Ga naar inhoud

Aanbevolen berichten

  • Reacties 25
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Geplaatst:

Mag ik even inbreken : verwijder met HiJackThis ook nog alle 018-lijnen uit je logje voor je aan de volgende stap begint. Je PC worstelt met de Logitech Desktop Messenger ... en dat kan je beter meteen opruimen.

Geplaatst:

Het heeft even geduurd eer het logboek klaar was, maar hier is ie:

Malwarebytes' Anti-Malware 1.14

Database versie: 812

22:27:45 1/06/2008

mbam-log-6-1-2008 (22-26-59).txt

Scan type: Volledige Scan (C:\|D:\|G:\|L:\|)

Objecten gescand: 282534

Verstreken tijd: 1 hour(s), 52 minute(s), 22 second(s)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 30

Registerwaarden geïnfecteerd: 3

Registerdata bestanden geïnfecteerd: 0

Mappen geïnfecteerd: 17

Bestanden geïnfecteerd: 185

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:

HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videoegg (Adware.VideoEgg) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> No action taken.

HKEY_CURRENT_USER\Software\VideoEgg (Adware.VideoEgg) -> No action taken.

HKEY_CURRENT_USER\Software\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> No action taken.

HKEY_CLASSES_ROOT\WR (Malware.Trace) -> No action taken.

HKEY_CLASSES_ROOT\downloader.downloaderctrl.1 (Adware.2020search) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch (Adware.BookedSpace) -> No action taken.

Registerwaarden geïnfecteerd:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{d9e10580-fdb4-4754-a90a-49e973c5beb0} (Trojan.Vundo) -> No action taken.

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> No action taken.

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> No action taken.

Registerdata bestanden geïnfecteerd:

(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:

C:\Program Files\MyGlobalSearch (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyGlobalSearch\bar (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyGlobalSearch\bar\History (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyGlobalSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Data (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Loader (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Loader\4665 (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520 (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4665 (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\4665 (Adware.VideoEgg) -> No action taken.

Bestanden geïnfecteerd:

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\VideoEggBroker.exe.old (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Mijn documenten\VideoEggPublisher.exe (Malware.Tool) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP451\A0140664.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP453\A0141664.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP453\A0141667.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP454\A0142690.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP455\A0142721.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0143696.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0144706.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0144708.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0144709.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0145709.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0145714.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0145719.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0146751.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0146756.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP458\A0146922.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP458\A0147747.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP458\A0148747.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0150767.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0150788.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0150797.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0151788.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0151793.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0153792.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP463\A0159832.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP465\A0159926.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP467\A0160146.exe (Trojan.Downloader) -> No action taken.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP469\A0161254.exe (Trojan.Downloader) -> No action taken.

G:\Back-up 05-04-2008\VideoEggPublisher.exe (Malware.Tool) -> No action taken.

G:\Back-up Mijn documenten\VideoEggPublisher.exe (Malware.Tool) -> No action taken.

C:\Program Files\MyGlobalSearch\bar\History\search (Adware.MyWebSearch) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\DataLOCKED (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Data\report.log (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\avcodec.dll (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\crashRpt.dll (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\lame_enc.dll (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\libcurlve.dll (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\libpng.dll (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\zlib.dll (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> No action taken.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> No action taken.

Geplaatst:

Dat je met een flinke besmetting zit, zal je al wel opgevallen zijn. Begin eens met het volgende om al wat "opkuis" te houden.

Download Combofix en zet het op je Bureaublad.

Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link, want Combofix wordt dagelijks geupdate.

Start Hijackthis op en kies voor 'Do a system scan only'. Selecteer alleen de items hieronder genoemd:

O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /installquiet /keeploaded /nodetect

ALLE 018-lijnen

Klik op 'Fix checked' om de items te verwijderen.

Die Logitech Desktop Messenger werkt niet naar behoren op je PC. Zou deze zeker verwijderen als je deze niet echt gebruikt, omdat dit onnodig je systeem vertraagt. Er wordt immers gezocht naar updates voor je Logitech-producten, terwijl je dit perfect handmatig kan, zonder je systeem te vertragen.

Heb je onderstaande sites allemaal eigenhandig als “betrouwbaar” geregistreerd ? Zo ja, dan is alles OK. Zo neen, mag je deze ook nog fixen met HiJackThis.

O15 - Trusted Zone: Big Fish Games

O15 - Trusted Zone: Colruyt

O15 - Trusted Zone: Warner Bros. Online

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

C:\Documents and Settings\HP_Administrator\Mijn documenten\VideoEggPublisher.exe

G:\Back-up 05-04-2008\VideoEggPublisher.exe

G:\Back-up Mijn documenten\VideoEggPublisher.exe

Folder:

C:\Program Files\MyGlobalSearch

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.

Geplaatst:

ComboFix logboek

ComboFix 08-06-01.6 - HP_Administrator 2008-06-03 20:07:58.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.291 [GMT 2:00]

Gestart vanuit: C:\Documents and Settings\HP_Administrator\Bureaublad\ComboFix.exe

Command switches used :: C:\Documents and Settings\HP_Administrator\Bureaublad\CFScript.txt

* Nieuw herstelpunt werd aangemaakt

FILE ::

C:\Documents and Settings\HP_Administrator\Mijn documenten\VideoEggPublisher.exe

G:\Back-up 05-04-2008\VideoEggPublisher.exe

G:\Back-up Mijn documenten\VideoEggPublisher.exe

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML

C:\Documents and Settings\HP_Administrator\Mijn documenten\VideoEggPublisher.exe

C:\Documents and Settings\HP_Administrator\real.txt

C:\Documents and Settings\LogMeInRemoteUser\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML

C:\Program Files\myglobalsearch

C:\Program Files\myglobalsearch\bar\History\search

C:\WINDOWS\Downloaded Program Files\setup.inf

C:\WINDOWS\system32\_000005_.tmp.dll

C:\WINDOWS\system32\real.txt

D:\Autorun.inf

G:\Back-up 05-04-2008\VideoEggPublisher.exe

G:\Back-up Mijn documenten\VideoEggPublisher.exe

.

(((((((((((((((((((( Bestanden Gemaakt van 2008-05-03 to 2008-06-03 ))))))))))))))))))))))))))))))

.

2008-06-01 20:30 . 2008-06-01 20:30 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware

2008-06-01 20:30 . 2008-06-01 20:30 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\Malwarebytes

2008-06-01 20:30 . 2008-06-01 20:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-06-01 20:30 . 2008-05-30 01:06 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys

2008-06-01 20:30 . 2008-05-30 01:06 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys

2008-06-01 19:24 . 2008-06-01 19:24 <DIR> d-------- C:\Program Files\Trend Micro

2008-05-18 18:41 . 2008-05-19 18:55 <DIR> d-------- C:\Program Files\Weather Watcher Live

2008-05-18 18:41 . 2008-05-18 18:48 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\WeatherWatcherLive

2008-05-18 18:41 . 2008-05-18 18:41 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\WeatherWatcher

2008-05-17 18:01 . 2008-05-17 18:01 230 --a------ C:\config.xml

2008-05-17 17:34 . 2008-05-17 17:34 <DIR> d-------- C:\Program Files\Microsoft Research

2008-05-17 16:15 . 2008-05-17 16:15 <DIR> d-------- C:\Program Files\2BrightSparks

2008-05-12 19:26 . 2008-05-12 19:26 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\SpeedSim

2008-05-04 23:11 . 2008-05-04 23:11 <DIR> d-------- C:\Program Files\SubSync

2008-05-04 23:11 . 2008-05-04 23:11 249,856 --------- C:\WINDOWS\Setup1.exe

2008-05-04 23:11 . 2008-05-04 23:11 73,216 --a------ C:\WINDOWS\ST6UNST.EXE

2008-05-04 23:10 . 2008-05-04 23:10 <DIR> d-------- C:\Program Files\URUSoft

2008-05-04 13:16 . 2008-05-04 13:16 89,243 --a------ C:\Documents and Settings\HP_Administrator\tdmtyv.exe

2008-05-04 13:03 . 2008-05-04 13:03 89,243 --a------ C:\Documents and Settings\HP_Administrator\tdcqwp.exe

2008-05-04 12:58 . 2008-05-04 12:58 89,243 --a------ C:\Documents and Settings\HP_Administrator\jwsrzs.exe

2008-05-03 18:40 . 2008-05-03 18:40 1,220 --a------ C:\Documents and Settings\HP_Administrator\lshntu.exe

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-06-03 18:11 --------- d-----w C:\Program Files\Weather Watcher

2008-06-03 18:00 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\OpenOffice.org2

2008-06-03 17:17 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\Orbit

2008-06-02 19:10 --------- d-----w C:\Program Files\Eraser

2008-06-02 18:02 --------- d-----w C:\Program Files\Common Files\Symantec Shared

2008-06-01 08:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec

2008-05-31 17:49 --------- d-----w C:\Program Files\Opera

2008-05-31 14:23 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF

2008-05-31 14:23 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL

2008-05-31 14:23 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS

2008-05-31 14:23 10,671 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT

2008-05-31 14:23 --------- d-----w C:\Program Files\Symantec

2008-05-27 22:02 --------- d-----w C:\Program Files\OpenOffice.org 2.4

2008-05-27 22:01 --------- d-----w C:\Program Files\Java

2008-05-25 23:16 --------- d-----w C:\Program Files\ScreenshotCaptor

2008-05-22 07:49 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\TeraCopy

2008-05-20 20:54 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\.purple

2008-05-12 08:48 598 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\wklnhst.dat

2008-05-08 13:12 --------- d-----w C:\Program Files\TheWorld 2.0

2008-05-05 20:40 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\Skype

2008-05-05 18:14 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\skypePM

2008-05-02 14:15 89,243 ----a-w C:\Documents and Settings\HP_Administrator\zknhfm.exe

2008-05-02 14:10 89,243 ----a-w C:\Documents and Settings\HP_Administrator\wayqbm.exe

2008-05-02 14:08 89,243 ----a-w C:\Documents and Settings\HP_Administrator\sctvpk.exe

2008-05-02 13:48 89,243 ----a-w C:\Documents and Settings\HP_Administrator\ighaxu.exe

2008-05-02 07:18 --------- d-----w C:\Program Files\Common Files\Skype

2008-05-01 16:33 385,024 ----a-w C:\WINDOWS\system32\Uninstall Netlog Photo Tool.exe

2008-05-01 16:33 --------- d-----w C:\Program Files\Netlog

2008-05-01 16:11 --------- d-----w C:\Program Files\Netlog Music Tool

2008-05-01 08:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\TEMP

2008-05-01 07:05 --------- d-----w C:\Program Files\Pidgin

2008-04-29 17:04 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\beid-cache

2008-04-24 09:32 1,220 ----a-w C:\Documents and Settings\HP_Administrator\vjksji.exe

2008-04-24 09:32 1,220 ----a-w C:\Documents and Settings\HP_Administrator\sdvpur.exe

2008-04-24 09:32 1,220 ----a-w C:\Documents and Settings\HP_Administrator\koiuqg.exe

2008-04-24 09:32 1,220 ----a-w C:\Documents and Settings\HP_Administrator\ashjam.exe

2008-04-19 21:47 --------- d-----w C:\Program Files\Mystery Case Files - Ravenhearst

2008-04-14 20:54 --------- d-----w C:\Program Files\OpenOffice.org 2.3

2008-04-14 20:37 --------- d-----w C:\Program Files\Subdownloader

2008-04-14 20:26 --------- d-----w C:\Program Files\The Adventure Company

2008-04-10 15:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Trymedia

2008-04-10 15:37 --------- d-----w C:\Program Files\PowerISO

2008-04-10 15:15 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\uTorrent

2008-04-10 12:09 --------- d-----w C:\Program Files\BitLord

2008-04-09 21:55 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\EssentialPIM

2008-04-03 20:23 --------- d-----w C:\Program Files\ADJ Video Decoder

2008-04-03 20:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adjustables

2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll

2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\dllcache\mswstr10.dll

2008-03-25 04:51 183,072 ----a-w C:\WINDOWS\system32\msjint40.dll

2008-03-25 04:51 183,072 ----a-w C:\WINDOWS\system32\dllcache\msjint40.dll

2008-03-20 08:10 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys

2008-03-20 08:10 1,845,376 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys

2008-01-16 18:48 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat

2007-08-25 22:28 774,144 ----a-w C:\Program Files\RngInterstitial.dll

2006-11-08 19:43 69,632 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb4827.dat

2006-11-08 19:43 49 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb41.dat

2006-11-08 19:43 382 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb1942.dat

2006-11-08 19:43 151 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb9912.dat

2006-11-08 19:40 9,216 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb8467.dat

2006-11-08 19:40 0 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb6334.dat

2006-11-08 19:40 0 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb5436.dat

2006-11-08 19:40 0 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb2391.dat

2006-11-08 19:40 0 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb1869.dat

2006-10-30 19:49 22 --sha-w C:\WINDOWS\SMINST\HPCD.sys

2007-06-13 13:24 89,243 --sh--r C:\WINDOWS\system32\ccjkhfzf.exe

2007-06-13 13:24 89,243 --sh--r C:\WINDOWS\system32\ojpxjusu.exe

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Magentic"="C:\PROGRA~1\Magentic\bin\Magentic.exe" [2008-01-17 20:55 475180]

"Eraser"="C:\Program Files\Eraser\eraser.exe" [2006-08-07 23:07 634880]

"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [2007-01-14 21:01 503808]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-02 06:00 15360]

"SSS6_SPM"="C:\Program Files\Steganos Security Suite 6\spm.exe" [ ]

"WeatherWatcher"="C:\Program Files\Weather Watcher\ww.exe" [2007-05-12 10:23 1036288]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 20:04 139264]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-16 22:00 68856]

"HDDHealth"="C:\Program Files\HDD Health\hddhealth.exe" [2008-02-01 16:11 1607168]

"Copernic Desktop Search 2"="C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" [2008-02-13 21:39 1583624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTDVDDET"="C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 01:00 45056]

"CTHelper"="CTHELPER.EXE" [2005-11-08 22:30 16384 C:\WINDOWS\CTHELPER.EXE]

"CTxfiHlp"="CTXFIHLP.EXE" [2005-11-08 22:30 18944 C:\WINDOWS\system32\CTXFIHLP.EXE]

"DMAScheduler"="c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe" [2006-03-20 02:05 90112]

"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-17 22:40 64512]

"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 15:34 249856]

"HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 01:35 49152]

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-10-12 12:30 139264]

"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 16:44 61440]

"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-03-10 14:01 28160 C:\WINDOWS\KHALMNPR.Exe]

"NvCplDaemon"="RUNDLL32.exe" [2004-09-02 06:00 33792 C:\WINDOWS\system32\rundll32.exe]

"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 15:14 237568]

"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]

"VolPanel"="C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-10-14 11:01 122880]

"Belgacom"="C:\Program Files\Belgacom\bin\sprtcmd.exe" [2006-06-22 10:34 192512]

"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-16 02:37 57344]

"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-04-29 10:35 185896]

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41 282624]

"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]

"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-03-14 20:10 116328]

"TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" [2007-03-14 16:52 3770024]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]

"beidsystemtray"="C:\Program Files\Belgium Identity Card\beidsystemtray.exe" [2007-02-19 16:15 188416]

"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 18:38 583048]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"SSS6_Suite"="C:\Program Files\Steganos Security Suite 6\sss.exe" [ ]

"SSS6_SAFE"="C:\Program Files\Steganos Security Suite 6\safe.exe" [ ]

"SSS6_SPM"="C:\Program Files\Steganos Security Suite 6\spm.exe" [ ]

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [ ]

C:\Documents and Settings\LogMeInRemoteUser\Menu Start\Programma's\Opstarten\

Pin.lnk - C:\hp\bin\CLOAKER.EXE [2006-06-21 11:21:28 27136]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\

Bitmeter2.lnk - C:\Program Files\Codebox\BitMeter\BitMeter2.exe [2006-09-02 09:40:12 1392640]

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 05:21:22 288472]

Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2006-09-28 20:28:13 438272]

M8Clips.lnk - C:\Program Files\ClipM8\ClipM8.exe [2006-10-07 20:07:05 1041408]

Orbit.lnk - C:\Program Files\Orbitdownloader\orbitdm.exe [2006-12-24 20:09:54 1674432]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.ACDV"= ACDV.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=

"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=

"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=

"C:\\Program Files\\Magentic\\bin\\MgImp.exe"=

"C:\\Program Files\\Magentic\\bin\\Magentic.exe"=

"C:\\Program Files\\Magentic\\bin\\MgApp.exe"=

"C:\\Program Files\\Messenger\\msmsgs.exe"=

"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=

"C:\\Program Files\\Microsoft Office\\OFFICE11\\FRONTPG.EXE"=

"C:\\Program Files\\LimeWire\\LimeWire.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"C:\\Program Files\\Adobe\\Photoshop Elements 4.0\\AdobePhotoshopElementsMediaServer.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Program Files\\Sitecom\\IVT BlueSoleil\\BlueSoleil.exe"=

"C:\\Program Files\\uTorrent\\uTorrent.exe"=

"C:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=

"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 nltdi;nltdi;C:\WINDOWS\system32\drivers\nltdi.sys [2007-04-23 18:08]

R2 eID CRL Service;eID CRL Service;C:\WINDOWS\system32\beidservicecrl.exe [2007-02-19 16:16]

R2 mp3m2pls;mp3m2pls;C:\WINDOWS\system32\drivers\mp3m2pls.sys [2003-12-06 23:50]

R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-02-14 21:07]

R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-01-17 18:21]

R3 WN5301;LIteon Wireless PCI Network Adapter Service;C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 12:44]

S3 ACSSCR;ACR38 Smart Card Reader;C:\WINDOWS\system32\DRIVERS\a38usb.sys [2006-03-24 20:14]

S3 eID Privacy Service;eID Privacy Service;C:\WINDOWS\system32\beidservicepcsc.exe [2007-02-19 16:16]

S3 UWProSys;Process monitor.;C:\Program Files\CyberDefender\AntiSpyware\uwprosys.sys []

S4 GbFsMf;GbFsMf;C:\WINDOWS\system32\DRIVERS\GbFsMf.sys []

*Newly Created Service* - CATCHME

*Newly Created Service* - COMHOST

.

Inhoud van de 'Gedeelde Taken' map

"2008-06-03 18:00:00 C:\WINDOWS\Tasks\B37B24879380A0F3.job"

- c:\docume~1\hp_adm~1\applic~1\knobst~1\Ooze save file.exe

"2008-06-03 17:34:01 C:\WINDOWS\Tasks\Controleren op updates voor Windows Live Toolbar.job"

- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-06-03 20:15:32

Windows 5.1.2600 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

Voltooingstijd: 2008-06-03 20:25:58

ComboFix-quarantined-files.txt 2008-06-03 18:25:24

Pre-Run: 180,023,324,672 bytes beschikbaar

Post-Run: 180,095,594,496 bytes beschikbaar

255 --- E O F --- 2008-05-28 17:01:52

-------------------------- --------------------------

HijackThis Log:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:29:01, on 3/06/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\system32\beidservicecrl.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe

C:\Program Files\NetLimiter 2 Monitor\NLClient.exe

C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE

C:\WINDOWS\CTHELPER.EXE

C:\WINDOWS\system32\CTXFIHLP.EXE

C:\WINDOWS\SYSTEM32\CTXFISPI.EXE

C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

C:\HP\KBD\KBD.EXE

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe

c:\windows\system\hpsysdrv.exe

C:\Program Files\Belgacom\bin\sprtcmd.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\TomTom HOME\TomTomHOME.exe

C:\Program Files\Belgium Identity Card\beidsystemtray.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files\Eraser\eraser.exe

C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe

C:\Program Files\Weather Watcher\ww.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\PROGRA~1\Magentic\bin\MgApp.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\HDD Health\hddhealth.exe

C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe

C:\Program Files\Codebox\BitMeter\BitMeter2.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\ClipM8\ClipM8.exe

C:\Program Files\Orbitdownloader\orbitdm.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\PROGRA~1\INCRED~1\bin\IMApp.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\notepad.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Zoeken - zoeken op het web

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN !

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 69.64.93.106:80

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O3 - Toolbar: Copernic Desktop Search 2 - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand203000013.dll

O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run

O4 - HKLM\..\Run: [HPHUPD08] "c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe"

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r

O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [beidsystemtray] C:\Program Files\Belgium Identity Card\beidsystemtray.exe

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKCU\..\Run: [Magentic] "C:\PROGRA~1\Magentic\bin\Magentic.exe" /c

O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide

O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [sSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting

O4 - HKCU\..\Run: [WeatherWatcher] C:\Program Files\Weather Watcher\ww.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [HDDHealth] C:\Program Files\HDD Health\hddhealth.exe -wl

O4 - HKCU\..\Run: [Copernic Desktop Search 2] "C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" /tray

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-19\..\Run: [sSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'Lokale service')

O4 - HKUS\S-1-5-19\..\Run: [sSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting (User 'Lokale service')

O4 - HKUS\S-1-5-19\..\Run: [sSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [sSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [sSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'Default user')

O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: OpenOffice.org 2.2 .lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')

O4 - .DEFAULT Startup: OpenOffice.org 2.2 .lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe (User 'Default user')

O4 - .DEFAULT Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (User 'Default user')

O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: OpenOffice.org 2.2 .lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe

O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

O4 - Global Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O4 - Global Startup: M8Clips.lnk = C:\Program Files\ClipM8\ClipM8.exe

O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe

O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: Send Using &Gmail - C:\Program Files\SnipIT\SnipIT\sendusinggmail.htm

O8 - Extra context menu item: Send Using &Hotmail - C:\Program Files\SnipIT\SnipIT\sendusinghotmail.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: IE Screenshot - {84A11D82-2732-40ed-BF71-80F1FAF3807F} - C:\PROGRA~1\BROWSE~1\IESCRE~1\IESCRE~1.DLL (HKCU)

O9 - Extra 'Tools' menuitem: Make a Screenshot - {84A11D82-2732-40ed-BF71-80F1FAF3807F} - C:\PROGRA~1\BROWSE~1\IESCRE~1\IESCRE~1.DLL (HKCU)

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O15 - Trusted Zone: Big Fish Games | A New Free Game Download Every Day

O15 - Trusted Zone: Colruyt

O15 - Trusted Zone: Warner Bros. Online

O16 - DPF: {2FDEACE3-43F7-4E3C-B4A6-094DAAA343DC} (CFreeDigital) - https://secured.payvisionservices.com/frs/Freedigital/FreeDigital.ocx

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec.com/techsupp/activedata/nprdtinf.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab

O16 - DPF: {ABB660B6-6694-407B-950A-EDBA5A159722} (DVC Download Control) - http://www.shockwave.com/content/davincicode/sis/DVC%20Download%20Control.cab

O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab

O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: eID CRL Service - Zetes - C:\WINDOWS\system32\beidservicecrl.exe

O23 - Service: eID Privacy Service - Zetes - C:\WINDOWS\system32\beidservicepcsc.exe

O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE

O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--

End of file - 19016 bytes

Geplaatst:

Start Hijackthis op en kies voor 'Do a system scan only'. Selecteer alleen de items hieronder genoemd:

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)

O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

Klik op 'Fix checked' om de items te verwijderen.

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

C:\Documents and Settings\HP_Administrator\tdmtyv.exe

C:\Documents and Settings\HP_Administrator\tdcqwp.exe

C:\Documents and Settings\HP_Administrator\jwsrzs.exe

C:\Documents and Settings\HP_Administrator\lshntu.exe

C:\Documents and Settings\HP_Administrator\zknhfm.exe

C:\Documents and Settings\HP_Administrator\wayqbm.exe

C:\Documents and Settings\HP_Administrator\sctvpk.exe

C:\Documents and Settings\HP_Administrator\ighaxu.exe

C:\Documents and Settings\HP_Administrator\vjksji.exe

C:\Documents and Settings\HP_Administrator\sdvpur.exe

C:\Documents and Settings\HP_Administrator\koiuqg.exe

C:\Documents and Settings\HP_Administrator\ashjam.exe

C:\WINDOWS\system32\ccjkhfzf.exe

C:\WINDOWS\system32\ojpxjusu.exe

C:\WINDOWS\Tasks\B37B24879380A0F3.job

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Laat dan opnieuw MBAM even runnen.

Post tenslotte de inhoud van de Combofix.txt, van MBAM en een nieuw logje van HijackThis in je volgende bericht.

Geplaatst:

ComboFix log:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:28:29, on 5/06/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\system32\beidservicecrl.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\NetLimiter 2 Monitor\NLClient.exe

C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE

C:\WINDOWS\CTHELPER.EXE

C:\WINDOWS\system32\CTXFIHLP.EXE

C:\WINDOWS\SYSTEM32\CTXFISPI.EXE

C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

C:\HP\KBD\KBD.EXE

c:\windows\system\hpsysdrv.exe

C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Belgacom\bin\sprtcmd.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\TomTom HOME\TomTomHOME.exe

C:\Program Files\Belgium Identity Card\beidsystemtray.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files\Eraser\eraser.exe

C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe

C:\Program Files\Weather Watcher\ww.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\PROGRA~1\Magentic\bin\MgApp.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\HDD Health\hddhealth.exe

C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe

C:\Program Files\Codebox\BitMeter\BitMeter2.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\ClipM8\ClipM8.exe

C:\Program Files\Orbitdownloader\orbitdm.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Zoeken - zoeken op het web

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN !

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 69.64.93.106:80

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Copernic Desktop Search 2 - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand203000013.dll

O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run

O4 - HKLM\..\Run: [HPHUPD08] "c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe"

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r

O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [beidsystemtray] C:\Program Files\Belgium Identity Card\beidsystemtray.exe

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKCU\..\Run: [Magentic] "C:\PROGRA~1\Magentic\bin\Magentic.exe" /c

O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide

O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [sSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting

O4 - HKCU\..\Run: [WeatherWatcher] C:\Program Files\Weather Watcher\ww.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [HDDHealth] C:\Program Files\HDD Health\hddhealth.exe -wl

O4 - HKCU\..\Run: [Copernic Desktop Search 2] "C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" /tray

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-19\..\Run: [sSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'Lokale service')

O4 - HKUS\S-1-5-19\..\Run: [sSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting (User 'Lokale service')

O4 - HKUS\S-1-5-19\..\Run: [sSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [sSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [sSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'Default user')

O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: OpenOffice.org 2.2 .lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')

O4 - .DEFAULT Startup: OpenOffice.org 2.2 .lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe (User 'Default user')

O4 - .DEFAULT Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (User 'Default user')

O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: OpenOffice.org 2.2 .lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe

O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

O4 - Global Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O4 - Global Startup: M8Clips.lnk = C:\Program Files\ClipM8\ClipM8.exe

O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe

O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: Send Using &Gmail - C:\Program Files\SnipIT\SnipIT\sendusinggmail.htm

O8 - Extra context menu item: Send Using &Hotmail - C:\Program Files\SnipIT\SnipIT\sendusinghotmail.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: IE Screenshot - {84A11D82-2732-40ed-BF71-80F1FAF3807F} - C:\PROGRA~1\BROWSE~1\IESCRE~1\IESCRE~1.DLL (HKCU)

O9 - Extra 'Tools' menuitem: Make a Screenshot - {84A11D82-2732-40ed-BF71-80F1FAF3807F} - C:\PROGRA~1\BROWSE~1\IESCRE~1\IESCRE~1.DLL (HKCU)

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O15 - Trusted Zone: Big Fish Games | A New Free Game Download Every Day

O15 - Trusted Zone: Colruyt

O15 - Trusted Zone: Warner Bros. Online

O16 - DPF: {2FDEACE3-43F7-4E3C-B4A6-094DAAA343DC} (CFreeDigital) - https://secured.payvisionservices.com/frs/Freedigital/FreeDigital.ocx

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec.com/techsupp/activedata/nprdtinf.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab

O16 - DPF: {ABB660B6-6694-407B-950A-EDBA5A159722} (DVC Download Control) - http://www.shockwave.com/content/davincicode/sis/DVC%20Download%20Control.cab

O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab

O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: eID CRL Service - Zetes - C:\WINDOWS\system32\beidservicecrl.exe

O23 - Service: eID Privacy Service - Zetes - C:\WINDOWS\system32\beidservicepcsc.exe

O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE

O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--

End of file - 18747 bytes

MBAM log, je zal nog vele zaken herkennen van vorige log door stomme fout sloot ik het programma en niet het logje.

Malwarebytes' Anti-Malware 1.14

Database versie: 826

9:07:36 5/06/2008

mbam-log-6-5-2008 (09-07-36).txt

Scan type: Volledige Scan (C:\|D:\|G:\|L:\|)

Objecten gescand: 276420

Verstreken tijd: 1 hour(s), 48 minute(s), 41 second(s)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 29

Registerwaarden geïnfecteerd: 2

Registerdata bestanden geïnfecteerd: 0

Mappen geïnfecteerd: 13

Bestanden geïnfecteerd: 187

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:

HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videoegg (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\downloader.downloaderctrl.1 (Adware.2020search) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch (Adware.BookedSpace) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.

Registerdata bestanden geïnfecteerd:

(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg (Adware.VideoEgg) -> Delete on reboot.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Data (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Loader (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Loader\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520 (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.

Bestanden geïnfecteerd:

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\VideoEggBroker.exe.old (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Program Files\Real Alternative\realmedia_browser_plugin.exe (Rogue.Installer) -> Quarantined and deleted successfully.

C:\QooBox\Quarantine\C\Documents and Settings\HP_Administrator\Mijn documenten\VideoEggPublisher.exe.vir (Malware.Tool) -> Quarantined and deleted successfully.

C:\QooBox\Quarantine\G\Back-up 05-04-2008\VideoEggPublisher.exe.vir (Malware.Tool) -> Quarantined and deleted successfully.

C:\QooBox\Quarantine\G\Back-up Mijn documenten\VideoEggPublisher.exe.vir (Malware.Tool) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP451\A0140664.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP453\A0141664.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP453\A0141667.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP454\A0142690.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP455\A0142721.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0143696.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0144706.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0144708.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0144709.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0145709.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0145714.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0145719.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0146751.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0146756.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP458\A0146922.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP458\A0147747.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP458\A0148747.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0150767.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0150788.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0150797.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0151788.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0151793.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0153792.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP463\A0159832.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP465\A0159926.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP467\A0160146.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP469\A0161254.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

G:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP496\A0176512.exe (Malware.Tool) -> Quarantined and deleted successfully.

G:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP496\A0176513.exe (Malware.Tool) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\DataLOCKED (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Data\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

HijackThis Logje:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:28:29, on 5/06/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\system32\beidservicecrl.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\NetLimiter 2 Monitor\NLClient.exe

C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE

C:\WINDOWS\CTHELPER.EXE

C:\WINDOWS\system32\CTXFIHLP.EXE

C:\WINDOWS\SYSTEM32\CTXFISPI.EXE

C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

C:\HP\KBD\KBD.EXE

c:\windows\system\hpsysdrv.exe

C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Belgacom\bin\sprtcmd.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\TomTom HOME\TomTomHOME.exe

C:\Program Files\Belgium Identity Card\beidsystemtray.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files\Eraser\eraser.exe

C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe

C:\Program Files\Weather Watcher\ww.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\PROGRA~1\Magentic\bin\MgApp.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\HDD Health\hddhealth.exe

C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe

C:\Program Files\Codebox\BitMeter\BitMeter2.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\ClipM8\ClipM8.exe

C:\Program Files\Orbitdownloader\orbitdm.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Zoeken - zoeken op het web

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN !

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 69.64.93.106:80

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Copernic Desktop Search 2 - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand203000013.dll

O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run

O4 - HKLM\..\Run: [HPHUPD08] "c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe"

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r

O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [beidsystemtray] C:\Program Files\Belgium Identity Card\beidsystemtray.exe

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKCU\..\Run: [Magentic] "C:\PROGRA~1\Magentic\bin\Magentic.exe" /c

O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide

O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [sSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting

O4 - HKCU\..\Run: [WeatherWatcher] C:\Program Files\Weather Watcher\ww.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [HDDHealth] C:\Program Files\HDD Health\hddhealth.exe -wl

O4 - HKCU\..\Run: [Copernic Desktop Search 2] "C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" /tray

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-19\..\Run: [sSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'Lokale service')

O4 - HKUS\S-1-5-19\..\Run: [sSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting (User 'Lokale service')

O4 - HKUS\S-1-5-19\..\Run: [sSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [sSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [sSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'Default user')

O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: OpenOffice.org 2.2 .lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')

O4 - .DEFAULT Startup: OpenOffice.org 2.2 .lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe (User 'Default user')

O4 - .DEFAULT Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (User 'Default user')

O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: OpenOffice.org 2.2 .lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe

O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

O4 - Global Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O4 - Global Startup: M8Clips.lnk = C:\Program Files\ClipM8\ClipM8.exe

O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe

O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: Send Using &Gmail - C:\Program Files\SnipIT\SnipIT\sendusinggmail.htm

O8 - Extra context menu item: Send Using &Hotmail - C:\Program Files\SnipIT\SnipIT\sendusinghotmail.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: IE Screenshot - {84A11D82-2732-40ed-BF71-80F1FAF3807F} - C:\PROGRA~1\BROWSE~1\IESCRE~1\IESCRE~1.DLL (HKCU)

O9 - Extra 'Tools' menuitem: Make a Screenshot - {84A11D82-2732-40ed-BF71-80F1FAF3807F} - C:\PROGRA~1\BROWSE~1\IESCRE~1\IESCRE~1.DLL (HKCU)

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O15 - Trusted Zone: Big Fish Games | A New Free Game Download Every Day

O15 - Trusted Zone: Colruyt

O15 - Trusted Zone: Warner Bros. Online

O16 - DPF: {2FDEACE3-43F7-4E3C-B4A6-094DAAA343DC} (CFreeDigital) - https://secured.payvisionservices.com/frs/Freedigital/FreeDigital.ocx

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec.com/techsupp/activedata/nprdtinf.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab

O16 - DPF: {ABB660B6-6694-407B-950A-EDBA5A159722} (DVC Download Control) - http://www.shockwave.com/content/davincicode/sis/DVC%20Download%20Control.cab

O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab

O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: eID CRL Service - Zetes - C:\WINDOWS\system32\beidservicecrl.exe

O23 - Service: eID Privacy Service - Zetes - C:\WINDOWS\system32\beidservicepcsc.exe

O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE

O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--

End of file - 18747 bytes

Geplaatst:

ComboFix logje

ComboFix 08-06-01.6 - HP_Administrator 2008-06-04 19:37:44.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.362 [GMT 2:00]

Gestart vanuit: C:\Documents and Settings\HP_Administrator\Bureaublad\ComboFix.exe

Command switches used :: C:\Documents and Settings\HP_Administrator\Bureaublad\CFScript.txt

* Nieuw herstelpunt werd aangemaakt

FILE ::

C:\Documents and Settings\HP_Administrator\ashjam.exe

C:\Documents and Settings\HP_Administrator\ighaxu.exe

C:\Documents and Settings\HP_Administrator\jwsrzs.exe

C:\Documents and Settings\HP_Administrator\koiuqg.exe

C:\Documents and Settings\HP_Administrator\lshntu.exe

C:\Documents and Settings\HP_Administrator\sctvpk.exe

C:\Documents and Settings\HP_Administrator\sdvpur.exe

C:\Documents and Settings\HP_Administrator\tdcqwp.exe

C:\Documents and Settings\HP_Administrator\tdmtyv.exe

C:\Documents and Settings\HP_Administrator\vjksji.exe

C:\Documents and Settings\HP_Administrator\wayqbm.exe

C:\Documents and Settings\HP_Administrator\zknhfm.exe

C:\WINDOWS\system32\ccjkhfzf.exe

C:\WINDOWS\system32\ojpxjusu.exe

C:\WINDOWS\Tasks\B37B24879380A0F3.job

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\HP_Administrator\ashjam.exe

C:\Documents and Settings\HP_Administrator\ighaxu.exe

C:\Documents and Settings\HP_Administrator\jwsrzs.exe

C:\Documents and Settings\HP_Administrator\koiuqg.exe

C:\Documents and Settings\HP_Administrator\lshntu.exe

C:\Documents and Settings\HP_Administrator\sctvpk.exe

C:\Documents and Settings\HP_Administrator\sdvpur.exe

C:\Documents and Settings\HP_Administrator\tdcqwp.exe

C:\Documents and Settings\HP_Administrator\tdmtyv.exe

C:\Documents and Settings\HP_Administrator\vjksji.exe

C:\Documents and Settings\HP_Administrator\wayqbm.exe

C:\Documents and Settings\HP_Administrator\zknhfm.exe

C:\WINDOWS\system32\ccjkhfzf.exe

C:\WINDOWS\system32\ojpxjusu.exe

C:\WINDOWS\Tasks\B37B24879380A0F3.job

.

(((((((((((((((((((( Bestanden Gemaakt van 2008-05-04 to 2008-06-04 ))))))))))))))))))))))))))))))

.

2008-06-01 20:30 . 2008-06-01 20:30 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware

2008-06-01 20:30 . 2008-06-01 20:30 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\Malwarebytes

2008-06-01 20:30 . 2008-06-01 20:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-06-01 20:30 . 2008-05-30 01:06 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys

2008-06-01 20:30 . 2008-05-30 01:06 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys

2008-06-01 19:24 . 2008-06-01 19:24 <DIR> d-------- C:\Program Files\Trend Micro

2008-05-18 18:41 . 2008-05-19 18:55 <DIR> d-------- C:\Program Files\Weather Watcher Live

2008-05-18 18:41 . 2008-05-18 18:48 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\WeatherWatcherLive

2008-05-18 18:41 . 2008-05-18 18:41 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\WeatherWatcher

2008-05-17 18:01 . 2008-05-17 18:01 230 --a------ C:\config.xml

2008-05-17 17:34 . 2008-05-17 17:34 <DIR> d-------- C:\Program Files\Microsoft Research

2008-05-17 16:15 . 2008-05-17 16:15 <DIR> d-------- C:\Program Files\2BrightSparks

2008-05-12 19:26 . 2008-05-12 19:26 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\SpeedSim

2008-05-04 23:11 . 2008-05-04 23:11 <DIR> d-------- C:\Program Files\SubSync

2008-05-04 23:11 . 2008-05-04 23:11 249,856 --------- C:\WINDOWS\Setup1.exe

2008-05-04 23:11 . 2008-05-04 23:11 73,216 --a------ C:\WINDOWS\ST6UNST.EXE

2008-05-04 23:10 . 2008-05-04 23:10 <DIR> d-------- C:\Program Files\URUSoft

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-06-04 17:44 --------- d-----w C:\Program Files\Weather Watcher

2008-06-04 17:31 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\OpenOffice.org2

2008-06-04 17:15 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\Orbit

2008-06-03 21:13 --------- d-----w C:\Program Files\Eraser

2008-06-02 18:02 --------- d-----w C:\Program Files\Common Files\Symantec Shared

2008-06-01 08:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec

2008-05-31 17:49 --------- d-----w C:\Program Files\Opera

2008-05-31 14:23 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF

2008-05-31 14:23 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL

2008-05-31 14:23 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS

2008-05-31 14:23 10,671 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT

2008-05-31 14:23 --------- d-----w C:\Program Files\Symantec

2008-05-27 22:02 --------- d-----w C:\Program Files\OpenOffice.org 2.4

2008-05-27 22:01 --------- d-----w C:\Program Files\Java

2008-05-25 23:16 --------- d-----w C:\Program Files\ScreenshotCaptor

2008-05-22 07:49 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\TeraCopy

2008-05-20 20:54 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\.purple

2008-05-12 08:48 598 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\wklnhst.dat

2008-05-08 13:12 --------- d-----w C:\Program Files\TheWorld 2.0

2008-05-05 20:40 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\Skype

2008-05-05 18:14 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\skypePM

2008-05-02 07:18 --------- d-----w C:\Program Files\Common Files\Skype

2008-05-01 16:33 385,024 ----a-w C:\WINDOWS\system32\Uninstall Netlog Photo Tool.exe

2008-05-01 16:33 --------- d-----w C:\Program Files\Netlog

2008-05-01 16:11 --------- d-----w C:\Program Files\Netlog Music Tool

2008-05-01 08:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\TEMP

2008-05-01 07:05 --------- d-----w C:\Program Files\Pidgin

2008-04-29 17:04 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\beid-cache

2008-04-19 21:47 --------- d-----w C:\Program Files\Mystery Case Files - Ravenhearst

2008-04-14 20:54 --------- d-----w C:\Program Files\OpenOffice.org 2.3

2008-04-14 20:37 --------- d-----w C:\Program Files\Subdownloader

2008-04-14 20:26 --------- d-----w C:\Program Files\The Adventure Company

2008-04-10 15:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Trymedia

2008-04-10 15:37 --------- d-----w C:\Program Files\PowerISO

2008-04-10 15:15 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\uTorrent

2008-04-10 12:09 --------- d-----w C:\Program Files\BitLord

2008-04-09 21:55 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\EssentialPIM

2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll

2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\dllcache\mswstr10.dll

2008-03-25 04:51 183,072 ----a-w C:\WINDOWS\system32\msjint40.dll

2008-03-25 04:51 183,072 ----a-w C:\WINDOWS\system32\dllcache\msjint40.dll

2008-03-20 08:10 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys

2008-03-20 08:10 1,845,376 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys

2008-01-16 18:48 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat

2007-08-25 22:28 774,144 ----a-w C:\Program Files\RngInterstitial.dll

2006-11-08 19:43 69,632 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb4827.dat

2006-11-08 19:43 49 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb41.dat

2006-11-08 19:43 382 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb1942.dat

2006-11-08 19:43 151 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb9912.dat

2006-11-08 19:40 9,216 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb8467.dat

2006-11-08 19:40 0 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb6334.dat

2006-11-08 19:40 0 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb5436.dat

2006-11-08 19:40 0 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb2391.dat

2006-11-08 19:40 0 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb1869.dat

2006-10-30 19:49 22 --sha-w C:\WINDOWS\SMINST\HPCD.sys

.

((((((((((((((((((((((((((((( snapshot@2008-06-03_20.24.52,07 )))))))))))))))))))))))))))))))))))))))))

.

- 2008-06-03 17:01:51 2,048 --s-a-w C:\WINDOWS\bootstat.dat

+ 2008-06-04 17:00:27 2,048 --s-a-w C:\WINDOWS\bootstat.dat

- 2008-06-03 17:04:04 16,384 --sha-w C:\WINDOWS\Temp\Cookies\index.dat

+ 2008-06-04 17:01:36 16,384 --sha-w C:\WINDOWS\Temp\Cookies\index.dat

- 2008-06-03 17:04:04 32,768 --sha-w C:\WINDOWS\Temp\History\History.IE5\index.dat

+ 2008-06-04 17:01:36 32,768 --sha-w C:\WINDOWS\Temp\History\History.IE5\index.dat

+ 2008-06-04 17:00:34 32,768 --sha-w C:\WINDOWS\Temp\History\History.IE5\MSHist012008060420080605\index.dat

- 2008-06-03 17:04:04 32,768 --sha-w C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat

+ 2008-06-04 17:01:36 32,768 --sha-w C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Magentic"="C:\PROGRA~1\Magentic\bin\Magentic.exe" [2008-01-17 20:55 475180]

"Eraser"="C:\Program Files\Eraser\eraser.exe" [2006-08-07 23:07 634880]

"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [2007-01-14 21:01 503808]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-02 06:00 15360]

"SSS6_SPM"="C:\Program Files\Steganos Security Suite 6\spm.exe" [ ]

"WeatherWatcher"="C:\Program Files\Weather Watcher\ww.exe" [2007-05-12 10:23 1036288]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 20:04 139264]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-16 22:00 68856]

"HDDHealth"="C:\Program Files\HDD Health\hddhealth.exe" [2008-02-01 16:11 1607168]

"Copernic Desktop Search 2"="C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" [2008-02-13 21:39 1583624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTDVDDET"="C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 01:00 45056]

"CTHelper"="CTHELPER.EXE" [2005-11-08 22:30 16384 C:\WINDOWS\CTHELPER.EXE]

"CTxfiHlp"="CTXFIHLP.EXE" [2005-11-08 22:30 18944 C:\WINDOWS\system32\CTXFIHLP.EXE]

"DMAScheduler"="c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe" [2006-03-20 02:05 90112]

"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-17 22:40 64512]

"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 15:34 249856]

"HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 01:35 49152]

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-10-12 12:30 139264]

"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 16:44 61440]

"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-03-10 14:01 28160 C:\WINDOWS\KHALMNPR.Exe]

"NvCplDaemon"="RUNDLL32.exe" [2004-09-02 06:00 33792 C:\WINDOWS\system32\rundll32.exe]

"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 15:14 237568]

"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]

"VolPanel"="C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-10-14 11:01 122880]

"Belgacom"="C:\Program Files\Belgacom\bin\sprtcmd.exe" [2006-06-22 10:34 192512]

"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-16 02:37 57344]

"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-04-29 10:35 185896]

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41 282624]

"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]

"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-03-14 20:10 116328]

"TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" [2007-03-14 16:52 3770024]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]

"beidsystemtray"="C:\Program Files\Belgium Identity Card\beidsystemtray.exe" [2007-02-19 16:15 188416]

"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 18:38 583048]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"SSS6_Suite"="C:\Program Files\Steganos Security Suite 6\sss.exe" [ ]

"SSS6_SAFE"="C:\Program Files\Steganos Security Suite 6\safe.exe" [ ]

"SSS6_SPM"="C:\Program Files\Steganos Security Suite 6\spm.exe" [ ]

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [ ]

C:\Documents and Settings\LogMeInRemoteUser\Menu Start\Programma's\Opstarten\

Pin.lnk - C:\hp\bin\CLOAKER.EXE [2006-06-21 11:21:28 27136]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\

Bitmeter2.lnk - C:\Program Files\Codebox\BitMeter\BitMeter2.exe [2006-09-02 09:40:12 1392640]

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 05:21:22 288472]

Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2006-09-28 20:28:13 438272]

M8Clips.lnk - C:\Program Files\ClipM8\ClipM8.exe [2006-10-07 20:07:05 1041408]

Orbit.lnk - C:\Program Files\Orbitdownloader\orbitdm.exe [2006-12-24 20:09:54 1674432]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.ACDV"= ACDV.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=

"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=

"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=

"C:\\Program Files\\Magentic\\bin\\MgImp.exe"=

"C:\\Program Files\\Magentic\\bin\\Magentic.exe"=

"C:\\Program Files\\Magentic\\bin\\MgApp.exe"=

"C:\\Program Files\\Messenger\\msmsgs.exe"=

"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=

"C:\\Program Files\\Microsoft Office\\OFFICE11\\FRONTPG.EXE"=

"C:\\Program Files\\LimeWire\\LimeWire.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"C:\\Program Files\\Adobe\\Photoshop Elements 4.0\\AdobePhotoshopElementsMediaServer.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Program Files\\Sitecom\\IVT BlueSoleil\\BlueSoleil.exe"=

"C:\\Program Files\\uTorrent\\uTorrent.exe"=

"C:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=

"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 nltdi;nltdi;C:\WINDOWS\system32\drivers\nltdi.sys [2007-04-23 18:08]

R2 eID CRL Service;eID CRL Service;C:\WINDOWS\system32\beidservicecrl.exe [2007-02-19 16:16]

R2 mp3m2pls;mp3m2pls;C:\WINDOWS\system32\drivers\mp3m2pls.sys [2003-12-06 23:50]

R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-02-14 21:07]

R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-01-17 18:21]

R3 WN5301;LIteon Wireless PCI Network Adapter Service;C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 12:44]

S3 ACSSCR;ACR38 Smart Card Reader;C:\WINDOWS\system32\DRIVERS\a38usb.sys [2006-03-24 20:14]

S3 eID Privacy Service;eID Privacy Service;C:\WINDOWS\system32\beidservicepcsc.exe [2007-02-19 16:16]

S3 UWProSys;Process monitor.;C:\Program Files\CyberDefender\AntiSpyware\uwprosys.sys []

S4 GbFsMf;GbFsMf;C:\WINDOWS\system32\DRIVERS\GbFsMf.sys []

*Newly Created Service* - COMHOST

.

Inhoud van de 'Gedeelde Taken' map

"2008-06-04 17:34:03 C:\WINDOWS\Tasks\Controleren op updates voor Windows Live Toolbar.job"

- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-06-04 19:45:44

Windows 5.1.2600 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

**************************************************************************

.

Voltooingstijd: 2008-06-04 19:53:37

ComboFix-quarantined-files.txt 2008-06-04 17:52:24

ComboFix2.txt 2008-06-03 18:25:59

Pre-Run: 180,031,746,048 bytes beschikbaar

Post-Run: 180,014,379,008 bytes beschikbaar

262 --- E O F --- 2008-05-28 17:01:52

HijackThis logje:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:28:29, on 5/06/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\system32\beidservicecrl.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\NetLimiter 2 Monitor\NLClient.exe

C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE

C:\WINDOWS\CTHELPER.EXE

C:\WINDOWS\system32\CTXFIHLP.EXE

C:\WINDOWS\SYSTEM32\CTXFISPI.EXE

C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

C:\HP\KBD\KBD.EXE

c:\windows\system\hpsysdrv.exe

C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Belgacom\bin\sprtcmd.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\TomTom HOME\TomTomHOME.exe

C:\Program Files\Belgium Identity Card\beidsystemtray.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files\Eraser\eraser.exe

C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe

C:\Program Files\Weather Watcher\ww.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\PROGRA~1\Magentic\bin\MgApp.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files\HDD Health\hddhealth.exe

C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe

C:\Program Files\Codebox\BitMeter\BitMeter2.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\ClipM8\ClipM8.exe

C:\Program Files\Orbitdownloader\orbitdm.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! Zoeken - zoeken op het web

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN !

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 69.64.93.106:80

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Copernic Desktop Search 2 - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand203000013.dll

O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run

O4 - HKLM\..\Run: [HPHUPD08] "c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe"

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r

O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [beidsystemtray] C:\Program Files\Belgium Identity Card\beidsystemtray.exe

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKCU\..\Run: [Magentic] "C:\PROGRA~1\Magentic\bin\Magentic.exe" /c

O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide

O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [sSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting

O4 - HKCU\..\Run: [WeatherWatcher] C:\Program Files\Weather Watcher\ww.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [HDDHealth] C:\Program Files\HDD Health\hddhealth.exe -wl

O4 - HKCU\..\Run: [Copernic Desktop Search 2] "C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" /tray

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-19\..\Run: [sSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'Lokale service')

O4 - HKUS\S-1-5-19\..\Run: [sSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting (User 'Lokale service')

O4 - HKUS\S-1-5-19\..\Run: [sSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [sSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [sSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'Default user')

O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: OpenOffice.org 2.2 .lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')

O4 - .DEFAULT Startup: OpenOffice.org 2.2 .lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe (User 'Default user')

O4 - .DEFAULT Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (User 'Default user')

O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: OpenOffice.org 2.2 .lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe

O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

O4 - Global Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O4 - Global Startup: M8Clips.lnk = C:\Program Files\ClipM8\ClipM8.exe

O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe

O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: Send Using &Gmail - C:\Program Files\SnipIT\SnipIT\sendusinggmail.htm

O8 - Extra context menu item: Send Using &Hotmail - C:\Program Files\SnipIT\SnipIT\sendusinghotmail.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: IE Screenshot - {84A11D82-2732-40ed-BF71-80F1FAF3807F} - C:\PROGRA~1\BROWSE~1\IESCRE~1\IESCRE~1.DLL (HKCU)

O9 - Extra 'Tools' menuitem: Make a Screenshot - {84A11D82-2732-40ed-BF71-80F1FAF3807F} - C:\PROGRA~1\BROWSE~1\IESCRE~1\IESCRE~1.DLL (HKCU)

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O15 - Trusted Zone: Big Fish Games | A New Free Game Download Every Day

O15 - Trusted Zone: Colruyt

O15 - Trusted Zone: Warner Bros. Online

O16 - DPF: {2FDEACE3-43F7-4E3C-B4A6-094DAAA343DC} (CFreeDigital) - https://secured.payvisionservices.com/frs/Freedigital/FreeDigital.ocx

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec.com/techsupp/activedata/nprdtinf.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab

O16 - DPF: {ABB660B6-6694-407B-950A-EDBA5A159722} (DVC Download Control) - http://www.shockwave.com/content/davincicode/sis/DVC%20Download%20Control.cab

O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914091/activex/IPSUploader4.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab

O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: eID CRL Service - Zetes - C:\WINDOWS\system32\beidservicecrl.exe

O23 - Service: eID Privacy Service - Zetes - C:\WINDOWS\system32\beidservicepcsc.exe

O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology\ELService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE

O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--

End of file - 18747 bytes

MBAM Logje: je zal nog zaken herkennen van vorige log door een stomme fout van me sloot ik het programma af en niet het logboekje.

Malwarebytes' Anti-Malware 1.14

Database versie: 826

9:07:36 5/06/2008

mbam-log-6-5-2008 (09-07-36).txt

Scan type: Volledige Scan (C:\|D:\|G:\|L:\|)

Objecten gescand: 276420

Verstreken tijd: 1 hour(s), 48 minute(s), 41 second(s)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 29

Registerwaarden geïnfecteerd: 2

Registerdata bestanden geïnfecteerd: 0

Mappen geïnfecteerd: 13

Bestanden geïnfecteerd: 187

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:

HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\videoegg (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\downloader.downloaderctrl.1 (Adware.2020search) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch (Adware.BookedSpace) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.

Registerdata bestanden geïnfecteerd:

(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg (Adware.VideoEgg) -> Delete on reboot.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Data (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Loader (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Loader\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520 (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.

Bestanden geïnfecteerd:

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\VideoEggBroker.exe.old (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Program Files\Real Alternative\realmedia_browser_plugin.exe (Rogue.Installer) -> Quarantined and deleted successfully.

C:\QooBox\Quarantine\C\Documents and Settings\HP_Administrator\Mijn documenten\VideoEggPublisher.exe.vir (Malware.Tool) -> Quarantined and deleted successfully.

C:\QooBox\Quarantine\G\Back-up 05-04-2008\VideoEggPublisher.exe.vir (Malware.Tool) -> Quarantined and deleted successfully.

C:\QooBox\Quarantine\G\Back-up Mijn documenten\VideoEggPublisher.exe.vir (Malware.Tool) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP451\A0140664.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP453\A0141664.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP453\A0141667.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP454\A0142690.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP455\A0142721.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0143696.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0144706.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0144708.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0144709.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0145709.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0145714.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0145719.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0146751.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP456\A0146756.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP458\A0146922.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP458\A0147747.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP458\A0148747.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0150767.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0150788.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0150797.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0151788.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0151793.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP460\A0153792.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP463\A0159832.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP465\A0159926.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP467\A0160146.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP469\A0161254.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

G:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP496\A0176512.exe (Malware.Tool) -> Quarantined and deleted successfully.

G:\System Volume Information\_restore{91722856-1EE5-4CF5-9506-1BE04AA827F5}\RP496\A0176513.exe (Malware.Tool) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\DataLOCKED (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Data\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Publisher\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator\Application Data\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.

Geplaatst:

Wat de besmette bestanden betreft, ziet dit er goed uit (al zou een kakelvers log van MBAM wel nuttig zijn om hier absolute zekerheid over te hebben). Als dat ook geen aanduidingen van malware meer geeft, kan je nu met een cleane PC aan het werk om de installatie van Office opnieuw te proberen. Laat eens horen (lezen) of het dan nu wel lukt ?

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.