kan er iemand mijn log eens nakijken aub

hier mijn logje van mbam

Malwarebytes' Anti-Malware 1.41
Database versie: 2775
Windows 5.1.2600 Service Pack 3
15/09/2009 17:19:53
mbam-log-2009-09-15 (17-19-53).txt
Scan type: Volledige Scan (C:\|D:\|)
Objecten gescand: 150548
Verstreken tijd: 35 minute(s), 32 second(s)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 1
Registerwaarden geïnfecteerd: 1
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 6
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registersleutels geïnfecteerd:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\AlerterALG (Trojan.Downloader) -> Quarantined and deleted successfully.
Registerwaarden geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Policies\Explorer\ForceClassicControlPan el (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.
Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Bestanden geïnfecteerd:
C:\WINDOWS\system32\rotscxjwswuxxj.dll (Rootkit.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\rotscxpvirvuya.dll (Rootkit.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\rotscxrsvdbqpa.dat (Rootkit.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\rotscxsewmivsv.dat (Rootkit.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\rotscxtcxpfqrn.dll (Rootkit.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\drivers\rotscxemvgbvrx.sys (Rootkit.TDSS) -> Delete on reboot.

en hier mijn logje van hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:41:54, on 15/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRAM FILES\PANDA SECURITY\PANDA ANTIVIRUS PRO 2009\WebProxy.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsCtrls.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PavFnSvr.exe
C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsImSvc.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PskSvc.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\pavsrv51.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\AVENGINE.EXE
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\Firewall\PSHOST.EXE
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2009\ApvxdWin.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Telemeter 3.0\telemeter3.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb1 0.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\hijackthis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.nl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.nl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus Pro 2009\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Antivirus Pro 2009\Inicio.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Telemeter 3.0] "C:\Program Files\Telemeter 3.0\telemeter3.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb1 0.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\Run: [SkinClock] C:\Program Files\Desktop Tray Clock\DTClock.exe (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - S-1-5-18 Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'Default user')
O4 - .DEFAULT User Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing)
O9 - Extra 'Tools' menuitem: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing)
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\pavsrv51.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\Firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PskSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\TPSrv.exe
--
End of file - 10012 bytes

Download Combofix (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) naar je Bureaublad en gebruik het volgens deze handleiding (http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden).

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen! Dubbelklik op Combofix.exe om het te starten.
Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
Klik op OK in het "NirCmd" venstertje.
Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster.
Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
Klik na afloop terug op Ja om het scannen op malware te starten.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.Post dit logje in je volgende antwoord.

hoi Rostyhier mijn combofix log bekijk je hem als je tijd hebt aub hoor je wel groetjes elie

ComboFix 09-09-14.02 - Administrator 15/09/2009 22:35.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.1279.750 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Administrator\Bureaublad\ComboFix.exe
AV: Panda Antivirus Pro 2009 *On-access scanning disabled* (Updated) {EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A}
FW: Panda Personal Firewall 2009 *disabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8}
SP: Spy Emergency *disabled* (Updated) {82117492-906E-4b02-A33A-84D42A2DD907}
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Antivirus Pro 2009.lnk
c:\documents and settings\All Users\Menu Start\Programma's\Internet Explorer.lnk
c:\documents and settings\LocalService\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Antivirus Pro 2009.lnk
c:\documents and settings\NetworkService\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Antivirus Pro 2009.lnk
c:\windows\system32\advapi32new.dll
c:\windows\system32\apphelpnew.dll
c:\windows\system32\crypt32new.dll
c:\windows\system32\d3d10core.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\kernel32new.dll
c:\windows\system32\msvcrtnew.dll
c:\windows\system32\ntdsapinew.dll
c:\windows\system32\powrprofnew.dll
c:\windows\system32\secur32new.dll
c:\windows\system32\user32new.dll
c:\windows\system32\winstanew.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_rotscxxvcxtkse
-------\Service_rotscxxvcxtkse

(((((((((((((((((((( Bestanden Gemaakt van 2009-08-15 to 2009-09-15 ))))))))))))))))))))))))))))))
.
2009-09-15 20:42 . 2009-09-15 20:42 -------- d-----w- c:\windows\system32\xircom
2009-09-15 20:42 . 2009-09-15 20:42 -------- d-----w- c:\windows\system32\wbem\snmp
2009-09-15 20:42 . 2009-09-15 20:42 -------- d-----w- c:\program files\microsoft frontpage
2009-09-15 16:18 . 2009-09-15 16:32 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-15 15:23 . 2009-09-15 15:23 -------- d-----w- C:\found.000
2009-09-15 09:19 . 2009-09-15 18:06 -------- d-----w- c:\program files\Registry Easy
2009-09-15 09:14 . 2009-09-15 09:14 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Innovative Solutions
2009-09-15 09:14 . 2009-09-15 09:14 -------- d-----w- c:\program files\Innovative Solutions
2009-09-14 21:52 . 2009-09-14 21:52 -------- d-----w- c:\program files\Alcohol Soft
2009-09-14 12:23 . 2009-09-15 19:00 -------- d-----w- c:\documents and settings\Administrator\Application Data\LimeWire
2009-09-14 12:23 . 2009-09-14 12:23 -------- d-----w- c:\program files\LimeWire
2009-09-14 12:22 . 2009-09-14 12:22 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-13 14:10 . 2009-09-15 18:13 48 ----a-w- c:\windows\system32\_1PUTILS.dat
2009-09-13 14:10 . 2009-09-13 14:14 -------- d-----w- c:\program files\Perfect Utilities
2009-09-12 23:19 . 2009-09-12 23:19 -------- d-----w- c:\program files\Windows Doctor
2009-09-12 18:19 . 2009-09-12 18:21 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-09-12 16:48 . 2009-09-12 16:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-09-12 16:47 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-12 16:47 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-12 16:47 . 2009-09-15 15:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-12 16:47 . 2009-09-12 16:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-12 16:40 . 2009-09-12 16:40 -------- d-----w- C:\PEBakcup
2009-09-12 16:37 . 2009-09-12 16:37 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities
2009-09-12 16:34 . 2009-09-12 16:39 -------- d-----w- c:\program files\PC Washer
2009-09-12 16:33 . 2009-09-12 16:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-09-12 16:33 . 2009-09-12 16:33 -------- d-----w- c:\documents and settings\Administrator\Application Data\Office Genuine Advantage
2009-09-12 08:48 . 2009-09-12 08:48 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2009-09-12 08:45 . 2009-09-12 08:45 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCach e
2009-09-12 08:42 . 2009-09-12 08:42 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-09-12 08:41 . 2009-09-12 08:41 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-09-12 08:37 . 2009-08-07 08:48 100352 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-09-12 08:37 . 2009-09-12 08:37 -------- d-----w- c:\windows\ie8updates
2009-09-12 08:37 . 2009-07-03 17:00 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-09-12 08:37 . 2009-07-03 17:00 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-09-12 08:36 . 2009-09-12 08:36 -------- dc-h--w- c:\windows\ie8
2009-09-12 08:25 . 2009-09-12 08:25 -------- d-----w- c:\program files\MSXML 4.0
2009-09-12 08:17 . 2009-09-12 08:17 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-09-12 08:17 . 2009-06-21 21:49 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2009-09-12 08:17 . 2009-07-29 04:37 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2009-09-12 08:17 . 2009-07-29 04:37 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2009-09-12 08:17 . 2009-06-10 06:20 134144 ------w- c:\windows\system32\dllcache\wkssvc.dll
2009-09-12 08:17 . 2009-08-05 09:01 205312 ------w- c:\windows\system32\dllcache\mswebdvd.dll
2009-09-12 08:16 . 2009-06-15 11:10 82432 ------w- c:\windows\system32\dllcache\tlntsess.exe
2009-09-12 08:16 . 2009-06-15 10:45 79872 ------w- c:\windows\system32\dllcache\telnet.exe
2009-09-12 08:16 . 2009-07-17 19:04 58880 ------w- c:\windows\system32\dllcache\atl.dll
2009-09-12 08:16 . 2009-07-10 13:31 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2009-09-12 08:16 . 2009-06-10 14:16 85504 ------w- c:\windows\system32\dllcache\avifil32.dll
2009-09-12 08:16 . 2009-06-25 08:42 54272 ------w- c:\windows\system32\dllcache\wdigest.dll
2009-09-12 08:16 . 2009-06-25 08:42 301568 ------w- c:\windows\system32\dllcache\kerberos.dll
2009-09-12 08:16 . 2009-06-25 08:42 136704 ------w- c:\windows\system32\dllcache\msv1_0.dll
2009-09-12 08:16 . 2009-06-24 10:28 92928 ------w- c:\windows\system32\dllcache\ksecdd.sys
2009-09-12 08:16 . 2009-06-03 19:12 1295360 ------w- c:\windows\system32\dllcache\quartz.dll
2009-09-12 08:14 . 2008-06-17 19:03 8508416 ------w- c:\windows\system32\dllcache\shell32.dll
2009-09-12 08:14 . 2009-06-25 08:42 147456 ------w- c:\windows\system32\dllcache\schannel.dll
2009-09-12 08:14 . 2008-12-11 10:57 333952 ------w- c:\windows\system32\dllcache\srv.sys
2009-09-12 08:14 . 2008-08-14 10:34 138496 ------w- c:\windows\system32\dllcache\afd.sys
2009-09-12 08:14 . 2008-10-23 12:43 286720 ------w- c:\windows\system32\dllcache\gdi32.dll
2009-09-12 08:14 . 2008-10-03 10:05 247326 ------w- c:\windows\system32\dllcache\strmdll.dll
2009-09-12 08:14 . 2008-10-24 11:41 455936 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2009-09-12 08:14 . 2008-09-10 01:16 1307648 ------w- c:\windows\system32\dllcache\msxml6.dll
2009-09-12 08:14 . 2008-09-04 17:17 1106944 ------w- c:\windows\system32\dllcache\msxml3.dll
2009-09-12 08:14 . 2008-10-15 16:37 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2009-09-12 07:55 . 2009-09-15 04:52 -------- d--h--w- c:\windows\$hf_mig$
2009-09-12 07:51 . 2009-07-03 17:00 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll
2009-09-12 07:51 . 2009-07-03 17:00 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll
2009-09-12 07:51 . 2009-06-29 11:25 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe
2009-09-12 07:51 . 2009-07-03 17:00 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-09-12 07:51 . 2009-02-06 19:07 3698584 ----a-w- c:\windows\system32\dllcache\ieapfltr.dat
2009-09-12 07:51 . 2009-03-08 02:31 59904 ----a-w- c:\windows\system32\dllcache\icardie.dll
2009-09-12 07:51 . 2009-03-08 02:11 445952 ----a-w- c:\windows\system32\dllcache\ieapfltr.dll
2009-09-12 07:51 . 2009-07-19 16:48 11067392 ------w- c:\windows\system32\dllcache\ieframe.dll
2009-09-12 06:28 . 2009-09-15 07:51 -------- d-----w- c:\program files\[DBP] Dutch Binaries Program
2009-09-12 06:28 . 2009-09-12 06:28 -------- d-----w- c:\windows\[DBP] Dutch Binaries Program
2009-09-11 17:29 . 2009-09-11 17:29 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-09-10 20:12 . 2009-09-10 20:12 -------- d-----w- c:\windows\Performance
2009-09-10 20:11 . 2009-09-10 20:11 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft Corporation
2009-09-10 19:29 . 2009-09-12 08:43 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google
2009-09-10 19:28 . 2009-09-10 19:28 -------- d-----w- c:\program files\Common Files\Adobe
2009-09-10 19:26 . 2009-09-10 19:27 -------- d-----w- c:\program files\Google
2009-09-10 19:26 . 2009-09-10 19:32 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2009-09-10 19:13 . 2009-09-10 19:14 -------- d-----w- c:\program files\Telemeter 3.0
2009-09-10 19:12 . 2009-09-14 11:14 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Ahead
2009-09-10 19:11 . 2009-09-14 11:14 -------- d-----w- c:\documents and settings\Administrator\Application Data\Ahead
2009-09-10 19:11 . 2009-09-10 19:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead
2009-09-10 19:09 . 2009-09-10 19:10 -------- d-----w- c:\program files\Common Files\Ahead
2009-09-10 19:09 . 2009-09-10 19:09 -------- d-----w- c:\program files\Nero
2009-09-10 19:09 . 2009-09-10 19:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-09-10 18:20 . 2008-04-22 20:20 1584149 ----a-w- c:\windows\system32\setupapinew.dll
2009-09-10 18:20 . 2008-03-09 05:25 236 ---ha-w- c:\program files\Common Files\dx.reg
2009-09-10 18:20 . 2008-05-04 15:42 789525 ----a-w- c:\windows\system32\rpcrt4new.dll
2009-09-10 18:20 . 2007-04-18 00:13 25037 ----a-w- c:\windows\system32\Nucleus.dll
2009-09-10 18:20 . 2006-11-02 10:47 1162656 ----a-w- c:\windows\system32\ntdllnew.dll
2009-09-10 18:20 . 2004-12-08 15:57 376832 ----a-w- c:\windows\system32\M2000Twn.dll
2009-09-10 18:20 . 2008-04-12 16:13 1029126 ----a-w- c:\windows\system32\d3d10.dll
2009-09-10 18:20 . 2006-11-29 12:06 440080 ----a-w- c:\windows\system32\d3dx10.dll
2009-09-10 16:48 . 2007-04-09 11:23 28040 ----a-w- c:\windows\system32\mdimon.dll
2009-09-10 16:41 . 2009-09-10 16:45 -------- d-----w- c:\windows\SHELLNEW
2009-09-10 16:41 . 2009-09-10 16:41 -------- d-----w- c:\program files\Microsoft.NET
2009-09-10 16:36 . 2009-09-10 17:33 -------- d-----w- c:\documents and settings\Administrator\Application Data\MiniDm
2009-09-10 15:38 . 2009-09-12 18:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-09-10 13:09 . 2008-04-14 00:47 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys
2009-09-10 13:09 . 2008-04-14 00:15 6272 ----a-w- c:\windows\system32\drivers\splitter.sys
2009-09-10 13:09 . 2008-04-13 22:09 142592 ----a-w- c:\windows\system32\drivers\aec.sys
2009-09-10 13:09 . 2008-04-14 00:15 56576 ----a-w- c:\windows\system32\drivers\swmidi.sys
2009-09-10 13:09 . 2008-04-14 00:15 52864 ----a-w- c:\windows\system32\drivers\DMusic.sys
2009-09-10 13:08 . 2008-04-14 00:09 7552 ----a-w- c:\windows\system32\drivers\MSKSSRV.sys
2009-09-10 13:08 . 2008-04-14 00:09 5376 ----a-w- c:\windows\system32\drivers\MSPCLOCK.sys
2009-09-10 13:08 . 2008-04-14 00:15 2944 ----a-w- c:\windows\system32\drivers\drmkaud.sys
2009-09-10 13:08 . 2008-04-14 00:09 4992 ----a-w- c:\windows\system32\drivers\MSPQM.sys
2009-09-10 13:08 . 2008-04-14 00:45 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys
2009-09-10 13:08 . 2008-04-14 00:15 172416 ----a-w- c:\windows\system32\drivers\kmixer.sys
2009-09-10 13:08 . 2001-08-17 21:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2009-09-10 13:08 . 2008-04-14 22:32 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-09-10 13:07 . 2008-04-14 22:04 58112 ----a-w- c:\windows\system32\drivers\redbook.sys
2009-09-10 13:07 . 2008-04-14 00:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-09-10 13:07 . 2008-04-14 22:32 4274816 ----a-w- c:\windows\system32\nv4_disp.dll
2009-09-10 13:07 . 2008-04-13 22:04 1897408 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-09-10 13:06 . 2008-04-14 20:32 4096 ----a-w- c:\windows\system32\ksuser.dll
2009-09-10 13:06 . 2001-08-17 22:00 2944 ----a-w- c:\windows\system32\drivers\msmpu401.sys
2009-09-10 13:06 . 2008-04-13 22:15 60160 ----a-w- c:\windows\system32\drivers\drmk.sys
2009-09-10 13:06 . 2008-03-21 11:35 146048 ----a-w- c:\windows\system32\drivers\portcls.sys
2009-09-10 13:06 . 2008-04-14 00:06 44672 ----a-w- c:\windows\system32\drivers\UAGP35.SYS
2009-09-10 13:06 . 2008-04-14 00:15 10624 ----a-w- c:\windows\system32\drivers\gameenum.sys
2009-09-10 13:06 . 2001-08-17 20:13 27165 ----a-w- c:\windows\system32\drivers\fetnd5.sys
2009-09-10 13:06 . 2008-04-14 22:32 76288 ----a-w- c:\windows\system32\usbui.dll
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-09-15 20:44 . 2009-09-10 11:49 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG.bck
2009-09-15 20:44 . 2009-09-10 11:49 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG
2009-09-15 20:44 . 2009-09-10 11:49 242624 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT.bck
2009-09-15 20:44 . 2009-09-10 11:49 242624 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT
2009-09-15 20:17 . 2009-09-10 12:05 -------- d-----w- c:\documents and settings\Administrator\Application Data\GrabIt
2009-09-14 21:47 . 2009-09-10 11:17 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-09-14 12:22 . 2009-09-10 11:17 -------- d-----w- c:\program files\Java
2009-09-14 11:11 . 2009-09-10 11:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\Media Player Classic
2009-09-13 10:52 . 2009-09-10 11:32 44632 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-12 17:56 . 2009-09-10 11:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\Desktopicon
2009-09-12 17:56 . 2009-09-10 11:21 -------- d-----w- c:\documents and settings\Default User\Application Data\Desktopicon
2009-09-12 08:45 . 2008-05-21 12:00 90642 ----a-w- c:\windows\system32\perfc013.dat
2009-09-12 08:45 . 2008-05-21 12:00 508570 ----a-w- c:\windows\system32\perfh013.dat
2009-09-12 08:40 . 2009-09-10 11:16 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-12 08:18 . 2009-09-10 11:57 -------- d-----w- c:\program files\Windows Live
2009-09-10 19:23 . 2009-09-10 11:30 -------- d-----w- c:\program files\IEPro
2009-09-10 18:38 . 2009-09-10 11:58 -------- d-----w- c:\program files\FTDv3.8
2009-09-10 12:25 . 2009-09-10 12:25 -------- d-----w- c:\program files\QuickPar
2009-09-10 12:16 . 2009-09-10 12:15 -------- d-----w- c:\program files\Hewlett-Packard
2009-09-10 12:15 . 2009-09-10 12:15 -------- d-----w- c:\program files\HP
2009-09-10 12:03 . 2009-09-10 12:02 -------- d-----w- c:\program files\GrabIt
2009-09-10 12:02 . 2009-09-10 12:01 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-09-10 11:59 . 2009-09-10 11:59 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-09-10 11:58 . 2009-09-10 11:57 -------- dcsh--w- c:\program files\Common Files\WindowsLiveInstaller
2009-09-10 11:57 . 2009-09-10 11:57 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller
2009-09-10 11:52 . 2009-09-10 11:52 -------- d-----w- c:\documents and settings\All Users\Application Data\IM
2009-09-10 11:51 . 2009-09-10 11:50 -------- d-----w- c:\program files\IncrediMail
2009-09-10 11:50 . 2009-09-10 11:50 -------- d-----w- c:\documents and settings\All Users\Application Data\IncrediMail
2009-09-10 11:45 . 2009-09-10 11:45 249 ----a-w- c:\windows\system32\PavCPL.dat
2009-09-10 11:45 . 2009-09-10 11:45 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-10 11:45 . 2009-09-10 11:45 -------- d-----w- c:\program files\Panda Security
2009-09-10 11:45 . 2009-09-10 11:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Panda Security
2009-09-10 11:45 . 2009-09-10 11:45 -------- d-----w- c:\documents and settings\Administrator\Application Data\Panda Security
2009-09-10 11:44 . 2009-09-10 11:44 -------- d-----w- c:\program files\Common Files\Panda Security
2009-09-10 11:43 . 2009-09-10 11:43 -------- d-----w- c:\program files\Common Files\InstallShield
2009-09-10 11:37 . 2009-09-10 11:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\IEPro
2009-09-10 11:32 . 2009-09-10 11:12 -------- d-----w- c:\program files\Windows Sidebar
2009-09-10 11:32 . 2009-09-10 11:12 -------- d-----w- c:\program files\VistaExperience.org
2009-09-10 11:30 . 2009-09-10 11:30 25992 ----a-w- c:\windows\system32\pgdfgsvc.exe
2009-09-10 11:27 . 2009-09-10 11:27 -------- d-----w- c:\program files\MSBuild
2009-09-10 11:27 . 2009-09-10 11:27 -------- d-----w- c:\program files\Reference Assemblies
2009-09-10 11:27 . 2009-09-10 11:27 -------- d-----w- c:\program files\MSXML 6.0
2009-09-10 11:21 . 2009-09-10 11:21 -------- d-----w- c:\windows\system32\config\systemprofile\Applicati on Data\Media Player Classic
2009-09-10 11:21 . 2009-09-10 11:21 -------- d-----w- c:\documents and settings\Default User\Application Data\Media Player Classic
2009-09-10 11:21 . 2009-09-10 11:21 -------- d-----w- c:\program files\VistaCodecPack
2009-09-10 11:21 . 2009-09-10 11:21 -------- d-----w- c:\windows\system32\config\systemprofile\Applicati on Data\Desktopicon
2009-09-10 11:21 . 2009-09-10 11:21 -------- d-----w- c:\program files\Unlocker
2009-09-10 11:21 . 2009-09-10 11:21 -------- d-----w- c:\program files\HashTab Shell Extension
2009-09-10 11:21 . 2009-09-10 11:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\Talkback
2009-09-10 11:21 . 2009-09-10 11:21 -------- d-----w- c:\windows\system32\config\systemprofile\Applicati on Data\Talkback
2009-09-10 11:21 . 2009-09-10 11:21 -------- d-----w- c:\documents and settings\Default User\Application Data\Talkback
2009-09-10 11:21 . 2009-09-10 11:21 -------- d-----w- c:\program files\Desktop Tray Clock
2009-09-10 11:20 . 2009-09-10 11:20 -------- d-----w- c:\program files\Windows Journal Viewer
2009-09-10 11:20 . 2009-09-10 11:20 -------- d-----w- c:\program files\UPHClean
2009-09-10 11:20 . 2008-05-21 12:00 219136 ----a-w- c:\windows\system32\uxtheme.dll
2009-09-10 11:17 . 2009-09-10 11:17 -------- d-----w- c:\program files\Common Files\Java
2009-09-10 11:17 . 2009-09-10 11:17 -------- d-----w- c:\program files\Alky for Applications
2009-09-10 11:12 . 2009-09-10 11:12 21748 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-10 11:12 . 2009-09-10 11:12 -------- d-----w- c:\program files\Utilities
2009-09-10 11:11 . 2009-09-10 11:11 -------- d-----w- c:\program files\Windows Media Connect 2
2009-08-14 04:58 . 2009-09-15 16:19 7396 ----a-w- c:\windows\system32\drivers\pctcore.cat
2009-08-05 09:01 . 2008-05-21 12:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll
2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll
2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe
2009-07-29 04:37 . 2008-05-21 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-29 04:37 . 2008-05-21 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-17 19:04 . 2008-05-21 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 2008-05-21 12:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-03 17:00 . 2008-05-21 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-26 13:12 . 2008-05-21 12:00 735232 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:42 . 2008-05-21 12:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:42 . 2008-05-21 12:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:42 . 2008-05-21 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:42 . 2008-05-21 12:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:42 . 2008-05-21 12:00 136704 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-24 10:28 . 2008-05-21 12:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
.
------- Sigcheck -------
[-] 2008-05-21 . 0667A612D847BD87667F3CB1FC4C0D6C . 979456 . . [6.00.2900.5512] . . c:\windows\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-08-10 251264]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-05-21 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"APVXDWIN"="c:\program files\Panda Security\Panda Antivirus Pro 2009\APVXDWIN.EXE" [2009-07-15 881920]
"SCANINICIO"="c:\program files\Panda Security\Panda Antivirus Pro 2009\Inicio.exe" [2008-07-07 50432]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-14 149280]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-05-21 15360]
"VisualTaskTips"="c:\program files\Utilities\VisualTaskTips\VisualTaskTips.exe" [2007-09-05 36352]
"SkinClock"="c:\program files\Desktop Tray Clock\DTClock.exe" [2007-10-22 563519]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunOnce]
"ShowDeskFix"="shell32" [X]
"PackNoVs"="c:\windows\BricoPacks\Vista Inspirat 2\pack-it.exe" [2007-04-22 98304]
c:\documents and settings\Default User\Menu Start\Programma's\Opstarten\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]
c:\documents and settings\Administrator\Menu Start\Programma's\Opstarten\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\system]
"SetVisualStyle"= c:\windows\Resources\Themes\Inspirat2\Inspirat2.ms styles
[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2008-03-18 14:58 58672 ----a-w- c:\windows\system32\avldr.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\PskSvcRetail]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SpyEmrgSrv"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [10/09/2009 13:44 28544]
R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [10/09/2009 13:49 73728]
R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [10/09/2009 13:49 52992]
R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [10/09/2009 13:49 22072]
R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [10/09/2009 13:49 193792]
R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [10/09/2009 13:49 158848]
R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [10/09/2009 13:44 41144]
R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [10/09/2009 13:49 46720]
R2 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost -k Panda --> c:\windows\system32\svchost -k Panda [?]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/09/2009 18:47 269648]
R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [10/09/2009 13:44 179640]
R2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Antivirus Pro 2009\psksvc.exe [10/09/2009 13:45 28928]
R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\dr ivers\mbam.sys [12/09/2009 18:47 19160]
R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34;c:\windows\system32\drivers\neti1634.sys [10/09/2009 13:45 197888]
R3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\PavS RK.sys --> c:\windows\system32\PavSRK.sys [?]
R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavT PK.sys --> c:\windows\system32\PavTPK.sys [?]
--- Andere Services/Drivers In Geheugen ---
*Deregistered* - uphcleanhlp
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
panda REG_MULTI_SZ Gwmsrv
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register
.
Inhoud van de 'Gedeelde Taken' map
2009-09-15 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]
2009-09-15 c:\windows\Tasks\Schedule Task Weekly.job
- c:\program files\Registry Easy\RE.exe [2009-09-15 14:08]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
uDefault_Search_URL = hxxp://www.google.nl
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO
Trusted Zone: 2dehands.be\www
.
************************************************** ************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-15 22:45
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
************************************************** ************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_USERS\S-1-5-21-1409082233-879983540-1606980848-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,76,21,cf ,67,a3,61,b7,47,9e,41,ce,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,76,21,cf ,67,a3,61,b7,47,9e,41,ce,\
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Curr entVersion\Installer\UserData\LocalSystem\Componen ts\h–€|ÿÿÿÿ¤•€|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
- - - - - - - > 'winlogon.exe'(1060)
c:\windows\system32\avldr.dll
c:\windows\system32\cscui.dll
- - - - - - - > 'explorer.exe'(3444)
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\program files\IncrediMail\bin\B4ImApp.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\program files\Panda Security\Panda Antivirus Pro 2009\PavTrc.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Panda Security\Panda Antivirus Pro 2009\TPSrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Panda Security\Panda Antivirus Pro 2009\PsCtrlS.exe
c:\program files\Panda Security\Panda Antivirus Pro 2009\PavFnSvr.exe
c:\program files\Common Files\Panda Security\PavShld\PavPrSrv.exe
c:\program files\Panda Security\Panda Antivirus Pro 2009\PsImSvc.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\UPHClean\uphclean.exe
c:\program files\Panda Security\Panda Antivirus Pro 2009\PAVSRV51.EXE
c:\program files\Panda Security\Panda Antivirus Pro 2009\AVENGINE.EXE
c:\program files\Panda Security\Panda Antivirus Pro 2009\FIREWALL\PSHost.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\IncrediMail\bin\ImApp.exe
c:\program files\Windows Live\Messenger\usnsvc.exe
c:\windows\system32\wscntfy.exe
.
************************************************** ************************
.
Voltooingstijd: 2009-09-15 22:49 - machine werd herstart
ComboFix-quarantined-files.txt 2009-09-15 20:49
Pre-Run: 32.329.842.688 bytes beschikbaar
Post-Run: 32.246.665.216 bytes beschikbaar
WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOW S
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
403

Doe nu nog eens de scan met MBAM! Heb je nog problemen nu?

goedenavond Rosty heb nog een probleem met systeemherstel als ik die open
dan moet ik telkens de pc heropstarten goed ik zal nu scannen en het logje plaatsen
bedankt om me verder te helpen mvg elie

Rosty hier is mijn logje

Malwarebytes' Anti-Malware 1.41
Database versie: 2775
Windows 5.1.2600 Service Pack 3
16/09/2009 22:36:03
mbam-log-2009-09-16 (22-36-03).txt
Scan type: Volledige Scan (C:\|D:\|)
Objecten gescand: 152710
Verstreken tijd: 51 minute(s), 40 second(s)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registersleutels geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)

http://www.minatica.be/attachment.php?attachmentid=3061&stc=1&d=1253162068

he Rosty wil je deze eens bekijken groetjes elie

Verwijder ComboFix via Start > Uitvoeren, kopiëer en plak Combofix /U klik op OK of toets Enter.

http://i78.photobucket.com/albums/j116/amateur_photos/CFuninstall.png

Dit zal Combofix verwijderen+gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en reset je Systeemherstel opnieuw.

Doe nu nog eens de scan met MBAM en post deze log!

Rosty hier is mijn log van mbam groetjes elie

Malwarebytes' Anti-Malware 1.41
Database versie: 2775
Windows 5.1.2600 Service Pack 3
17/09/2009 22:04:43
mbam-log-2009-09-17 (22-04-43).txt
Scan type: Volledige Scan (C:\|D:\|)
Objecten gescand: 153580
Verstreken tijd: 1 hour(s), 3 minute(s), 41 second(s)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registersleutels geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Nog problemen nu?

Hoi Rosty heb nog een probleem systeemherstel is verdwenen
als ik naar start ga alla programma's bereau accessoirese en dan systeemwerkset staat hij er niet ik vindt hem nergens maar voor de rest loopt het hier gesmeerd heel veel dank daarvoor groetjes elie

Hoi Elie,

probeer eens volgende:

- Open Windows Verkenner en ga naar de windows\inf map.
- zoek het bestand sr.inf
- rechtsklik erop en selecteer "INSTALLEREN" in het menu

Als gevraagd wordt naar bestanden in de "Files Needed Dialog Box" , klik dan op "Browse" en verwijs naar de "i386 folder" op de Windows XP CD of de i386 folder op de harde schijf als deze bestaat. De bestanden zullen daar dan opgehaald worden.

Op een systeem met SP 2 verwijs dan naar de C:\Windows\ServicePackFiles\i386 folder.

Als systeemherstel terug geïnstalleerd is, maak dan zelf een nieuw herstelpunt aan en test systeemherstel door dit herstelpunt te laten terugzetten.

Hoi Rosty sorry maar in windosw is de map inf map niet te vinden
heel raar nergens vind ik het terug groetjes elie

Een goedenavond Rosty
ik heb gedaan zoals je aangaf en wonderwel systeemherstel is terug maar nu
telkens ik systeemherstel gebruik zegt hij.
de coputer kan niet worden beveilgd met systeemherstel.start de computer opnieuw op en voer systeemherstel opnieuw uit heb jij nog een idee wat het kan zijn
groetjes elie nog een fijn weekend

Probeer eens de tip op deze link: http://forum.computeridee.nl/showthread.php?t=31761

Hoi Rosty heb alle handelingen gedaan zoals in de link maar lukt nog niet
hij blijft deze fout geven:de coputer kan niet worden beveilgd met systeemherstel.start de computer opnieuw op en voer systeemherstel opnieuw uit
denk dat het een ernstige fout is misschien format?
groetjes elie

Probeer dit nog eens alvorens een format te doen: http://www.kellys-korner-xp.com/regs_edits/sysrestoreenable.reg

Een goedenmiddag Rosty de link die je aangaf werkte ook niet toen dacht ik laat me
eens sfc /scannow doen en wonderwel systeemherstel werkt terug geweldig nu loopt alles als een trein bedankt om me te helpen en je tijd erin te steken
groetjes elie oja hier mag een slot op

Graag gedaan hoor! Het gevraagde slotje.