[OPGELOST] online computer scan

[honk]

Ja dit schiet om de zovele minuten nog erop, maar ik merk precies toch een verschil ik zal het je morgen weten te zeggen kape. Alvast ZEER bedankt !!

mvg, honk

[honk]

ik denk dat het verdwenen is =) alvast ZEER bedankt Kape, ik zal je morgen zeggen of het er nog opgekomen is

mvg, honk

[honk]

nee, het is hierjuist nog opgekomen HULP IS EGT NODIG, want dit is irritant.

[kape]

Download Combofix naar je Bureaublad.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.

Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

• 
  Dubbelklik op Combofix.exe om het te starten.
  Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
  Volg de instructies, aanvaard de disclaimer door op Ja te klikken.
  Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster (enkel voor XP, niet voor VISTA).
  Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
  Klik na afloop terug op Ja om het scannen op malware te starten.
  Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
  

Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Post dit logje in je volgende antwoord.

[honk]

ComboFix 09-01-31.01 - hendrik 2009-01-31 23:47:20.1 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1043.18.3070.2130 [GMT 1:00]

Gestart vanuit: d:\documenten hendrik\Programma's\ComboFix.exe

AV: BullGuard Antivirus *On-access scanning disabled* (Outdated)

FW: BullGuard Firewall *enabled*

* Nieuw herstelpunt werd aangemaakt

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\emMON.exe

.

(((((((((((((((((((( Bestanden Gemaakt van 2008-12-28 to 2009-01-31 ))))))))))))))))))))))))))))))

.

2009-01-31 21:15 . 2009-01-31 21:15 <DIR> d-------- c:\program files\Windows Live SkyDrive

2009-01-31 21:15 . 2009-01-31 21:17 <DIR> d-------- c:\program files\Microsoft

2009-01-31 21:04 . 2009-01-31 23:39 <DIR> d-------- c:\users\hendrik\Tracing

2009-01-31 20:42 . 2009-01-31 20:42 <DIR> d-------- c:\program files\Microsoft SQL Server Compact Edition

2009-01-31 20:42 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\System32\d3dx9_32.dll

2009-01-31 20:42 . 2009-01-31 20:42 712,704 --a------ c:\windows\System32\WindowsCodecs.dll

2009-01-31 20:42 . 2009-01-31 20:42 347,648 --a------ c:\windows\System32\WindowsCodecsExt.dll

2009-01-31 20:34 . 2009-01-31 20:34 <DIR> d-------- c:\program files\Common Files\Windows Live

2009-01-31 19:23 . 2009-01-31 19:23 <DIR> d-------- c:\users\hendrik\AppData\Roaming\Malwarebytes

2009-01-31 19:23 . 2009-01-31 19:23 <DIR> d-------- c:\users\All Users\Malwarebytes

2009-01-31 19:23 . 2009-01-31 19:23 <DIR> d-------- c:\programdata\Malwarebytes

2009-01-31 19:23 . 2009-01-31 19:23 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

2009-01-31 19:23 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys

2009-01-31 19:23 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys

2009-01-30 17:58 . 2009-01-30 17:58 <DIR> d-------- c:\program files\Mixxx

2009-01-29 17:54 . 2009-01-29 17:54 10,752 ---h----- c:\windows\pp1.exe

2009-01-23 18:47 . 2009-01-23 18:47 1 ---h----- c:\windows\f5667t5.dat

2009-01-23 16:28 . 2009-01-23 16:28 55,504 --a------ c:\windows\System32\drivers\BdFileSpy.sys

2009-01-20 20:06 . 2009-01-23 18:57 <DIR> d-------- c:\users\hendrik\AppData\Roaming\FrostWire

2009-01-20 20:04 . 2009-01-20 20:06 <DIR> d-------- c:\program files\FrostWire

2009-01-18 15:38 . 2009-01-18 15:38 <DIR> d-------- C:\Westwood

2009-01-17 14:27 . 2009-01-17 14:27 <DIR> d-------- C:\.jagex_cache_32

2008-12-12 18:13 . 2008-12-12 18:13 <DIR> d-------- c:\users\All Users\Avanquest Bluetooth SDK

2008-12-12 18:13 . 2008-12-12 18:13 <DIR> d-------- c:\programdata\Avanquest Bluetooth SDK

2008-12-12 17:57 . 2008-12-12 17:57 <DIR> d-------- c:\users\All Users\BVRP Software

2008-12-12 17:57 . 2008-12-12 17:57 <DIR> d-------- c:\programdata\BVRP Software

2008-12-12 17:57 . 2008-12-12 18:00 <DIR> d-------- c:\program files\Avanquest update

2008-12-12 16:56 . 2008-12-12 16:56 <DIR> d-------- c:\users\All Users\Sony Ericsson

2008-12-12 16:56 . 2008-12-12 16:56 <DIR> d-------- c:\programdata\Sony Ericsson

2008-12-10 18:36 . 2008-12-10 18:37 <DIR> d-------- c:\users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

2008-12-10 18:36 . 2008-12-10 18:37 <DIR> d-------- c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

2008-12-10 18:36 . 2008-12-10 18:37 <DIR> d-------- c:\program files\iTunes

2008-12-10 18:36 . 2008-12-10 18:36 <DIR> d-------- c:\program files\iPod

2008-12-10 18:35 . 2008-12-10 18:35 <DIR> d-------- c:\program files\Bonjour

2008-12-10 18:34 . 2008-12-10 18:34 <DIR> d-------- c:\program files\QuickTime

2008-12-07 13:41 . 2008-12-07 13:41 <DIR> d-------- c:\users\hendrik\AppData\Roaming\Sony

2008-12-07 13:41 . 2008-12-07 13:41 <DIR> d-------- c:\users\All Users\Sony

2008-12-07 13:41 . 2008-12-07 13:41 <DIR> d-------- c:\programdata\Sony

2008-12-07 13:34 . 2008-12-12 16:56 <DIR> d-------- c:\program files\Sony Ericsson

2008-12-07 13:34 . 2008-12-07 13:34 <DIR> d-------- c:\program files\Sony

2008-12-05 00:31 . 2008-12-05 00:31 308,584 --a------ c:\windows\WLXPGSS.SCR

2008-12-03 14:49 . 2008-12-03 14:49 410,984 --a------ c:\windows\System32\deploytk.dll

2008-12-02 22:37 . 2008-12-02 22:37 49,480 --a------ c:\windows\System32\sirenacm.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-01-31 22:40 --------- d-----w c:\programdata\BullGuard

2009-01-31 20:16 --------- d-----w c:\program files\Windows Live

2009-01-30 15:45 27,525 ----a-w c:\users\hendrik\AppData\Roaming\nvModes.dat

2009-01-20 19:05 --------- d-----w c:\program files\LimeWire

2009-01-20 18:28 --------- d-----w c:\users\hendrik\AppData\Roaming\LimeWire

2009-01-17 13:28 34 ----a-w c:\users\hendrik\jagex_runescape_preferences.dat

2008-12-15 14:39 --------- d-----w c:\users\hendrik\AppData\Roaming\BullGuard

2008-12-12 16:57 --------- d--h--w c:\program files\InstallShield Installation Information

2008-12-10 17:36 --------- d-----w c:\program files\Common Files\Apple

2008-12-03 20:16 --------- d-----w c:\program files\Vstep

2008-12-03 20:13 --------- d-----w c:\program files\Kellogg's

2008-12-03 13:49 --------- d-----w c:\program files\Java

2008-11-08 14:40 19,784 ----a-w c:\windows\System32\BgOutlookHook.dll

2008-11-08 14:40 14,152 ----a-w c:\windows\System32\lccl.dll

2008-11-08 14:40 14,152 ----a-w c:\windows\System32\client_cc.dll

2008-07-30 21:51 0 ----a-w c:\users\hendrik\AppData\Roaming\wklnhst.dat

2008-07-16 13:26 174 --sha-w c:\program files\desktop.ini

2008-07-15 18:13 0 ---h--w c:\users\All Users\PKP_DLdu.DAT

2008-07-15 18:13 0 ---h--w c:\programdata\PKP_DLdu.DAT

2008-07-25 17:24 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

2008-07-25 17:24 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

2008-07-25 17:24 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[kape]

Zou je eens naar dat logje van Combofix kunnen kijken, want dat is helemaal niet volledig. Graag dan een nieuw en compleet log in je volgende bericht.

[honk]

ComboFix 09-01-31.02 - hendrik 2009-02-01 13:34:59.2 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1043.18.3070.2172 [GMT 1:00]

Gestart vanuit: d:\documenten hendrik\Programma's\ComboFix.exe

gebruikte Opdracht switches :: log

AV: BullGuard Antivirus *On-access scanning disabled* (Outdated)

FW: BullGuard Firewall *enabled*

* Nieuw herstelpunt werd aangemaakt

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-01-01 to 2009-02-01 ))))))))))))))))))))))))))))))

.

2009-01-31 21:15 . 2009-01-31 21:15 <DIR> d-------- c:\program files\Windows Live SkyDrive

2009-01-31 21:15 . 2009-01-31 21:17 <DIR> d-------- c:\program files\Microsoft

2009-01-31 21:04 . 2009-02-01 13:25 <DIR> d-------- c:\users\hendrik\Tracing

2009-01-31 20:42 . 2009-01-31 20:42 <DIR> d-------- c:\program files\Microsoft SQL Server Compact Edition

2009-01-31 20:42 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\System32\d3dx9_32.dll

2009-01-31 20:42 . 2009-01-31 20:42 712,704 --a------ c:\windows\System32\WindowsCodecs.dll

2009-01-31 20:42 . 2009-01-31 20:42 347,648 --a------ c:\windows\System32\WindowsCodecsExt.dll

2009-01-31 20:34 . 2009-01-31 20:34 <DIR> d-------- c:\program files\Common Files\Windows Live

2009-01-31 19:23 . 2009-01-31 19:23 <DIR> d-------- c:\users\hendrik\AppData\Roaming\Malwarebytes

2009-01-31 19:23 . 2009-01-31 19:23 <DIR> d-------- c:\users\All Users\Malwarebytes

2009-01-31 19:23 . 2009-01-31 19:23 <DIR> d-------- c:\programdata\Malwarebytes

2009-01-31 19:23 . 2009-01-31 19:23 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

2009-01-31 19:23 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys

2009-01-31 19:23 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys

2009-01-30 17:58 . 2009-01-30 17:58 <DIR> d-------- c:\program files\Mixxx

2009-01-29 17:54 . 2009-01-29 17:54 10,752 ---h----- c:\windows\pp1.exe

2009-01-23 18:47 . 2009-01-23 18:47 1 ---h----- c:\windows\f5667t5.dat

2009-01-23 16:28 . 2009-01-23 16:28 55,504 --a------ c:\windows\System32\drivers\BdFileSpy.sys

2009-01-20 20:06 . 2009-01-23 18:57 <DIR> d-------- c:\users\hendrik\AppData\Roaming\FrostWire

2009-01-20 20:04 . 2009-01-20 20:06 <DIR> d-------- c:\program files\FrostWire

2009-01-18 15:38 . 2009-01-18 15:38 <DIR> d-------- C:\Westwood

2009-01-17 14:27 . 2009-01-17 14:27 <DIR> d-------- C:\.jagex_cache_32

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-02-01 12:26 --------- d-----w c:\programdata\BullGuard

2009-02-01 12:25 27,525 ----a-w c:\users\hendrik\AppData\Roaming\nvModes.dat

2009-01-31 20:16 --------- d-----w c:\program files\Windows Live

2009-01-20 19:05 --------- d-----w c:\program files\LimeWire

2009-01-20 18:28 --------- d-----w c:\users\hendrik\AppData\Roaming\LimeWire

2009-01-17 13:28 34 ----a-w c:\users\hendrik\jagex_runescape_preferences.dat

2008-12-15 14:39 --------- d-----w c:\users\hendrik\AppData\Roaming\BullGuard

2008-12-12 17:13 --------- d-----w c:\programdata\Avanquest Bluetooth SDK

2008-12-12 17:00 --------- d-----w c:\program files\Avanquest update

2008-12-12 16:57 --------- d--h--w c:\program files\InstallShield Installation Information

2008-12-12 16:57 --------- d-----w c:\programdata\BVRP Software

2008-12-12 15:56 --------- d-----w c:\programdata\Sony Ericsson

2008-12-12 15:56 --------- d-----w c:\program files\Sony Ericsson

2008-12-10 17:37 --------- d-----w c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

2008-12-10 17:37 --------- d-----w c:\program files\iTunes

2008-12-10 17:36 --------- d-----w c:\program files\iPod

2008-12-10 17:36 --------- d-----w c:\program files\Common Files\Apple

2008-12-10 17:35 --------- d-----w c:\program files\Bonjour

2008-12-10 17:34 --------- d-----w c:\program files\QuickTime

2008-12-07 12:41 --------- d-----w c:\users\hendrik\AppData\Roaming\Sony

2008-12-07 12:41 --------- d-----w c:\programdata\Sony

2008-12-07 12:34 --------- d-----w c:\program files\Sony

2008-12-04 23:31 308,584 ----a-w c:\windows\WLXPGSS.SCR

2008-12-03 20:16 --------- d-----w c:\program files\Vstep

2008-12-03 20:13 --------- d-----w c:\program files\Kellogg's

2008-12-03 13:49 410,984 ----a-w c:\windows\System32\deploytk.dll

2008-12-03 13:49 --------- d-----w c:\program files\Java

2008-12-02 21:37 49,480 ----a-w c:\windows\System32\sirenacm.dll

2008-11-08 14:40 19,784 ----a-w c:\windows\System32\BgOutlookHook.dll

2008-11-08 14:40 14,152 ----a-w c:\windows\System32\lccl.dll

2008-11-08 14:40 14,152 ----a-w c:\windows\System32\client_cc.dll

2008-07-30 21:51 0 ----a-w c:\users\hendrik\AppData\Roaming\wklnhst.dat

2008-07-16 13:26 174 --sha-w c:\program files\desktop.ini

2008-07-15 18:13 0 ---h--w c:\users\All Users\PKP_DLdu.DAT

2008-07-15 18:13 0 ---h--w c:\programdata\PKP_DLdu.DAT

2008-07-25 17:24 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

2008-07-25 17:24 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

2008-07-25 17:24 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

.

((((((((((((((((((((((((((((( snapshot@2009-01-31_23.49.15,61 )))))))))))))))))))))))))))))))))))))))))

.

- 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE

+ 2005-10-20 12:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE

- 2009-01-31 22:38:34 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-02-01 12:25:08 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2009-01-31 22:38:34 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2009-02-01 12:25:08 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2009-01-31 22:39:46 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT

+ 2009-02-01 12:25:50 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT

+ 2009-02-01 12:25:50 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1

- 2009-01-31 22:39:51 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT

+ 2009-02-01 12:25:55 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT

+ 2009-02-01 12:25:55 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1

- 2009-01-31 22:38:34 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-02-01 12:31:33 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-01-31 22:38:34 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-02-01 12:31:33 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-01-31 22:38:34 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-02-01 12:31:33 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-01-31 22:47:08 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat

+ 2009-02-01 12:34:50 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat

+ 2009-02-01 12:34:50 262,144 ---ha-w c:\windows\System32\config\systemprofile\ntuser.dat.LOG1

- 2009-01-31 22:41:00 7,458 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3214536521-4072128669-3750770202-1000_UserData.bin

+ 2009-02-01 12:26:54 7,458 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3214536521-4072128669-3750770202-1000_UserData.bin

- 2009-01-31 22:41:00 77,756 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin

+ 2009-02-01 12:26:54 77,890 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin

- 2009-01-31 22:40:59 43,952 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-02-01 12:26:53 44,016 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-04-14 1232896]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]

"BullGuard"="c:\program files\BullGuard Ltd\BullGuard\bullguard.exe" [2009-01-23 304464]

"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2008-12-02 3882312]

"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-02-20 360448]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-08 86016]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-08 8462336]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-08 81920]

"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2008-03-14 561152]

"BullGuard"="c:\program files\BullGuard Ltd\BullGuard\bullguard.exe" [2009-01-23 304464]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-03 136600]

"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2006-11-24 622592]

"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2006-07-19 65536]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]

"pp"="c:\windows\pp1.exe" [2009-01-29 10752]

"RtHDVCpl"="RtHDVCpl.exe" [2007-11-08 c:\windows\RtHDVCpl.exe]

c:\users\hendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

aveosti.exe.lnk - c:\program files\AVEO\AVEO UVC Filter Driver Kit\AveoSTI.exe [2008-04-14 28672]

Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-02-27 2756608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"msacm.clmp3enc"= c:\progra~1\CYBERL~1\Power2Go\CLMP3Enc.ACM

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BgMainSvc]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{239FA296-4E8B-476F-863E-79A4978EC950}"= c:\program files\CyberLink\PowerDirector Express\PDX.EXE:CyberLink PowerDirector Express

"{40E9D768-04BB-4A17-B090-9921DAC59E4F}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{875C8622-8B9E-4A5E-A484-E4E0554AC6D1}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"TCP Query User{F4CA5235-B03C-4B04-81FC-19D32B817214}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire

"UDP Query User{5B71AA69-59F8-4F5E-AA14-2E93BFB20BD9}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire

"TCP Query User{282AE276-98E3-4A7D-BB93-F12701AC1A77}d:\\documenten hendrik\\et.exe"= UDP:d:\documenten hendrik\et.exe:ET

"UDP Query User{1AD21FE0-E37C-4077-B299-63E752B06299}d:\\documenten hendrik\\et.exe"= TCP:d:\documenten hendrik\et.exe:ET

"TCP Query User{356DB3F7-7E10-442D-B775-F31A2F76A43E}d:\\documenten hendrik\\programma's\\wet\\et.exe"= UDP:d:\documenten hendrik\programma's\wet\et.exe:ET

"UDP Query User{1647553D-4DD4-4811-AC24-9FCFEBD19A8C}d:\\documenten hendrik\\programma's\\wet\\et.exe"= TCP:d:\documenten hendrik\programma's\wet\et.exe:ET

"{760A0F79-3C8D-486A-8233-867820454F3E}"= UDP:c:\program files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:Sony Ericsson Media Manager 1.1

"{638546E7-2F5F-49B7-9C52-0F56222A868F}"= TCP:c:\program files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:Sony Ericsson Media Manager 1.1

"{E8959A03-5D35-486C-BC26-850D922E3E2E}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

"{49A45A45-6EB8-40BF-A963-B214B8BE3A8D}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

"{8C19DEF8-E580-4D45-847D-09FCAB020D73}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes

"{905AA0AB-8928-43A6-9CBA-84A1555838A1}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

"TCP Query User{8D2976B0-F416-461F-9039-612B8F493768}c:\\program files\\frostwire\\frostwire.exe"= UDP:c:\program files\frostwire\frostwire.exe:FrostWire

"UDP Query User{850EF4FC-3BC5-441B-BFDC-3B333DED20F6}c:\\program files\\frostwire\\frostwire.exe"= TCP:c:\program files\frostwire\frostwire.exe:FrostWire

"{960D7CDF-D5D6-49EB-94A7-5CAC4A2EE957}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]

"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R0 Si3531;SiI-3531 SATA Controller;c:\windows\System32\drivers\Si3531.sys [2008-04-14 210224]

R1 afw;Agnitum Firewall Driver;c:\windows\System32\drivers\Afw.sys [2007-11-28 28696]

R3 AfwCore;Agnitum Firewall Core Driver;c:\windows\System32\drivers\AfwCore.sys [2008-11-08 263192]

R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [2008-04-14 32256]

R3 MGHwCtrl;MGHwCtrl;c:\windows\System32\drivers\MGHwCtrl.sys [2008-04-14 19456]

R3 Reconn;BullGuard Email Monitor;c:\program files\BullGuard Ltd\BullGuard\Reconn.sys [2007-10-29 16984]

R4 BdFileSpy;BullGuard File Monitor Driver;c:\windows\System32\drivers\BdFileSpy.sys [2009-01-23 55504]

R4 BsFileScan;BullGuard File Scan Service;c:\windows\System32\svchost.exe -k BullGuard [2006-11-02 22016]

R4 BsFire;BullGuard Firewall Service;c:\windows\System32\svchost.exe -k BullGuard [2006-11-02 22016]

R4 BsMailProxy;BullGuard Email Monitoring Service;c:\windows\System32\svchost.exe -k BullGuard [2006-11-02 22016]

R4 eID CRL Service;eID CRL Service;c:\windows\System32\beidservicecrl.exe [2007-02-19 225280]

R4 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [2008-04-14 61440]

S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\System32\drivers\a38usbxp.sys [2004-04-30 24832]

S3 eID Privacy Service;eID Privacy Service;c:\windows\System32\beidservicepcsc.exe [2007-02-19 331776]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

BullGuard REG_MULTI_SZ BgMainSvc BsFileScan BsMailProxy BsFire

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.hln.be/

uInternet Settings,ProxyOverride = *.local

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

DPF: {5D80A6D1-B500-47DA-82B8-EB9875F85B4D} - hxxp://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab

FF - ProfilePath - c:\users\hendrik\AppData\Roaming\Mozilla\Firefox\Profiles\gkvdumvx.default\

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-02-01 13:36:12

Windows 6.0.6000 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'Explorer.exe'(4568)

c:\program files\BullGuard Ltd\BullGuard\antispam\PluginHook.dll

c:\program files\BullGuard Ltd\BullGuard\res\nl\PluginHookRes.dll

.

Voltooingstijd: 2009-02-01 13:37:44

ComboFix-quarantined-files.txt 2009-02-01 12:37:38

ComboFix2.txt 2009-01-31 22:50:21

Pre-Run: 9.281.048.576 bytes beschikbaar

Post-Run: 9,148,137,472 bytes beschikbaar

213 --- E O F --- 2008-07-16 13:03:04

DEZE HEB IK OPNIEUW GEDAAN...

[honk]

ik heb foto's gemaakt van wat er allemaal verschijnt, maar ik weet niet hoe ik deze hier upload... daarmee hebt u wat meer informatie wat er gebeurt.

[honk]

krijg ik aub nog antwoord want dit venster dat altijd verschijnt is echt wel irritant.

[kape]

Je kan foto's en andere bijlagen aan een bericht hangen, door onderaan je bericht te klikken op "beheer bijlagen". Dan kan je elke bijlage die voldoet aan de voorwaarden uploaden, samen met je bericht.