formatteren en drivers

13 maart 2008

De link gaat niet van de Comboscan en de hijack wil die bovenstaande file ook niet verwijderen

13 maart 2008

Ik heb het uitgevoerd en hier is dan de log

Deckard's System Scanner v20071014.68

Run by kimsie on 2008-03-13 22:02:05

Computer is in Normal Mode.

--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --

7: 2008-03-13 21:02:10 UTC - RP7 - Deckard's System Scanner Restore Point

6: 2008-03-13 19:51:54 UTC - RP6 - Software Distribution Service 3.0

5: 2008-03-13 19:18:57 UTC - RP5 - Software Distribution Service 3.0

4: 2008-03-13 15:53:27 UTC - RP4 - Installed Ad-Aware 2007

3: 2008-03-13 15:43:12 UTC - RP3 - Removed Ad-Aware 2007

-- First Restore Point --

1: 2008-03-13 15:37:11 UTC - RP1 - Controlepunt van systeem

Backed up registry hives.

Performed disk cleanup.

-- HijackThis (run as kimsie.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:02:54, on 13/03/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.5\BHR.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\IEPro\MiniDM.exe

C:\Documents and Settings\kimsie\Bureaublad\dss.exe

C:\PROGRA~1\TRENDM~1\HIJACK~1\kimsie.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: PDF-XChange Viewer IE-Plugin - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Program Files\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll

O3 - Toolbar: Visa Norton-verktygsfältet - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll

O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\Run: [bHR] C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.5\BHR.exe

O4 - HKLM\..\Run: [bMef4f7638] Rundll32.exe "C:\WINDOWS\system32\nsgcpshj.dll",s

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll

O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab

O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--

End of file - 8023 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080313-195700-131 O2 - BHO: (no name) - {731BEAD5-F235-4385-888B-78FEDBEFD724} - (no file)

backup-20080313-195700-134 O21 - SSODL: adsoowf - {A8B8BF65-B58E-4753-BEE9-2DE9AF490BBF} - (no file)

backup-20080313-195700-237 O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm

backup-20080313-195700-259 O2 - BHO: (no name) - {EB5DB5C7-1130-4A8E-8C90-EF3465308C68} - C:\WINDOWS\system32\awtsr.dll (file missing)

backup-20080313-195700-266 O2 - BHO: (no name) - {CA80378B-D1A2-4A5F-A026-E4236C222191} - (no file)

backup-20080313-195700-274 O4 - HKLM\..\Run: [ec7c45a4] rundll32.exe "C:\WINDOWS\system32\yptxvnmd.dll",b

backup-20080313-195700-309 O2 - BHO: {f43abb69-496a-253a-fc04-9a1032a51f75} - {57f15a23-01a9-40cf-a352-a69496bba34f} - C:\WINDOWS\system32\exusskit.dll (file missing)

backup-20080313-195700-398 O2 - BHO: (no name) - {949C786C-A509-4FAB-8B09-3127A674DF3A} - (no file)

backup-20080313-195700-437 O20 - Winlogon Notify: winhld32 - winhld32.dll (file missing)

backup-20080313-195700-487 O20 - Winlogon Notify: winzzd32 - winzzd32.dll (file missing)

backup-20080313-195700-494 O2 - BHO: (no name) - {46945B61-233A-4E50-ADB6-FE966F1833AB} - (no file)

backup-20080313-195700-597 O2 - BHO: (no name) - {c1b3dca6-c7f0-4989-b6fb-f5c98c708ca6} - (no file)

backup-20080313-195700-630 O2 - BHO: (no name) - {1F395D6F-62F1-4CF1-B1F8-564B62C161F7} - (no file)

backup-20080313-195700-704 O4 - HKLM\..\Run: [bMef4f7638] Rundll32.exe "C:\WINDOWS\system32\nsgcpshj.dll",s

backup-20080313-195700-751 O3 - Toolbar: (no name) - {5AE4E53D-BAF7-4049-89E6-1AB2BBC659CA} - (no file)

backup-20080313-195700-851 O2 - BHO: (no name) - {023FA577-56A7-4209-8FE8-FF51C249A481} - (no file)

backup-20080313-195700-946 O20 - Winlogon Notify: hggghhf - hggghhf.dll (file missing)

backup-20080313-200318-107 O21 - SSODL: zip - {155730a6-fda7-4769-a738-454177f703a1} - C:\WINDOWS\Installer\{155730a6-fda7-4769-a738-454177f703a1}\zip.dll (file missing)

backup-20080313-200318-164 O20 - Winlogon Notify: wnlmzsfh - wnlmzsfh.dll (file missing)

backup-20080313-200318-206 O4 - HKLM\..\Run: [bMef4f7638] Rundll32.exe "C:\WINDOWS\system32\nsgcpshj.dll",s

backup-20080313-200318-256 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

backup-20080313-200318-429 O21 - SSODL: bgrlsmn - {BF849D5F-55E9-4038-A4DB-2E671B360245} - (no file)

backup-20080313-200318-441 O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)

backup-20080313-200318-455 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

backup-20080313-200318-484 O2 - BHO: (no name) - {4F5A71B4-96B2-4DA5-BC15-D7F40981550B} - (no file)

backup-20080313-200318-682 O21 - SSODL: RunOnceComponent - {3f618b7d-88ce-434f-a9df-94e5b5b9664d} - C:\WINDOWS\Installer\{3f618b7d-88ce-434f-a9df-94e5b5b9664d}\RunOnceComponent.dll (file missing)

backup-20080313-200319-108 O21 - SSODL: SrvSrv - {6af0836b-30b4-408e-b8db-96170e1d2c10} - C:\WINDOWS\Installer\{6af0836b-30b4-408e-b8db-96170e1d2c10}\SrvSrv.dll (file missing)

backup-20080313-200319-136 O21 - SSODL: KbdSrv - {4820378f-8969-4afb-9fac-27d91d8e9da4} - C:\WINDOWS\Installer\{4820378f-8969-4afb-9fac-27d91d8e9da4}\KbdSrv.dll (file missing)

backup-20080313-200319-141 O21 - SSODL: SrvService - {124fd330-43e4-4ee3-b87c-379b2b1d2d22} - C:\WINDOWS\Installer\{124fd330-43e4-4ee3-b87c-379b2b1d2d22}\SrvService.dll (file missing)

backup-20080313-200319-674 O21 - SSODL: CDRam - {59be1c11-5a11-4bc3-a12e-d7d11f658fc4} - C:\WINDOWS\Installer\{59be1c11-5a11-4bc3-a12e-d7d11f658fc4}\CDRam.dll (file missing)

backup-20080313-200319-929 O21 - SSODL: RunOnceAvp - {d17829ab-73c6-46d0-a64a-f9892ac61984} - C:\WINDOWS\Installer\{d17829ab-73c6-46d0-a64a-f9892ac61984}\RunOnceAvp.dll (file missing)

backup-20080313-212929-334 O4 - HKLM\..\Run: [bMef4f7638] Rundll32.exe "C:\WINDOWS\system32\nsgcpshj.dll",s

backup-20080313-213037-867 O4 - HKLM\..\Run: [bMef4f7638] Rundll32.exe "C:\WINDOWS\system32\nsgcpshj.dll",s

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 giveio - c:\windows\system32\giveio.sys

S3 SDTHOOK - c:\windows\system32\drivers\sdthook.sys <Not Verified; Panda Software; Panda® Antivirus>

S3 ST50220 (Sonix ST50220 USB Video Camera Driver) - c:\windows\system32\drivers\st50220.sys <Not Verified; Sonix; USB device driver>

S3 TVICHW32 - c:\windows\system32\drivers\tvichw32.sys <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64>

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S3 WLSetupSvc (Windows Live Setup Service) - "c:\program files\windows live\installer\wlsetupsvc.exe" <Not Verified; Microsoft Corporation; Windows Live installer>

-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Intel® PRO/Wireless 3945ABG Network Connection

Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_135C103C&REV_02\4&192AC53F&0&00E0

Manufacturer: Intel Corporation

Name: Intel® PRO/Wireless 3945ABG Network Connection

PNP Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_135C103C&REV_02\4&192AC53F&0&00E0

Service: NETw4x32

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Description:

Device ID: ACPI\HPQ0006\4&38462492&0

Manufacturer:

Name:

PNP Device ID: ACPI\HPQ0006\4&38462492&0

Service:

-- Scheduled Tasks -------------------------------------------------------------

2008-02-09 18:43:37 262 --a------ C:\WINDOWS\Tasks\Schijfopruiming.job

-- Files created between 2008-02-13 and 2008-03-13 -----------------------------

2008-03-13 21:20:27 0 d-------- C:\ComboFix(3)

2008-03-13 21:19:28 0 d-------- C:\ComboFix(2)

2008-03-13 21:18:21 0 d-------- C:\ComboFix(1)

2008-03-13 20:22:06 0 d-------- C:\WINDOWS\LastGood

2008-03-13 20:20:53 0 d--hs---- C:\Documents and Settings\kimsie\Onlangs geopend

2008-03-13 19:19:50 0 d-------- C:\VundoFix Backups

2008-03-13 17:22:44 0 d-------- C:\Program Files\Trend Micro

2008-03-13 17:14:48 0 d-------- C:\Program Files\Zamaan's Software

2008-03-13 17:06:47 0 d-------- C:\Program Files\InterMute

2008-03-13 16:59:53 0 d-------- C:\Documents and Settings\kimsie\Application Data\WinRAR

2008-03-13 16:53:31 0 d-------- C:\Program Files\Lavasoft

2008-03-13 16:52:44 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard

2008-03-13 14:17:47 0 d-------- C:\Documents and Settings\kimsie\.housecall6.6

2008-03-13 13:53:35 90176 -----n--- C:\WINDOWS\system32\nsgcpshj.dll

2008-03-13 13:52:50 183893 --ahs---- C:\WINDOWS\system32\rstwa.ini2

2008-03-13 13:49:29 0 d-------- C:\WINDOWS\BDOSCAN8

2008-03-13 12:08:41 44928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS <Not Verified; Panda Software; Panda® Antivirus>

2008-03-13 11:54:47 0 d-------- C:\WINDOWS\system32\ActiveScan

2008-03-13 11:27:18 0 d-------- C:\Documents and Settings\kimsie\Application Data\Grisoft

2008-03-12 18:30:16 0 d-------- C:\Documents and Settings\kimsie\Application Data\MiniDm

2008-03-12 18:14:52 0 d-------- C:\WINDOWS\system32\VIRepair

2008-03-12 18:04:59 0 d-------- C:\Documents and Settings\kimsie\Application Data\Styler

2008-03-12 18:00:40 0 d-------- C:\WINDOWS\system32\VITrans

2008-03-12 18:00:39 111104 --a------ C:\WINDOWS\system32\Uharc.exe

2008-03-12 18:00:39 19968 --a------ C:\WINDOWS\system32\reico.exe <Not Verified; Dead Knight; >

2008-03-12 18:00:39 94208 --a------ C:\WINDOWS\system32\pskill.exe <Not Verified; Sysinternals - Windows Sysinternals: Documentation, downloads and additional resources; Systems Internals pkill>

2008-03-12 18:00:39 8636 --a------ C:\WINDOWS\system32\modifype.exe

2008-03-12 18:00:39 0 d-------- C:\VTPFiles

2008-03-12 17:45:59 0 d-------- C:\Documents and Settings\kimsie\Application Data\IEPro

2008-03-12 17:45:46 0 d-------- C:\Program Files\IEPro

2008-03-12 15:36:59 57344 --a------ C:\WINDOWS\system32\ico.exe <Not Verified; Primax Electronics Ltd.; MouseSuite 98>

2008-03-12 15:22:22 0 d-------- C:\!KillBox

2008-03-12 14:36:30 0 d-------- C:\Program Files\Yahoo!

2008-03-12 14:24:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft

2008-03-12 14:18:43 196039 --ahs---- C:\WINDOWS\system32\jjkkj.ini2

2008-03-12 13:50:10 0 d-------- C:\Program Files\QuickPar

2008-03-12 12:35:25 0 d-------- C:\WINDOWS\Prefetch

2008-02-27 10:40:52 0 d-------- C:\Program Files\AdwareRemover2007

2008-02-27 10:25:53 0 d-------- C:\WINDOWS\setup.pss

2008-02-26 20:34:57 0 d-------- C:\28e1ecf19450976931

2008-02-26 18:49:08 0 d-------- C:\Program Files\SysCleaner

2008-02-26 18:41:29 0 d-------- C:\Documents and Settings\kimsie\Application Data\PrevxCSI

2008-02-26 18:36:07 169849 --ahs---- C:\WINDOWS\system32\klkkj.ini2

2008-02-26 13:39:19 165119 --ahs---- C:\WINDOWS\system32\opqss.ini2

2008-02-26 12:33:40 0 d-------- C:\WINDOWS\pss

2008-02-16 14:13:37 0 d-------- C:\Program Files\Google

2008-02-16 14:05:14 0 d-------- C:\Program Files\Tracker Software

2008-02-16 13:53:51 5688 --a------ C:\WINDOWS\system32\bassenc.dll <Not Verified; Un4seen Developments; >

2008-02-16 13:53:51 25688 --a------ C:\WINDOWS\system32\bass_fx.dll <Not Verified; (: JOBnik! [Arthur Aminov, ISRAEL]; >

2008-02-16 13:53:51 92216 --a------ C:\WINDOWS\system32\bass.dll <Not Verified; Un4seen Developments; >

2008-02-16 13:53:44 0 d-------- C:\Program Files\Audio4You

2008-02-16 13:33:59 167805 --ahs---- C:\WINDOWS\system32\qqtwa.ini2

2008-02-16 13:24:44 39936 -----n--- C:\WINDOWS\system32\mljkhgg.dll

2008-02-16 12:16:12 0 d-------- C:\Documents and Settings\All Users\Application Data\MediaMonkey

2008-02-16 11:46:38 0 d-------- C:\Documents and Settings\kimsie\Application Data\IdealSorter 2008

2008-02-16 11:41:09 8464 --a------ C:\WINDOWS\system32\sporder.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® 2000 Operating System>

2008-02-16 11:37:16 0 d-------- C:\Program Files\FBrowserAdvisor

2008-02-16 10:48:21 0 d-------- C:\Documents and Settings\kimsie\Application Data\MP3Toys

2008-02-16 10:48:18 0 d-------- C:\Program Files\Mass Mp3 Tagger v1.0

2008-02-16 10:44:49 0 d-------- C:\Program Files\MP3Toys

2008-02-16 08:46:29 0 d-------- C:\Documents and Settings\kimsie\WINDOWS

2008-02-16 07:34:09 0 d-------- C:\Documents and Settings\kimsie\Application Data\EFSoftware

2008-02-16 07:20:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Ten Thumbs Typing Tutor

2008-02-16 06:16:36 0 d-------- C:\Documents and Settings\kimsie\Application Data\Cloudeight

2008-02-16 06:09:25 0 d-------- C:\Program Files\ABF software

2008-02-16 05:48:38 0 d-------- C:\Documents and Settings\kimsie\Application Data\Enigma Browser

2008-02-16 05:33:54 0 d-------- C:\Documents and Settings\kimsie\Application Data\DAPE

2008-02-16 05:33:35 0 d-------- C:\Documents and Settings\kimsie\Application Data\Deepnet Explorer

2008-02-16 05:29:55 0 d-------- C:\Program Files\Deepnet Explorer

2008-02-16 05:21:33 0 d-------- C:\Documents and Settings\kimsie\Application Data\Morpheus Software

2008-02-16 05:21:28 0 d-------- C:\Program Files\Morpheus Photo Animation Suite

2008-02-16 04:55:12 0 d-------- C:\Program Files\Audio Catalog

2008-02-16 03:56:41 0 d-------- C:\Documents and Settings\All Users\Application Data\Go Go Gourmet

2008-02-16 03:45:57 0 d-------- C:\Documents and Settings\kimsie\Application Data\EstSoft

2008-02-16 03:45:40 0 d-------- C:\Program Files\ESTsoft

2008-02-16 03:15:26 0 d-------- C:\Documents and Settings\kimsie\Application Data\SlimBrowser

2008-02-16 02:57:59 0 d-------- C:\Documents and Settings\kimsie\Application Data\Lamantine

2008-02-16 02:51:40 0 d-------- C:\Program Files\Sticky Password

2008-02-16 01:44:14 0 d-------- C:\Documents and Settings\kimsie\Application Data\Zylom

2008-02-16 01:32:28 0 d-------- C:\Program Files\Zylom Games

2008-02-15 23:37:21 0 d-------- C:\Program Files\MediaMonkey

2008-02-15 23:32:22 0 d-------- C:\WINDOWS\speech

2008-02-15 23:32:19 0 d-------- C:\Program Files\Speech Workshop

2008-02-15 23:12:11 434688 --a------ C:\WINDOWS\system32\ss2uinst.exe <Not Verified; Virtualzone.de; SetupStream 2>

2008-02-15 23:12:09 0 d-------- C:\Program Files\Music Collection

2008-02-14 09:50:41 0 d-------- C:\Documents and Settings\kimsie\Application Data\Printer Info Cache

2008-02-14 09:50:16 0 d-------- C:\Program Files\Common Files\HP

-- Find3M Report ---------------------------------------------------------------

2008-03-13 19:47:28 475340 --a------ C:\WINDOWS\system32\perfh013.dat

2008-03-13 19:47:28 84704 --a------ C:\WINDOWS\system32\perfc013.dat

2008-03-13 16:52:44 0 d-------- C:\Program Files\Common Files

2008-03-13 15:56:58 0 d-------- C:\Documents and Settings\kimsie\Application Data\AVG7

2008-03-12 19:15:49 0 d-------- C:\Program Files\Windows NT

2008-03-12 19:15:43 0 d-------- C:\Program Files\Movie Maker

2008-03-12 19:15:43 0 d-------- C:\Program Files\Messenger

2008-03-12 15:28:40 0 d-------- C:\Program Files\Common Files\Nero

2008-03-12 15:04:24 0 d-------- C:\Program Files\eMule

2008-03-12 14:52:08 0 d-------- C:\Program Files\Paradise Pet Salon

2008-03-12 14:19:32 0 d-------- C:\Program Files\Common Files\Symantec Shared

2008-03-12 14:19:06 0 d-------- C:\Program Files\Symantec

2008-03-12 12:25:31 23484 --a------ C:\WINDOWS\system32\emptyregdb.dat

2008-02-26 18:33:39 0 d-------- C:\Program Files\Norton 360

2008-02-16 13:29:05 0 d-------- C:\Documents and Settings\kimsie\Application Data\LimeWire

2008-02-16 11:37:55 209 --a------ C:\Documents and Settings\kimsie\Application Data\urlredir.cfg

2008-02-16 09:10:28 0 d-------- C:\Program Files\Windows Live Toolbar

2008-02-16 08:24:29 0 d-------- C:\Documents and Settings\kimsie\Application Data\Symantec

2008-02-16 08:03:10 0 d-------- C:\Program Files\PlayFirst

2008-02-16 07:54:32 0 d-------- C:\Program Files\Common Files\Adobe

2008-02-16 03:56:07 0 d-------- C:\Documents and Settings\kimsie\Application Data\PlayFirst

2008-02-16 01:44:14 0 d-------- C:\Documents and Settings\kimsie\Application Data\Identities

2008-02-15 23:05:08 0 d-------- C:\Program Files\Zortam Mp3 Media Studio

2008-02-14 09:50:42 0 d-------- C:\Documents and Settings\kimsie\Application Data\Image Zone Express

2008-02-14 09:50:15 0 d-------- C:\Program Files\HP

2008-02-14 09:37:55 45352 --a------ C:\Documents and Settings\kimsie\Application Data\PatchUpdate_HP_CounterReport_Update_HPSU.log

2008-02-14 09:33:42 2057 --a------ C:\Documents and Settings\kimsie\Application Data\HPSU_48BitScanUpdate.log

2008-02-10 05:44:20 0 d-------- C:\Program Files\IconLibraryManager

2008-02-10 05:43:37 0 d-------- C:\Program Files\Icon Searcher

2008-02-10 04:05:06 0 d-------- C:\Program Files\ActivIcons

2008-02-10 03:50:32 0 d-------- C:\Documents and Settings\kimsie\Application Data\CursorArts

2008-02-10 02:57:12 113 --a------ C:\WINDOWS\system32\xmlpr0v32.dll

2008-02-09 21:09:45 0 d-------- C:\Program Files\Moderal Jukebox

2008-02-09 18:13:57 0 d-------- C:\Program Files\Gift Shop

2008-02-09 17:56:10 0 d-------- C:\Documents and Settings\kimsie\Application Data\Gamers Tower

2008-02-09 16:29:20 0 d-------- C:\Program Files\AV BOX

2008-02-09 15:56:42 0 d-------- C:\Program Files\vitolab

2008-02-09 13:36:24 366 --a------ C:\Documents and Settings\kimsie\Application Data\Hewlett-PackardHP PSC 1400 series1201474207_UI.log

2008-02-09 13:36:21 445 --a------ C:\Documents and Settings\kimsie\Application Data\Hewlett-PackardHP PSC 1400 series1201474207_PROTOCOL.log

2008-02-09 13:36:18 0 d-------- C:\Documents and Settings\kimsie\Application Data\HP

2008-02-09 13:36:18 0 --a------ C:\Documents and Settings\kimsie\Application Data\Hewlett-PackardHP PSC 1400 series1201474207_API.log

2008-02-09 11:49:01 0 d-------- C:\Program Files\Calnique

2008-02-09 11:18:16 0 d--h----- C:\Program Files\InstallShield Installation Information

2008-02-09 11:05:32 0 d-------- C:\Documents and Settings\kimsie\Application Data\Vitolab

2008-02-07 22:28:39 221541 --ahs---- C:\WINDOWS\system32\rqtss.ini2

2008-02-07 21:25:36 3456 --a------ C:\WINDOWS\unins000.dat

2008-02-07 21:24:23 691545 --a------ C:\WINDOWS\unins000.exe

2008-02-02 06:15:41 0 d-------- C:\Documents and Settings\kimsie\Application Data\Macromedia

2008-02-02 05:52:00 0 d-------- C:\Documents and Settings\kimsie\Application Data\Jane s Hotel

2008-02-02 05:44:48 0 d-------- C:\Documents and Settings\kimsie\Application Data\BigFish

2008-02-02 04:40:48 0 d-------- C:\Program Files\Gamenext

2008-02-02 04:36:09 0 d-------- C:\Program Files\GamesBar

2008-01-31 10:11:10 250025 --ahs---- C:\WINDOWS\system32\llnmp.ini2

2008-01-28 21:25:09 0 d-------- C:\Program Files\Windows Desktop Search

2008-01-28 07:15:34 0 d-------- C:\Program Files\X-Fonter

2008-01-28 07:12:42 0 d-------- C:\Program Files\FindThatFont!

2008-01-28 05:52:07 0 d-------- C:\Documents and Settings\kimsie\Application Data\mathijs.jurresip.nl

2008-01-28 04:05:49 0 d-------- C:\Program Files\OpenType Extension

2008-01-28 02:58:16 41139 --a------ C:\Documents and Settings\kimsie\Application Data\Update_HP_RedboxHprblog_HPSU.log

2008-01-28 02:58:08 139264 --a------ C:\WINDOWS\system32\hpzjrd01.dll <Not Verified; Hewlett Packard; Hewlett Packard Rediscovery Library>

2008-01-27 23:52:15 113345 --a------ C:\WINDOWS\hpoins07.dat

2008-01-27 23:47:45 0 d-------- C:\Program Files\Hewlett-Packard

2008-01-27 23:02:52 0 d-------- C:\Program Files\SuperCleaner

2008-01-27 21:09:58 0 d-------- C:\Program Files\Microsoft.NET

2008-01-27 20:02:43 0 d-------- C:\Program Files\Microsoft Works

2008-01-27 18:54:30 0 d-------- C:\Program Files\Spyware Terminator

2008-01-27 13:04:36 0 d-------- C:\Program Files\Enigma Software Group

2008-01-27 12:59:03 277873 --ahs---- C:\WINDOWS\system32\rrutv.ini2

2008-01-27 06:25:40 0 d-------- C:\Program Files\Games

2008-01-27 03:39:53 0 d-------- C:\Program Files\Windows Live

2008-01-26 23:57:36 0 d-------- C:\Program Files\ReflexiveArcade

2008-01-25 08:48:33 224865 --ahs---- C:\WINDOWS\system32\vvvwa.ini2

2008-01-20 08:33:08 0 d-------- C:\Program Files\Messenger Plus! Live

2008-01-13 17:14:27 286720 --a------ C:\WINDOWS\Setup1.exe <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Windows>

2008-01-13 17:14:24 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>

2008-01-13 12:39:41 71235 --a------ C:\WINDOWS\hpqins01.dat

2008-01-09 15:01:48 53248 --a------ C:\WINDOWS\bdoscandel.exe

2008-01-05 15:28:33 608 --a------ C:\WINDOWS\nsreg.dat

2008-01-05 15:28:33 335 --a------ C:\WINDOWS\mozregistry.dat

2008-01-05 15:28:31 9728 --a------ C:\WINDOWS\system32\rnaph.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Operating System>

2008-01-04 23:10:58 1158 --a------ C:\WINDOWS\mozver.dat

2008-01-03 21:32:50 664 --a------ C:\WINDOWS\system32\d3d9caps.dat

2008-01-03 21:32:22 552 --a------ C:\WINDOWS\system32\d3d8caps.dat

2007-12-28 18:31:56 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>

2007-12-28 16:29:43 62 --ahs---- C:\Documents and Settings\kimsie\Application Data\desktop.ini

2007-12-28 15:54:36 0 -rahs---- C:\MSDOS.SYS

2007-12-28 15:54:36 0 -rahs---- C:\IO.SYS

2007-12-28 15:54:36 0 --a------ C:\CONFIG.SYS

2007-12-28 15:54:36 0 --a------ C:\AUTOEXEC.BAT

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F}]

30/01/2008 16:31 1199104 --a------ C:\Program Files\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [14/09/2007 19:29]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [27/09/2006 17:10]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [27/09/2006 17:10]

"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [12/03/2008 14:24]

"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11/06/2007 10:25]

"BHR"="C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.5\BHR.exe" [20/07/2006 22:17]

"BMef4f7638"="C:\WINDOWS\system32\nsgcpshj.dll" [13/03/2008 13:53]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [31/12/2002 13:00]

"msnmsgr"="C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" [18/10/2007 11:34]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

"Wallpaper"=Å-‘|ð

"DisableTaskMgr"=1 (0x1)

"DisableRegistryTools"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"ForceActiveDesktopOn"=1 (0x1)

"NoActiveDesktop"=1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

"Authentication Packages"= msv1_0 C:\WINDOWS\system32\awtsr.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMef4f7638]

Rundll32.exe "C:\WINDOWS\system32\lygkmmel.dll",s

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]

"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]

CHDAudPropShortcut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

"C:\PROGRA~1\WINDOW~4\MESSEN~1\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

nwiz.exe /installquiet /nodetect

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"aawservice"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

"spa_start"=C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\sprt_ads.dll" DllStart

-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 Command - Keeping Software Free

127.0.0.1 032439.com

8025 more entries in hosts file.

-- End of Deckard's System Scanner: finished at 2008-03-13 22:03:39 ------------

kape · 13 maart 2008

De link gaat niet van de Comboscan en de hijack wil die bovenstaande file ook niet verwijderen

Staat een ander programma in het bericht i.p.v. Comboscan.

13 maart 2008

ik was even gaan googelen om comboscan toch te vinden vermits ik de melding kreeg dat de pagina niet kon geopend worden.

13 maart 2008

Ik heb nu de comboscan terug aangeklikt en het werkte. Ik heb hem van deze pc op een usb-stick gezet en hem zo op het bureaublad gezet en uitgevoerd op de pc waarvan de log komt. Moet ik terug een nieuwe log maken met die DSS?

kape · 14 maart 2008

Wacht nog eventjes met die Comboscan. Werk nog eerst volgende stappen even af.

Download SmitfraudFix.zip. Pak het uit naar je bureaublad.

Start je PC op in Veilige Modus, open de map SmitfraudFix en dubbelklik op Smitfraudfix.cmd.

Kies optie 2 (Clean) om alle besmette bestanden te laten verwijderen. Als er gevraagd wordt om het register op te kuisen, sta je dit toe.

Er wordt ook onderzocht of het bestandje wininet.dll besmet is. Indien dit het geval is, zal je de vraag krijgen om deze te vervangen. Type dan Y in achter de prompt en druk op Enter. De kans bestaat dat je PC herstart wordt in normale modus. Is dit niet het geval doe je dit handmatig zodat het zijn taak volledig kan uitvoeren.

Er zal een tekstbestandje openen met de resultaten van de fix. ( c:\rapport.txt). Sla dit op je bureaublad op.

Herstart de computer in normale modus..

Start Hijackthis op en kies voor 'Do a system scan only'. Selecteer alleen de items hieronder genoemd (indien nog aanwezig):

O4 - HKLM\..\Run: [bMef4f7638] Rundll32.exe "C:\WINDOWS\system32\nsgcpshj.dll",s

Klik op 'Fix checked' om de items te verwijderen.

Verwijder volgende vetgedrukte bestanden (indien nog aanwezig) :

C:\WINDOWS\system32\nsgcpshj.dll

C:\WINDOWS\system32\rstwa.ini2

C:\WINDOWS\system32\jjkkj.ini2

C:\WINDOWS\system32\klkkj.ini2

C:\WINDOWS\system32\opqss.ini2

C:\WINDOWS\system32\qqtwa.ini2

C:\WINDOWS\system32\mljkhgg.dll

C:\WINDOWS\system32\perfh013.dat

C:\WINDOWS\system32\perfc013.dat

C:\Documents and Settings\kimsie\Application Data\urlredir.cfg

C:\WINDOWS\system32\rqtss.ini2

C:\WINDOWS\system32\llnmp.ini2

C:\WINDOWS\system32\vvvwa.ini2

Ga via start -> uitvoeren -> typ daar regedit om in het register te komen. Zoek volgende sleutels op om te deleten. Maak eerst een backup van je register voor alle zekerheid.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F}]

"BMef4f7638"="C:\WINDOWS\system32\nsgcpshj.dll "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]

"Authentication Packages"= msv1_0 C:\WINDOWS\system32\awtsr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMef4f7638]

Rundll32.exe "C:\WINDOWS\system32\lygkmmel.dll",s

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-disabled]

"spa_start"=C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\sprt_ads.dll" DllStart

En hang dan het log van Smitfraud en een nieuw van HJT aan een volgend bericht.

14 maart 2008

Die comboscan die geeft de melding dat hij alleen werkt op OS Windows 2000 of Windows XP als ik die wil uitvoeren, dat had ik u reeds in een vorige post gemeld.

kape · 14 maart 2008

Die comboscan die geeft de melding dat hij alleen werkt op OS Windows 2000 of Windows XP als ik die wil uitvoeren, dat had ik u reeds in een vorige post gemeld.

Dat klopt niet helemaal. In je vorige melding ging het om Combofix en niet om Comboscan, een deel van een woordje verschil ... maar wel twee verschillende progjes.

Maar in mijn vorig bericht heb ik al een methode uitgelegd om het zonder één van beide te moeten doen. Hoewel ik het vreemd blijf vinden dat geen van de twee bij jou zou werken. Maar goed ... alles kan in de computerwereld.

14 maart 2008

Ik krijg die log van smitfraud niet gepost, het duurt uren en dan is het nog niet gelukt. Aan het register, daar geraak ik niet wijs uit, ik vind die regels allemaal niet, dus kan ik ze ook niet verwijderen. Alvast de hijack hieronder

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:33:10, on 14/03/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 4.5\BHR.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe