daveEHV

ik mag zeggen dat hij weer super snel is en hij vertoont ook geen problemen mijn moeder is helemaal blij hij was in geen 5 jaar meer zo snel geweest haha dus denk dat alles gefixed is vriendelijk dank voor weer je hulp daveehv

hier het logje van de combofix ComboFix 10-01-29.08 - Lies 30-01-2010 13:01:09.1.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.447.252 [GMT 1:00] Gestart vanuit: c:\documents and settings\Lies\Bureaublad\ComboFix.exe AV: F-Secure Anti-Virus for Workstations 8.00 *On-access scanning disabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15} . (((((((((((((((((((( Bestanden Gemaakt van 2009-12-28 to 2010-01-30 )))))))))))))))))))))))))))))) . 2010-01-30 10:54 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-30 10:54 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-30 10:54 . 2010-01-30 10:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-28 15:35 . 2010-01-30 11:05 -------- d-----w- c:\documents and settings\All Users\Bureaublad 2010-01-28 15:29 . 2010-01-28 15:29 -------- d-----w- c:\program files\MRU-Blaster 2010-01-28 14:38 . 2010-01-28 15:34 -------- d-----w- C:\Mijn Opnames 2010-01-28 14:31 . 2010-01-28 14:31 99606 ----a-r- c:\documents and settings\Lies\Application Data\Microsoft\Installer\{35915E20-0B68-4315-9C76-E36FD82695B6}\XstreamRadioStartMen_35915E200B6843159C76E36FD82695B6.exe 2010-01-28 14:31 . 2010-01-28 14:31 99606 ----a-r- c:\documents and settings\Lies\Application Data\Microsoft\Installer\{35915E20-0B68-4315-9C76-E36FD82695B6}\XstreamRadioProgramF_35915E200B6843159C76E36FD82695B6.exe 2010-01-28 14:31 . 2010-01-28 14:31 99606 ----a-r- c:\documents and settings\Lies\Application Data\Microsoft\Installer\{35915E20-0B68-4315-9C76-E36FD82695B6}\XstreamRadioDesktop_35915E200B6843159C76E36FD82695B6.exe 2010-01-28 14:31 . 2010-01-28 16:14 -------- d-----w- c:\program files\XstreamRadio 3.02 2010-01-18 13:09 . 2010-01-18 13:09 -------- d-----w- c:\documents and settings\Lies\Application Data\GameHousev1002 2010-01-07 18:53 . 2010-01-07 18:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Intenium 2010-01-07 17:34 . 2010-01-07 17:34 -------- d-----w- c:\documents and settings\Lies\Application Data\Awem 2010-01-07 15:54 . 2010-01-07 15:54 -------- d-----w- c:\documents and settings\Lies\Local Settings\Application Data\Astar Games 2009-12-31 13:57 . 2010-01-07 14:22 -------- d-----w- c:\documents and settings\Lies\Local Settings\Application Data\TheLostIncaProphecy . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-30 11:55 . 2008-10-23 14:15 -------- d-----w- c:\program files\Zylom Games 2010-01-30 11:52 . 2008-09-05 20:54 -------- d-----w- c:\program files\Google 2010-01-30 10:51 . 2009-12-18 21:22 -------- d-----w- c:\program files\BearShareTb 2010-01-29 16:16 . 2009-10-20 16:49 -------- d-----w- c:\program files\F-Secure 2010-01-28 14:20 . 2004-08-04 12:00 55682 ----a-w- c:\windows\system32\perfc013.dat 2010-01-28 14:20 . 2004-08-04 12:00 369156 ----a-w- c:\windows\system32\perfh013.dat 2010-01-27 15:19 . 2008-10-23 14:15 -------- d-----w- c:\documents and settings\Lies\Application Data\Zylom 2010-01-25 14:40 . 2009-03-22 15:13 -------- d-----w- c:\documents and settings\All Users\Application Data\MumboJumbo 2010-01-07 18:41 . 2009-01-30 13:35 -------- d-----w- c:\documents and settings\All Users\Application Data\JollyBear 2009-12-28 13:38 . 2009-12-28 13:21 117760 ----a-w- c:\documents and settings\Lies\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-12-28 13:20 . 2009-12-28 13:20 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2009-12-28 13:20 . 2009-12-28 13:20 -------- d-----w- c:\documents and settings\Lies\Application Data\SUPERAntiSpyware.com 2009-12-28 12:50 . 2009-12-28 12:50 -------- d-----w- c:\documents and settings\Lies\Application Data\Malwarebytes 2009-12-28 12:50 . 2009-12-28 12:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-12-28 12:24 . 2009-12-28 12:24 -------- d-----w- c:\documents and settings\Lies\Application Data\ChemTable Software 2009-12-28 12:24 . 2009-12-28 12:24 -------- d-----w- c:\program files\Reg Organizer 2009-12-23 10:35 . 2009-12-23 10:33 -------- d-----w- c:\documents and settings\All Users\Application Data\FarmFrenzy3 2009-12-21 19:10 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2009-12-19 14:10 . 2008-10-24 11:55 -------- d-----w- c:\documents and settings\All Users\Application Data\CanonIJPLM 2009-12-18 21:22 . 2009-12-18 21:22 -------- d-----w- c:\documents and settings\Lies\Application Data\BearShareTb 2009-12-11 20:22 . 2009-12-11 20:22 -------- d-----w- c:\documents and settings\All Users\Application Data\4148 2009-12-09 11:24 . 2009-12-09 11:24 -------- d-----w- c:\documents and settings\All Users\Application Data\2177 2009-12-04 20:15 . 2009-12-04 20:15 -------- d-----w- c:\documents and settings\All Users\Application Data\29167 2009-12-03 20:21 . 2009-12-03 20:21 -------- d-----w- c:\documents and settings\All Users\Application Data\2B2FD 2009-12-02 19:21 . 2009-12-02 19:21 -------- d-----w- c:\documents and settings\All Users\Application Data\1DEA 2009-12-02 05:03 . 2009-12-02 05:03 -------- d-----w- c:\documents and settings\All Users\Application Data\190 2009-12-02 05:03 . 2009-12-02 05:03 -------- d-----w- c:\documents and settings\All Users\Application Data\23A9 2009-11-21 16:03 . 2004-08-04 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll 2009-11-12 19:05 . 2009-05-13 18:33 664 ----a-w- c:\windows\system32\d3d9caps.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-04-03 644696] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "F-Secure Manager"="c:\program files\F-Secure\Common\FSM32.EXE" [2008-10-09 182936] "F-Secure TNB"="c:\program files\F-Secure\FSGUI\TNBUtil.exe" [2008-10-09 1182304] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Lies\Menu Start\Programma's\Opstarten\ MRU-Blaster Scheduler.lnk - c:\program files\MRU-Blaster\scheduler.exe [2003-7-19 118784] MRU-Blaster Silent Clean.lnk - c:\program files\MRU-Blaster\mrublaster.exe [2004-3-28 1216512] HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] 2008-09-05 09:30 577536 ----a-w- c:\windows\soundman.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] 2008-09-05 09:28 53248 -c--a-w- c:\windows\system32\VTTimer.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [20-10-2009 18:03 33920] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure\Anti-Virus\minifilter\fsgk.sys [20-10-2009 17:57 101496] R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [23-6-2006 1:23 808448] S2 gupdate1caa05320626bf2;Google Updateservice (gupdate1caa05320626bf2);c:\program files\Google\Update\GoogleUpdate.exe [28-1-2010 20:50 133104] S4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure\Anti-Virus\win2k\fsfilter.sys [20-10-2009 17:57 39776] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure\Anti-Virus\win2k\fsrec.sys [20-10-2009 17:57 25184] . Inhoud van de 'Gedeelde Taken' map 2010-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-28 19:50] 2010-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-28 19:50] . . ------- Bijkomende Scan ------- . uInternet Connection Wizard,ShellNext = iexplore IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: {{7A0815F1-6B65-4e3a-B198-709807B4042A} - {1EC035CE-090E-4AF7-B6DF-AD11C2F0F9C9} - c:\program files\XstreamRadio 3.02\RadioHelper.dll DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game12.zylom.com/activex/zylomgamesplayer.cab FF - ProfilePath - c:\documents and settings\Lies\Application Data\Mozilla\Firefox\Profiles\h796f8gg.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/ FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-01-30 13:04 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(1876) c:\program files\ScanSoft\OmniPageSE4\OpHookSE4.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2010-01-30 13:06:33 ComboFix-quarantined-files.txt 2010-01-30 12:06 Pre-Run: 51.015.065.600 bytes beschikbaar Post-Run: 51.165.380.608 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] h:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect - - End Of File - - B6DD2E305D40A2D0A55E6BAF4CABFB90

thanks dat je er bent kape heb hier de logjes Malwarebytes' Anti-Malware 1.44 Database versie: 3662 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 30-1-2010 12:04:10 mbam-log-2010-01-30 (12-04-10).txt Scan type: Snelle Scan Objecten gescand: 111804 Verstreken tijd: 8 minute(s), 11 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 2 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: C:\Program Files\Evidence Eliminator (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully. C:\Program Files\Evidence Eliminator\Data (Rogue.EvidenceEliminator) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:05:35, on 30-1-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure\Common\FSMB32.EXE C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\Program Files\F-Secure\Anti-Virus\fsqh.exe C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\Program Files\F-Secure\FSAUA\program\fsaua.exe C:\Program Files\F-Secure\Common\FIH32.EXE C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Canon\MyPrinter\BJMyPrt.exe C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe C:\Program Files\F-Secure\Common\FSM32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\F-Secure\FSGUI\fsguidll.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\All Users\Bureaublad\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: MRU-Blaster Scheduler.lnk = C:\Program Files\MRU-Blaster\scheduler.exe O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220607649250 O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: Google Updateservice (gupdate1caa05320626bf2) (gupdate1caa05320626bf2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 6521 bytes

na wat vertraging ben ik er kape hadden nogal wat sneeuw in brabant dus kan nu starten hij start heel langzaam op en heeft met vbeel dingen moeite heb helemaal leeg gemaakt schijfopruiming,ook de herstel punten verwijderd,scandisk maar blijft problemen vertonen alvast een logje Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:17:35, on 30-1-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure\Common\FSMB32.EXE C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\Program Files\F-Secure\Anti-Virus\fsqh.exe C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\Program Files\F-Secure\FSAUA\program\fsaua.exe C:\Program Files\F-Secure\Common\FIH32.EXE C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Canon\MyPrinter\BJMyPrt.exe C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe C:\Program Files\F-Secure\Common\FSM32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\F-Secure\FSGUI\fsguidll.exe C:\Documents and Settings\All Users\Bureaublad\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: UrlHelper Class - {6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: MRU-Blaster Scheduler.lnk = C:\Program Files\MRU-Blaster\scheduler.exe O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220607649250 O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: Google Updateservice (gupdate1caa05320626bf2) (gupdate1caa05320626bf2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 7007 bytes

ok harstikke bedankt zet ze in de qaurentine thanks voor de uitleg greets daveehv

kon de map niet checken ben er wel achter waar die in de regisrty staat HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Explorer\RunMRU en vrog me af wat een spel daar in die map doet ??? lijkt me verdacht veel op een trojan ? of kan ik hem daar uit weghalen of de hele map rumMRU mag ik legen? groet dave

ok hier is de eerste 2010-01-01 Found nothing 2010-01-02 Found nothing 2010-01-02 Riskware.Win32.KillApp!A2 2010-01-02 Found nothing 2009-12-31 Found nothing 2010-01-02 Found nothing 2010-01-01 Found nothing 2010-01-02 Found nothing 2010-01-01 APPL/KillApp.A 2010-01-01 Found nothing 2010-01-02 Found nothing 2010-01-01 Found nothing 2010-01-01 Found nothing 2009-12-31 Found nothing 2010-01-02 Found nothing 2010-01-02 Found nothing 2010-01-02 Found nothing 2010-01-01 Found nothing 2010-01-01 Found nothing 2010-01-01 Found nothing ---------- Post toegevoegd om 14:27 ---------- Vorige post was om 14:19 ---------- de tweede scan 2010-01-23 Found nothing 2010-01-24 Found nothing 2010-01-24 Riskware.Win32.ACLSet!A2 2010-01-24 Found nothing 2010-01-24 Found nothing 2010-01-24 Found nothing 2010-01-24 Found nothing 2010-01-24 Found nothing 2010-01-22 APPL/ACLSet 2010-01-24 Found nothing 2010-01-24 Found nothing 2010-01-23 Found nothing No result available 2010-01-22 Found nothing 2010-01-24 Found nothing 2010-01-24 Found nothing 2010-01-24 Found nothing 2010-01-23 Found nothing 2010-01-23 Found nothing 2010-01-23 Found nothing ---------- Post toegevoegd om 14:42 ---------- Vorige post was om 14:27 ---------- de laatste kan niet gescand worden door jotti omdat de maximale te testen file maar 15mb mag zijn en de laatste is 44 mb dus zoek een andere online scan

ok bedankt ik had ze alweer herstelt om te laten testen door jotti ga ik dadelijk aan starten, na de boodschappen laat ik het wel weten of het nu wel een probleem is of dat idd a sqaured een schoonheids foutje heeft dus hou de zaak op de hoogte verder geen noemenswaardige dingen niet toen ze in quarantine stonden of sinds ik ze heb herplaatst maar wil het nu weten ook hahhahaha wordt vervolgd groet dave

al prettig om te weten dat mijn hijack goed is ik heb a sqaured ze in qaurantine laten zetten en geen verschi gemerkt is het veilig om ze te verwijderen?? of raad je aan een keer herplaatsen en dan door jotti laten checken.Als het aan mij ligt pleur ik ze er gewoon vanaf dus wat wordt me aangeraden???

bedankt voor de verwijzing naar de smitrem site maar zag al dat dat op mij niet van toepassing was dus heb hier een logje voor jullie Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 18:29:44, on 20-1-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18865) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\Hpservice.exe C:\Windows\system32\svchost.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Windows\system32\svchost.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Program Files\SMINST\BLService.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Windows\system32\svchost.exe C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe C:\Windows\System32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\a-squared Anti-Malware\a2guard.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\XstreamRadio 3.02\XstreamRadio.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\conime.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Mozilla Firefox 3.6 Beta 2\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe C:\Windows\system32\msiexec.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Users\home\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe" /d=60 O4 - HKLM\..\Run: [smartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5BB7BBF4-5484-4488-9278-0AEBB2BEBADE}: NameServer = 195.241.77.55,195.241.77.58 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing) O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 9673 bytes

Ik ben pas geholpen en alles loopt nog als een trein.Nu heb ik wel een vraag?Het volgende is er namelijk aan de hand ik gebruik kaspersky internet security en superanti spyware en als test heb ik de nieuwe A sqaured anti malware van Emsi software.Als ik alles een keer scan geeft alleen de A sqaured anti malware 3 meldingen op 4 verschillende plaatsen zo ziet dat er uit die meldingen Riskware.Win32.KillApp!A2 bestand: C:\HP\BIN\EndProcess.exe Riskware.Win32.ACLSet!A2 bestand: C\Program Files\Hewlett-Packard\HP TCS\SetACL.exe Gen.Trojan!IK bestand: C:\ProgramData\WildTangent\f405496e-4cd5-4891-a8bc-3e58bd47b25c-extr.exe/wtap.dll bestand: C:\Users\All Users\WildTangent\f405496e-4cd5-4891-a8bc-3e58bd47b25c-extr.exe/wtap.dll het is niet dat ik persoonlijk problemen ondervindt en weet ook niet of ik ze wel zomaar kan wegdoen het is mij nogal onduidelijk en als ik op het internet kijk word ik er helemaal niets wijzer van:stupid: dus als iemand me kan vertellen of ik ze weg kan doen of niet alvast vriendelijk bedankt

thanks dan is alles perfect

heb toch wat te vroeg gejuicht hij draait nu goed maar hij blaast toch nog wel eens en heb in mij taakbeheer toch nog wat dingen gezien die me lieten twijffelen heb 3 processen die ik niet kan thuis brengen zou je daar nog even naar kunnen kijken Ati2evxx.exe csrss.exe winlogon.exe zal er ook een pic toe voegen dat je ze ziet Image - TinyPic - Free Image Hosting, Photo Sharing & Video Hosting mvg dave

nee geen merkbare dingen je hoort hem ook niet meer zo blazen harstikke bedankt voor je tijd en de moeite die je er in hebt gestoken om te helpen. mvg dave

dat was een hele zware de pc bleef heftig hangen maar gelukkig niets verloren hier de log van de combofix ComboFix 10-01-04.01 - home 05-01-2010 18:04:55.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3038.2314 [GMT 1:00] Gestart vanuit: c:\users\home\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\home\Desktop\CFScript.txt SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} FILE :: "c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe" "c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe" "c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\BearShare Applications c:\program files\BearShare Applications\BearShare\ammp3.dll c:\program files\BearShare Applications\BearShare\avcodec-51.dll c:\program files\BearShare Applications\BearShare\avformat-51.dll c:\program files\BearShare Applications\BearShare\avutil-49.dll c:\program files\BearShare Applications\BearShare\BearShare.exe c:\program files\BearShare Applications\BearShare\BerkeleyLoader.dll c:\program files\BearShare Applications\BearShare\DiscoveryHelper.dll c:\program files\BearShare Applications\BearShare\FFPage.exe c:\program files\BearShare Applications\BearShare\FixAudioDriverSignature.reg c:\program files\BearShare Applications\BearShare\GIFAnimator.dll c:\program files\BearShare Applications\BearShare\ImageUploader5.ocx c:\program files\BearShare Applications\BearShare\IMTrProgress.dll c:\program files\BearShare Applications\BearShare\IMWebControl.dll c:\program files\BearShare Applications\BearShare\InstallHelper.dll c:\program files\BearShare Applications\BearShare\Launcher.exe c:\program files\BearShare Applications\BearShare\libungif4.dll c:\program files\BearShare Applications\BearShare\lic_helper.dll c:\program files\BearShare Applications\BearShare\NCTAudioCDGrabber2.dll c:\program files\BearShare Applications\BearShare\NCTAudioCDWriter2.dll c:\program files\BearShare Applications\BearShare\NCTAudioCompress3.dll c:\program files\BearShare Applications\BearShare\NCTAudioFile3.dll c:\program files\BearShare Applications\BearShare\NCTAudioFileWMA3.dll c:\program files\BearShare Applications\BearShare\NCTAudioFormatSettings3.dll c:\program files\BearShare Applications\BearShare\NCTDataCDWriter2.dll c:\program files\BearShare Applications\BearShare\ResourcesLOC.dll c:\program files\BearShare Applications\BearShare\Shw32.dll c:\program files\BearShare Applications\BearShare\Skins\PS.exe c:\program files\BearShare Applications\BearShare\Skins\RemoteSkin.wmz c:\program files\BearShare Applications\BearShare\UninstallSurvey.exe c:\program files\BearShare Applications\BearShare\UninstallUsers.exe c:\program files\BearShare Applications\BearShare\UNWISE.EXE c:\program files\BearShare Applications\BearShare\UnwiseLauncher.exe c:\program files\BearShare Applications\BearShare\UpdateInst.exe c:\program files\BearShare Applications\BearShare\WMAProfiles.prx c:\program files\BearShare Applications\BearShare\WMHelper.dll c:\program files\Conduit c:\program files\Conduit\Community Alerts\Alert.dll c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe . (((((((((((((((((((( Bestanden Gemaakt van 2009-12-05 to 2010-01-05 )))))))))))))))))))))))))))))) . 2010-01-05 17:15 . 2010-01-05 17:15 -------- d-----w- c:\users\home\AppData\Local\temp 2010-01-05 17:15 . 2010-01-05 17:15 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-01-05 17:15 . 2010-01-05 17:15 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-01-05 11:20 . 2010-01-05 11:20 388096 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-01-05 10:53 . 2010-01-05 10:55 -------- d-----w- c:\users\home\AppData\Local\Temp(9) 2010-01-04 17:18 . 2010-01-04 17:18 -------- d-----w- c:\program files\TrendMicro 2010-01-03 18:35 . 2010-01-04 14:03 -------- d-----w- c:\program files\a-squared Anti-Malware 2010-01-03 17:46 . 2010-01-03 17:46 52224 ----a-w- c:\users\home\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll 2010-01-03 17:46 . 2010-01-03 17:46 117760 ----a-w- c:\users\home\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2010-01-03 17:45 . 2010-01-03 17:45 -------- d-----w- c:\program files\SUPERAntiSpyware 2010-01-03 17:43 . 2010-01-03 17:43 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2010-01-02 03:01 . 2010-01-03 21:58 -------- d-----w- c:\program files\CCleaner 2010-01-02 02:01 . 2010-01-02 02:01 -------- d-----w- c:\programdata\F-Secure 2009-12-26 13:48 . 2009-12-26 13:48 -------- d-----w- c:\program files\uTorrent 2009-12-25 15:20 . 2009-12-25 15:20 19944 ----a-w- c:\windows\system32\drivers\kav_atapi.sys 2009-12-24 21:59 . 2010-01-04 21:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-23 22:49 . 2009-12-23 22:49 -------- d-----w- c:\programdata\PY_Software 2009-12-23 22:49 . 2009-12-23 23:00 -------- d-----w- c:\program files\Internet TV 2009-12-23 17:06 . 2009-12-23 17:06 -------- d-----w- c:\users\home\AppData\Local\Apple Computer 2009-12-20 21:55 . 2009-12-20 21:55 -------- d-----w- c:\users\home\AppData\Roaming\ChemTable Software 2009-12-20 21:51 . 2009-12-20 21:51 -------- d-----w- c:\users\home\AppData\Local\ChemTable Software 2009-12-20 21:51 . 2009-12-20 21:51 -------- d-----w- c:\program files\Reg Organizer 2009-12-20 21:31 . 2010-01-05 11:02 -------- d-----w- c:\users\home\AppData\Roaming\SBMAV Disk Cleaner 2009-12-20 21:30 . 2009-12-20 21:31 -------- d-----w- c:\program files\SBMAV Disk Cleaner 2009 2009-12-20 21:16 . 2009-12-20 21:16 -------- d-----w- c:\program files\GRETECH 2009-12-20 16:44 . 2010-01-05 11:02 -------- d-----w- c:\users\home\AppData\Roaming\uTorrent 2009-12-20 14:45 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-12-20 14:43 . 2009-12-20 14:43 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-12-20 14:37 . 2009-12-20 14:37 932368 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll 2009-12-20 14:37 . 2009-12-20 14:37 678416 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll 2009-12-20 14:37 . 2009-12-20 14:37 604688 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll 2009-12-20 14:37 . 2009-12-20 14:37 522768 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll 2009-12-20 14:37 . 2009-12-20 14:37 1096208 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll 2009-12-20 13:20 . 2009-12-20 13:20 80400 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\fssync.dll 2009-12-20 13:20 . 2009-12-20 13:20 80400 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\fssync.dll 2009-12-20 13:01 . 2009-12-20 13:01 108059 ----a-w- c:\windows\system32\drivers\klin.dat 2009-12-20 13:01 . 2009-12-20 13:01 95259 ----a-w- c:\windows\system32\drivers\klick.dat 2009-12-20 12:59 . 2009-12-20 12:59 -------- d-----w- c:\program files\Kaspersky Lab 2009-12-20 12:52 . 2009-12-20 12:52 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files 2009-12-20 12:15 . 2010-01-05 16:57 -------- d-----w- c:\programdata\Kaspersky Lab 2009-12-20 11:32 . 2009-12-20 11:32 -------- d-----w- c:\program files\DAEMON Tools Lite 2009-12-17 10:52 . 2009-12-17 10:52 -------- d-----w- c:\users\home\AppData\Local\MediaSmart DVD 2009-12-15 13:21 . 2000-06-23 13:05 136704 ----a-w- c:\windows\system32\iacenc.dll 2009-12-15 13:21 . 2000-06-22 12:09 56320 ------w- c:\windows\system32\iyvu9_32.dll 2009-12-15 13:21 . 2009-12-15 13:21 -------- d-----w- c:\program files\Ligos 2009-12-15 13:17 . 1998-10-29 18:45 306688 ----a-w- c:\windows\IsUninst.exe 2009-12-13 23:24 . 2010-01-03 13:26 -------- d-----w- c:\users\home\AppData\Roaming\vlc 2009-12-13 20:51 . 2009-12-13 20:52 -------- d-----w- c:\program files\QuickTime 2009-12-13 20:51 . 2009-12-13 20:51 -------- d-----w- c:\programdata\Apple Computer 2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\program files\Common Files\Apple 2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\users\home\AppData\Local\Apple 2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\program files\Apple Software Update 2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\programdata\Apple 2009-12-11 22:36 . 2009-12-11 22:36 -------- d-----w- c:\programdata\ALLPlayer 2009-12-11 22:36 . 2009-06-11 21:52 892928 ----a-w- c:\programdata\ALLPlayer\LIVE\DOLBY\iconv.dll 2009-12-11 22:36 . 2009-05-29 21:31 881664 ----a-w- c:\programdata\ALLPlayer\LIVE\XVID\xvidcore.dll 2009-12-11 22:36 . 2008-11-13 03:25 740442 ----a-w- c:\programdata\ALLPlayer\LIVE\DIVX\DivX.dll 2009-12-11 22:36 . 2008-04-14 21:50 1291776 ----a-w- c:\programdata\ALLPlayer\LIVE\QUARTZ\quartzXP.dll 2009-12-11 22:36 . 2009-06-11 21:52 892928 ----a-w- c:\windows\system32\iconv.dll 2009-12-11 22:36 . 2009-12-11 22:36 -------- d-----w- c:\program files\ALLPlayer 2009-12-11 14:49 . 2009-12-11 14:49 9 ----a-w- c:\windows\iosys32b.dat 2009-12-11 00:41 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll 2009-12-11 00:41 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys 2009-12-11 00:41 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll 2009-12-10 19:00 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll 2009-12-10 19:00 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll 2009-12-09 21:19 . 2009-12-22 00:03 -------- d-----w- c:\program files\PFPortChecker 2009-12-09 19:38 . 2009-12-09 19:38 -------- d-----w- c:\windows\Google Earth Pro 4.2 2009-12-09 19:28 . 2009-12-09 19:28 -------- d-----w- c:\users\home\AppData\Local\CyberLink 2009-12-09 19:28 . 2009-12-09 19:28 -------- d-----w- c:\users\home\AppData\Local\PowerCinema 2009-12-08 13:45 . 2007-01-29 15:52 76800 ----a-w- c:\windows\system32\drivers\msw-wlan2.sys 2009-12-08 13:44 . 2009-12-08 13:44 -------- d-----w- c:\programdata\soft Xpansion 2009-12-07 23:19 . 2009-12-07 23:19 -------- d-----w- c:\programdata\eMule 2009-12-07 23:19 . 2009-12-07 23:19 -------- d-----w- c:\users\home\AppData\Local\eMule . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-04 16:12 . 2009-11-21 23:10 -------- d-----w- c:\program files\Webteh 2010-01-03 17:45 . 2009-11-19 23:07 -------- d-----w- c:\users\home\AppData\Roaming\SUPERAntiSpyware.com 2010-01-03 14:16 . 2009-11-22 18:33 -------- d-----w- c:\programdata\PC Tools 2010-01-02 01:24 . 2009-11-02 16:46 -------- d-----w- c:\program files\Wise Registry Cleaner 2010-01-02 01:23 . 2009-11-02 16:42 -------- d-----w- c:\program files\Wise Disk Cleaner 2010-01-01 12:39 . 2009-11-13 17:42 7512 ----a-w- c:\users\home\AppData\Local\d3d9caps.dat 2009-12-31 00:15 . 2009-11-02 15:00 10638 ----a-w- c:\programdata\DVDXStudio\CloneDVD4\MainApp.dll 2009-12-26 19:46 . 2009-02-28 14:33 667352 ----a-w- c:\windows\system32\perfh013.dat 2009-12-26 19:46 . 2009-02-28 14:33 126854 ----a-w- c:\windows\system32\perfc013.dat 2009-12-26 14:01 . 2009-10-27 22:01 -------- d-----w- c:\program files\Windows Live 2009-12-25 15:52 . 2009-11-22 18:16 -------- d-----w- c:\program files\Trojan Remover 2009-12-25 15:24 . 2009-10-30 00:15 19944 ----a-w- c:\windows\system32\drivers\atapi.sys 2009-12-23 23:39 . 2009-12-06 16:05 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 2 2009-12-21 23:57 . 2009-10-28 23:40 -------- d-----w- c:\users\home\AppData\Roaming\CyberLink 2009-12-20 14:43 . 2009-02-28 08:01 -------- d-----w- c:\program files\Java 2009-12-16 23:34 . 2009-12-03 10:40 -------- d-----w- c:\users\home\AppData\Roaming\dvdcss 2009-12-11 02:05 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-12-11 00:41 . 2009-10-27 17:15 -------- d-----w- c:\programdata\Microsoft Help 2009-12-08 14:59 . 2009-02-28 06:35 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-05 15:23 . 2009-12-05 15:23 -------- d-----w- c:\programdata\vsosdk 2009-12-05 01:59 . 2009-12-05 01:30 -------- d-----w- c:\users\home\AppData\Roaming\DAEMON Tools Lite 2009-12-05 01:33 . 2009-12-03 15:19 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-12-05 01:32 . 2009-12-05 01:31 -------- d-----w- c:\programdata\DAEMON Tools Lite 2009-12-03 21:33 . 2009-12-03 21:33 10 ----a-w- c:\windows\winitwkg.dat 2009-11-29 17:22 . 2009-11-29 17:22 2560 ----a-w- c:\windows\_MSRSTRT.EXE 2009-11-28 13:46 . 2009-11-23 14:24 -------- d-----w- c:\program files\Save Flash 2009-11-28 01:30 . 2009-11-03 20:06 -------- d-----w- c:\users\home\AppData\Roaming\HpUpdate 2009-11-25 20:17 . 2009-11-25 20:17 -------- d-----w- c:\programdata\Office Genuine Advantage 2009-11-25 20:08 . 2009-10-27 22:02 -------- d-----w- c:\program files\Microsoft 2009-11-23 13:38 . 2009-11-23 12:49 -------- d-----w- c:\users\home\AppData\Roaming\Secretmaker 2009-11-23 00:28 . 2009-11-23 00:28 -------- d-----w- c:\program files\Common Files\Real 2009-11-23 00:28 . 2009-11-23 00:28 -------- d-----w- c:\program files\Common Files\xing shared 2009-11-23 00:28 . 2009-11-23 00:28 -------- d-----w- c:\program files\Real 2009-11-22 17:22 . 2009-11-22 17:22 -------- d-----w- c:\programdata\Simply Super Software 2009-11-21 18:33 . 2009-10-27 20:32 -------- d-----w- c:\program files\Google 2009-11-21 06:40 . 2009-12-10 19:01 916480 ----a-w- c:\windows\system32\wininet.dll 2009-11-21 06:34 . 2009-12-10 19:01 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-11-21 06:34 . 2009-12-10 19:01 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-11-21 04:59 . 2009-12-10 19:01 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-11-19 23:08 . 2009-11-19 23:08 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2009-11-18 00:41 . 2009-11-18 00:41 -------- d-----w- c:\program files\Windows Portable Devices 2009-11-18 00:41 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-11-18 00:40 . 2009-11-18 00:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2009-11-17 15:11 . 2009-11-17 15:11 -------- d-----w- c:\users\home\AppData\Roaming\Yahoo! 2009-11-17 15:09 . 2009-11-17 15:09 -------- d-----w- c:\programdata\Yahoo! 2009-11-17 15:09 . 2009-11-17 15:07 -------- d-----w- c:\program files\Yahoo! 2009-11-15 23:22 . 2009-11-15 23:22 -------- d-----w- c:\users\home\AppData\Roaming\Malwarebytes 2009-11-15 23:22 . 2009-11-15 23:22 -------- d-----w- c:\programdata\Malwarebytes 2009-11-15 15:49 . 2009-11-10 02:14 -------- d-----w- c:\users\home\AppData\Roaming\DivX 2009-11-15 15:48 . 2009-10-27 17:24 76416 ----a-w- c:\users\home\AppData\Local\GDIPFONTCACHEV1.DAT 2009-11-15 15:31 . 2009-11-15 15:27 -------- d-----w- c:\program files\Dish_Satellite_TV 2009-11-15 15:26 . 2009-11-14 22:45 -------- d-----w- c:\programdata\BlazeVideo 2009-11-14 23:58 . 2009-11-14 23:53 -------- d-----w- c:\program files\VirtualDJ 2009-11-14 23:16 . 2009-11-14 23:16 -------- d-----w- c:\users\home\AppData\Roaming\iExpert Software 2009-11-14 23:16 . 2009-11-14 23:16 -------- d-----w- c:\program files\Registry Clean Expert 2009-11-14 13:06 . 2009-11-14 13:06 59992 ----a-w- c:\programdata\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.736\English\setup.exe 2009-11-12 18:51 . 2009-10-27 17:25 -------- d-----w- c:\users\home\AppData\Roaming\hewlett-packard 2009-11-12 18:45 . 2009-02-28 06:35 -------- d-----w- c:\programdata\Hewlett-Packard 2009-11-10 13:39 . 2009-11-17 15:09 607472 ----a-w- c:\programdata\Yahoo!\YUpdater\yupdater.exe 2009-11-10 02:03 . 2009-11-10 02:03 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-11-10 01:54 . 2009-11-10 01:54 -------- d-----w- c:\program files\DivX 2009-11-10 01:54 . 2009-11-10 01:54 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2009-11-10 01:54 . 2009-11-10 01:54 -------- d-----w- c:\program files\Common Files\DivX Shared 2009-11-10 01:42 . 2009-11-10 01:42 -------- d-----w- c:\program files\QO Developments 2009-11-09 23:04 . 2009-11-09 23:04 -------- d-----w- c:\program files\Medieval Software 2009-11-04 21:20 . 2009-11-04 21:11 169565 ----a-w- c:\windows\hpoins44.dat 2009-11-03 15:33 . 2009-11-03 15:33 21520 ----a-w- c:\windows\system32\drivers\klim6.sys 2009-11-02 14:58 . 2009-11-02 14:58 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys 2009-11-02 14:58 . 2009-11-02 14:58 47360 ----a-w- c:\users\home\AppData\Roaming\pcouffin.sys 2009-11-02 14:58 . 2009-11-02 14:58 47360 ----a-w- c:\users\home\AppData\Roaming\pcouffin.sys 2009-10-29 09:17 . 2009-11-25 20:12 2048 ----a-w- c:\windows\system32\tzres.dll 2009-10-27 23:44 . 2009-10-27 23:44 52736 ----a-w- c:\windows\AppPatch\iebrshim.dll 2009-10-27 21:53 . 2009-10-27 21:53 99606 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{35915E20-0B68-4315-9C76-E36FD82695B6}\XstreamRadioStartMen_35915E200B6843159C76E36FD82695B6.exe 2009-10-27 21:53 . 2009-10-27 21:53 99606 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{35915E20-0B68-4315-9C76-E36FD82695B6}\XstreamRadioProgramF_35915E200B6843159C76E36FD82695B6.exe 2009-10-27 21:53 . 2009-10-27 21:53 99606 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{35915E20-0B68-4315-9C76-E36FD82695B6}\XstreamRadioDesktop_35915E200B6843159C76E36FD82695B6.exe 2009-10-27 18:00 . 2009-11-02 14:45 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2009-10-27 15:08 . 2009-10-27 15:08 0 ----a-w- c:\windows\ativpsrm.bin 2009-10-27 15:05 . 2009-10-27 15:05 6656 ----a-w- c:\windows\system32\bcmwlrc.dll 2009-10-27 15:05 . 2009-10-27 15:05 87280 ----a-w- c:\windows\system32\bcmwlcoi.dll 2009-10-27 15:05 . 2009-10-27 15:05 3809280 ----a-w- c:\windows\system32\bcmihvsrv.dll 2009-10-27 15:05 . 2009-10-27 15:05 3502080 ----a-w- c:\windows\system32\bcmihvui.dll 2009-10-27 15:05 . 2009-10-27 15:05 1331192 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS 2009-10-20 18:34 . 2009-10-20 18:34 219664 ----a-w- c:\windows\system32\klogon.dll 2009-10-14 19:18 . 2009-10-14 19:18 36880 ----a-w- c:\windows\system32\drivers\klbg.sys 2009-10-08 21:08 . 2009-11-17 14:54 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2009-10-08 21:08 . 2009-11-17 14:54 234496 ----a-w- c:\windows\system32\oleacc.dll 2009-10-08 21:07 . 2009-11-17 14:54 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2009-02-28 14:50 . 2009-02-28 14:35 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-12-16 2002160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-24 1348904] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-06-03 450652] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-20 149280] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-20 340456] "a-squared"="c:\program files\a-squared Anti-Malware\a2guard.exe" [2010-01-02 3280712] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2009-09-04 11:08 935288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate] 2009-11-11 15:18 870400 ----a-w- c:\program files\ALLPlayer\ALLUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer for HP TouchSmart] 2008-12-25 12:41 189736 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent] 2008-11-28 17:04 1148200 ------w- c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2008-06-09 09:16 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] 2009-11-10 14:39 5244216 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe] 2008-10-10 11:24 206128 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegClean Expert Scheduler] 2009-11-09 02:14 605944 ----a-w- c:\program files\Registry Clean Expert\RCHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu] 2008-11-18 18:35 914224 ----a-w- c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2009-11-23 00:28 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent] 2008-12-25 12:41 1316136 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVAgent] 2009-05-08 16:32 206120 ------w- c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu] 2008-11-14 21:02 218408 ------w- c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut] 2008-06-13 17:11 210216 ------w- c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut] 2008-10-30 10:51 210216 ------w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut] 2008-06-13 17:11 210216 ------w- c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut] 2008-11-26 10:34 210216 ------w- c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant] 2008-12-08 10:25 432432 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:50,9d,48,44,6b,59,ca,01 R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [14-10-2009 20:18 36880] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [3-11-2009 16:33 21520] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [16-12-2009 16:26 9968] R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [16-12-2009 16:26 74480] R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/10/27 16:12];c:\program files\Hewlett-Packard\Media\DVD\000.fcl [28-11-2008 18:04 87536] R2 a2AntiMalware;a-squared Anti-Malware Service;c:\program files\a-squared Anti-Malware\a2service.exe [3-1-2010 19:35 1858144] R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\AEstSrv.exe [2-3-2009 18:43 81920] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21-1-2008 3:23 21504] R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [18-3-2008 16:24 19456] R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [28-2-2009 9:34 365952] R2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [26-11-2008 17:13 296320] R2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [26-11-2008 17:13 116096] R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [4-9-2008 18:47 54784] R3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [23-10-2008 10:42 107360] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\System32\drivers\klmouflt.sys [2-10-2009 18:39 19472] S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [3-12-2009 16:19 691696] S2 Norton Internet Security;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?] S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [28-2-2009 7:50 222512] S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21-1-2008 3:23 21504] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16-12-2009 16:27 7408] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map 2009-12-26 c:\windows\Tasks\HPCeeScheduleForhome.job - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2009-02-28 10:34] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: {{7A0815F1-6B65-4e3a-B198-709807B4042A} - {1EC035CE-090E-4AF7-B6DF-AD11C2F0F9C9} - c:\program files\XstreamRadio 3.02\RadioHelper.dll TCP: {5BB7BBF4-5484-4488-9278-0AEBB2BEBADE} = 195.241.77.55,195.241.77.58 FF - ProfilePath - c:\users\home\AppData\Roaming\Mozilla\Firefox\Profiles\2e1wqqg9.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - component: c:\program files\Mozilla Firefox 3.6 Beta 2\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("html5.enable", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-01-05 18:15 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}] "ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl" . Voltooingstijd: 2010-01-05 18:19:30 ComboFix-quarantined-files.txt 2010-01-05 17:19 ComboFix2.txt 2010-01-05 16:13 ComboFix3.txt 2010-01-05 10:52 ComboFix4.txt 2010-01-04 20:57 Pre-Run: 206.638.387.200 bytes beschikbaar Post-Run: 206.651.293.696 bytes beschikbaar - - End Of File - - 45C703FA7F9CC54C5D47C66A0F1B4411

Ik was er al bang voor vooral alles weg was en ik die vervelende bearshare terug had. heb bij deze dus een nieuw log van beide Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 17:18:16, on 5-1-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18865) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\conime.exe C:\Windows\system32\notepad.exe C:\Windows\explorer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Mozilla Firefox 3.6 Beta 2\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Users\home\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5BB7BBF4-5484-4488-9278-0AEBB2BEBADE}: NameServer = 195.241.77.55,195.241.77.58 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing) O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 6801 bytes en ook de combo nog een keer ComboFix 10-01-04.01 - home 05-01-2010 17:03:27.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3038.2221 [GMT 1:00] Gestart vanuit: c:\users\home\Desktop\ComboFix.exe SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\home\AppData\Roaming\inst.exe c:\windows\system32\Msasys16.exe c:\windows\system32\oem9.inf c:\windows\system32\systeminfo.dll c:\windows\system32\systeminfo3.dll . (((((((((((((((((((( Bestanden Gemaakt van 2009-12-05 to 2010-01-05 )))))))))))))))))))))))))))))) . 2010-01-05 16:10 . 2010-01-05 16:10 -------- d-----w- c:\users\home\AppData\Local\temp 2010-01-05 16:10 . 2010-01-05 16:10 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-01-05 16:10 . 2010-01-05 16:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-01-04 17:18 . 2010-01-04 17:18 -------- d-----w- c:\program files\TrendMicro 2010-01-03 18:35 . 2010-01-04 14:03 -------- d-----w- c:\program files\a-squared Anti-Malware 2010-01-03 17:46 . 2010-01-03 17:46 52224 ----a-w- c:\users\home\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll 2010-01-03 17:46 . 2010-01-03 17:46 117760 ----a-w- c:\users\home\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2010-01-03 17:45 . 2010-01-03 17:45 65024 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe 2010-01-03 17:45 . 2010-01-03 17:45 5120 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe 2010-01-03 17:45 . 2010-01-03 17:45 18944 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe 2010-01-03 17:45 . 2010-01-03 17:45 -------- d-----w- c:\program files\SUPERAntiSpyware 2010-01-03 17:43 . 2010-01-03 17:43 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2010-01-02 03:01 . 2010-01-03 21:58 -------- d-----w- c:\program files\CCleaner 2010-01-02 02:01 . 2010-01-02 02:01 -------- d-----w- c:\programdata\F-Secure 2009-12-26 13:48 . 2009-12-26 13:48 -------- d-----w- c:\program files\uTorrent 2009-12-25 15:20 . 2009-12-25 15:20 19944 ----a-w- c:\windows\system32\drivers\kav_atapi.sys 2009-12-24 21:59 . 2010-01-04 21:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-23 22:49 . 2009-12-23 22:49 -------- d-----w- c:\programdata\PY_Software 2009-12-23 22:49 . 2009-12-23 23:00 -------- d-----w- c:\program files\Internet TV 2009-12-23 17:06 . 2009-12-23 17:06 -------- d-----w- c:\users\home\AppData\Local\Apple Computer 2009-12-20 21:55 . 2009-12-20 21:55 -------- d-----w- c:\users\home\AppData\Roaming\ChemTable Software 2009-12-20 21:51 . 2009-12-20 21:51 -------- d-----w- c:\users\home\AppData\Local\ChemTable Software 2009-12-20 21:51 . 2009-12-20 21:51 -------- d-----w- c:\program files\Reg Organizer 2009-12-20 21:31 . 2010-01-05 11:02 -------- d-----w- c:\users\home\AppData\Roaming\SBMAV Disk Cleaner 2009-12-20 21:30 . 2009-12-20 21:31 -------- d-----w- c:\program files\SBMAV Disk Cleaner 2009 2009-12-20 21:16 . 2009-12-20 21:16 -------- d-----w- c:\program files\GRETECH 2009-12-20 16:44 . 2010-01-05 11:02 -------- d-----w- c:\users\home\AppData\Roaming\uTorrent 2009-12-20 14:45 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-12-20 14:43 . 2009-12-20 14:43 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-12-20 14:37 . 2009-12-20 14:37 932368 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll 2009-12-20 14:37 . 2009-12-20 14:37 678416 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll 2009-12-20 14:37 . 2009-12-20 14:37 604688 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll 2009-12-20 14:37 . 2009-12-20 14:37 522768 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll 2009-12-20 14:37 . 2009-12-20 14:37 1096208 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll 2009-12-20 13:20 . 2009-12-20 13:20 80400 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\fssync.dll 2009-12-20 13:20 . 2009-12-20 13:20 80400 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\fssync.dll 2009-12-20 13:01 . 2009-12-20 13:01 108059 ----a-w- c:\windows\system32\drivers\klin.dat 2009-12-20 13:01 . 2009-12-20 13:01 95259 ----a-w- c:\windows\system32\drivers\klick.dat 2009-12-20 12:59 . 2009-12-20 12:59 -------- d-----w- c:\program files\Kaspersky Lab 2009-12-20 12:52 . 2009-12-20 12:52 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files 2009-12-20 12:15 . 2010-01-05 16:00 -------- d-----w- c:\programdata\Kaspersky Lab 2009-12-20 11:32 . 2009-12-20 11:32 -------- d-----w- c:\program files\DAEMON Tools Lite 2009-12-17 10:52 . 2009-12-17 10:52 -------- d-----w- c:\users\home\AppData\Local\MediaSmart DVD 2009-12-15 13:21 . 2000-06-23 13:05 136704 ----a-w- c:\windows\system32\iacenc.dll 2009-12-15 13:21 . 2000-06-22 12:09 56320 ------w- c:\windows\system32\iyvu9_32.dll 2009-12-15 13:21 . 2009-12-15 13:21 -------- d-----w- c:\program files\Ligos 2009-12-15 13:17 . 1998-10-29 18:45 306688 ----a-w- c:\windows\IsUninst.exe 2009-12-13 23:24 . 2010-01-03 13:26 -------- d-----w- c:\users\home\AppData\Roaming\vlc 2009-12-13 20:51 . 2009-12-13 20:52 -------- d-----w- c:\program files\QuickTime 2009-12-13 20:51 . 2009-12-13 20:51 -------- d-----w- c:\programdata\Apple Computer 2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\program files\Common Files\Apple 2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\users\home\AppData\Local\Apple 2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\program files\Apple Software Update 2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\programdata\Apple 2009-12-11 22:36 . 2009-12-11 22:36 -------- d-----w- c:\programdata\ALLPlayer 2009-12-11 22:36 . 2009-06-11 21:52 892928 ----a-w- c:\programdata\ALLPlayer\LIVE\DOLBY\iconv.dll 2009-12-11 22:36 . 2009-05-29 21:31 881664 ----a-w- c:\programdata\ALLPlayer\LIVE\XVID\xvidcore.dll 2009-12-11 22:36 . 2008-11-13 03:25 740442 ----a-w- c:\programdata\ALLPlayer\LIVE\DIVX\DivX.dll 2009-12-11 22:36 . 2008-04-14 21:50 1291776 ----a-w- c:\programdata\ALLPlayer\LIVE\QUARTZ\quartzXP.dll 2009-12-11 22:36 . 2009-06-11 21:52 892928 ----a-w- c:\windows\system32\iconv.dll 2009-12-11 22:36 . 2009-12-11 22:36 -------- d-----w- c:\program files\ALLPlayer 2009-12-11 14:49 . 2009-12-11 14:49 9 ----a-w- c:\windows\iosys32b.dat 2009-12-11 00:41 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll 2009-12-11 00:41 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys 2009-12-11 00:41 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll 2009-12-10 19:00 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll 2009-12-10 19:00 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll 2009-12-09 21:19 . 2009-12-22 00:03 -------- d-----w- c:\program files\PFPortChecker 2009-12-09 19:38 . 2009-12-09 19:38 -------- d-----w- c:\windows\Google Earth Pro 4.2 2009-12-09 19:28 . 2009-12-09 19:28 -------- d-----w- c:\users\home\AppData\Local\CyberLink 2009-12-09 19:28 . 2009-12-09 19:28 -------- d-----w- c:\users\home\AppData\Local\PowerCinema 2009-12-08 13:45 . 2007-01-29 15:52 76800 ----a-w- c:\windows\system32\drivers\msw-wlan2.sys 2009-12-08 13:44 . 2009-12-08 13:44 -------- d-----w- c:\programdata\soft Xpansion 2009-12-07 23:19 . 2009-12-07 23:19 -------- d-----w- c:\programdata\eMule 2009-12-07 23:19 . 2009-12-07 23:19 -------- d-----w- c:\users\home\AppData\Local\eMule . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-05 11:20 . 2010-01-05 11:20 388096 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-01-05 11:01 . 2009-11-15 15:27 -------- d-----w- c:\program files\Conduit 2010-01-05 11:01 . 2009-11-12 21:09 -------- d-----w- c:\program files\BearShare Applications 2010-01-04 16:12 . 2009-11-21 23:10 -------- d-----w- c:\program files\Webteh 2010-01-03 17:45 . 2009-11-19 23:07 -------- d-----w- c:\users\home\AppData\Roaming\SUPERAntiSpyware.com 2010-01-03 14:16 . 2009-11-22 18:33 -------- d-----w- c:\programdata\PC Tools 2010-01-02 01:24 . 2009-11-02 16:46 -------- d-----w- c:\program files\Wise Registry Cleaner 2010-01-02 01:23 . 2009-11-02 16:42 -------- d-----w- c:\program files\Wise Disk Cleaner 2010-01-01 12:39 . 2009-11-13 17:42 7512 ----a-w- c:\users\home\AppData\Local\d3d9caps.dat 2009-12-31 00:15 . 2009-11-02 15:00 10638 ----a-w- c:\programdata\DVDXStudio\CloneDVD4\MainApp.dll 2009-12-26 19:46 . 2009-02-28 14:33 667352 ----a-w- c:\windows\system32\perfh013.dat 2009-12-26 19:46 . 2009-02-28 14:33 126854 ----a-w- c:\windows\system32\perfc013.dat 2009-12-26 14:01 . 2009-10-27 22:01 -------- d-----w- c:\program files\Windows Live 2009-12-25 15:52 . 2009-11-22 18:16 -------- d-----w- c:\program files\Trojan Remover 2009-12-25 15:24 . 2009-10-30 00:15 19944 ----a-w- c:\windows\system32\drivers\atapi.sys 2009-12-23 23:39 . 2009-12-06 16:05 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 2 2009-12-21 23:57 . 2009-10-28 23:40 -------- d-----w- c:\users\home\AppData\Roaming\CyberLink 2009-12-20 14:43 . 2009-02-28 08:01 -------- d-----w- c:\program files\Java 2009-12-16 23:34 . 2009-12-03 10:40 -------- d-----w- c:\users\home\AppData\Roaming\dvdcss 2009-12-11 02:05 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-12-11 00:41 . 2009-10-27 17:15 -------- d-----w- c:\programdata\Microsoft Help 2009-12-08 14:59 . 2009-02-28 06:35 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-05 15:23 . 2009-12-05 15:23 -------- d-----w- c:\programdata\vsosdk 2009-12-05 01:59 . 2009-12-05 01:30 -------- d-----w- c:\users\home\AppData\Roaming\DAEMON Tools Lite 2009-12-05 01:33 . 2009-12-03 15:19 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-12-05 01:32 . 2009-12-05 01:31 -------- d-----w- c:\programdata\DAEMON Tools Lite 2009-12-03 21:33 . 2009-12-03 21:33 10 ----a-w- c:\windows\winitwkg.dat 2009-11-29 17:22 . 2009-11-29 17:22 2560 ----a-w- c:\windows\_MSRSTRT.EXE 2009-11-28 13:46 . 2009-11-23 14:24 -------- d-----w- c:\program files\Save Flash 2009-11-28 01:30 . 2009-11-03 20:06 -------- d-----w- c:\users\home\AppData\Roaming\HpUpdate 2009-11-25 20:17 . 2009-11-25 20:17 -------- d-----w- c:\programdata\Office Genuine Advantage 2009-11-25 20:08 . 2009-10-27 22:02 -------- d-----w- c:\program files\Microsoft 2009-11-23 13:38 . 2009-11-23 12:49 -------- d-----w- c:\users\home\AppData\Roaming\Secretmaker 2009-11-23 00:28 . 2009-11-23 00:28 -------- d-----w- c:\program files\Common Files\Real 2009-11-23 00:28 . 2009-11-23 00:28 -------- d-----w- c:\program files\Common Files\xing shared 2009-11-23 00:28 . 2009-11-23 00:28 -------- d-----w- c:\program files\Real 2009-11-22 17:22 . 2009-11-22 17:22 -------- d-----w- c:\programdata\Simply Super Software 2009-11-21 18:33 . 2009-10-27 20:32 -------- d-----w- c:\program files\Google 2009-11-21 06:40 . 2009-12-10 19:01 916480 ----a-w- c:\windows\system32\wininet.dll 2009-11-21 06:34 . 2009-12-10 19:01 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-11-21 06:34 . 2009-12-10 19:01 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-11-21 04:59 . 2009-12-10 19:01 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-11-19 23:08 . 2009-11-19 23:08 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2009-11-18 00:41 . 2009-11-18 00:41 -------- d-----w- c:\program files\Windows Portable Devices 2009-11-18 00:41 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-11-18 00:40 . 2009-11-18 00:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2009-11-17 15:11 . 2009-11-17 15:11 -------- d-----w- c:\users\home\AppData\Roaming\Yahoo! 2009-11-17 15:09 . 2009-11-17 15:09 -------- d-----w- c:\programdata\Yahoo! 2009-11-17 15:09 . 2009-11-17 15:07 -------- d-----w- c:\program files\Yahoo! 2009-11-15 23:22 . 2009-11-15 23:22 -------- d-----w- c:\users\home\AppData\Roaming\Malwarebytes 2009-11-15 23:22 . 2009-11-15 23:22 -------- d-----w- c:\programdata\Malwarebytes 2009-11-15 15:49 . 2009-11-10 02:14 -------- d-----w- c:\users\home\AppData\Roaming\DivX 2009-11-15 15:48 . 2009-10-27 17:24 76416 ----a-w- c:\users\home\AppData\Local\GDIPFONTCACHEV1.DAT 2009-11-15 15:31 . 2009-11-15 15:27 -------- d-----w- c:\program files\Dish_Satellite_TV 2009-11-15 15:26 . 2009-11-14 22:45 -------- d-----w- c:\programdata\BlazeVideo 2009-11-14 23:58 . 2009-11-14 23:53 -------- d-----w- c:\program files\VirtualDJ 2009-11-14 23:16 . 2009-11-14 23:16 -------- d-----w- c:\users\home\AppData\Roaming\iExpert Software 2009-11-14 23:16 . 2009-11-14 23:16 -------- d-----w- c:\program files\Registry Clean Expert 2009-11-14 13:06 . 2009-11-14 13:06 59992 ----a-w- c:\programdata\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.736\English\setup.exe 2009-11-12 18:51 . 2009-10-27 17:25 -------- d-----w- c:\users\home\AppData\Roaming\hewlett-packard 2009-11-12 18:45 . 2009-02-28 06:35 -------- d-----w- c:\programdata\Hewlett-Packard 2009-11-10 13:39 . 2009-11-17 15:09 607472 ----a-w- c:\programdata\Yahoo!\YUpdater\yupdater.exe 2009-11-10 02:03 . 2009-11-10 02:03 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-11-10 01:54 . 2009-11-10 01:54 -------- d-----w- c:\program files\DivX 2009-11-10 01:54 . 2009-11-10 01:54 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2009-11-10 01:54 . 2009-11-10 01:54 -------- d-----w- c:\program files\Common Files\DivX Shared 2009-11-10 01:42 . 2009-11-10 01:42 -------- d-----w- c:\program files\QO Developments 2009-11-09 23:04 . 2009-11-09 23:04 -------- d-----w- c:\program files\Medieval Software 2009-11-04 21:20 . 2009-11-04 21:11 169565 ----a-w- c:\windows\hpoins44.dat 2009-11-03 15:33 . 2009-11-03 15:33 21520 ----a-w- c:\windows\system32\drivers\klim6.sys 2009-11-02 14:58 . 2009-11-02 14:58 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys 2009-11-02 14:58 . 2009-11-02 14:58 47360 ----a-w- c:\users\home\AppData\Roaming\pcouffin.sys 2009-11-02 14:58 . 2009-11-02 14:58 47360 ----a-w- c:\users\home\AppData\Roaming\pcouffin.sys 2009-10-29 09:17 . 2009-11-25 20:12 2048 ----a-w- c:\windows\system32\tzres.dll 2009-10-27 23:44 . 2009-10-27 23:44 52736 ----a-w- c:\windows\AppPatch\iebrshim.dll 2009-10-27 21:53 . 2009-10-27 21:53 99606 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{35915E20-0B68-4315-9C76-E36FD82695B6}\XstreamRadioStartMen_35915E200B6843159C76E36FD82695B6.exe 2009-10-27 21:53 . 2009-10-27 21:53 99606 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{35915E20-0B68-4315-9C76-E36FD82695B6}\XstreamRadioProgramF_35915E200B6843159C76E36FD82695B6.exe 2009-10-27 21:53 . 2009-10-27 21:53 99606 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{35915E20-0B68-4315-9C76-E36FD82695B6}\XstreamRadioDesktop_35915E200B6843159C76E36FD82695B6.exe 2009-10-27 18:00 . 2009-11-02 14:45 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2009-10-27 15:08 . 2009-10-27 15:08 0 ----a-w- c:\windows\ativpsrm.bin 2009-10-27 15:05 . 2009-10-27 15:05 6656 ----a-w- c:\windows\system32\bcmwlrc.dll 2009-10-27 15:05 . 2009-10-27 15:05 87280 ----a-w- c:\windows\system32\bcmwlcoi.dll 2009-10-27 15:05 . 2009-10-27 15:05 3809280 ----a-w- c:\windows\system32\bcmihvsrv.dll 2009-10-27 15:05 . 2009-10-27 15:05 3502080 ----a-w- c:\windows\system32\bcmihvui.dll 2009-10-27 15:05 . 2009-10-27 15:05 1331192 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS 2009-10-20 18:34 . 2009-10-20 18:34 219664 ----a-w- c:\windows\system32\klogon.dll 2009-10-14 19:18 . 2009-10-14 19:18 36880 ----a-w- c:\windows\system32\drivers\klbg.sys 2009-10-08 21:08 . 2009-11-17 14:54 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2009-10-08 21:08 . 2009-11-17 14:54 234496 ----a-w- c:\windows\system32\oleacc.dll 2009-10-08 21:07 . 2009-11-17 14:54 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2009-02-28 14:50 . 2009-02-28 14:35 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-12-16 2002160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-24 1348904] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-06-03 450652] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-20 149280] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-20 340456] "a-squared"="c:\program files\a-squared Anti-Malware\a2guard.exe" [2010-01-02 3280712] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2009-09-04 11:08 935288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate] 2009-11-11 15:18 870400 ----a-w- c:\program files\ALLPlayer\ALLUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer for HP TouchSmart] 2008-12-25 12:41 189736 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent] 2008-11-28 17:04 1148200 ------w- c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2008-06-09 09:16 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] 2009-11-10 14:39 5244216 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe] 2008-10-10 11:24 206128 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegClean Expert Scheduler] 2009-11-09 02:14 605944 ----a-w- c:\program files\Registry Clean Expert\RCHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu] 2008-11-18 18:35 914224 ----a-w- c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2009-11-23 00:28 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent] 2008-12-25 12:41 1316136 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVAgent] 2009-05-08 16:32 206120 ------w- c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu] 2008-11-14 21:02 218408 ------w- c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut] 2008-06-13 17:11 210216 ------w- c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut] 2008-10-30 10:51 210216 ------w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut] 2008-06-13 17:11 210216 ------w- c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut] 2008-11-26 10:34 210216 ------w- c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant] 2008-12-08 10:25 432432 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:50,9d,48,44,6b,59,ca,01 R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [14-10-2009 20:18 36880] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [3-11-2009 16:33 21520] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [16-12-2009 16:26 9968] R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [16-12-2009 16:26 74480] R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/10/27 16:12];c:\program files\Hewlett-Packard\Media\DVD\000.fcl [28-11-2008 18:04 87536] R2 a2AntiMalware;a-squared Anti-Malware Service;c:\program files\a-squared Anti-Malware\a2service.exe [3-1-2010 19:35 1858144] R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\AEstSrv.exe [2-3-2009 18:43 81920] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21-1-2008 3:23 21504] R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [18-3-2008 16:24 19456] R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [28-2-2009 9:34 365952] R2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [26-11-2008 17:13 296320] R2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [26-11-2008 17:13 116096] R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [4-9-2008 18:47 54784] R3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [23-10-2008 10:42 107360] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\System32\drivers\klmouflt.sys [2-10-2009 18:39 19472] R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16-12-2009 16:27 7408] S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [3-12-2009 16:19 691696] S2 Norton Internet Security;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?] S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [28-2-2009 7:50 222512] S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21-1-2008 3:23 21504] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map 2009-12-26 c:\windows\Tasks\HPCeeScheduleForhome.job - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2009-02-28 10:34] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: {{7A0815F1-6B65-4e3a-B198-709807B4042A} - {1EC035CE-090E-4AF7-B6DF-AD11C2F0F9C9} - c:\program files\XstreamRadio 3.02\RadioHelper.dll TCP: {5BB7BBF4-5484-4488-9278-0AEBB2BEBADE} = 195.241.77.55,195.241.77.58 FF - ProfilePath - c:\users\home\AppData\Roaming\Mozilla\Firefox\Profiles\2e1wqqg9.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - component: c:\program files\Mozilla Firefox 3.6 Beta 2\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("html5.enable", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-01-05 17:10 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}] "ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl" . Voltooingstijd: 2010-01-05 17:13:14 ComboFix-quarantined-files.txt 2010-01-05 16:13 ComboFix2.txt 2010-01-05 10:52 ComboFix3.txt 2010-01-04 20:57 Pre-Run: 206.752.526.336 bytes beschikbaar Post-Run: 206.711.754.752 bytes beschikbaar - - End Of File - - 8D8423D95E4FB887AE507BEFFEC1D938 en wederom bedankt mvg dave EHV

Er is een probleem opgetreden toen combofix nog bezig was.Ik was even niet achter de pc en toen is mijn kat er op gaan staan waardoor alles was vastgelopen waardoor ik een systeem herstel moest doen en denk dat ik weer terug bij af ben mijn excuses hiervoor. Bij deze een nieuw hijack log en hoop dat het meevalt Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 12:22:17, on 5-1-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18865) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\home\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = mijnAOL | HP R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = mijnAOL | HP R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5BB7BBF4-5484-4488-9278-0AEBB2BEBADE}: NameServer = 195.241.77.55,195.241.77.58 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing) O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 8308 bytes

dank je kape voor de snelle reactie ben net klaar dus hier komen de logjes moet wel zeggen dat die combo mijn laptop niet liet herstarten maar ging verder goed Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 22:14:41, on 4-1-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18865) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\conime.exe C:\Windows\explorer.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Mozilla Firefox 3.6 Beta 2\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Users\home\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5BB7BBF4-5484-4488-9278-0AEBB2BEBADE}: NameServer = 195.241.77.55,195.241.77.58 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing) O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 7134 bytes en dan nu de combofix ComboFix 10-01-04.01 - home 04-01-2010 21:48:02.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3038.2158 [GMT 1:00] Gestart vanuit: c:\users\home\Desktop\ComboFix.exe SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\home\AppData\Roaming\inst.exe c:\windows\system32\Msasys16.exe c:\windows\system32\oem9.inf c:\windows\system32\systeminfo.dll c:\windows\system32\systeminfo3.dll . (((((((((((((((((((( Bestanden Gemaakt van 2009-12-04 to 2010-01-04 )))))))))))))))))))))))))))))) . 2010-01-04 20:54 . 2010-01-04 20:55 -------- d-----w- c:\users\home\AppData\Local\temp 2010-01-04 20:54 . 2010-01-04 20:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-01-04 17:18 . 2010-01-04 17:18 388096 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-01-04 17:18 . 2010-01-04 17:18 -------- d-----w- c:\program files\TrendMicro 2010-01-03 18:35 . 2010-01-04 14:03 -------- d-----w- c:\program files\a-squared Anti-Malware 2010-01-03 17:46 . 2010-01-03 17:46 52224 ----a-w- c:\users\home\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll 2010-01-03 17:46 . 2010-01-03 17:46 117760 ----a-w- c:\users\home\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2010-01-03 17:45 . 2010-01-03 17:45 65024 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe 2010-01-03 17:45 . 2010-01-03 17:45 5120 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe 2010-01-03 17:45 . 2010-01-03 17:45 18944 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe 2010-01-03 17:45 . 2010-01-03 17:45 -------- d-----w- c:\program files\SUPERAntiSpyware 2010-01-03 17:43 . 2010-01-03 17:43 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2010-01-02 03:01 . 2010-01-03 21:58 -------- d-----w- c:\program files\CCleaner 2010-01-02 02:01 . 2010-01-02 02:01 -------- d-----w- c:\programdata\F-Secure 2009-12-26 13:48 . 2009-12-26 13:48 -------- d-----w- c:\program files\uTorrent 2009-12-25 15:20 . 2009-12-25 15:20 19944 ----a-w- c:\windows\system32\drivers\kav_atapi.sys 2009-12-24 21:59 . 2010-01-03 14:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-23 22:49 . 2009-12-23 22:49 -------- d-----w- c:\programdata\PY_Software 2009-12-23 22:49 . 2009-12-23 23:00 -------- d-----w- c:\program files\Internet TV 2009-12-23 17:06 . 2009-12-23 17:06 -------- d-----w- c:\users\home\AppData\Local\Apple Computer 2009-12-20 21:55 . 2009-12-20 21:55 -------- d-----w- c:\users\home\AppData\Roaming\ChemTable Software 2009-12-20 21:51 . 2009-12-20 21:51 -------- d-----w- c:\users\home\AppData\Local\ChemTable Software 2009-12-20 21:51 . 2009-12-20 21:51 -------- d-----w- c:\program files\Reg Organizer 2009-12-20 21:31 . 2010-01-02 02:25 -------- d-----w- c:\users\home\AppData\Roaming\SBMAV Disk Cleaner 2009-12-20 21:30 . 2009-12-20 21:31 -------- d-----w- c:\program files\SBMAV Disk Cleaner 2009 2009-12-20 21:16 . 2009-12-20 21:16 -------- d-----w- c:\program files\GRETECH 2009-12-20 16:44 . 2010-01-03 21:08 -------- d-----w- c:\users\home\AppData\Roaming\uTorrent 2009-12-20 14:45 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-12-20 14:43 . 2009-12-20 14:43 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-12-20 14:37 . 2009-12-20 14:37 932368 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll 2009-12-20 14:37 . 2009-12-20 14:37 678416 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll 2009-12-20 14:37 . 2009-12-20 14:37 604688 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll 2009-12-20 14:37 . 2009-12-20 14:37 522768 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll 2009-12-20 14:37 . 2009-12-20 14:37 1096208 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll 2009-12-20 13:20 . 2009-12-20 13:20 80400 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\fssync.dll 2009-12-20 13:20 . 2009-12-20 13:20 80400 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\fssync.dll 2009-12-20 13:01 . 2009-12-20 13:01 108059 ----a-w- c:\windows\system32\drivers\klin.dat 2009-12-20 13:01 . 2009-12-20 13:01 95259 ----a-w- c:\windows\system32\drivers\klick.dat 2009-12-20 12:59 . 2009-12-20 12:59 -------- d-----w- c:\program files\Kaspersky Lab 2009-12-20 12:52 . 2009-12-20 12:52 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files 2009-12-20 12:15 . 2010-01-04 20:43 -------- d-----w- c:\programdata\Kaspersky Lab 2009-12-20 11:32 . 2009-12-20 11:32 -------- d-----w- c:\program files\DAEMON Tools Lite 2009-12-17 10:52 . 2009-12-17 10:52 -------- d-----w- c:\users\home\AppData\Local\MediaSmart DVD 2009-12-15 13:21 . 2000-06-23 13:05 136704 ----a-w- c:\windows\system32\iacenc.dll 2009-12-15 13:21 . 2000-06-22 12:09 56320 ------w- c:\windows\system32\iyvu9_32.dll 2009-12-15 13:21 . 2009-12-15 13:21 -------- d-----w- c:\program files\Ligos 2009-12-15 13:17 . 1998-10-29 18:45 306688 ----a-w- c:\windows\IsUninst.exe 2009-12-13 23:24 . 2010-01-03 13:26 -------- d-----w- c:\users\home\AppData\Roaming\vlc 2009-12-13 20:51 . 2009-12-13 20:52 -------- d-----w- c:\program files\QuickTime 2009-12-13 20:51 . 2009-12-13 20:51 -------- d-----w- c:\programdata\Apple Computer 2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\program files\Common Files\Apple 2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\users\home\AppData\Local\Apple 2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\program files\Apple Software Update 2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\programdata\Apple 2009-12-11 22:36 . 2009-12-11 22:36 -------- d-----w- c:\programdata\ALLPlayer 2009-12-11 22:36 . 2009-06-11 21:52 892928 ----a-w- c:\programdata\ALLPlayer\LIVE\DOLBY\iconv.dll 2009-12-11 22:36 . 2009-05-29 21:31 881664 ----a-w- c:\programdata\ALLPlayer\LIVE\XVID\xvidcore.dll 2009-12-11 22:36 . 2008-11-13 03:25 740442 ----a-w- c:\programdata\ALLPlayer\LIVE\DIVX\DivX.dll 2009-12-11 22:36 . 2008-04-14 21:50 1291776 ----a-w- c:\programdata\ALLPlayer\LIVE\QUARTZ\quartzXP.dll 2009-12-11 22:36 . 2009-06-11 21:52 892928 ----a-w- c:\windows\system32\iconv.dll 2009-12-11 22:36 . 2009-12-11 22:36 -------- d-----w- c:\program files\ALLPlayer 2009-12-11 14:49 . 2009-12-11 14:49 9 ----a-w- c:\windows\iosys32b.dat 2009-12-11 00:41 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll 2009-12-11 00:41 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys 2009-12-11 00:41 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll 2009-12-10 19:00 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll 2009-12-10 19:00 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll 2009-12-09 21:19 . 2009-12-22 00:03 -------- d-----w- c:\program files\PFPortChecker 2009-12-09 19:38 . 2009-12-09 19:38 -------- d-----w- c:\windows\Google Earth Pro 4.2 2009-12-09 19:28 . 2009-12-09 19:28 -------- d-----w- c:\users\home\AppData\Local\CyberLink 2009-12-09 19:28 . 2009-12-09 19:28 -------- d-----w- c:\users\home\AppData\Local\PowerCinema 2009-12-08 13:45 . 2007-01-29 15:52 76800 ----a-w- c:\windows\system32\drivers\msw-wlan2.sys 2009-12-08 13:44 . 2009-12-08 13:44 -------- d-----w- c:\programdata\soft Xpansion 2009-12-07 23:19 . 2009-12-07 23:19 -------- d-----w- c:\programdata\eMule 2009-12-07 23:19 . 2009-12-07 23:19 -------- d-----w- c:\users\home\AppData\Local\eMule 2009-12-06 16:05 . 2009-12-23 23:39 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 2 . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-04 16:12 . 2009-11-21 23:10 -------- d-----w- c:\program files\Webteh 2010-01-03 17:45 . 2009-11-19 23:07 -------- d-----w- c:\users\home\AppData\Roaming\SUPERAntiSpyware.com 2010-01-03 14:16 . 2009-11-22 18:33 -------- d-----w- c:\programdata\PC Tools 2010-01-02 01:24 . 2009-11-02 16:46 -------- d-----w- c:\program files\Wise Registry Cleaner 2010-01-02 01:23 . 2009-11-02 16:42 -------- d-----w- c:\program files\Wise Disk Cleaner 2010-01-01 12:39 . 2009-11-13 17:42 7512 ----a-w- c:\users\home\AppData\Local\d3d9caps.dat 2009-12-31 00:15 . 2009-11-02 15:00 10638 ----a-w- c:\programdata\DVDXStudio\CloneDVD4\MainApp.dll 2009-12-26 19:46 . 2009-02-28 14:33 667352 ----a-w- c:\windows\system32\perfh013.dat 2009-12-26 19:46 . 2009-02-28 14:33 126854 ----a-w- c:\windows\system32\perfc013.dat 2009-12-26 14:01 . 2009-10-27 22:01 -------- d-----w- c:\program files\Windows Live 2009-12-25 15:52 . 2009-11-22 18:16 -------- d-----w- c:\program files\Trojan Remover 2009-12-25 15:24 . 2009-10-30 00:15 19944 ----a-w- c:\windows\system32\drivers\atapi.sys 2009-12-21 23:57 . 2009-10-28 23:40 -------- d-----w- c:\users\home\AppData\Roaming\CyberLink 2009-12-20 14:43 . 2009-02-28 08:01 -------- d-----w- c:\program files\Java 2009-12-16 23:34 . 2009-12-03 10:40 -------- d-----w- c:\users\home\AppData\Roaming\dvdcss 2009-12-11 02:05 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-12-11 00:41 . 2009-10-27 17:15 -------- d-----w- c:\programdata\Microsoft Help 2009-12-08 14:59 . 2009-02-28 06:35 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-05 15:23 . 2009-12-05 15:23 -------- d-----w- c:\programdata\vsosdk 2009-12-05 01:59 . 2009-12-05 01:30 -------- d-----w- c:\users\home\AppData\Roaming\DAEMON Tools Lite 2009-12-05 01:33 . 2009-12-03 15:19 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-12-05 01:32 . 2009-12-05 01:31 -------- d-----w- c:\programdata\DAEMON Tools Lite 2009-12-03 21:33 . 2009-12-03 21:33 10 ----a-w- c:\windows\winitwkg.dat 2009-11-29 17:22 . 2009-11-29 17:22 2560 ----a-w- c:\windows\_MSRSTRT.EXE 2009-11-28 13:46 . 2009-11-23 14:24 -------- d-----w- c:\program files\Save Flash 2009-11-28 01:30 . 2009-11-03 20:06 -------- d-----w- c:\users\home\AppData\Roaming\HpUpdate 2009-11-25 20:17 . 2009-11-25 20:17 -------- d-----w- c:\programdata\Office Genuine Advantage 2009-11-25 20:08 . 2009-10-27 22:02 -------- d-----w- c:\program files\Microsoft 2009-11-23 13:38 . 2009-11-23 12:49 -------- d-----w- c:\users\home\AppData\Roaming\Secretmaker 2009-11-23 00:28 . 2009-11-23 00:28 -------- d-----w- c:\program files\Common Files\Real 2009-11-23 00:28 . 2009-11-23 00:28 -------- d-----w- c:\program files\Common Files\xing shared 2009-11-23 00:28 . 2009-11-23 00:28 -------- d-----w- c:\program files\Real 2009-11-22 17:22 . 2009-11-22 17:22 -------- d-----w- c:\programdata\Simply Super Software 2009-11-21 18:33 . 2009-10-27 20:32 -------- d-----w- c:\program files\Google 2009-11-21 06:40 . 2009-12-10 19:01 916480 ----a-w- c:\windows\system32\wininet.dll 2009-11-21 06:34 . 2009-12-10 19:01 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-11-21 06:34 . 2009-12-10 19:01 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-11-21 04:59 . 2009-12-10 19:01 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-11-19 23:08 . 2009-11-19 23:08 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2009-11-18 00:41 . 2009-11-18 00:41 -------- d-----w- c:\program files\Windows Portable Devices 2009-11-18 00:41 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-11-18 00:40 . 2009-11-18 00:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2009-11-17 15:11 . 2009-11-17 15:11 -------- d-----w- c:\users\home\AppData\Roaming\Yahoo! 2009-11-17 15:09 . 2009-11-17 15:09 -------- d-----w- c:\programdata\Yahoo! 2009-11-17 15:09 . 2009-11-17 15:07 -------- d-----w- c:\program files\Yahoo! 2009-11-15 23:22 . 2009-11-15 23:22 -------- d-----w- c:\users\home\AppData\Roaming\Malwarebytes 2009-11-15 23:22 . 2009-11-15 23:22 -------- d-----w- c:\programdata\Malwarebytes 2009-11-15 15:49 . 2009-11-10 02:14 -------- d-----w- c:\users\home\AppData\Roaming\DivX 2009-11-15 15:48 . 2009-10-27 17:24 76416 ----a-w- c:\users\home\AppData\Local\GDIPFONTCACHEV1.DAT 2009-11-15 15:31 . 2009-11-15 15:27 -------- d-----w- c:\program files\Dish_Satellite_TV 2009-11-15 15:27 . 2009-11-15 15:27 -------- d-----w- c:\program files\Conduit 2009-11-15 15:26 . 2009-11-14 22:45 -------- d-----w- c:\programdata\BlazeVideo 2009-11-14 23:58 . 2009-11-14 23:53 -------- d-----w- c:\program files\VirtualDJ 2009-11-14 23:16 . 2009-11-14 23:16 -------- d-----w- c:\users\home\AppData\Roaming\iExpert Software 2009-11-14 23:16 . 2009-11-14 23:16 -------- d-----w- c:\program files\Registry Clean Expert 2009-11-14 13:06 . 2009-11-14 13:06 59992 ----a-w- c:\programdata\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.736\English\setup.exe 2009-11-12 21:09 . 2009-11-12 21:09 -------- d-----w- c:\program files\BearShare Applications 2009-11-12 18:51 . 2009-10-27 17:25 -------- d-----w- c:\users\home\AppData\Roaming\hewlett-packard 2009-11-12 18:45 . 2009-02-28 06:35 -------- d-----w- c:\programdata\Hewlett-Packard 2009-11-10 13:39 . 2009-11-17 15:09 607472 ----a-w- c:\programdata\Yahoo!\YUpdater\yupdater.exe 2009-11-10 02:03 . 2009-11-10 02:03 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-11-10 01:54 . 2009-11-10 01:54 -------- d-----w- c:\program files\DivX 2009-11-10 01:54 . 2009-11-10 01:54 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2009-11-10 01:54 . 2009-11-10 01:54 -------- d-----w- c:\program files\Common Files\DivX Shared 2009-11-10 01:42 . 2009-11-10 01:42 -------- d-----w- c:\program files\QO Developments 2009-11-09 23:04 . 2009-11-09 23:04 -------- d-----w- c:\program files\Medieval Software 2009-11-04 21:20 . 2009-11-04 21:11 169565 ----a-w- c:\windows\hpoins44.dat 2009-11-03 15:33 . 2009-11-03 15:33 21520 ----a-w- c:\windows\system32\drivers\klim6.sys 2009-11-02 14:58 . 2009-11-02 14:58 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys 2009-11-02 14:58 . 2009-11-02 14:58 47360 ----a-w- c:\users\home\AppData\Roaming\pcouffin.sys 2009-11-02 14:58 . 2009-11-02 14:58 47360 ----a-w- c:\users\home\AppData\Roaming\pcouffin.sys 2009-10-29 09:17 . 2009-11-25 20:12 2048 ----a-w- c:\windows\system32\tzres.dll 2009-10-27 23:44 . 2009-10-27 23:44 52736 ----a-w- c:\windows\AppPatch\iebrshim.dll 2009-10-27 21:53 . 2009-10-27 21:53 99606 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{35915E20-0B68-4315-9C76-E36FD82695B6}\XstreamRadioStartMen_35915E200B6843159C76E36FD82695B6.exe 2009-10-27 21:53 . 2009-10-27 21:53 99606 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{35915E20-0B68-4315-9C76-E36FD82695B6}\XstreamRadioProgramF_35915E200B6843159C76E36FD82695B6.exe 2009-10-27 21:53 . 2009-10-27 21:53 99606 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{35915E20-0B68-4315-9C76-E36FD82695B6}\XstreamRadioDesktop_35915E200B6843159C76E36FD82695B6.exe 2009-10-27 18:00 . 2009-11-02 14:45 85504 ----a-w- c:\windows\system32\ff_vfw.dll 2009-10-27 15:08 . 2009-10-27 15:08 0 ----a-w- c:\windows\ativpsrm.bin 2009-10-27 15:05 . 2009-10-27 15:05 6656 ----a-w- c:\windows\system32\bcmwlrc.dll 2009-10-27 15:05 . 2009-10-27 15:05 87280 ----a-w- c:\windows\system32\bcmwlcoi.dll 2009-10-27 15:05 . 2009-10-27 15:05 3809280 ----a-w- c:\windows\system32\bcmihvsrv.dll 2009-10-27 15:05 . 2009-10-27 15:05 3502080 ----a-w- c:\windows\system32\bcmihvui.dll 2009-10-27 15:05 . 2009-10-27 15:05 1331192 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS 2009-10-20 18:34 . 2009-10-20 18:34 219664 ----a-w- c:\windows\system32\klogon.dll 2009-10-14 19:18 . 2009-10-14 19:18 36880 ----a-w- c:\windows\system32\drivers\klbg.sys 2009-10-08 21:08 . 2009-11-17 14:54 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2009-10-08 21:08 . 2009-11-17 14:54 234496 ----a-w- c:\windows\system32\oleacc.dll 2009-10-08 21:07 . 2009-11-17 14:54 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2009-02-28 14:50 . 2009-02-28 14:35 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-12-16 2002160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-24 1348904] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-06-03 450652] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-20 149280] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-20 340456] "a-squared"="c:\program files\a-squared Anti-Malware\a2guard.exe" [2010-01-02 3280712] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2009-09-04 11:08 935288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate] 2009-11-11 15:18 870400 ----a-w- c:\program files\ALLPlayer\ALLUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer for HP TouchSmart] 2008-12-25 12:41 189736 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent] 2008-11-28 17:04 1148200 ------w- c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2008-06-09 09:16 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] 2009-11-10 14:39 5244216 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe] 2008-10-10 11:24 206128 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegClean Expert Scheduler] 2009-11-09 02:14 605944 ----a-w- c:\program files\Registry Clean Expert\RCHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu] 2008-11-18 18:35 914224 ----a-w- c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2009-11-23 00:28 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent] 2008-12-25 12:41 1316136 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVAgent] 2009-05-08 16:32 206120 ------w- c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu] 2008-11-14 21:02 218408 ------w- c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut] 2008-06-13 17:11 210216 ------w- c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut] 2008-10-30 10:51 210216 ------w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut] 2008-06-13 17:11 210216 ------w- c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut] 2008-11-26 10:34 210216 ------w- c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant] 2008-12-08 10:25 432432 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(:50,9d,48,44,6b,59,ca,01 R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [14-10-2009 20:18 36880] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [3-11-2009 16:33 21520] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [16-12-2009 16:26 9968] R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [16-12-2009 16:26 74480] R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/10/27 16:12];c:\program files\Hewlett-Packard\Media\DVD\000.fcl [28-11-2008 18:04 87536] R2 a2AntiMalware;a-squared Anti-Malware Service;c:\program files\a-squared Anti-Malware\a2service.exe [3-1-2010 19:35 1858144] R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\AEstSrv.exe [2-3-2009 18:43 81920] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21-1-2008 3:23 21504] R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [18-3-2008 16:24 19456] R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [28-2-2009 9:34 365952] R2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [26-11-2008 17:13 296320] R2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [26-11-2008 17:13 116096] R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [4-9-2008 18:47 54784] R3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [23-10-2008 10:42 107360] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\System32\drivers\klmouflt.sys [2-10-2009 18:39 19472] R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16-12-2009 16:27 7408] S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [3-12-2009 16:19 691696] S2 Norton Internet Security;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?] S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [28-2-2009 7:50 222512] S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21-1-2008 3:23 21504] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map 2009-12-26 c:\windows\Tasks\HPCeeScheduleForhome.job - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2009-02-28 10:34] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: {{7A0815F1-6B65-4e3a-B198-709807B4042A} - {1EC035CE-090E-4AF7-B6DF-AD11C2F0F9C9} - c:\program files\XstreamRadio 3.02\RadioHelper.dll TCP: {5BB7BBF4-5484-4488-9278-0AEBB2BEBADE} = 195.241.77.55,195.241.77.58 FF - ProfilePath - c:\users\home\AppData\Roaming\Mozilla\Firefox\Profiles\2e1wqqg9.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/ FF - component: c:\program files\Mozilla Firefox 3.6 Beta 2\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("html5.enable", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-01-04 21:55 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}] "ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl" . Voltooingstijd: 2010-01-04 21:57:51 ComboFix-quarantined-files.txt 2010-01-04 20:57 Pre-Run: 210.082.127.872 bytes beschikbaar Post-Run: 210.028.056.576 bytes beschikbaar - - End Of File - - C4DC544DC255CE451B7FDEE31C8DB16F en de laatste mbam vond niets meer Malwarebytes' Anti-Malware 1.43 Database versie: 3493 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18865 4-1-2010 22:11:00 mbam-log-2010-01-04 (22-11-00).txt Scan type: Snelle Scan Objecten gescand: 98287 Verstreken tijd: 4 minute(s), 13 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) hoop dat dat het is en wil je graag nog wat vragen kan ik dat het beste in een PM vragen ???

Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 18:39:00, on 4-1-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18865) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Mozilla Firefox 3.6 Beta 2\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\home\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5BB7BBF4-5484-4488-9278-0AEBB2BEBADE}: NameServer = 195.241.77.55,195.241.77.58 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing) O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- End of file - 8443 bytes

Ik zal met het probleem starten.Het is namelijk zo dat ik AVG Free 9 gebruikte,twee weken terug starten ik een scan en hij liep vast.Toen dacht ik wat vreemd en starten MBAM die liep ook vast en toen Spyware doctor en juist ook die liep vast.Nu gebruik ik weleens een diskcleaner en een registrycleaner en dacht laat ik die evendraaien.Toen die starten kreeg ik meteen een melding van trojan MOM.exe die AVG meteen herkende,waardoor ik dacht dat is de vast loper.Ik dus gekeken online wat MOM.exe in hield.Zoals we weten is de mening nogal verschillend maar vond iemand die wist te zeggen dat ik moest kijken naar de bestandlocatie waar die zich bevond.Ik dus aan de slag taakbeheer open hij stond boven aan ik naar de locatie en het was Ati maar hij gebruikte 50% van cpu dus wist dat dat niet kon.hij had ook gemeld als ik de locatie had gevonden de complete folder verwijderen en full scan doen.Ik gedaan maar toen kwamen er meer fouten :bawling:maar gaf niet op MBAM gaf niets aan liep wel diepe scan en spyware doctor ook ik beide weggegooid en ook de avg en de nieuwste kaspersky internet security.Maar ook de superantispyware en a-squared anti-malware 4.5.Zo dacht starten maar en jawel alles ging redelijk ook een registrycleaner.Nu doe ik de anti malware scannen en die geeft meteen het gen.trojan ik aan maar kaspersky en de rest niets dus zou graag wat hulp willen voordat mijn pc niets meer doet lol hij start wel goed nergen problemen mee maar wil toch graag weten wat er nu mis is alsvast vriendelijk bedankt

was een goede test reageerde meteen gebruik de test versie van kaspersy internet security 2010 heb nog een paar dagen dus test kwam goed uit

hey bedankt voor de hulp mijn pc was gecrashed heb een nieuw moederbord en nieuwe dvd brander alle problemen opgelost was hem een week kwijt bedankt voor de hulp

kape sorry dat het zo lang duurde maar heb net mijn pc terug gekregen moeder bord was helemaal naar de Y&&^%^%$%$ dus hij hield ineens op opgestuurd alles nieuw erin thanks voor de hulp

ik heb de nieuwe firmware gedownload en toen ik hem wilde installeren kreeg ik een message dat het niet de goede firmware is

ik gebruik de TSSTcorpCDDVDW TS-L633M ATA Device