My computer is what you guys would prolyl call "f*cked up" it's old hasn't got a good new system but It's the only Pc that I've got so please help me out

have already used
Add-aware (for spyware)
CCleaner
Emptied my %temp% files
and disabled my addones for Firefox and internet explorer

problems
first my sytem problems It's running very slow and programs like Explorer.exe and my comment client network crashes.. also it's jsut workling very slow all the time

second is the worst problem, my internet is running at a very low rate.. it takes anges to load an website, sometimes I need to refresh 10 times to even see someting, then it takes another long time to get him to show al the buttons, java's ect on the screen.. and everytime I click a link the whole story starts over again

third Is that it keeps opening screen I don't want to.. luckely for me I doesn't load anything so I can't see the anooying pop-up (what a releave)

also logging in on a website (except on this one because I'm always logged in here) has become a huge problem, I can't even load Sign In and on other sites I click on the "log in button" and I get a white screen which doesn't do anything and if I refresh I go back to the log on screen

I hope I've explained enough for you guys to find the problem, also I think there are a lot of programms running which should't even start, that brings me to the "slow start and slow exit" problem, the computer take a lot of time to start and even more to to shut down.. any advice for that 2?

anyway thanks in advance and I really hope you can help me out

Ow hehe here are my loge first the Main.txt and after that the Extra.txt
goodluck

Deckard's System Scanner v20071014.68
Run by Jeroen on 2008-07-23 01:17:40
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2008-07-22 23:17:43 UTC - RP332 - Controlepunt van systeem


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 192 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-07-23 01:19:21
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\APPS\Powercinema\PCMService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\APPS\HIDSERVICE\HidService.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\symwsc.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Jeroen\Bureaublad\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Packard Bell - Zoeken
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
O1 - Hosts: 67.228.4.100 update.aruarose.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0C12E046-3047-4132-953E-BFBCFC6E47CF} - (no file)
O2 - BHO: MSTBR - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - C:\Program Files\Wanadoo\GLOBAL\Mstbr\mstbr.dll
O2 - BHO: (no name) - {11241072-58BB-40CE-9171-0B2BDFB22E97} - C:\WINDOWS\system32\nnnmnnm.dll (file missing)
O2 - BHO: (no name) - {15F86ED6-794F-49D9-8CE6-1BC159E42224} - (no file)
O2 - BHO: (no name) - {3E67DAA3-12E4-4114-940C-218308243D9A} - (no file)
O2 - BHO: PBNLV2 - {4E7BD74F-2B8D-469E-A0E8-F362B685FA7D} - C:\WINDOWS\system32\pbnlv2.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\s wg.dll
O2 - BHO: (no name) - {B4850D11-4826-4BE4-BAED-BEF499F16886} - C:\WINDOWS\system32\jkklm.dll
O2 - BHO: {c4ecdcde-698c-f8aa-73a4-6b60afd41f6b} - {b6f14dfa-06b6-4a37-aa8f-c896edcdce4c} - C:\WINDOWS\system32\pgchme.dll
O2 - BHO: (no name) - {C0B31996-4DD7-4E5E-A17B-426AA7D62EA3} - (no file)
O2 - BHO: (no name) - {E5619A5B-FDC7-40BB-8597-89EF3B52C0C1} - (no file)
O2 - BHO: (no name) - {EAE362C8-2568-4CDE-BE2E-D4F43A2EE4EB} - (no file)
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O3 - Toolbar: PBNLV2 - {4E7BD74F-2B8D-469E-A0E8-F362B685FA7D} - C:\WINDOWS\system32\pbnlv2.dll
O3 - Toolbar: MSTBR - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - C:\Program Files\Wanadoo\GLOBAL\Mstbr\mstbr.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [NetService] Rundll32.exe C:\WINDOWS\system32\ppnst.dll,Startup
O4 - HKLM\..\Run: [BM2f3386f4] Rundll32.exe "C:\WINDOWS\system32\dmudglgg.dll",s
O4 - HKLM\..\Run: [2c00b568] rundll32.exe "C:\WINDOWS\system32\grviages.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-NL/a-UNO1/GAME_UNO1.cab
O16 - DPF: {91F52A42-C10D-49A7-B941-882C657C604F} (Installation Helper Object) - http://kitcentral.wanadoo.nl/download/install/win32/nl/instwact/instwact.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O20 - Winlogon Notify: nnnmnnm - C:\WINDOWS\system32\nnnmnnm.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - C:\APPS\HIDSERVICE\HidService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Unknown owner - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Unknown owner - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe
O23 - Service: SmartLinkService (SLService) - Unknown owner - C:\WINDOWS\system32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\symwsc.exe


--
End of file - 11563 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 BANTExt (Belarc SMBios Access) - c:\windows\system32\drivers\bantext.sys

S1 SAVRT - c:\program files\norton internet security\norton antivirus\savrt.sys (file missing)
S1 SAVRTPEL - c:\program files\norton internet security\norton antivirus\savrtpel.sys (file missing)
S2 npkcrypt - c:\program files\nexon\europemaplestory\npkcrypt.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 CLCapSvc (CyberLink Background Capture Service (CBCS)) - "c:\apps\powercinema\kernel\tv\clcapsvc.exe" <Not Verified; ; CLCapSvc Module>
R2 CLSched (CyberLink Task Scheduler (CTS)) - "c:\apps\powercinema\kernel\tv\clsched.exe" <Not Verified; ; CLSched Module>
R2 CyberLink Media Library Service - "c:\program files\cyberlink\shared files\clml_ntservice\clmlserver.exe" <Not Verified; Cyberlink; Cyberlink Media Library Server>
R2 GenericHidService (Generic Service for HID Keyboard Input Collections) - c:\apps\hidservice\hidservice.exe

S2 navapsvc (Norton AntiVirus Auto-Protect) - "c:\program files\norton internet security\norton antivirus\navapsvc.exe" (file missing)
S2 SAVScan - "c:\program files\norton internet security\norton antivirus\savscan.exe" (file missing)


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-07-18 20:00:00 546 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen.job
2007-07-10 23:50:13 258 --a------ C:\WINDOWS\Tasks\Herinnering voor registratie 3.job
2007-07-03 23:50:11 258 --a------ C:\WINDOWS\Tasks\Herinnering voor registratie 2.job
2007-06-27 12:16:37 418 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job


-- Files created between 2008-06-23 and 2008-07-23 -----------------------------

2008-07-22 19:13:29 111680 --a------ C:\WINDOWS\system32\pgchme.dll
2008-07-22 19:13:29 111680 --a------ C:\WINDOWS\system32\cmbhrima.dll
2008-07-22 19:10:29 95808 --a------ C:\WINDOWS\system32\grviages.dll
2008-07-22 19:07:29 103488 --a------ C:\WINDOWS\system32\dmudglgg.dll
2008-07-22 16:08:20 0 dr-h----- C:\Documents and Settings\Jeroen\Onlangs geopend
2008-07-21 19:12:53 110656 --a------ C:\WINDOWS\system32\yfhwlh.dll
2008-07-21 19:12:52 110656 --a------ C:\WINDOWS\system32\ruftjjue.dll
2008-07-21 19:09:52 92224 -----n--- C:\WINDOWS\system32\qbpievhx.dll
2008-07-21 19:06:53 104000 --a------ C:\WINDOWS\system32\iomyxjbr.dll
2008-07-20 19:13:38 111680 --a------ C:\WINDOWS\system32\wqubnwht.dll
2008-07-20 19:13:38 111680 --a------ C:\WINDOWS\system32\bideam.dll
2008-07-20 19:07:38 105536 --a------ C:\WINDOWS\system32\seoansxf.dll
2008-07-19 19:12:19 111680 --a------ C:\WINDOWS\system32\sxdaqrkm.dll
2008-07-19 19:12:19 111680 --a------ C:\WINDOWS\system32\rkzjlv.dll
2008-07-19 19:06:19 105024 --a------ C:\WINDOWS\system32\rvthbrmg.dll
2008-07-18 19:12:51 110656 --a------ C:\WINDOWS\system32\grbefkth.dll
2008-07-18 19:12:51 110656 --a------ C:\WINDOWS\system32\ejahbk.dll
2008-07-18 19:09:52 94208 --a------ C:\WINDOWS\system32\ppnst.dll
2008-07-18 19:09:51 143424 --a------ C:\WINDOWS\system32\dbemxqeq.exe
2008-07-18 19:04:16 105024 --a------ C:\WINDOWS\system32\wrvytuuu.dll
2008-07-17 19:10:43 112704 --a------ C:\WINDOWS\system32\nnutlz.dll
2008-07-17 19:10:43 112704 --a------ C:\WINDOWS\system32\igkiojcg.dll
2008-07-17 19:04:43 105536 --a------ C:\WINDOWS\system32\cnyrkjjl.dll
2008-07-16 19:06:57 112192 --a------ C:\WINDOWS\system32\njmhji.dll
2008-07-16 19:06:56 112192 --a------ C:\WINDOWS\system32\teqjiyft.dll
2008-07-16 19:03:58 104000 --a------ C:\WINDOWS\system32\lufavsfg.dll
2008-07-15 19:08:28 113216 --a------ C:\WINDOWS\system32\rxyxujtc.dll
2008-07-15 19:08:28 113216 --a------ C:\WINDOWS\system32\nwwzvc.dll
2008-07-15 19:02:28 107072 --a------ C:\WINDOWS\system32\fcjfefdq.dll
2008-07-14 19:07:30 112704 --a------ C:\WINDOWS\system32\bwblis.dll
2008-07-14 19:07:29 112704 --a------ C:\WINDOWS\system32\odmyuwcs.dll
2008-07-14 19:02:02 105536 --a------ C:\WINDOWS\system32\pykijvxq.dll
2008-07-13 19:04:06 112704 --a------ C:\WINDOWS\system32\fvvwjt.dll
2008-07-13 19:04:05 112704 --a------ C:\WINDOWS\system32\gstbbxeh.dll
2008-07-13 19:01:25 103488 --a------ C:\WINDOWS\system32\tcmwvase.dll
2008-07-12 19:06:47 112192 --a------ C:\WINDOWS\system32\lturbt.dll
2008-07-12 19:06:44 112192 --a------ C:\WINDOWS\system32\fqxfcwer.dll
2008-07-12 19:00:50 102464 --a------ C:\WINDOWS\system32\vijkxmmd.dll
2008-07-11 19:02:00 112704 --a------ C:\WINDOWS\system32\wmqdjl.dll
2008-07-11 19:02:00 112704 --a------ C:\WINDOWS\system32\kagfnnlv.dll
2008-07-11 18:59:26 100928 --a------ C:\WINDOWS\system32\seuqxuxx.dll
2008-07-10 19:02:24 111680 --a------ C:\WINDOWS\system32\xdvtvr.dll
2008-07-10 19:02:23 111680 --a------ C:\WINDOWS\system32\npmvgscb.dll
2008-07-10 18:59:25 103488 --a------ C:\WINDOWS\system32\pbrxqqut.dll
2008-07-09 19:05:36 114240 --a------ C:\WINDOWS\system32\nibmpypq.dll
2008-07-09 19:05:36 114240 --a------ C:\WINDOWS\system32\hsgfdp.dll
2008-07-09 18:59:37 101440 --a------ C:\WINDOWS\system32\posuhkna.dll
2008-07-08 19:00:37 114240 --a------ C:\WINDOWS\system32\pwbbbp.dll
2008-07-08 19:00:36 114240 --a------ C:\WINDOWS\system32\akljpcaa.dll
2008-07-08 18:57:37 101440 --a------ C:\WINDOWS\system32\jkravduo.dll
2008-07-07 19:04:51 112704 --a------ C:\WINDOWS\system32\oiagbs.dll
2008-07-07 19:04:50 112704 --a------ C:\WINDOWS\system32\jyetolug.dll
2008-07-07 18:58:51 102976 --a------ C:\WINDOWS\system32\paypilqm.dll
2008-07-06 18:58:05 113728 --a------ C:\WINDOWS\system32\uwxtaa.dll
2008-07-06 18:58:05 113728 --a------ C:\WINDOWS\system32\sojyqdre.dll
2008-07-05 13:18:12 111168 --a------ C:\WINDOWS\system32\dhdabl.dll
2008-07-05 13:18:09 111168 --a------ C:\WINDOWS\system32\yodrbswl.dll
2008-07-04 13:15:11 110144 --a------ C:\WINDOWS\system32\uodolg.dll
2008-07-04 13:15:10 110144 --a------ C:\WINDOWS\system32\ckqjsjqi.dll
2008-07-03 13:14:17 109120 --a------ C:\WINDOWS\system32\onjeny.dll
2008-07-03 13:14:14 109120 --a------ C:\WINDOWS\system32\mjevariv.dll
2008-07-02 13:15:31 110144 --a------ C:\WINDOWS\system32\pbejdx.dll
2008-07-02 13:15:30 110144 --a------ C:\WINDOWS\system32\tneythld.dll
2008-07-02 13:12:32 105024 --a------ C:\WINDOWS\system32\hxmuroum.dll
2008-07-01 13:18:17 110144 --a------ C:\WINDOWS\system32\lmumpt.dll
2008-07-01 13:18:11 110144 --a------ C:\WINDOWS\system32\pfneooyw.dll
2008-07-01 13:12:09 103488 --a------ C:\WINDOWS\system32\vlrtdtec.dll
2008-07-01 01:04:56 3840 --a------ C:\WINDOWS\system32\drivers\BANTExt.sys
2008-07-01 01:04:56 0 d-------- C:\Program Files\Belarc
2008-07-01 00:22:40 0 d-------- C:\Program Files\Lavasoft
2008-07-01 00:22:38 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-01 00:21:20 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-01 00:09:57 0 d-------- C:\Program Files\CCleaner
2008-06-30 13:14:50 109632 --a------ C:\WINDOWS\system32\wqlliw.dll
2008-06-30 13:14:49 109632 --a------ C:\WINDOWS\system32\olqbtjat.dll
2008-06-30 13:11:48 102464 --a------ C:\WINDOWS\system32\jqkrllla.dll
2008-06-30 12:12:32 110144 --a------ C:\WINDOWS\system32\pafwuo.dll
2008-06-30 12:12:31 110144 --a------ C:\WINDOWS\system32\ednqlerw.dll
2008-06-29 04:27:11 110144 --a------ C:\WINDOWS\system32\woymlr.dll
2008-06-29 04:27:11 110144 --a------ C:\WINDOWS\system32\sfesgokn.dll
2008-06-29 04:24:20 100928 --a------ C:\WINDOWS\system32\pllposwt.dll
2008-06-29 04:23:41 100928 --a------ C:\WINDOWS\system32\ghkmvkkp.dll
2008-06-27 22:48:30 110144 --a------ C:\WINDOWS\system32\jgvksu.dll
2008-06-27 22:48:29 110144 --a------ C:\WINDOWS\system32\larivacu.dll
2008-06-27 22:42:31 102976 --a------ C:\WINDOWS\system32\bgsnquvm.dll
2008-06-26 21:43:03 113728 --a------ C:\WINDOWS\system32\egyyohny.dll
2008-06-26 21:40:12 103488 --a------ C:\WINDOWS\system32\kkxkaonx.dll
2008-06-26 21:39:21 103488 --a------ C:\WINDOWS\system32\hfxvrpej.dll
2008-06-25 20:40:02 111680 --a------ C:\WINDOWS\system32\qioeliux.dll
2008-06-25 20:34:34 104000 --a------ C:\WINDOWS\system32\rqxfwoxy.dll
2008-06-24 20:37:02 103488 --a------ C:\WINDOWS\system32\unpjojca.dll
2008-06-24 20:34:01 102464 --a------ C:\WINDOWS\system32\kbpbcsbr.dll
2008-06-24 20:33:04 102464 --a------ C:\WINDOWS\system32\gdfxpihk.dll
2008-06-23 19:35:36 102464 --a------ C:\WINDOWS\system32\cvqkckqx.dll
2008-06-23 19:29:53 102976 --a------ C:\WINDOWS\system32\mefqprwa.dll


-- Find3M Report ---------------------------------------------------------------

2008-07-23 01:19:33 402230 --ahs---- C:\WINDOWS\system32\mlkkj.ini2
2008-07-23 01:18:43 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-07-19 13:32:45 0 d-------- C:\Program Files\Ruff-Rose
2008-07-15 14:00:17 0 d-------- C:\Program Files\Google
2008-07-13 22:45:25 0 d-------- C:\Program Files\AruaROSE
2008-07-01 00:21:20 0 d-------- C:\Program Files\Common Files
2008-06-22 19:35:53 102976 --a------ C:\WINDOWS\system32\ruwohhnk.dll
2008-06-22 19:29:55 102976 --a------ C:\WINDOWS\system32\ipwmktqp.dll
2008-06-21 19:32:36 101952 --a------ C:\WINDOWS\system32\vlmhnwgd.dll
2008-06-21 19:29:36 102976 --a------ C:\WINDOWS\system32\xgohvfbk.dll
2008-06-19 16:28:47 102464 --a------ C:\WINDOWS\system32\jdraceew.dll
2008-06-19 16:27:29 102464 --a------ C:\WINDOWS\system32\xabnedvu.dll
2008-06-18 15:22:11 102464 --a------ C:\WINDOWS\system32\nhhixsuk.dll
2008-06-18 15:16:11 102464 --a------ C:\WINDOWS\system32\ppaqhaqi.dll
2008-06-17 15:21:01 104512 --a------ C:\WINDOWS\system32\kajfavwv.dll
2008-06-17 15:15:01 102976 --a------ C:\WINDOWS\system32\wrcjdsev.dll
2008-06-17 15:07:27 0 d-------- C:\Documents and Settings\Jeroen\Application Data\Real
2008-06-16 16:20:37 104000 --a------ C:\WINDOWS\system32\okftgygt.dll
2008-06-16 16:14:37 102976 --a------ C:\WINDOWS\system32\jgicxwbi.dll
2008-06-15 16:20:11 102464 --a------ C:\WINDOWS\system32\fpwyofna.dll
2008-06-15 16:14:22 101952 --a------ C:\WINDOWS\system32\rhvsqdna.dll
2008-06-14 16:19:55 104512 --a------ C:\WINDOWS\system32\iuwpqsnv.dll
2008-06-14 16:13:55 102976 --a------ C:\WINDOWS\system32\pnkspmju.dll
2008-06-13 17:38:15 102976 --a------ C:\WINDOWS\system32\cbpyfkmm.dll
2008-06-13 17:35:16 104000 --a------ C:\WINDOWS\system32\ovogjrin.dll
2008-06-12 17:39:26 104000 --a------ C:\WINDOWS\system32\ekqlppet.dll
2008-06-12 17:34:16 101440 --a------ C:\WINDOWS\system32\djttrfba.dll
2008-06-11 17:32:36 103488 --a------ C:\WINDOWS\system32\xlnudotm.dll
2008-06-11 17:32:28 103488 --a------ C:\WINDOWS\system32\wwqcjtsm.dll
2008-06-11 16:32:28 103488 --a------ C:\WINDOWS\system32\gmjwafyw.dll
2008-06-10 12:33:58 103488 --a------ C:\WINDOWS\system32\tegptvij.dll
2008-06-10 12:33:13 103488 --a------ C:\WINDOWS\system32\cofklnkq.dll
2008-06-09 00:13:27 101952 --a------ C:\WINDOWS\system32\qptpqkeb.dll
2008-06-09 00:07:28 2624 --a------ C:\WINDOWS\system32\otiqralw.exe
2008-06-09 00:04:28 101440 --a------ C:\WINDOWS\system32\lwpbfujw.dll
2008-06-07 21:19:38 104512 --a------ C:\WINDOWS\system32\kighovkp.dll
2008-06-07 21:16:38 2624 --a------ C:\WINDOWS\system32\ghqqiejb.exe
2008-06-07 21:13:38 103488 --a------ C:\WINDOWS\system32\qxldhwkx.dll
2008-06-07 20:22:39 2624 --a------ C:\WINDOWS\system32\rubgxrib.exe
2008-06-07 20:19:40 104512 --a------ C:\WINDOWS\system32\dkofcjkw.dll
2008-06-06 20:20:26 2624 --a------ C:\WINDOWS\system32\havaqsrs.exe
2008-06-06 20:17:26 102464 --a------ C:\WINDOWS\system32\rhjigpyx.dll
2008-06-06 20:11:26 104000 --a------ C:\WINDOWS\system32\lyriirxa.dll
2008-06-05 20:30:09 2624 --a------ C:\WINDOWS\system32\bpkbkbkh.exe
2008-06-05 20:18:10 102976 --a------ C:\WINDOWS\system32\bngwjbyw.dll
2008-06-05 20:12:10 101440 --a------ C:\WINDOWS\system32\bfhctpwt.dll
2008-06-04 20:26:37 2624 --a------ C:\WINDOWS\system32\nqewvbja.exe
2008-06-04 20:20:38 102976 --a------ C:\WINDOWS\system32\pdbeiyxi.dll
2008-06-04 20:11:38 101440 --a------ C:\WINDOWS\system32\aiocncen.dll
2008-06-03 20:21:17 2624 --a------ C:\WINDOWS\system32\kudwhkak.exe
2008-06-03 20:12:16 103488 --a------ C:\WINDOWS\system32\ovilmryc.dll
2008-06-03 20:09:16 104512 --a------ C:\WINDOWS\system32\hrjfbvax.dll
2008-06-02 20:22:25 2624 --a------ C:\WINDOWS\system32\xfybrwpi.exe
2008-06-02 20:19:28 103488 --a------ C:\WINDOWS\system32\orxowlbm.dll
2008-06-02 20:08:08 104512 --a------ C:\WINDOWS\system32\rrflplcc.dll
2008-06-01 20:20:13 2624 --a------ C:\WINDOWS\system32\shjcipvd.exe
2008-06-01 20:14:13 105024 --a------ C:\WINDOWS\system32\nrecyoab.dll
2008-06-01 20:08:13 101952 --a------ C:\WINDOWS\system32\bwgpgack.dll
2008-05-31 20:20:11 2624 --a------ C:\WINDOWS\system32\bslvfwin.exe
2008-05-31 20:11:12 105024 --a------ C:\WINDOWS\system32\dfpeikem.dll
2008-05-31 20:08:12 101952 --a------ C:\WINDOWS\system32\jmnikmwe.dll
2008-05-31 14:32:39 0 d-------- C:\Program Files\Lexmark X1100 Series
2008-05-30 20:18:06 103488 --a------ C:\WINDOWS\system32\nfuxvxcm.dll
2008-05-30 20:15:06 2624 --a------ C:\WINDOWS\system32\rpfqtadk.exe
2008-05-30 20:06:06 101952 --a------ C:\WINDOWS\system32\covjvjjf.dll
2008-05-29 20:17:15 103488 --a------ C:\WINDOWS\system32\grntxeyk.dll
2008-05-29 20:14:15 2624 --a------ C:\WINDOWS\system32\mqgmsrii.exe
2008-05-29 20:05:15 105024 --a------ C:\WINDOWS\system32\dgabtvtr.dll
2008-05-29 12:34:28 0 d-------- C:\Documents and Settings\Jeroen\Application Data\AdobeUM
2008-05-28 20:08:30 2624 --a------ C:\WINDOWS\system32\cjyvvywu.exe
2008-05-28 20:03:05 105024 --a------ C:\WINDOWS\system32\ggwcscvv.dll
2008-05-27 20:11:52 2624 --a------ C:\WINDOWS\system32\cojakttf.exe
2008-05-27 20:08:52 104000 --a------ C:\WINDOWS\system32\iuttatfl.dll
2008-05-27 20:02:52 102976 --a------ C:\WINDOWS\system32\swijslbr.dll
2008-05-26 20:14:32 104000 --a------ C:\WINDOWS\system32\qjnhpvdk.dll
2008-05-26 20:11:30 2624 --a------ C:\WINDOWS\system32\ctfslmem.exe
2008-05-26 20:02:30 102464 --a------ C:\WINDOWS\system32\bwfpbxgk.dll
2008-05-26 17:43:02 0 d-------- C:\Program Files\PokerStars
2008-05-25 20:11:12 2624 --a------ C:\WINDOWS\system32\pjqpucve.exe
2008-05-25 20:05:12 105024 --a------ C:\WINDOWS\system32\mqxgwjju.dll
2008-05-25 20:02:14 102976 --a------ C:\WINDOWS\system32\kktsdboh.dll
2008-05-24 20:12:13 2624 --a------ C:\WINDOWS\system32\psjduphr.exe
2008-05-24 20:09:13 105024 --a------ C:\WINDOWS\system32\rxefkwih.dll
2008-05-24 20:00:44 102464 --a------ C:\WINDOWS\system32\xnfjshnb.dll
2008-05-23 20:10:28 2624 --a------ C:\WINDOWS\system32\rmtpalgn.exe
2008-05-23 20:07:28 104512 --a------ C:\WINDOWS\system32\fsfcsfkn.dll
2008-05-23 19:59:56 103488 --a------ C:\WINDOWS\system32\cowelwav.dll
2008-05-22 17:50:59 103488 --a------ C:\WINDOWS\system32\sfchkbdb.dll
2008-05-22 17:45:01 2624 --a------ C:\WINDOWS\system32\gnqfjtql.exe
2008-05-22 17:43:01 102464 --a------ C:\WINDOWS\system32\dnatmqqb.dll
2008-05-22 16:43:04 2624 --a------ C:\WINDOWS\system32\arsewrao.exe
2008-05-22 16:40:15 103488 --a------ C:\WINDOWS\system32\jahrsuop.dll
2008-05-22 16:38:30 102464 --a------ C:\WINDOWS\system32\vexufenp.dll
2008-05-22 13:49:24 447310 --ahs---- C:\WINDOWS\system32\kjllm.ini2
2008-05-21 22:46:32 104512 --a------ C:\WINDOWS\system32\avygfqfr.dll
2008-05-21 22:41:23 2624 --a------ C:\WINDOWS\system32\omcvqsuf.exe
2008-05-21 22:41:13 105024 --a------ C:\WINDOWS\system32\wsgforsw.dll
2008-05-21 22:40:27 280064 --a------ C:\WINDOWS\system32\mlljk.dll
2008-05-21 22:26:12 354395 --ahs---- C:\WINDOWS\system32\ddeeg.ini2
2008-05-21 18:54:37 92224 --a------ C:\WINDOWS\system32\ayuedjie.dll
2008-05-21 18:51:34 2624 --a------ C:\WINDOWS\system32\qxhldeyd.exe
2008-05-21 18:48:33 101440 --a------ C:\WINDOWS\system32\hdteimri.dll
2008-05-21 18:45:34 99904 --a------ C:\WINDOWS\system32\lrsmtena.dll
2008-05-21 17:10:26 2624 --a------ C:\WINDOWS\system32\efbphlcj.exe
2008-05-21 17:07:27 101440 --a------ C:\WINDOWS\system32\ymdtpneh.dll
2008-05-21 17:02:08 99904 --a------ C:\WINDOWS\system32\bnbkecbd.dll
2008-05-21 17:01:22 276992 --a------ C:\WINDOWS\system32\geedd.dll
2008-05-20 18:56:20 101440 --a------ C:\WINDOWS\system32\rckwqxwl.dll
2008-05-20 18:50:20 2624 --a------ C:\WINDOWS\system32\lkxovdff.exe
2008-05-20 18:44:21 99904 --a------ C:\WINDOWS\system32\huwgpjkp.dll
2008-05-20 17:47:21 101440 --a------ C:\WINDOWS\system32\jucnslas.dll
2008-05-19 17:15:36 2112 --a------ C:\WINDOWS\system32\wyhuefar.exe
2008-05-19 17:06:31 100928 --a------ C:\WINDOWS\system32\vldlqvtf.dll
2008-05-19 17:03:33 98880 --a------ C:\WINDOWS\system32\gkikavdc.dll
2008-05-19 17:02:12 3648 --a------ C:\WINDOWS\system32\hwhybfeb.dll
2008-05-18 12:59:55 2112 --a------ C:\WINDOWS\system32\jxbwuqqs.exe
2008-05-18 12:56:55 101952 --a------ C:\WINDOWS\system32\tootxwyt.dll
2008-05-18 12:53:55 98880 --a------ C:\WINDOWS\system32\ywtpdjkg.dll
2008-05-18 12:50:55 3648 --a------ C:\WINDOWS\system32\mceoupos.dll
2008-05-17 13:05:49 100928 --a------ C:\WINDOWS\system32\jvjdprvb.dll
2008-05-17 13:02:48 2112 --a------ C:\WINDOWS\system32\ffvodtfw.exe
2008-05-17 12:53:48 100928 --a------ C:\WINDOWS\system32\ankedswl.dll
2008-05-17 12:50:48 3648 --a------ C:\WINDOWS\system32\qxnteqek.dll
2008-05-16 12:22:03 2112 --a------ C:\WINDOWS\system32\jvmreald.exe
2008-05-16 12:19:03 102464 --a------ C:\WINDOWS\system32\wamnsumr.dll
2008-05-16 12:13:05 96832 --a------ C:\WINDOWS\system32\xoffmkxo.dll
2008-05-16 12:12:11 3648 --a------ C:\WINDOWS\system32\ygtxrobt.dll
2008-05-15 12:09:46 101952 --a------ C:\WINDOWS\system32\uxfkjhxk.dll
2008-05-15 12:00:45 2112 --a------ C:\WINDOWS\system32\iasyntti.exe
2008-05-15 11:57:46 3648 --a------ C:\WINDOWS\system32\ctlgqvfg.dll
2008-05-15 11:57:15 99904 --a------ C:\WINDOWS\system32\ihtemxwi.dll
2008-05-14 02:02:42 2112 --a------ C:\WINDOWS\system32\gbjhpawl.exe
2008-05-14 02:02:34 100928 --a------ C:\WINDOWS\system32\jpiywdjw.dll
2008-05-14 01:58:59 100928 --a------ C:\WINDOWS\system32\tvehhvux.dll
2008-05-14 01:58:58 3648 --a------ C:\WINDOWS\system32\yjfmhdil.dll
2008-05-14 01:57:05 3648 --a------ C:\WINDOWS\system32\amtqwidp.dll
2008-05-14 01:56:58 100928 --a------ C:\WINDOWS\system32\pvasemmi.dll
2008-05-14 01:56:05 275456 --a------ C:\WINDOWS\system32\jkklm.dll
2008-05-14 01:43:57 525524 --ahs---- C:\WINDOWS\system32\srutv.ini2
2008-05-13 17:48:37 2112 --a------ C:\WINDOWS\system32\tpnardlx.exe
2008-05-13 17:42:35 100928 --a------ C:\WINDOWS\system32\lwcgouwy.dll
2008-05-13 17:39:37 100928 --a------ C:\WINDOWS\system32\uumobunn.dll
2008-05-13 17:37:49 3648 --a------ C:\WINDOWS\system32\kliqeswy.dll
2008-05-12 17:44:19 101440 --a------ C:\WINDOWS\system32\onjtgjru.dll
2008-05-12 17:41:19 90688 -----n--- C:\WINDOWS\system32\uqieibss.dll
2008-05-12 17:38:20 2112 --a------ C:\WINDOWS\system32\tgebtykh.exe
2008-05-12 17:35:29 100416 --a------ C:\WINDOWS\system32\rxjneugw.dll
2008-05-11 17:44:30 101952 --a------ C:\WINDOWS\system32\jbphdxom.dll
2008-05-11 17:41:35 2112 --a------ C:\WINDOWS\system32\gwdumner.exe
2008-05-11 17:35:52 98368 --a------ C:\WINDOWS\system32\cqgipfru.dll
2008-05-10 17:42:09 102464 --a------ C:\WINDOWS\system32\gjcndsav.dll
2008-05-10 17:36:09 2112 --a------ C:\WINDOWS\system32\edsxtrjj.exe
2008-05-10 17:33:09 100416 --a------ C:\WINDOWS\system32\ckiaoidk.dll
2008-05-10 17:31:36 100416 --a------ C:\WINDOWS\system32\kwdxhbqb.dll
2008-05-09 14:47:57 102976 --a------ C:\WINDOWS\system32\fcusgmvx.dll
2008-05-09 14:41:57 2112 --a------ C:\WINDOWS\system32\dctlixnp.exe
2008-05-09 14:38:57 98368 --a------ C:\WINDOWS\system32\rvtpieha.dll
2008-05-08 14:45:17 97856 --a------ C:\WINDOWS\system32\htxkrcef.dll
2008-05-08 14:42:17 2112 --a------ C:\WINDOWS\system32\lpimnafi.exe
2008-05-08 14:39:17 106048 --a------ C:\WINDOWS\system32\qmomirmf.dll
2008-05-08 14:36:37 105024 --a------ C:\WINDOWS\system32\rffgwsgv.dll
2008-05-07 14:40:33 2112 --a------ C:\WINDOWS\system32\kukcmfxw.exe
2008-05-07 14:37:28 106560 --a------ C:\WINDOWS\system32\kphstuqr.dll
2008-05-07 14:36:25 105024 --a------ C:\WINDOWS\system32\sfquckva.dll
2008-05-06 14:41:10 107584 --a------ C:\WINDOWS\system32\jnboynvv.dll
2008-05-06 14:38:11 95808 --a------ C:\WINDOWS\system32\tysjmpwy.dll
2008-05-06 14:35:12 105536 --a------ C:\WINDOWS\system32\ggmxwuyo.dll
2008-05-05 14:37:46 107584 --a------ C:\WINDOWS\system32\jbwglcjw.dll
2008-05-05 14:34:46 104000 --a------ C:\WINDOWS\system32\nmeuildh.dll
2008-05-04 14:37:08 108096 --a------ C:\WINDOWS\system32\itlavfkx.dll
2008-05-04 14:33:58 104512 --a------ C:\WINDOWS\system32\lvdbpbwj.dll
2008-05-03 14:38:31 104512 --a------ C:\WINDOWS\system32\ljaawuaj.dll
2008-05-03 14:32:32 103488 --a------ C:\WINDOWS\system32\mcsrwtpa.dll
2008-05-02 14:38:13 105536 --a------ C:\WINDOWS\system32\iactbtlu.dll
2008-05-02 14:32:13 105536 --a------ C:\WINDOWS\system32\akwavrto.dll
2008-05-01 14:36:34 107072 --a------ C:\WINDOWS\system32\pthjyoog.dll
2008-05-01 14:30:09 107072 --a------ C:\WINDOWS\system32\ufqxwnet.dll
2008-04-30 14:36:41 105536 --a------ C:\WINDOWS\system32\fcdsubcx.dll
2008-04-30 14:30:46 104512 --a------ C:\WINDOWS\system32\tttgfdnl.dll
2008-04-29 14:32:32 107072 --a------ C:\WINDOWS\system32\ubksqqux.dll
2008-04-29 14:29:53 104512 --a------ C:\WINDOWS\system32\hvmyrnvy.dll
2008-04-28 14:30:52 108608 --a------ C:\WINDOWS\system32\sokqwnrr.dll
2008-04-28 14:27:50 104000 -----n--- C:\WINDOWS\system32\ajldqxwx.dll
2008-04-27 14:26:47 107072 --a------ C:\WINDOWS\system32\vrvqxnnb.dll
2008-04-27 14:24:32 105024 --a------ C:\WINDOWS\system32\opdawiak.dll
2008-04-27 14:15:22 193357 --ahs---- C:\WINDOWS\system32\bbadd.ini2
2008-04-27 13:34:34 107072 --a------ C:\WINDOWS\system32\osjcrftm.dll
2008-04-27 13:31:47 105024 --a------ C:\WINDOWS\system32\pqduujov.dll
2008-04-26 13:36:04 107072 --a------ C:\WINDOWS\system32\reenvvii.dll
2008-04-26 13:33:01 95808 -----n--- C:\WINDOWS\system32\vxchgarh.dll
2008-04-26 13:30:35 106048 --a------ C:\WINDOWS\system32\yyldisut.dll
2008-04-25 13:34:21 98880 --a------ C:\WINDOWS\system32\kfonomib.dll
2008-04-25 13:28:53 97856 --a------ C:\WINDOWS\system32\lbnktsvp.dll
2008-04-24 13:28:03 93248 --a------ C:\WINDOWS\system32\fnmblixc.dll
2008-04-24 13:27:56 96320 --a------ C:\WINDOWS\system32\nujiqers.dll
2008-04-23 23:00:15 211661 --ahs---- C:\WINDOWS\system32\xybeg.ini2


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C12E046-3047-4132-953E-BFBCFC6E47CF}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11241072-58BB-40CE-9171-0B2BDFB22E97}]
C:\WINDOWS\system32\nnnmnnm.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{15F86ED6-794F-49D9-8CE6-1BC159E42224}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3E67DAA3-12E4-4114-940C-218308243D9A}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4E7BD74F-2B8D-469E-A0E8-F362B685FA7D}]
17-03-2004 12:12 820736 --a------ C:\WINDOWS\system32\pbnlv2.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4850D11-4826-4BE4-BAED-BEF499F16886}]
14-05-2008 01:56 275456 --a------ C:\WINDOWS\system32\jkklm.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b6f14dfa-06b6-4a37-aa8f-c896edcdce4c}]
22-07-2008 19:13 111680 --a------ C:\WINDOWS\system32\pgchme.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C0B31996-4DD7-4E5E-A17B-426AA7D62EA3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E5619A5B-FDC7-40BB-8597-89EF3B52C0C1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EAE362C8-2568-4CDE-BE2E-D4F43A2EE4EB}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{4E7BD74F-2B8D-469E-A0E8-F362B685FA7D}"= C:\WINDOWS\system32\pbnlv2.dll [17-03-2004 12:12 820736]

[-HKEY_CLASSES_ROOT\CLSID\{4E7BD74F-2B8D-469E-A0E8-F362B685FA7D}]
[HKEY_CLASSES_ROOT\pbnlv2.PBNLV2]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.e xe" [04-08-2004 14:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT \TINTSETP.exe" [04-08-2004 14:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TIN TSETP.exe" [04-08-2004 14:00]
"VTTimer"="VTTimer.exe" [26-03-2004 14:07 C:\WINDOWS\system32\VTTimer.exe]
"SoundMan"="SOUNDMAN.EXE" [14-05-2004 15:47 C:\WINDOWS\SOUNDMAN.EXE]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22-02-2008 04:25]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [12-09-2003 12:28]
"URLLSTCK.exe"="C:\Program Files\Norton Internet Security\UrlLstCk.exe" [15-09-2003 13:25]
"PCMService"="c:\Apps\Powercinema\PCMService.e xe" [28-01-2005 11:10]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [29-08-2003 14:17]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [29-08-2003 14:20]
"Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [19-08-2003 16:41]
"NetService"="C:\WINDOWS\system32\ppnst.dll" [18-07-2008 19:09]
"BM2f3386f4"="C:\WINDOWS\system32\dmudglgg.dll " [22-07-2008 19:07]
"2c00b568"="C:\WINDOWS\system32\grviages.dll" [22-07-2008 19:10]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04-08-2004 14:00]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [21-03-2008 10:30]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{11241072-58BB-40CE-9171-0B2BDFB22E97}"= C:\WINDOWS\system32\nnnmnnm.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnmnnm]
nnnmnnm.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\jkklm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\aawservice]
@="Service"




-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

8301 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-07-23 01:21:07 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: Dutch

CPU 0: AMD Sempron(tm) 2800+
Percentage of Memory in Use: 83%
Physical Memory (total/avail): 191.48 MiB / 32.21 MiB
Pagefile Memory (total/avail): 525.48 MiB / 211.92 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1920.69 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 74.52 GiB total, 58.75 GiB free.
D: is CDROM (No Media)
E: is Removable (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST380011A - 74.53 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 74.52 GiB - C:

\\.\PHYSICALDRIVE2 - GENERIC USB Storage-CFC USB Device

\\.\PHYSICALDRIVE4 - GENERIC USB Storage-MSC USB Device

\\.\PHYSICALDRIVE3 - GENERIC USB Storage-SDC USB Device

\\.\PHYSICALDRIVE1 - GENERIC USB Storage-SMC USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
FirewallDisableNotify is set.

FW: Norton Internet Security v2004 (Symantec Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"
"C:\\WINDOWS\\system32\\LEXPPS.EXE"="C:\\WINDOWS\\ system32\\LEXPPS.EXE:*isabled:LEXPPS.EXE"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\APPS\\skype\\phone\\Skype.exe"="C:\\APPS\\sky pe\\phone\\Skype.exe:*:Enabled:Skype"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Jeroen\Application Data
CLASSPATH="C:\Program Files\Java\j2re1.4.2_05\lib\ext\QTJava.zip"
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=HARMS
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Jeroen
LOGONSERVER=\\HARMS
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\Sys tem32\Wbem;C:\PROGRA~1\COMMON~1\SONICS~1\;C:\Progr am Files\Common Files\Adobe\AGL
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0801
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA="C:\Program Files\Java\j2re1.4.2_05\lib\ext\QTJava.zip"
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Jeroen\LOCALS~1\Temp
TMP=C:\DOCUME~1\Jeroen\LOCALS~1\Temp
USERDOMAIN=HARMS
USERNAME=Jeroen
USERPROFILE=C:\Documents and Settings\Jeroen
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------

Jeroen (admin)
Peter (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> c:\apps\skype\phone\unins000.exe
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\Common Files\Symantec Shared\SymSetup\{A93C9E60-29B6-49da-BA21-F70AC6AADE20}.exe /X
--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
--> C:\Program Files\Wanadoo\GLOBAL\Mstbr\uninst.exe
--> C:\Program Files\Wanadoo\NL\Mnu\uninst.exe /F:IGOMNU.EXE /I:C:\WINDOWS\INF\MNU.INF
--> C:\Program Files\Wanadoo\NL\Sgnup\uninst.exe /F:IGOSGNUP.EXE /I:C:\WINDOWS\INF\SGNUP.INF
--> C:\WINDOWS\IsUn0413.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
--> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
--> MsiExec.exe /X{1526D87C-A955-4FAB-BF18-697BA457E352}
--> MsiExec.exe /X{503AA035-41E2-4858-B31F-1E49AC66C309}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE" -uninstall
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
--> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Display'
--> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Gamma2'
--> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Info2'
--> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Overlay'
Aangifte inkomstenbelasting 2007 --> C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2007\ib2007u.exe
Ad-Aware --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activ eX.exe
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 6.0 - Nederlands --> MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-000000000001}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
AruaROSE --> C:\Program Files\AruaROSE\Uninstall.exe
Aztech CNR2900 V.90 Modem --> C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove
Belarc Advisor 7.2 --> C:\PROGRA~1\Belarc\Advisor\Uninstall.exe C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG
Beveiligingsupdate for Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spunins t.exe"
Beveiligingsupdate for Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spunins t.exe"
Beveiligingsupdate voor Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spunins t.exe"
CC_ccProxyMSI --> MsiExec.exe /I{A398F2DC-D706-4bb2-AC38-5532CD229D08}
CC_ccStart --> MsiExec.exe /I{D6414CC7-F215-467F-88B1-546ED863F35B}
ccCommon --> MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Debugging Tools for Windows (x86) --> MsiExec.exe /I{1CD0C3C5-809D-4CFC-904A-1B67C6243637}
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
GTA2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}\Setup.exe" -l0x9
Huur- en zorgtoeslag 2008 --> C:\Program Files\Belastingdienst\Huur- en zorgtoeslag\2008\hz2008u.exe
Java 2 Runtime Environment, SE v1.4.2_05 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
KB923723: Beveiligingsupdate voor Step by Step Interactive Training --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spunins t.exe"
Lexmark X1100 Series --> C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBKUN5 C.EXE -dLexmark X1100 Series
LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
Logitech QuickCam --> MsiExec.exe /I{A488D63E-B3DD-4423-892F-2F2EC8909518}
Logitech® Camera-stuurprogramma --> "C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Magic Workstation 0.94f --> "C:\Program Files\Magic Workstation\unins000.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Word 2000 SR-1 --> MsiExec.exe /I{00170413-78E1-11D2-B60F-006097C998E7}
Microsoft Works 7.0 --> MsiExec.exe /I{A29D0501-02A2-48DD-BC1B-09B27406FE9B}
Mozilla Firefox (2.0.0.16) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP3 Player Utilities 4.15 --> MsiExec.exe /I{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}
MSRedist --> MsiExec.exe /I{FC37ABD0-2108-4beb-B010-1254E0662B5A}
MTG GamePack for Magic Workstation --> "C:\Program Files\Magic Workstation\unins001.exe"
Norton AntiSpam --> MsiExec.exe /I{3B29A786-5803-4e9e-9B58-3014A5B4E519}
Norton AntiSpam --> MsiExec.exe /I{5677563D-0CB1-485f-9E18-C5025306BB3F}
Norton AntiVirus --> MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
Norton Internet Security --> MsiExec.exe /I{12E2B9E9-05B1-407d-B0FD-B5F350535125}
Norton Internet Security --> MsiExec.exe /I{449F3A9E-9903-4a0d-A209-08030D45A935}
Norton Internet Security --> MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B}
Norton Internet Security --> MsiExec.exe /I{526AD5DC-CFC4-4f2a-8442-C84CC91D6C7F}
Norton Internet Security --> MsiExec.exe /I{91AA4B1F-B918-4e0b-A304-F8D4EC5D7726}
Norton Internet Security --> MsiExec.exe /I{A93C9E60-29B6-49da-BA21-F70AC6AADE20}
Norton Internet Security --> MsiExec.exe /I{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF}
Norton Internet Security --> MsiExec.exe /I{E47EE8FB-ACC0-4608-859C-4E2851B18A6A}
Norton Internet Security --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton Internet Security --> MsiExec.exe /I{FC2C0536-583C-46c0-844A-62CECAE01F22}
Packard Bell Magic Picture --> C:\APPS\MagicPicture\Uninstall.exe
Packard Bell Toolbar 1.0 --> "C:\Program Files\Dynamic Toolbar\unins000.exe"
Portable MP3 Player --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0FE67F7B-CFD5-4891-AED4-3E928A20A9D2}\Setup.exe" -l0x9
Shareaza versie 2.2.5.0 --> "C:\Program Files\Shareaza\Uninstall\unins000.exe"
Skype™ 3.2 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sonic MyDVD --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Symantec Script Blocking Installer --> MsiExec.exe /I{D327AFC9-7BAA-473A-8319-6EB7A0D40138}
Update voor Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spunins t.exe"
Update voor Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spunins t.exe"
Update voor Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spunins t.exe"
Update voor Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spunins t.exe"
Update voor Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spunins t.exe"
Update voor Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spunins t.exe"
Update voor Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spunins t.exe"
Update voor Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spunins t.exe"
Update voor Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spunins t.exe"
Update voor Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spunins t.exe"
Update voor Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spunins t.exe"
Update voor Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spunins t.exe"
Update voor Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spunins t.exe"
Update voor Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spunins t.exe"
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Live Messenger --> MsiExec.exe /I{9816B8B8-4B53-4D3D-9235-AD931252001D}
Windows Live OneCare safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
WinRAR --> C:\Program Files\WinRAR\uninstall.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type12639 / Success
Event Submitted/Written: 07/22/2008 01:28:54 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type12620 / Error
Event Submitted/Written: 07/21/2008 06:44:29 PM
Event ID/Source: 1000 / Application Error
Event Description:
Vastgelopen toepassing: firefox.exe, versie: 1.8.20080.4669, vastgelopen module: firefox.exe, versie: 1.8.20080.4669, vastgelopen op: 0x0001d732.
Verwerken van mediaspecifieke gebeurtenis voor [firefox.exe!ws!]

Event Record #/Type12616 / Success
Event Submitted/Written: 07/21/2008 00:50:26 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type12595 / Error
Event Submitted/Written: 07/20/2008 07:07:55 PM
Event ID/Source: 1000 / Application Error
Event Description:
Vastgelopen toepassing: firefox.exe, versie: 1.8.20080.4669, vastgelopen module: unknown, versie: 0.0.0.0, vastgelopen op: 0x01231568.
Verwerken van mediaspecifieke gebeurtenis voor [firefox.exe!ws!]

Event Record #/Type12592 / Success
Event Submitted/Written: 07/20/2008 05:14:30 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type1940 / Error
Event Submitted/Written: 07/23/2008 01:19:46 AM
Event ID/Source: 7016 / Service Control Manager
Event Description:
De SmartLinkService-service heeft een ongeldige status 0 gerapporteerd.

Event Record #/Type1912 / Error
Event Submitted/Written: 07/22/2008 01:27:37 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
De volgende opstartstuurprogramma's zijn niet geladen:
SAVRT
SAVRTPEL

Event Record #/Type1911 / Error
Event Submitted/Written: 07/22/2008 01:27:37 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
De SAVScan-service is afhankelijk van de SAVRT-service, die vanwege de volgende fout niet kan worden gestart:
%%31

Event Record #/Type1910 / Error
Event Submitted/Written: 07/22/2008 01:27:37 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
De npkcrypt-service kan vanwege de volgende fout niet worden gestart:
%%3

Event Record #/Type1909 / Error
Event Submitted/Written: 07/22/2008 01:27:37 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
De Norton AntiVirus Auto-Protect-service kan vanwege de volgende fout niet worden gestart:
%%2



-- End of Deckard's System Scanner: finished at 2008-07-23 01:21:07 ------------

Its a mess..................

Please download SDFix from here and save it to your desktop

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.

Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
Please copy and paste that log in your next reply.

================================

Ok.Lets download ComboFix.exe. This will give me a better view to the files running and also hidden on your computer and also those in the registry..Please visit this webpage for downloading and instructions for running the tool:

Go here ======> A guide and tutorial on using ComboFix <====== Go here

Please ensure you read this guide carefully and install the Recovery Console first.This applies to XP Pro and XP Home users only.If you have SP3 installed you will need to use SP2

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Once installed, you should get a prompt that says:

The Recovery Console was successfully installed.

Please continue as follows:

(1) Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
(2) Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New HijackThis log.

Caution: Never run and remove files with Combofix unless supervised by a qualified security analyst who is experienced in the use of Combofix. Mal use can cause serious computer problems

NOTE: Combofix prevents autorun of all CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you - please let me know.

SDFix: Version 1.207
Run by Jeroen on wo 23-07-2008 at 02:41

Microsoft Windows XP [versie 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

No Trojan Files Found






Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-23 02:50:19
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:38,28,12,5f,66,a0,15,ab,30,b4,a8,bd,d2 ,35,d6,5f,23,a8,44,fd,a2,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000 001]
"a0"=hex:20,01,00,00,b7,72,14,49,ad,cd,47,f9,43,ac ,60,57,29,83,3e,6b,a9,..
"khjeh"=hex:0d,3c,ac,01,02,3d,69,e5,7f,2e,4a,51,f4 ,b6,80,a2,cc,b5,d0,b6,51,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000 001\0Jf40]
"khjeh"=hex:b4,9d,e9,ae,d1,d4,4f,b0,32,bc,be,e9,e7 ,96,ed,91,75,72,90,62,0c,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\s ptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:38,28,12,5f,66,a0,15,ab,30,b4,a8,bd,d2 ,35,d6,5f,23,a8,44,fd,a2,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\s ptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,b7,72,14,49,ad,cd,47,f9,43,ac ,60,57,29,83,3e,6b,a9,..
"khjeh"=hex:0d,3c,ac,01,02,3d,69,e5,7f,2e,4a,51,f4 ,b6,80,a2,cc,b5,d0,b6,51,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\s ptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\ 0Jf40]
"khjeh"=hex:b4,9d,e9,ae,d1,d4,4f,b0,32,bc,be,e9,e7 ,96,ed,91,75,72,90,62,0c,..

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000056
"TracesSuccessful"=dword:00000005

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza"
"C:\\WINDOWS\\system32\\LEXPPS.EXE"="C:\\WINDOWS\\ system32\\LEXPPS.EXE:*isabled:LEXPPS.EXE"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\APPS\\skype\\phone\\Skype.exe"="C:\\APPS\\sky pe\\phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files :


File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Tue 26 Jun 2007 210 A.SHR --- "C:\BOOT.BAK"
Wed 12 Dec 2007 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 28 Oct 2007 20,244,496 A..H. --- "C:\Documents and Settings\Peter\Local Settings\Temp\BIT15B.tmp"
Sun 28 Oct 2007 20,244,496 A..H. --- "C:\Documents and Settings\Peter\Local Settings\Temp\BITC.tmp"
Wed 11 Aug 2004 79,000 A..H. --- "C:\Deckard\System Scanner\backup\WINDOWS\Downloaded Program Files\instwact.dll"

Finished!

Combofix.?

Here is the combifix.. I had to go and get some sleep in the meanwhile ( It was 5 Am when I posted it )

ComboFix 08-07-21.2 - Jeroen 2008-07-23 13:45:15.5 - NTFSx86
Gestart vanuit: C:\Documents and Settings\Jeroen\Bureaublad\ComboFix.exe
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BM2f3386f4.txt
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\abdwqgtt.ini
C:\WINDOWS\system32\acepqhfx.ini
C:\WINDOWS\system32\aiocncen.dll
C:\WINDOWS\system32\ajldqxwx.dll
C:\WINDOWS\system32\akljpcaa.dll
C:\WINDOWS\system32\akwavrto.dll
C:\WINDOWS\system32\amtqwidp.dll
C:\WINDOWS\system32\anbqfgsh.ini
C:\WINDOWS\system32\ankedswl.dll
C:\WINDOWS\system32\arsewrao.exe
C:\WINDOWS\system32\avygfqfr.dll
C:\WINDOWS\system32\aylsikhi.ini
C:\WINDOWS\system32\ayuedjie.dll
C:\WINDOWS\system32\bbadd.ini
C:\WINDOWS\system32\bbadd.ini2
C:\WINDOWS\system32\bfhctpwt.dll
C:\WINDOWS\system32\bgsnquvm.dll
C:\WINDOWS\system32\bideam.dll
C:\WINDOWS\system32\bkbkfota.ini
C:\WINDOWS\system32\bnbkecbd.dll
C:\WINDOWS\system32\bngwjbyw.dll
C:\WINDOWS\system32\bpkbkbkh.exe
C:\WINDOWS\system32\bseedpdd.ini
C:\WINDOWS\system32\bslvfwin.exe
C:\WINDOWS\system32\bwblis.dll
C:\WINDOWS\system32\bwfpbxgk.dll
C:\WINDOWS\system32\bwgpgack.dll
C:\WINDOWS\system32\cbpyfkmm.dll
C:\WINDOWS\system32\cexuirdn.ini
C:\WINDOWS\system32\cjyvvywu.exe
C:\WINDOWS\system32\ckiaoidk.dll
C:\WINDOWS\system32\cklujtly.ini
C:\WINDOWS\system32\ckqjsjqi.dll
C:\WINDOWS\system32\clkicwml.ini
C:\WINDOWS\system32\cmbhrima.dll
C:\WINDOWS\system32\cmhwfayq.ini
C:\WINDOWS\system32\cnyrkjjl.dll
C:\WINDOWS\system32\cofklnkq.dll
C:\WINDOWS\system32\cojakttf.exe
C:\WINDOWS\system32\covjvjjf.dll
C:\WINDOWS\system32\cowelwav.dll
C:\WINDOWS\system32\cqgipfru.dll
C:\WINDOWS\system32\ctfslmem.exe
C:\WINDOWS\system32\ctlgqvfg.dll
C:\WINDOWS\system32\cvqkckqx.dll
C:\WINDOWS\system32\cvykgkho.ini
C:\WINDOWS\system32\dctlixnp.exe
C:\WINDOWS\system32\ddeeg.ini
C:\WINDOWS\system32\ddeeg.ini2
C:\WINDOWS\system32\dfpeikem.dll
C:\WINDOWS\system32\dgabtvtr.dll
C:\WINDOWS\system32\dhdabl.dll
C:\WINDOWS\system32\djttrfba.dll
C:\WINDOWS\system32\dkofcjkw.dll
C:\WINDOWS\system32\dmudglgg.dll
C:\WINDOWS\system32\dnatmqqb.dll
C:\WINDOWS\system32\dplyverg.ini
C:\WINDOWS\system32\ednqlerw.dll
C:\WINDOWS\system32\edsxtrjj.exe
C:\WINDOWS\system32\efbphlcj.exe
C:\WINDOWS\system32\egllpjna.ini
C:\WINDOWS\system32\egyyohny.dll
C:\WINDOWS\system32\eijdeuya.ini
C:\WINDOWS\system32\ejahbk.dll
C:\WINDOWS\system32\ekqlppet.dll
C:\WINDOWS\system32\ewenlbrj.ini
C:\WINDOWS\system32\fcdsubcx.dll
C:\WINDOWS\system32\fcjfefdq.dll
C:\WINDOWS\system32\fcusgmvx.dll
C:\WINDOWS\system32\fdearpdp.ini
C:\WINDOWS\system32\fecrkxth.ini
C:\WINDOWS\system32\ffvodtfw.exe
C:\WINDOWS\system32\fnmblixc.dll
C:\WINDOWS\system32\fpwyofna.dll
C:\WINDOWS\system32\fqxfcwer.dll
C:\WINDOWS\system32\fsfcsfkn.dll
C:\WINDOWS\system32\ftmdbdqu.ini
C:\WINDOWS\system32\fvvwjt.dll
C:\WINDOWS\system32\gbjhpawl.exe
C:\WINDOWS\system32\gdfxpihk.dll
C:\WINDOWS\system32\gdgoufup.ini
C:\WINDOWS\system32\geedd.dll
C:\WINDOWS\system32\gevsvfdp.ini
C:\WINDOWS\system32\ggmxwuyo.dll
C:\WINDOWS\system32\ggwcscvv.dll
C:\WINDOWS\system32\ghkmvkkp.dll
C:\WINDOWS\system32\ghqqiejb.exe
C:\WINDOWS\system32\gjcndsav.dll
C:\WINDOWS\system32\gkikavdc.dll
C:\WINDOWS\system32\gmjwafyw.dll
C:\WINDOWS\system32\gnqfjtql.exe
C:\WINDOWS\system32\goqtinlp.ini
C:\WINDOWS\system32\grbefkth.dll
C:\WINDOWS\system32\grntxeyk.dll
C:\WINDOWS\system32\grviages.dll
C:\WINDOWS\system32\gstbbxeh.dll
C:\WINDOWS\system32\guvxylvb.ini
C:\WINDOWS\system32\gvnbfxul.ini
C:\WINDOWS\system32\gwdumner.exe
C:\WINDOWS\system32\havaqsrs.exe
C:\WINDOWS\system32\hdteimri.dll
C:\WINDOWS\system32\hfxvrpej.dll
C:\WINDOWS\system32\hqswbgus.ini
C:\WINDOWS\system32\hraghcxv.ini
C:\WINDOWS\system32\hrjfbvax.dll
C:\WINDOWS\system32\hsgfdp.dll
C:\WINDOWS\system32\htxkrcef.dll
C:\WINDOWS\system32\huwgpjkp.dll
C:\WINDOWS\system32\hvmyrnvy.dll
C:\WINDOWS\system32\hwhybfeb.dll
C:\WINDOWS\system32\hxmuroum.dll
C:\WINDOWS\system32\iactbtlu.dll
C:\WINDOWS\system32\iasyntti.exe
C:\WINDOWS\system32\igkiojcg.dll
C:\WINDOWS\system32\ihtemxwi.dll
C:\WINDOWS\system32\ilfqwoeg.ini
C:\WINDOWS\system32\iobmhcrx.ini
C:\WINDOWS\system32\iomyxjbr.dll
C:\WINDOWS\system32\ipwmktqp.dll
C:\WINDOWS\system32\itlavfkx.dll
C:\WINDOWS\system32\iuttatfl.dll
C:\WINDOWS\system32\iuwpqsnv.dll
C:\WINDOWS\system32\jahrsuop.dll
C:\WINDOWS\system32\jbphdxom.dll
C:\WINDOWS\system32\jbwglcjw.dll
C:\WINDOWS\system32\jdraceew.dll
C:\WINDOWS\system32\jftieicr.ini
C:\WINDOWS\system32\jgicxwbi.dll
C:\WINDOWS\system32\jgvksu.dll
C:\WINDOWS\system32\jjejxvxq.ini
C:\WINDOWS\system32\jkklm.dll
C:\WINDOWS\system32\jkravduo.dll
C:\WINDOWS\system32\jmnikmwe.dll
C:\WINDOWS\system32\jnboynvv.dll
C:\WINDOWS\system32\jpiywdjw.dll
C:\WINDOWS\system32\jpnmcqvs.ini
C:\WINDOWS\system32\jqkrllla.dll
C:\WINDOWS\system32\jucnslas.dll
C:\WINDOWS\system32\jvjdprvb.dll
C:\WINDOWS\system32\jvmreald.exe
C:\WINDOWS\system32\jxbwuqqs.exe
C:\WINDOWS\system32\jyetolug.dll
C:\WINDOWS\system32\kagfnnlv.dll
C:\WINDOWS\system32\kajfavwv.dll
C:\WINDOWS\system32\kbpbcsbr.dll
C:\WINDOWS\system32\kfonomib.dll
C:\WINDOWS\system32\kighovkp.dll
C:\WINDOWS\system32\kjllm.ini
C:\WINDOWS\system32\kjllm.ini2
C:\WINDOWS\system32\kktsdboh.dll
C:\WINDOWS\system32\kkvguclw.ini
C:\WINDOWS\system32\kkxkaonx.dll
C:\WINDOWS\system32\kkxtemda.ini
C:\WINDOWS\system32\kliqeswy.dll
C:\WINDOWS\system32\kpauqgxk.ini
C:\WINDOWS\system32\kphstuqr.dll
C:\WINDOWS\system32\kudwhkak.exe
C:\WINDOWS\system32\kukcmfxw.exe
C:\WINDOWS\system32\kwdxhbqb.dll
C:\WINDOWS\system32\larivacu.dll
C:\WINDOWS\system32\lbffmcvb.ini
C:\WINDOWS\system32\lbnktsvp.dll
C:\WINDOWS\system32\ljaawuaj.dll
C:\WINDOWS\system32\lkxovdff.exe
C:\WINDOWS\system32\lmcdfwit.ini
C:\WINDOWS\system32\lmumpt.dll
C:\WINDOWS\system32\lnqdymoo.ini
C:\WINDOWS\system32\lpimnafi.exe
C:\WINDOWS\system32\lpwcodmp.ini
C:\WINDOWS\system32\lrsmtena.dll
C:\WINDOWS\system32\lturbt.dll
C:\WINDOWS\system32\lufavsfg.dll
C:\WINDOWS\system32\lvdbpbwj.dll
C:\WINDOWS\system32\lwcgouwy.dll
C:\WINDOWS\system32\lwpbfujw.dll
C:\WINDOWS\system32\lyriirxa.dll
C:\WINDOWS\system32\mceoupos.dll
C:\WINDOWS\system32\mcsrwtpa.dll
C:\WINDOWS\system32\mefqprwa.dll
C:\WINDOWS\system32\mjevariv.dll
C:\WINDOWS\system32\mlkkj.ini
C:\WINDOWS\system32\mlkkj.ini2
C:\WINDOWS\system32\mlljk.dll
C:\WINDOWS\system32\mnhmpifk.ini
C:\WINDOWS\system32\mqgmsrii.exe
C:\WINDOWS\system32\mqxgwjju.dll
C:\WINDOWS\system32\mttlxwgg.ini
C:\WINDOWS\system32\nfuxvxcm.dll
C:\WINDOWS\system32\nhhixsuk.dll
C:\WINDOWS\system32\nibmpypq.dll
C:\WINDOWS\system32\niyljoni.ini
C:\WINDOWS\system32\njmhji.dll
C:\WINDOWS\system32\nmeuildh.dll
C:\WINDOWS\system32\nnutlz.dll
C:\WINDOWS\system32\npmvgscb.dll
C:\WINDOWS\system32\nqewvbja.exe
C:\WINDOWS\system32\nrecyoab.dll
C:\WINDOWS\system32\nujiqers.dll
C:\WINDOWS\system32\nwwzvc.dll
C:\WINDOWS\system32\odmyuwcs.dll
C:\WINDOWS\system32\oetyoqwa.ini
C:\WINDOWS\system32\ofugqjsv.ini
C:\WINDOWS\system32\oiagbs.dll
C:\WINDOWS\system32\okftgygt.dll
C:\WINDOWS\system32\olqbtjat.dll
C:\WINDOWS\system32\omcvqsuf.exe
C:\WINDOWS\system32\omoujueo.ini
C:\WINDOWS\system32\onjeny.dll
C:\WINDOWS\system32\onjtgjru.dll
C:\WINDOWS\system32\opdawiak.dll
C:\WINDOWS\system32\orxowlbm.dll
C:\WINDOWS\system32\osjcrftm.dll
C:\WINDOWS\system32\otiqralw.exe
C:\WINDOWS\system32\ovilmryc.dll
C:\WINDOWS\system32\ovogjrin.dll
C:\WINDOWS\system32\pafwuo.dll
C:\WINDOWS\system32\paypilqm.dll
C:\WINDOWS\system32\pbejdx.dll
C:\WINDOWS\system32\pbrxqqut.dll
C:\WINDOWS\system32\pdbeiyxi.dll
C:\WINDOWS\system32\pfneooyw.dll
C:\WINDOWS\system32\pgchme.dll
C:\WINDOWS\system32\pjqpucve.exe
C:\WINDOWS\system32\pllposwt.dll
C:\WINDOWS\system32\pmbgfibj.ini
C:\WINDOWS\system32\pnkspmju.dll
C:\WINDOWS\system32\posuhkna.dll
C:\WINDOWS\system32\ppaqhaqi.dll
C:\WINDOWS\system32\pqduujov.dll
C:\WINDOWS\system32\prhoggda.ini
C:\WINDOWS\system32\psjduphr.exe
C:\WINDOWS\system32\pthjyoog.dll
C:\WINDOWS\system32\pvasemmi.dll
C:\WINDOWS\system32\pwbbbp.dll
C:\WINDOWS\system32\pykijvxq.dll
C:\WINDOWS\system32\qcxgwhis.ini
C:\WINDOWS\system32\qhcpdowu.ini
C:\WINDOWS\system32\qioeliux.dll
C:\WINDOWS\system32\qjnhpvdk.dll
C:\WINDOWS\system32\qkuktsoy.ini
C:\WINDOWS\system32\qlxqeimk.ini
C:\WINDOWS\system32\qmomirmf.dll
C:\WINDOWS\system32\qptpqkeb.dll
C:\WINDOWS\system32\qvalccxh.ini
C:\WINDOWS\system32\qwsfhtwo.ini
C:\WINDOWS\system32\qxhldeyd.exe
C:\WINDOWS\system32\qxldhwkx.dll
C:\WINDOWS\system32\qxnteqek.dll
C:\WINDOWS\system32\rapsyyuj.ini
C:\WINDOWS\system32\rckwqxwl.dll
C:\WINDOWS\system32\reenvvii.dll
C:\WINDOWS\system32\rffgwsgv.dll
C:\WINDOWS\system32\rhjigpyx.dll
C:\WINDOWS\system32\rhvsqdna.dll
C:\WINDOWS\system32\rikerxno.ini
C:\WINDOWS\system32\riwstgne.ini
C:\WINDOWS\system32\rkzjlv.dll
C:\WINDOWS\system32\rmtpalgn.exe
C:\WINDOWS\system32\rpbhvyjr.ini
C:\WINDOWS\system32\rpfqtadk.exe
C:\WINDOWS\system32\rqxfwoxy.dll
C:\WINDOWS\system32\rrflplcc.dll
C:\WINDOWS\system32\rubgxrib.exe
C:\WINDOWS\system32\ruftjjue.dll
C:\WINDOWS\system32\ruwohhnk.dll
C:\WINDOWS\system32\rvthbrmg.dll
C:\WINDOWS\system32\rvtpieha.dll
C:\WINDOWS\system32\rxefkwih.dll
C:\WINDOWS\system32\rxjneugw.dll
C:\WINDOWS\system32\rxyxujtc.dll
C:\WINDOWS\system32\sbqbftnq.ini
C:\WINDOWS\system32\segaivrg.ini
C:\WINDOWS\system32\seoansxf.dll
C:\WINDOWS\system32\seuqxuxx.dll
C:\WINDOWS\system32\sfchkbdb.dll
C:\WINDOWS\system32\sfesgokn.dll
C:\WINDOWS\system32\sfquckva.dll
C:\WINDOWS\system32\shjcipvd.exe
C:\WINDOWS\system32\siwrbqkh.ini
C:\WINDOWS\system32\sojyqdre.dll
C:\WINDOWS\system32\sokqwnrr.dll
C:\WINDOWS\system32\srutv.ini
C:\WINDOWS\system32\srutv.ini2
C:\WINDOWS\system32\ssbieiqu.ini
C:\WINDOWS\system32\swbqvqfa.ini
C:\WINDOWS\system32\swijslbr.dll
C:\WINDOWS\system32\sxdaqrkm.dll
C:\WINDOWS\system32\tagwqfyj.ini
C:\WINDOWS\system32\tcmwvase.dll
C:\WINDOWS\system32\tegptvij.dll
C:\WINDOWS\system32\teqjiyft.dll
C:\WINDOWS\system32\tgebtykh.exe
C:\WINDOWS\system32\tkpvnwff.ini
C:\WINDOWS\system32\tneythld.dll
C:\WINDOWS\system32\tonjoqum.ini
C:\WINDOWS\system32\tootxwyt.dll
C:\WINDOWS\system32\tpnardlx.exe
C:\WINDOWS\system32\tttgfdnl.dll
C:\WINDOWS\system32\tvehhvux.dll
C:\WINDOWS\system32\tysjmpwy.dll
C:\WINDOWS\system32\ubksqqux.dll
C:\WINDOWS\system32\ucstkfar.ini
C:\WINDOWS\system32\ufqxwnet.dll
C:\WINDOWS\system32\uipsbklc.ini
C:\WINDOWS\system32\ukumjuuo.ini
C:\WINDOWS\system32\unpjojca.dll
C:\WINDOWS\system32\uodolg.dll
C:\WINDOWS\system32\uqieibss.dll
C:\WINDOWS\system32\uqjwtmoe.ini
C:\WINDOWS\system32\uumobunn.dll
C:\WINDOWS\system32\uurqaqbo.ini
C:\WINDOWS\system32\uwxtaa.dll
C:\WINDOWS\system32\uxfkjhxk.dll
C:\WINDOWS\system32\vexufenp.dll
C:\WINDOWS\system32\vijkxmmd.dll
C:\WINDOWS\system32\vldlqvtf.dll
C:\WINDOWS\system32\vlmhnwgd.dll
C:\WINDOWS\system32\vlrtdtec.dll
C:\WINDOWS\system32\vrvqxnnb.dll
C:\WINDOWS\system32\vvplkwth.ini
C:\WINDOWS\system32\vxchgarh.dll
C:\WINDOWS\system32\vycujsht.ini
C:\WINDOWS\system32\wamnsumr.dll
C:\WINDOWS\system32\wfsrpira.ini
C:\WINDOWS\system32\whoptujo.ini
C:\WINDOWS\system32\wmqdjl.dll
C:\WINDOWS\system32\woymlr.dll
C:\WINDOWS\system32\wqlliw.dll
C:\WINDOWS\system32\wqubnwht.dll
C:\WINDOWS\system32\wrcjdsev.dll
C:\WINDOWS\system32\wrvytuuu.dll
C:\WINDOWS\system32\wsgforsw.dll
C:\WINDOWS\system32\wtfrdtar.ini
C:\WINDOWS\system32\wwqcjtsm.dll
C:\WINDOWS\system32\wwtdnwks.ini
C:\WINDOWS\system32\wyhuefar.exe
C:\WINDOWS\system32\xabnedvu.dll
C:\WINDOWS\system32\xdvtvr.dll
C:\WINDOWS\system32\xfybrwpi.exe
C:\WINDOWS\system32\xgohvfbk.dll
C:\WINDOWS\system32\xgpwprdg.ini
C:\WINDOWS\system32\xlnudotm.dll
C:\WINDOWS\system32\xnfjshnb.dll
C:\WINDOWS\system32\xoffmkxo.dll
C:\WINDOWS\system32\xwxnrexh.ini
C:\WINDOWS\system32\xyadd.ini
C:\WINDOWS\system32\xyadd.ini2
C:\WINDOWS\system32\xybeg.ini
C:\WINDOWS\system32\xybeg.ini2
C:\WINDOWS\system32\yfhwlh.dll
C:\WINDOWS\system32\ygtxrobt.dll
C:\WINDOWS\system32\yjfmhdil.dll
C:\WINDOWS\system32\ymdtpneh.dll
C:\WINDOWS\system32\yodrbswl.dll
C:\WINDOWS\system32\yuhamdoa.dll
C:\WINDOWS\system32\ywpmjsyt.ini
C:\WINDOWS\system32\ywtpdjkg.dll
C:\WINDOWS\system32\yyadd.ini
C:\WINDOWS\system32\yyadd.ini2
C:\WINDOWS\system32\yyldisut.dll
.
---- Previous Run -------
.
C:\Program Files\Dynamic Toolbar
C:\Program Files\Dynamic Toolbar\Cache\skin5.bmp
C:\Program Files\Dynamic Toolbar\Cache\store.bmp
C:\Program Files\Dynamic Toolbar\Cache\style.css
C:\Program Files\Dynamic Toolbar\Cache\support.bmp
C:\Program Files\Dynamic Toolbar\Cache\ticker.xml
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\_Ticker_ticker.txt
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\ErrorLog.txt
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\go.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\home.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\logo_pb.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\parent_off.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\parent_on.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\pbnlv2tb0200.cfg
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\popup_off.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\popup_on.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\search.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\services.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\skin.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\skin1.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\skin2.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\skin3.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\skin4.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\skin5.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\store.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\style.css
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\support.bmp
C:\Program Files\Dynamic Toolbar\PBNLV2\Cache\ticker.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\mcrh.tmp

.
(((((((((((((((((((( Bestanden Gemaakt van 2008-06-23 to 2008-07-23 ))))))))))))))))))))))))))))))
.

2008-07-23 13:53 . 2008-07-23 13:53 214 --a------ C:\temp00.dat
2008-07-23 02:36 . 2008-07-23 02:36 <DIR> d-------- C:\WINDOWS\ERUNT
2008-07-23 02:35 . 2008-07-23 02:52 <DIR> d-------- C:\SDFix
2008-07-23 01:17 . 2008-07-23 01:17 <DIR> d-------- C:\Deckard
2008-07-22 16:08 . 2008-07-23 02:54 <DIR> dr-h----- C:\Documents and Settings\Jeroen\Onlangs geopend
2008-07-21 19:09 . 2008-07-22 14:52 3,174 ---hs---- C:\WINDOWS\system32\xhveipbq.ini
2008-07-20 19:10 . 2008-07-21 17:52 2,994 ---hs---- C:\WINDOWS\system32\xjlskrop.ini
2008-07-19 19:09 . 2008-07-20 19:10 2,814 ---hs---- C:\WINDOWS\system32\flerfjhr.ini
2008-07-18 19:09 . 2008-07-18 19:09 143,424 --a------ C:\WINDOWS\system32\dbemxqeq.exe
2008-07-18 19:09 . 2008-07-18 19:09 94,208 --a------ C:\WINDOWS\system32\ppnst.dll
2008-07-18 19:06 . 2008-07-19 19:07 2,634 ---hs---- C:\WINDOWS\system32\canqgssa.ini
2008-07-17 19:07 . 2008-07-18 13:07 2,514 ---hs---- C:\WINDOWS\system32\ajiswtbg.ini
2008-07-16 19:09 . 2008-07-17 12:29 2,394 ---hs---- C:\WINDOWS\system32\xbpxbaxk.ini
2008-07-15 19:05 . 2008-07-16 19:05 2,214 ---hs---- C:\WINDOWS\system32\emlgwunl.ini
2008-07-14 19:04 . 2008-07-15 19:04 1,974 ---hs---- C:\WINDOWS\system32\oyrgrspw.ini
2008-07-13 19:07 . 2008-07-14 12:59 1,854 ---hs---- C:\WINDOWS\system32\xvpgstvn.ini
2008-07-12 19:04 . 2008-07-13 19:05 1,734 ---hs---- C:\WINDOWS\system32\svheekgr.ini
2008-07-11 19:05 . 2008-07-12 12:10 1,614 ---hs---- C:\WINDOWS\system32\uiadhlay.ini
2008-07-10 19:05 . 2008-07-11 11:51 1,434 ---hs---- C:\WINDOWS\system32\avhyvcsp.ini
2008-07-09 19:02 . 2008-07-10 19:03 1,254 ---hs---- C:\WINDOWS\system32\tttmlvde.ini
2008-07-08 19:03 . 2008-07-09 12:06 1,014 ---hs---- C:\WINDOWS\system32\wwvyoind.ini
2008-07-07 19:01 . 2008-07-08 19:02 894 ---hs---- C:\WINDOWS\system32\grfwcsra.ini
2008-07-06 19:01 . 2008-07-07 19:01 714 ---hs---- C:\WINDOWS\system32\orgeirkr.ini
2008-07-05 13:20 . 2008-07-06 18:31 474 ---hs---- C:\WINDOWS\system32\tyfiytsf.ini
2008-07-04 13:18 . 2008-07-05 13:19 2,784 ---hs---- C:\WINDOWS\system32\uacrmgcn.ini
2008-07-03 13:16 . 2008-07-04 13:18 2,664 ---hs---- C:\WINDOWS\system32\ctxvouox.ini
2008-07-02 13:18 . 2008-07-03 10:32 2,484 ---hs---- C:\WINDOWS\system32\lsexccss.ini
2008-07-01 13:15 . 2008-07-02 13:17 2,184 ---hs---- C:\WINDOWS\system32\vunttaad.ini
2008-07-01 01:04 . 2008-07-01 01:04 <DIR> d-------- C:\Program Files\Belarc
2008-07-01 01:04 . 2008-02-27 13:49 3,840 --a------ C:\WINDOWS\system32\drivers\BANTExt.sys
2008-07-01 00:22 . 2008-07-01 00:22 <DIR> d-------- C:\Program Files\Lavasoft
2008-07-01 00:22 . 2008-07-01 00:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-01 00:21 . 2008-07-01 00:21 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-01 00:09 . 2008-07-01 00:10 <DIR> d-------- C:\Program Files\CCleaner
2008-06-30 13:17 . 2008-07-01 11:02 2,064 ---hs---- C:\WINDOWS\system32\uvmfkrkj.ini
2008-06-29 04:30 . 2008-06-30 12:07 1,824 ---hs---- C:\WINDOWS\system32\qvvccavn.ini
2008-06-27 22:45 . 2008-06-29 04:23 1,464 ---hs---- C:\WINDOWS\system32\bqpkspyy.ini
2008-06-26 21:46 . 2008-06-27 21:47 1,284 ---hs---- C:\WINDOWS\system32\kdvnlbwb.ini
2008-06-25 20:37 . 2008-06-26 21:46 1,104 ---hs---- C:\WINDOWS\system32\qkqbttdr.ini
2008-06-24 20:40 . 2008-06-25 16:43 804 ---hs---- C:\WINDOWS\system32\mhngmlml.ini
2008-06-23 19:32 . 2008-06-24 20:32 512 ---hs---- C:\WINDOWS\system32\wnctbcno.ini

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-07-23 11:43 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-07-19 11:32 --------- d-----w C:\Program Files\Ruff-Rose
2008-07-15 12:00 --------- d-----w C:\Program Files\Google
2008-07-13 21:35 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-13 20:45 --------- d-----w C:\Program Files\AruaROSE
2008-07-01 08:59 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-06-30 22:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-31 12:32 --------- d-----w C:\Program Files\Lexmark X1100 Series
2008-05-29 10:34 --------- d-----w C:\Documents and Settings\Jeroen\Application Data\AdobeUM
2008-05-26 15:43 --------- d-----w C:\Program Files\PokerStars
2008-05-16 09:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
REGEDIT4
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-03-21 10:30 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.E XE" [2004-08-04 14:00 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT \TINTSETP.EXE" [2004-08-04 14:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TIN TSETP.EXE" [2004-08-04 14:00 455168]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2003-09-12 12:28 70800]
"URLLSTCK.exe"="C:\Program Files\Norton Internet Security\UrlLstCk.exe" [2003-09-15 13:25 74264]
"PCMService"="c:\Apps\Powercinema\PCMService.e xe" [2005-01-28 11:10 110740]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2003-08-29 14:17 188416]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2003-08-29 14:20 77824]
"Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 16:41 57344]
"NetService"="C:\WINDOWS\system32\ppnst.dll" [2008-07-18 19:09 94208]
"VTTimer"="VTTimer.exe" [2004-03-26 14:07 49152 C:\WINDOWS\system32\VTTimer.exe]
"SoundMan"="SOUNDMAN.EXE" [2004-05-14 15:47 67072 C:\WINDOWS\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.enc"= ITIG726.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\jkklm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Shareaza\\Shareaza.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\APPS\\skype\\phone\\Skype.exe"=
.
Inhoud van de 'Gedeelde Taken' map
"2007-07-03 21:50:11 C:\WINDOWS\Tasks\Herinnering voor registratie 2.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2007-07-10 21:50:13 C:\WINDOWS\Tasks\Herinnering voor registratie 3.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2008-07-18 18:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/task:
"2007-06-27 10:16:37 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-2c00b568 - C:\WINDOWS\system32\grviages.dll
HKLM-Run-BM2f3386f4 - C:\WINDOWS\system32\dmudglgg.dll


.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.com/
R1 -: HKCU-Internet Settings,ProxyOverride = localhost
O8 -: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 -: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html

O16 -: {91F52A42-C10D-49A7-B941-882C657C604F} - hxxp://kitcentral.wanadoo.nl/download/install/win32/nl/instwact/instwact.dll
C:\WINDOWS\Downloaded Program Files\instwact.dll


************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-23 14:02:40
Windows 5.1.2600 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

************************************************** ************************
.
Voltooingstijd: 2008-07-23 14:10:30
ComboFix-quarantined-files.txt 2008-07-23 12:10:05

Pre-Run: 62,962,716,672 bytes beschikbaar
Post-Run: 62,918,230,016 bytes beschikbaar

539 --- E O F --- 2008-03-11 21:57:01

Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

It's IMPORTANT to carry out the instructions in the sequence listed below.
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Open *notepad* and copy/paste the text in the quotebox below into it:

Save this as CFScript.txt




Refering to the picture above, drag CFScript.txt into ComboFix.exe

When finished, it shall produce a log for you. Post that log in your next reply.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

When CF finishes running, the ComboFix log will open along with a message box--do not be alarmed. With the above script, ComboFix will capture a file/s to submit for analysis.

Ensure you are connected to the internet and click OK on the message box. A browser will open. Simply follow the instructions to copy/paste/send the requested file.

I've send the file trough the link,.. and now?