w- c:\program files\Codemasters 2010-06-23 01:01 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-06-23 01:01 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll 2010-06-23 01:01 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll 2010-06-23 01:01 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2010-06-23 01:01 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll 2010-06-22 18:51 . 2010-03-24 06:37 1286456 ----a-w- c:\windows\system32\ntdll.dll 2010-06-22 18:51 . 2010-05-09 09:14 641536 ----a-w- c:\windows\system32\CPFilters.dll 2010-06-22 18:51 . 2010-05-09 09:14 417792 ----a-w- c:\windows\system32\msdri.dll 2010-06-21 00:43 . 2010-06-21 00:43 -------- d-----w- c:\program files\Xvid 2010-06-21 00:43 . 2009-06-07 14:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll 2010-06-21 00:43 . 2009-06-07 14:16 819200 ----a-w- c:\windows\system32\xvidcore.dll 2010-06-21 00:41 . 2010-06-21 00:41 -------- d-----w- c:\program files\AVIcodec 2010-06-21 00:24 . 2007-05-19 14:33 31232 ----a-w- c:\windows\system\vdremote.dll 2010-06-21 00:24 . 2007-05-19 14:33 25088 ----a-w- c:\windows\system\vdsvrlnk.dll 2010-06-20 06:03 . 2010-06-20 06:03 -------- d-----w- c:\program files\Convert AVI to MP4 2010-06-20 05:42 . 2010-06-20 05:42 -------- d-----w- c:\program files\URUSoft 2010-06-20 05:32 . 2005-09-14 06:16 205824 ----a-w- c:\windows\patchw32.dll 2010-06-20 04:27 . 2010-06-20 04:27 -------- d-----w- c:\program files\Lead Pursuit 2010-06-18 18:39 . 2010-06-25 21:58 -------- d-----w- c:\users\wesley\Tracing 2010-06-18 18:38 . 2010-06-18 18:38 -------- d-----w- c:\program files\Microsoft 2010-06-18 18:38 . 2010-06-18 18:38 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-06-18 18:38 . 2010-06-18 18:39 -------- d-----w- c:\program files\Windows Live 2010-06-18 18:34 . 2010-06-18 18:34 -------- d-----w- c:\program files\Common Files\Windows Live 2010-06-15 18:17 . 2010-06-15 18:17 -------- d-----w- c:\windows\system32\Wat 2010-06-11 18:51 . 2010-06-11 18:51 -------- d-----w- c:\programdata\Apple 2010-06-11 18:50 . 2010-05-01 14:49 2326528 ----a-w- c:\windows\system32\win32k.sys 2010-06-11 18:49 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll 2010-06-11 18:49 . 2010-05-21 05:18 977920 ----a-w- c:\windows\system32\wininet.dll 2010-06-11 18:49 . 2010-05-27 07:24 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-06-11 18:49 . 2010-05-27 03:49 293888 ----a-w- c:\windows\system32\atmfd.dll 2010-06-08 11:21 . 2010-06-08 11:21 -------- d-sh--w- c:\windows\ftpcache 2010-06-08 11:21 . 2010-06-08 11:21 -------- d-----w- c:\programdata\Ubisoft 2010-06-08 11:20 . 2010-06-22 04:13 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2010-06-08 11:20 . 2010-06-22 04:13 22328 ----a-w- c:\users\wesley\AppData\Roaming\PnkBstrK.sys 2010-06-08 11:20 . 2010-06-22 04:13 107832 ----a-w- c:\windows\system32\PnkBstrB.exe 2010-06-08 11:20 . 2010-06-22 04:13 2250024 ----a-w- c:\windows\system32\pbsvc.exe 2010-06-08 11:20 . 2010-06-08 11:20 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2010-06-08 11:01 . 2010-06-22 04:06 -------- d-----w- c:\program files\Ubisoft 2010-06-07 16:27 . 2010-06-07 16:27 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-06-07 16:27 . 2010-06-20 22:09 -------- d-----w- c:\users\wesley\AppData\Roaming\skypePM 2010-06-07 15:45 . 2010-06-20 23:40 -------- d-----w- c:\users\wesley\AppData\Roaming\Skype 2010-06-07 15:44 . 2010-06-07 15:44 -------- d-----w- c:\program files\Common Files\Skype 2010-06-07 15:44 . 2010-06-07 15:44 -------- d-----r- c:\program files\Skype 2010-06-07 15:43 . 2010-06-07 15:44 -------- d-----w- c:\programdata\Skype 2010-06-06 12:31 . 2010-06-06 12:31 -------- d-----w- c:\program files\Lionhead Studios 2010-06-06 11:15 . 2010-06-06 11:15 -------- d-----w- c:\program files\AutoUnpack 2010-06-04 19:38 . 2010-06-04 19:38 -------- d-----w- c:\program files\Microsoft Synchronization Services 2010-06-04 19:38 . 2010-06-04 19:38 -------- d-----w- c:\windows\PCHEALTH 2010-06-04 19:38 . 2010-06-04 19:38 -------- d-----w- c:\program files\Microsoft.NET 2010-06-04 19:38 . 2010-06-04 19:38 -------- d-----w- c:\program files\Microsoft Sync Framework 2010-06-04 19:38 . 2010-06-04 19:38 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-06-04 19:37 . 2010-06-04 19:37 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2010-06-04 19:36 . 2010-06-04 19:36 -------- d-----w- c:\program files\Microsoft Analysis Services 2010-06-04 19:35 . 2010-06-04 19:35 -------- d-----r- C:\MSOCache 2010-06-03 17:54 . 2010-06-03 18:21 -------- d-----w- c:\program files\Electronic Arts 2010-06-01 17:48 . 2010-06-02 15:08 -------- d-----w- c:\programdata\Electronic Arts 2010-05-31 20:05 . 2010-05-31 20:05 -------- d-----w- c:\program files\VirtualDJ 2010-05-30 13:13 . 2010-06-11 18:56 923456 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-25 22:09 . 2010-01-21 12:09 -------- d-----w- c:\program files\Steam 2010-06-25 03:32 . 2010-01-20 20:28 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-06-25 02:55 . 2010-05-23 12:49 -------- d-----w- c:\program files\Common Files\InstallShield 2010-06-25 02:47 . 2010-03-07 17:56 -------- d-----w- c:\users\wesley\AppData\Roaming\BitComet 2010-06-25 01:10 . 2010-01-19 21:40 697328 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-06-23 04:46 . 2009-07-14 08:10 691728 ----a-w- c:\windows\system32\perfh013.dat 2010-06-23 04:46 . 2009-07-14 08:10 130232 ----a-w- c:\windows\system32\perfc013.dat 2010-06-20 01:12 . 2010-01-20 18:50 -------- d-----w- c:\program files\QuickPar 2010-06-18 17:46 . 2010-05-19 21:00 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2010-06-17 18:25 . 2010-05-20 14:39 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2010-06-17 18:25 . 2010-05-19 21:00 923456 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2010-06-11 19:05 . 2010-06-11 18:54 -------- d-----w- c:\users\wesley\AppData\Roaming\Apple Computer 2010-06-11 19:04 . 2010-01-19 11:36 109592 ----a-w- c:\users\wesley\AppData\Local\GDIPFONTCACHEV1.DAT 2010-06-11 18:54 . 2010-06-11 18:54 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-06-11 18:54 . 2010-06-11 18:54 -------- d-----w- c:\program files\iTunes 2010-06-11 18:54 . 2010-06-11 18:54 -------- d-----w- c:\program files\iPod 2010-06-11 18:54 . 2010-06-11 18:52 -------- d-----w- c:\programdata\Apple Computer 2010-06-11 18:54 . 2010-06-11 18:51 -------- d-----w- c:\program files\Common Files\Apple 2010-06-11 18:53 . 2010-06-11 18:52 -------- d-----w- c:\program files\QuickTime 2010-06-11 18:52 . 2010-06-11 18:52 -------- d-----w- c:\program files\Apple Software Update 2010-06-11 18:52 . 2010-06-11 18:52 -------- d-----w- c:\program files\Bonjour 2010-06-08 11:22 . 2010-01-21 12:11 -------- d-----w- c:\program files\Activision 2010-06-05 06:32 . 2010-04-16 07:58 -------- d-----w- c:\program files\Microsoft Silverlight 2010-06-04 19:43 . 2010-05-17 17:57 -------- d-----w- c:\programdata\Microsoft Help 2010-06-04 19:39 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild 2010-06-04 08:08 . 2010-03-30 10:35 -------- d-----w- c:\users\wesley\AppData\Roaming\Belastingdienst 2010-06-02 15:13 . 2010-01-19 20:58 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-06-02 15:13 . 2010-01-19 20:58 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-05-30 19:46 . 2010-05-30 19:46 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf 2010-05-23 12:50 . 2010-01-20 20:56 -------- d--h--w- c:\program files\Temp 2010-05-21 12:14 . 2010-01-19 19:56 221568 ------w- c:\windows\system32\MpSigStub.exe 2010-05-20 19:43 . 2010-05-20 19:42 -------- d-----w- c:\users\wesley\AppData\Roaming\vlc 2010-05-20 19:42 . 2010-05-20 19:42 -------- d-----w- c:\program files\VLC Player 2010-05-20 19:42 . 2010-05-20 19:42 -------- d-----w- c:\program files\Conduit 2010-05-20 19:42 . 2010-05-20 19:42 -------- d-----w- c:\program files\myBabylon_English 2010-05-20 19:42 . 2010-05-20 19:42 -------- d-----w- c:\program files\Babylon 2010-05-20 11:48 . 2010-05-20 11:48 -------- d-----w- c:\users\wesley\AppData\Roaming\BlackBean 2010-05-20 11:42 . 2010-05-20 11:42 -------- d-----w- c:\program files\BlackBeanGames 2010-05-17 19:54 . 2010-05-17 19:54 -------- d-----w- c:\program files\Gabest 2010-05-16 09:34 . 2010-01-19 20:14 -------- d-----w- c:\program files\Google 2010-05-13 13:36 . 2010-03-01 21:14 -------- d-----w- c:\program files\Common Files\Motorola Shared 2010-05-13 13:34 . 2010-05-08 16:28 -------- d-----w- c:\program files\Mio Technology 2010-05-12 12:33 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail 2010-05-11 11:28 . 2010-05-11 11:28 -------- d-----w- c:\program files\CCleaner 2010-05-08 15:06 . 2010-05-08 15:03 -------- d-----w- c:\program files\Common Files\Adobe AIR 2010-05-08 15:05 . 2010-05-08 15:04 38784 ----a-w- c:\users\wesley\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-05-08 15:05 . 2010-05-08 15:03 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-05-03 17:05 . 2010-05-02 20:14 -------- d-----w- c:\program files\MagicISO 2010-05-02 18:01 . 2010-05-02 18:01 10134 ----a-r- c:\users\wesley\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe 2010-05-02 18:01 . 2010-05-02 18:01 -------- d-----w- c:\program files\Microsoft WSE 2010-04-30 15:25 . 2010-05-23 12:49 58400 ----a-w- c:\windows\system32\RtkCoInst.dll 2010-04-30 15:25 . 2010-05-23 12:49 1775136 ----a-w- c:\windows\system32\RtkPgExt.dll 2010-04-30 15:24 . 2010-05-23 12:49 367136 ----a-w- c:\windows\system32\RtkApoApi.dll 2010-04-30 15:24 . 2010-05-23 12:49 3583008 ----a-w- c:\windows\system32\RtkAPO.dll 2010-04-30 14:59 . 2010-05-23 12:49 3086752 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys 2010-04-28 16:45 . 2010-05-23 12:49 1251872 ----a-w- c:\windows\RtlExUpd.dll 2010-04-28 13:45 . 2010-04-28 13:45 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe 2010-04-27 12:45 . 2010-04-27 12:45 72856 ----a-w- c:\windows\system32\xliveinstallhost.exe 2010-04-27 12:45 . 2010-04-27 12:45 187544 ----a-w- c:\windows\system32\xliveinstall.dll 2010-04-23 07:13 . 2010-05-26 18:38 2048 ----a-w- c:\windows\system32\tzres.dll 2010-04-18 18:52 . 2010-04-18 18:53 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-04-16 20:12 . 2010-04-16 20:12 48464 ----a-w- c:\windows\system32\sirenacm.dll 2010-04-08 11:20 . 2010-04-08 11:20 91424 ----a-w- c:\windows\system32\dnssd.dll 2010-04-08 11:20 . 2010-04-08 11:20 107808 ----a-w- c:\windows\system32\dns-sd.exe 2010-04-02 15:17 . 2010-04-02 15:17 15426200 ----a-w- c:\windows\system32\xlive.dll 2010-04-02 15:17 . 2010-04-02 15:17 13642904 ----a-w- c:\windows\system32\xlivefnt.dll 2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat 2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe . ((((((((((((((((((((((((((((( SnapShot@2010-06-25_00.11.47 ))))))))))))))))))))))))))))))))))))))))) . + 2010-06-25 02:57 . 2010-06-25 02:57 65536 c:\windows\winsxs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_45e008191e507087\vcomp.dll + 2010-06-25 02:57 . 2010-06-25 02:57 49152 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80KOR.dll + 2010-06-25 02:57 . 2010-06-25 02:57 49152 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80JPN.dll + 2010-06-25 02:57 . 2010-06-25 02:57 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ITA.dll + 2010-06-25 02:57 . 2010-06-25 02:57 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80FRA.dll + 2010-06-25 02:57 . 2010-06-25 02:57 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ESP.dll + 2010-06-25 02:57 . 2010-06-25 02:57 57344 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80ENU.dll + 2010-06-25 02:57 . 2010-06-25 02:57 65536 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80DEU.dll + 2010-06-25 02:57 . 2010-06-25 02:57 45056 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80CHT.dll + 2010-06-25 02:57 . 2010-06-25 02:57 40960 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\mfc80CHS.dll + 2010-06-25 02:57 . 2010-06-25 02:57 57344 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfcm80u.dll + 2010-06-25 02:57 . 2010-06-25 02:57 69632 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfcm80.dll + 2010-06-25 02:57 . 2010-06-25 02:57 95744 c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1\ATL80.dll + 2010-06-25 03:28 . 2010-06-25 03:28 37888 c:\windows\winsxs\x86_microsoft.flightsimulator.simconnect_67c7c14424d61b5b_10.0.60905.0_none_dd92b94d8a196297\SimConnect.dll + 2010-01-19 13:21 . 2010-06-25 22:09 42600 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 04:55 . 2010-06-25 22:09 41378 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-01-19 11:31 . 2010-06-25 02:52 12180 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4163138912-3793513249-2779747837-1000_UserData.bin + 2009-07-27 02:43 . 2009-07-27 02:43 58908 c:\windows\System32\drivers\scdemu.sys + 2010-01-19 11:25 . 2010-06-25 22:00 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-01-19 11:25 . 2010-06-25 00:02 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-01-19 11:25 . 2010-06-25 00:02 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2010-01-19 11:25 . 2010-06-25 22:00 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:41 . 2010-06-25 22:00 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:41 . 2010-06-25 00:02 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-01-19 19:04 . 2010-06-25 22:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-01-19 19:04 . 2010-06-25 00:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:34 . 2010-06-25 22:15 83384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat - 2009-07-14 04:34 . 2010-06-23 04:49 83384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat + 2010-01-19 19:04 . 2010-06-25 22:10 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2010-01-19 19:04 . 2010-06-25 00:05 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2010-01-19 19:04 . 2010-06-25 22:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2010-01-19 19:04 . 2010-06-25 00:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-01-19 11:37 . 2010-06-25 22:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-01-19 11:37 . 2010-06-25 00:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-01-19 19:06 . 2010-06-25 00:05 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat + 2010-01-19 19:06 . 2010-06-25 22:00 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat + 2010-01-19 19:06 . 2010-06-25 22:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat - 2010-01-19 19:06 . 2010-06-25 00:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat + 2010-01-19 19:06 . 2010-06-25 22:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat - 2010-01-19 19:06 . 2010-06-25 00:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat - 2010-01-19 11:37 . 2010-06-25 00:05 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2010-01-19 11:37 . 2010-06-25 22:10 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2010-01-19 11:37 . 2010-06-25 00:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-01-19 11:37 . 2010-06-25 22:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-06-25 03:32 . 2010-06-25 03:32 32768 c:\windows\Installer\{716E0306-8318-4364-8B8F-0CC4E9376BAC}\icon.exe + 2010-06-25 03:10 . 2010-06-25 03:10 92496 c:\windows\assembly\GAC_32\Microsoft.FlightSimulator.SimConnect\10.0.60905.0__31bf3856ad364e35\Microsoft.FlightSimulator.SimConnect.dll - 2010-06-23 03:24 . 2010-06-23 03:24 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll + 2010-06-25 03:32 . 2010-06-25 03:32 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll - 2010-06-23 03:24 . 2010-06-23 03:24 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll + 2010-06-25 03:32 . 2010-06-25 03:32 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll + 2010-06-25 22:07 . 2010-06-25 22:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2010-06-25 00:01 . 2010-06-25 00:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2010-06-25 00:01 . 2010-06-25 00:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2010-06-25 22:07 . 2010-06-25 22:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-07-14 04:33 . 2010-06-25 21:57 412712 c:\windows\System32\FNTCACHE.DAT + 2009-07-14 04:47 . 2010-06-25 22:06 407028 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2010-06-25 03:27 . 2010-06-25 03:27 126976 c:\windows\Installer\{9527A496-5DF9-412A-ADC7-168BA5379CA6}\ARPPRODUCTICON.exe + 2010-06-25 03:32 . 2010-06-25 03:32 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll + 2010-06-25 03:32 . 2010-06-25 03:32 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll - 2010-06-23 03:24 . 2010-06-23 03:24 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll + 2010-06-25 03:32 . 2010-06-25 03:32 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll + 2010-06-25 03:32 . 2010-06-25 03:32 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll - 2010-06-23 03:24 . 2010-06-23 03:24 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll - 2010-06-23 03:24 . 2010-06-23 03:24 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll + 2010-06-25 03:32 . 2010-06-25 03:32 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll + 2010-06-25 03:32 . 2010-06-25 03:32 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll - 2010-06-23 03:24 . 2010-06-23 03:24 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll + 2010-06-25 02:57 . 2010-06-25 02:57 1079808 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80u.dll + 2010-06-25 02:57 . 2010-06-25 02:57 1093632 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\mfc80.dll + 2010-06-25 03:28 . 2010-06-25 03:28 1230336 c:\windows\winsxs\x86_microsoft.msxml2_6bd6b9abf345378f_4.1.0.0_none_6c030d6fdc86522c\msxml4.dll + 2009-07-14 02:03 . 2010-06-25 11:30 7077888 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT - 2009-07-14 02:03 . 2010-06-24 04:21 7077888 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT + 2009-07-14 04:34 . 2010-06-25 21:59 3852188 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat - 2009-07-14 04:34 . 2010-06-23 01:22 3852188 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2006-09-09 11:15 . 2006-09-09 11:15 5289984 c:\windows\Installer\5a124.msi + 2005-09-23 05:48 . 2005-09-23 05:48 2483200 c:\windows\Installer\5a11a.msi + 2010-06-25 03:32 . 2010-06-25 03:32 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-25 03:32 . 2010-06-25 03:32 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2010-06-23 03:24 . 2010-06-23 03:24 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2009-07-14 08:09 . 2010-06-25 03:28 30872835 c:\windows\winsxs\ManifestCache\e4e8be02b8fae2a7_blobs.bin + 2010-04-29 20:33 . 2010-06-25 22:06 30520796 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4163138912-3793513249-2779747837-1000-12288.dat + 2006-09-09 10:15 . 2006-09-09 10:15 79256064 c:\windows\Installer\5a11e.msi . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] 2010-02-28 00:20 561552 ----a-w- c:\progra~1\MICROS~4\Office14\URLREDIR.DLL [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-19 39408] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] "Steam"="c:\program files\Steam\Steam.exe" [2010-05-08 1238352] "Google Update"="c:\users\wesley\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-03-14 135664] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTAgent.exe" [2010-04-15 427328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-02 2065248] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120] c:\users\wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-19 135664] R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-09-24 22528] R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-08-26 25480] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1343400] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-06-25 697328] S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-09-24 19592] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-03-14 216200] S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-06-02 242896] S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-03-14 916760] S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-14 308064] S2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;c:\windows\system32\libusbd-nt.exe [2005-03-09 18944] S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-12-03 625224] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2005-03-09 33792] S3 netw5v32;Intel® Wireless WiFi Link adapter stuurprogramma onder Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2010-01-13 6628352] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-11-27 233472] --- Andere Services/Drivers In Geheugen --- *NewlyCreated* - PCIIDE [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . Inhoud van de 'Gedeelde Taken' map 2010-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-19 20:15] 2010-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-19 20:15] 2010-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4163138912-3793513249-2779747837-1000Core.job - c:\users\wesley\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-14 13:53] 2010-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4163138912-3793513249-2779747837-1000UA.job - c:\users\wesley\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-14 13:53] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://search.babylon.com/home/?ai=13054 mStart Page = hxxp://www.foozir.com/ uInternet Settings,ProxyOverride = *.local IE: &D&ownload &met BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload alle video met BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: &D&ownload alles met BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: &Verzenden naar OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL . - - - - ORPHANS VERWIJDERD - - - - AddRemove-Colin McRae DiRT 2_is1 - c:\program files\Codemasters\Colin McRae DiRT 2\Uninstall\unins000.exe AddRemove-WebScout Toolbar - c:\program files\WebScout Toolbar\UninstallToolbar.exe AddRemove-{52D1D62C-FEAB-4580-849E-1DB624BADBBD} - c:\program files\InstallShield Installation Information\{52D1D62C-FEAB-4580-849E-1DB624BADBBD}\setup.exe . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-4163138912-3793513249-2779747837-1000\Software\SecuROM\License information*] "datasecu"=hex:29,13,9b,3c,62,a5,42,71,1d,ad,2c,5c,a6,af,bf,31,d9,0c,53,2e,d5, 6a,de,a3,19,98,65,b2,6e,d7,cf,5d,7f,b7,97,8b,b4,da,5f,38,b0,16,7f,49,97,ba,\ "rkeysecu"=hex:de,34,91,4d,d1,8b,3f,6d,35,56,33,ca,ac,82,3b,4f [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2010-06-26 00:23:51 ComboFix-quarantined-files.txt 2010-06-25 22:23 ComboFix2.txt 2010-06-25 00:13 Pre-Run: 23.965.442.048 bytes beschikbaar Post-Run: 23.687.962.624 bytes beschikbaar - - End Of File - - EEA48FCF6CA582B0139E41FDB381C172 rn dit is het hijackthis log file Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 0:26:43, on 26-6-2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\wesley\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Windows\explorer.exe C:\Users\wesley\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\wesley\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\wesley\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\wesley\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\wesley\Downloads\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Foozir.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\WebScout Toolbar\tbcore3.dll (file missing) O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [Google Update] "C:\Users\wesley\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O8 - Extra context menu item: &D&ownload &met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload alle video met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload alles met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.27.dll/206 (file missing) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.162.54,93.188.161.184 O17 - HKLM\System\CS2\Services\Tcpip\..\{5B4A4D56-AFF7-486D-B336-D6A8F8C1937C}: NameServer = 93.188.162.54,93.188.161.184 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - libusb-Win32 - C:\Windows\system32\libusbd-nt.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 10528 bytes wederom alvast bedankt!! gr wesley

bedankt kape voor je reactie!! ik heb inmiddels combfix zijn werk laten doen en dit kwam er uit ComboFix 10-06-23.05 - wesley 25-06-2010 2:05.1.2 - x86 Microsoft Windows 7 Professional 6.1.7600.0.1252.31.1043.18.2046.1035 [GMT 2:00] Gestart vanuit: c:\users\wesley\Desktop\combofix.exe * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\WebScout Toolbar\tbHElper.dll c:\windows\run_setup.exe c:\windows\system32\ernel32.dll c:\windows\system32\spool\prtprocs\w32x86\17931y.dll c:\windows\system32\spool\prtprocs\w32x86\17a317.dll c:\windows\system32\spool\prtprocs\w32x86\555aA.dll c:\windows\system32\spool\prtprocs\w32x86\7i31qG3.dll c:\windows\system32\spool\prtprocs\w32x86\7m317c3.dll c:\windows\system32\spool\prtprocs\w32x86\i17931qG.dll c:\windows\system32\spool\prtprocs\w32x86\QGMY17.dll c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job . (((((((((((((((((((( Bestanden Gemaakt van 2010-05-25 to 2010-06-25 )))))))))))))))))))))))))))))) . 2010-06-24 00:24 . 2010-06-25 00:11 -------- d-----w- c:\program files\WebScout Toolbar 2010-06-24 00:23 . 2010-06-24 00:27 -------- d-----w- c:\program files\BitComet Turbo Accelerator 2010-06-23 04:22 . 2010-06-23 04:29 50176 ----a-w- c:\users\wesley\AppData\Roaming\b5b951bd.exe 2010-06-23 03:24 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll 2010-06-23 03:24 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll 2010-06-23 03:24 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll 2010-06-23 03:19 . 2010-06-23 03:19 -------- d-----w- c:\program files\Codemasters 2010-06-23 01:01 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-06-23 01:01 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll 2010-06-23 01:01 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll 2010-06-23 01:01 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2010-06-23 01:01 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll 2010-06-22 18:51 . 2010-03-24 06:37 1286456 ----a-w- c:\windows\system32\ntdll.dll 2010-06-22 18:51 . 2010-05-09 09:14 641536 ----a-w- c:\windows\system32\CPFilters.dll 2010-06-22 18:51 . 2010-05-09 09:14 417792 ----a-w- c:\windows\system32\msdri.dll 2010-06-21 00:43 . 2010-06-21 00:43 -------- d-----w- c:\program files\Xvid 2010-06-21 00:43 . 2009-06-07 14:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll 2010-06-21 00:43 . 2009-06-07 14:16 819200 ----a-w- c:\windows\system32\xvidcore.dll 2010-06-21 00:41 . 2010-06-21 00:41 -------- d-----w- c:\program files\AVIcodec 2010-06-21 00:24 . 2007-05-19 14:33 31232 ----a-w- c:\windows\system\vdremote.dll 2010-06-21 00:24 . 2007-05-19 14:33 25088 ----a-w- c:\windows\system\vdsvrlnk.dll 2010-06-20 06:03 . 2010-06-20 06:03 -------- d-----w- c:\program files\Convert AVI to MP4 2010-06-20 05:42 . 2010-06-20 05:42 -------- d-----w- c:\program files\URUSoft 2010-06-20 05:32 . 2005-09-14 06:16 205824 ----a-w- c:\windows\patchw32.dll 2010-06-20 05:31 . 2005-09-14 07:25 28 ----a-w- c:\windows\system32\copytowin.bat 2010-06-20 05:31 . 2005-09-14 06:16 205824 ----a-w- c:\windows\system32\pw32a.dll 2010-06-20 05:31 . 2005-09-14 06:16 205824 ----a-w- c:\windows\pw32a.dll 2010-06-20 04:27 . 2010-06-20 04:27 -------- d-----w- c:\program files\Lead Pursuit 2010-06-18 18:39 . 2010-06-23 04:42 -------- d-----w- c:\users\wesley\Tracing 2010-06-18 18:38 . 2010-06-18 18:38 -------- d-----w- c:\program files\Microsoft 2010-06-18 18:38 . 2010-06-18 18:38 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-06-18 18:38 . 2010-06-18 18:39 -------- d-----w- c:\program files\Windows Live 2010-06-18 18:34 . 2010-06-18 18:34 -------- d-----w- c:\program files\Common Files\Windows Live 2010-06-15 18:17 . 2010-06-15 18:17 -------- d-----w- c:\windows\system32\Wat 2010-06-11 18:51 . 2010-06-11 18:51 -------- d-----w- c:\programdata\Apple 2010-06-11 18:50 . 2010-05-01 14:49 2326528 ----a-w- c:\windows\system32\win32k.sys 2010-06-11 18:49 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll 2010-06-11 18:49 . 2010-05-21 05:18 977920 ----a-w- c:\windows\system32\wininet.dll 2010-06-11 18:49 . 2010-05-27 07:24 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-06-11 18:49 . 2010-05-27 03:49 293888 ----a-w- c:\windows\system32\atmfd.dll 2010-06-08 11:21 . 2010-06-08 11:21 -------- d-sh--w- c:\windows\ftpcache 2010-06-08 11:21 . 2010-06-08 11:21 -------- d-----w- c:\programdata\Ubisoft 2010-06-08 11:20 . 2010-06-22 04:13 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2010-06-08 11:20 . 2010-06-22 04:13 22328 ----a-w- c:\users\wesley\AppData\Roaming\PnkBstrK.sys 2010-06-08 11:20 . 2010-06-22 04:13 107832 ----a-w- c:\windows\system32\PnkBstrB.exe 2010-06-08 11:20 . 2010-06-22 04:13 2250024 ----a-w- c:\windows\system32\pbsvc.exe 2010-06-08 11:20 . 2010-06-08 11:20 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2010-06-08 11:01 . 2010-06-22 04:06 -------- d-----w- c:\program files\Ubisoft 2010-06-07 16:27 . 2010-06-07 16:27 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-06-07 16:27 . 2010-06-20 22:09 -------- d-----w- c:\users\wesley\AppData\Roaming\skypePM 2010-06-07 15:45 . 2010-06-20 23:40 -------- d-----w- c:\users\wesley\AppData\Roaming\Skype 2010-06-07 15:44 . 2010-06-07 15:44 -------- d-----w- c:\program files\Common Files\Skype 2010-06-07 15:44 . 2010-06-07 15:44 -------- d-----r- c:\program files\Skype 2010-06-07 15:43 . 2010-06-07 15:44 -------- d-----w- c:\programdata\Skype 2010-06-06 12:31 . 2010-06-06 12:31 -------- d-----w- c:\program files\Lionhead Studios 2010-06-06 11:15 . 2010-06-06 11:15 -------- d-----w- c:\program files\AutoUnpack 2010-06-04 19:38 . 2010-06-04 19:38 -------- d-----w- c:\program files\Microsoft Synchronization Services 2010-06-04 19:38 . 2010-06-04 19:38 -------- d-----w- c:\windows\PCHEALTH 2010-06-04 19:38 . 2010-06-04 19:38 -------- d-----w- c:\program files\Microsoft.NET 2010-06-04 19:38 . 2010-06-04 19:38 -------- d-----w- c:\program files\Microsoft Sync Framework 2010-06-04 19:38 . 2010-06-04 19:38 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-06-04 19:37 . 2010-06-04 19:37 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2010-06-04 19:36 . 2010-06-04 19:36 -------- d-----w- c:\program files\Microsoft Analysis Services 2010-06-04 19:35 . 2010-06-04 19:35 -------- d-----r- C:\MSOCache 2010-06-03 17:54 . 2010-06-03 18:21 -------- d-----w- c:\program files\Electronic Arts 2010-06-01 17:48 . 2010-06-02 15:08 -------- d-----w- c:\programdata\Electronic Arts 2010-05-31 20:05 . 2010-05-31 20:05 -------- d-----w- c:\program files\VirtualDJ 2010-05-30 13:13 . 2010-06-11 18:56 923456 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2010-05-26 18:38 . 2010-04-23 07:13 2048 ----a-w- c:\windows\system32\tzres.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-24 23:58 . 2010-03-07 17:56 -------- d-----w- c:\users\wesley\AppData\Roaming\BitComet 2010-06-23 04:46 . 2009-07-14 08:10 691728 ----a-w- c:\windows\system32\perfh013.dat 2010-06-23 04:46 . 2009-07-14 08:10 130232 ----a-w- c:\windows\system32\perfc013.dat 2010-06-23 04:42 . 2010-01-21 12:09 -------- d-----w- c:\program files\Steam 2010-06-23 03:19 . 2010-01-20 20:28 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-06-20 01:12 . 2010-01-20 18:50 -------- d-----w- c:\program files\QuickPar 2010-06-18 17:46 . 2010-05-19 21:00 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2010-06-17 18:25 . 2010-05-20 14:39 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2010-06-17 18:25 . 2010-05-19 21:00 923456 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2010-06-11 19:05 . 2010-06-11 18:54 -------- d-----w- c:\users\wesley\AppData\Roaming\Apple Computer 2010-06-11 19:04 . 2010-01-19 11:36 109592 ----a-w- c:\users\wesley\AppData\Local\GDIPFONTCACHEV1.DAT 2010-06-11 18:54 . 2010-06-11 18:54 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-06-11 18:54 . 2010-06-11 18:54 -------- d-----w- c:\program files\iTunes 2010-06-11 18:54 . 2010-06-11 18:54 -------- d-----w- c:\program files\iPod 2010-06-11 18:54 . 2010-06-11 18:52 -------- d-----w- c:\programdata\Apple Computer 2010-06-11 18:54 . 2010-06-11 18:51 -------- d-----w- c:\program files\Common Files\Apple 2010-06-11 18:53 . 2010-06-11 18:52 -------- d-----w- c:\program files\QuickTime 2010-06-11 18:52 . 2010-06-11 18:52 -------- d-----w- c:\program files\Apple Software Update 2010-06-11 18:52 . 2010-06-11 18:52 -------- d-----w- c:\program files\Bonjour 2010-06-08 11:22 . 2010-01-21 12:11 -------- d-----w- c:\program files\Activision 2010-06-05 06:32 . 2010-04-16 07:58 -------- d-----w- c:\program files\Microsoft Silverlight 2010-06-04 19:43 . 2010-05-17 17:57 -------- d-----w- c:\programdata\Microsoft Help 2010-06-04 19:39 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild 2010-06-04 08:08 . 2010-03-30 10:35 -------- d-----w- c:\users\wesley\AppData\Roaming\Belastingdienst 2010-06-02 15:13 . 2010-01-19 20:58 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-06-02 15:13 . 2010-01-19 20:58 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-05-30 19:46 . 2010-05-30 19:46 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf 2010-05-23 12:50 . 2010-01-20 20:56 -------- d--h--w- c:\program files\Temp 2010-05-23 12:49 . 2010-05-23 12:49 -------- d-----w- c:\program files\Common Files\InstallShield 2010-05-21 12:14 . 2010-01-19 19:56 221568 ------w- c:\windows\system32\MpSigStub.exe 2010-05-20 19:43 . 2010-05-20 19:42 -------- d-----w- c:\users\wesley\AppData\Roaming\vlc 2010-05-20 19:42 . 2010-05-20 19:42 -------- d-----w- c:\program files\VLC Player 2010-05-20 19:42 . 2010-05-20 19:42 -------- d-----w- c:\program files\Conduit 2010-05-20 19:42 . 2010-05-20 19:42 -------- d-----w- c:\program files\myBabylon_English 2010-05-20 19:42 . 2010-05-20 19:42 -------- d-----w- c:\program files\Babylon 2010-05-20 11:48 . 2010-05-20 11:48 -------- d-----w- c:\users\wesley\AppData\Roaming\BlackBean 2010-05-20 11:42 . 2010-05-20 11:42 -------- d-----w- c:\program files\BlackBeanGames 2010-05-17 19:54 . 2010-05-17 19:54 -------- d-----w- c:\program files\Gabest 2010-05-16 09:34 . 2010-01-19 20:14 -------- d-----w- c:\program files\Google 2010-05-13 13:36 . 2010-03-01 21:14 -------- d-----w- c:\program files\Common Files\Motorola Shared 2010-05-13 13:34 . 2010-05-08 16:28 -------- d-----w- c:\program files\Mio Technology 2010-05-12 12:33 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail 2010-05-11 11:28 . 2010-05-11 11:28 -------- d-----w- c:\program files\CCleaner 2010-05-08 15:06 . 2010-05-08 15:03 -------- d-----w- c:\program files\Common Files\Adobe AIR 2010-05-08 15:05 . 2010-05-08 15:04 38784 ----a-w- c:\users\wesley\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-05-08 15:05 . 2010-05-08 15:03 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-05-03 17:05 . 2010-05-02 20:14 -------- d-----w- c:\program files\MagicISO 2010-05-02 18:01 . 2010-05-02 18:01 10134 ----a-r- c:\users\wesley\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe 2010-05-02 18:01 . 2010-05-02 18:01 -------- d-----w- c:\program files\Microsoft WSE 2010-04-30 15:25 . 2010-05-23 12:49 58400 ----a-w- c:\windows\system32\RtkCoInst.dll 2010-04-30 15:25 . 2010-05-23 12:49 1775136 ----a-w- c:\windows\system32\RtkPgExt.dll 2010-04-30 15:24 . 2010-05-23 12:49 367136 ----a-w- c:\windows\system32\RtkApoApi.dll 2010-04-30 15:24 . 2010-05-23 12:49 3583008 ----a-w- c:\windows\system32\RtkAPO.dll 2010-04-30 14:59 . 2010-05-23 12:49 3086752 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys 2010-04-28 16:45 . 2010-05-23 12:49 1251872 ----a-w- c:\windows\RtlExUpd.dll 2010-04-28 13:45 . 2010-04-28 13:45 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe 2010-04-27 12:45 . 2010-04-27 12:45 72856 ----a-w- c:\windows\system32\xliveinstallhost.exe 2010-04-27 12:45 . 2010-04-27 12:45 187544 ----a-w- c:\windows\system32\xliveinstall.dll 2010-04-18 18:52 . 2010-04-18 18:53 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-04-18 15:21 . 2010-04-18 15:21 146 ----a-w- c:\windows\DelMR.bat 2010-04-16 20:12 . 2010-04-16 20:12 48464 ----a-w- c:\windows\system32\sirenacm.dll 2010-04-08 11:20 . 2010-04-08 11:20 91424 ----a-w- c:\windows\system32\dnssd.dll 2010-04-08 11:20 . 2010-04-08 11:20 107808 ----a-w- c:\windows\system32\dns-sd.exe 2010-04-02 15:17 . 2010-04-02 15:17 15426200 ----a-w- c:\windows\system32\xlive.dll 2010-04-02 15:17 . 2010-04-02 15:17 13642904 ----a-w- c:\windows\system32\xlivefnt.dll 2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat 2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2009-12-31 2349080] [HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}] 2009-12-31 09:53 2349080 ----a-w- c:\program files\myBabylon_English\tbmyBa.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] 2010-02-28 00:20 561552 ----a-w- c:\progra~1\MICROS~4\Office14\URLREDIR.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2009-12-31 2349080] [HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7}"= "c:\program files\myBabylon_English\tbmyBa.dll" [2009-12-31 2349080] [HKEY_CLASSES_ROOT\clsid\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-19 39408] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] "Steam"="c:\program files\Steam\Steam.exe" [2010-05-08 1238352] "Google Update"="c:\users\wesley\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-03-14 135664] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-02 2065248] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120] c:\users\wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-02 691696] R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-19 135664] R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-09-24 22528] R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-08-26 25480] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1343400] S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-09-24 19592] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-03-14 216200] S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-06-02 242896] S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-03-14 916760] S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-14 308064] S2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;c:\windows\system32\libusbd-nt.exe [2005-03-09 18944] S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-12-03 625224] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2005-03-09 33792] S3 netw5v32;Intel® Wireless WiFi Link adapter stuurprogramma onder Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2010-01-13 6628352] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-11-27 233472] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . Inhoud van de 'Gedeelde Taken' map 2010-05-12 c:\windows\Tasks\At1.job - c:\windows\system32\KillBox.exe [2010-05-12 09:37] 2010-06-25 c:\windows\Tasks\b5b951bd.job - c:\users\wesley\AppData\Roaming\b5b951bd.exe [2010-06-23 04:29] 2010-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-19 20:15] 2010-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-19 20:15] 2010-06-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4163138912-3793513249-2779747837-1000Core.job - c:\users\wesley\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-14 13:53] 2010-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4163138912-3793513249-2779747837-1000UA.job - c:\users\wesley\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-14 13:53] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://search.babylon.com/home/?ai=13054 mStart Page = hxxp://www.foozir.com/ uInternet Settings,ProxyOverride = *.local IE: &D&ownload &met BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload alle video met BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: &D&ownload alles met BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: &Verzenden naar OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL . - - - - ORPHANS VERWIJDERD - - - - HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe AddRemove-EA Download Manager - c:\program files\Electronic Arts\EADM\EADMUninstall.exe . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-4163138912-3793513249-2779747837-1000\Software\SecuROM\License information*] "datasecu"=hex:29,13,9b,3c,62,a5,42,71,1d,ad,2c,5c,a6,af,bf,31,d9,0c,53,2e,d5, 6a,de,a3,19,98,65,b2,6e,d7,cf,5d,7f,b7,97,8b,b4,da,5f,38,b0,16,7f,49,97,ba,\ "rkeysecu"=hex:de,34,91,4d,d1,8b,3f,6d,35,56,33,ca,ac,82,3b,4f [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2010-06-25 02:13:41 ComboFix-quarantined-files.txt 2010-06-25 00:13 Pre-Run: 39.978.897.408 bytes beschikbaar Post-Run: 39.925.006.336 bytes beschikbaar - - End Of File - - 8D6EB8DF57261B863F88B3BFCB6280A5 gek genoeg na combofix is alles weer normaal, zag namelijk ook dat cf dingen had verwijderd (weet niet of dit normaal is). dus ik zeg hierbij hartelijk dank!! nog ff een reminder dat bij mij combofix niet werkt wanneer je hem een andere naam geeft. gr. wesley

hallo, laat ik me eerst ff voorstellen in ben wesley, 23 jr uit friesland heb een hp pavilion 9595ed en gebruik google chrome. ik heb dus sinds vandaag problemen met het openen van website, wel te verstaan bijna alle website's. uitzonderingen zijn abn, jullie site en hotmail. om er ff bij te melden heb ik vanacht problemen gehad met een soort van website bom ofzo een heleboel website's werden er geladen maar gelukkig nog net niet genoeg om me pc te laten crashen. kan verder niet veel zeggen want heb niet meer bijzonders gedaan dan surfen op het web. als virusscanner gebruik ik avg 9. nog iets iig redelijk nieuwe versie. ik heb ook is op jullie forum zitten struinen en daar ook relevante onderwerpen gevonden alleen het grappige is dat ik de website van die malware programma's en die trend micro hijackthis dus niet kan openen :rofl:. ik heb avg al een grondige scan laten uitvoeren en ook ccleaner zijn werk laten doen alleen dat mocht niet baten ben meestal wel van het zelf uitzoeken en fixen alleen dat is dus wel een probleem als ik niks kan opzoeken . hoop dus via jullie iets zinnigs uit dit gebakkie te krijgen en hem weer normaal te laten doen. btw systeemherstel lukt niet aangezien hij geen punten heb . alvast bedankt!! gr wesley