kevkeds

halo , ik heb windows xp op mn pc staan maar zou graag vista instaleren via mijn usb maar krijg men usb niet bootable ik heb al op google naar oplossingen gezocht ma er zijn zoveel verschillende wijzen om het te doen ma de meeste leggen het uit vanuit vista wat hier dan niet lukt heb het al is geprobeert maar bij het opstarten krijg ik dan foutmelding van de usb.Ik heb alle bestanden ook eens zo op mijn usb gezet maar na de instalatie loopt hij vast ik dnek dat dat komt omdat hij niet kan opstarten via de usb. Kan iemand mij helpen ?

ComboFix 08-04-03.5 - kevin deswarte 2008-04-04 21:54:55.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.475 [GMT 2:00] Gestart vanuit: C:\Documents and Settings\kevin deswarte\Bureaublad\ComboFix.exe Command switches used :: C:\Documents and Settings\kevin deswarte\Bureaublad\CFScript.txt * Nieuw herstelpunt werd aangemaakt WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! FILE :: C:\WINDOWS\system32\kxcdansr.exe C:\WINDOWS\system32\tifyxefm.exe . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Application Data\Malwarebytes C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\news.txt C:\Documents and Settings\kevin deswarte\Application Data\Malwarebytes C:\Documents and Settings\kevin deswarte\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-4-1-2008 (19-11-42).txt C:\SDFix C:\SDFix\apps\assosfix.reg C:\SDFix\apps\cliptext.exe C:\SDFix\apps\download.exe C:\SDFix\apps\dummy.sys C:\SDFix\apps\Enable_Command_Prompt.reg C:\SDFix\apps\ERDNT.E_E C:\SDFix\apps\ERDNTDOS.LOC C:\SDFix\apps\ERDNTWIN.LOC C:\SDFix\apps\ERUNT.EXE C:\SDFix\apps\ERUNT.LOC C:\SDFix\apps\fix.reg C:\SDFix\apps\FixBH.reg C:\SDFix\apps\FixComponents.reg C:\SDFix\apps\FIXCU.reg C:\SDFix\apps\FIXLM.reg C:\SDFix\apps\FixPath.exe C:\SDFix\apps\FixRedir.reg C:\SDFix\apps\FixSchedule.reg C:\SDFix\apps\FixWebCheck.reg C:\SDFix\apps\fixXP.reg C:\SDFix\apps\FixXPsp2.reg C:\SDFix\apps\grep.exe C:\SDFix\apps\HPFix.reg C:\SDFix\apps\HPFix2.reg C:\SDFix\apps\HPFix3.reg C:\SDFix\apps\HPFix4.reg C:\SDFix\apps\HPFix5.reg C:\SDFix\apps\HPFix6.reg C:\SDFix\apps\HPFix7.reg C:\SDFix\apps\isadmin.exe C:\SDFix\apps\leg2.txt C:\SDFix\apps\legacy.txt C:\SDFix\apps\legacybk.txt C:\SDFix\apps\locate.com C:\SDFix\apps\LS.exe C:\SDFix\apps\MD5File.exe C:\SDFix\apps\MyGcpvFix.reg C:\SDFix\apps\MyGkFix2.reg C:\SDFix\apps\Process.exe C:\SDFix\apps\procs.exe C:\SDFix\apps\psservice.exe C:\SDFix\apps\Rem.txt C:\SDFix\apps\Rem2.txt C:\SDFix\apps\Replace\regedit.exe C:\SDFix\apps\Replace\W2K.exe C:\SDFix\apps\Replace\w2k\beep.sys C:\SDFix\apps\Replace\w2k\null.sys C:\SDFix\apps\Replace\XP.exe C:\SDFix\apps\Replace\xp\beep.sys C:\SDFix\apps\Replace\xp\null.sys C:\SDFix\apps\Reset_AppInit_DLLs.reg C:\SDFix\apps\RestartIt!.exe C:\SDFix\apps\Restore_SecurityCenter.reg C:\SDFix\apps\Restore_SharedAccess.reg C:\SDFix\apps\sc.exe C:\SDFix\apps\sed.exe C:\SDFix\apps\SF.exe C:\SDFix\apps\shutdown.exe C:\SDFix\apps\srv2.txt C:\SDFix\apps\srv2bk.txt C:\SDFix\apps\svc.txt C:\SDFix\apps\svcbk.txt C:\SDFix\apps\swreg.exe C:\SDFix\apps\swsc.exe C:\SDFix\apps\unzip.exe C:\SDFix\apps\vfind.exe C:\SDFix\apps\WINMSG.EXE C:\SDFix\apps\winsec.reg C:\SDFix\apps\zip.exe C:\SDFix\backups\backupreg.zip C:\SDFix\backups\backups.zip C:\SDFix\backups\HOSTS C:\SDFix\catchme.exe C:\SDFix\dummy.sys C:\SDFix\Report.txt C:\SDFix\RunThis.bat C:\SDFix\SDFIX_ReadMe_Online.url C:\WINDOWS\system32\kxcdansr.exe C:\WINDOWS\system32\tifyxefm.exe . (((((((((((((((((((( Bestanden Gemaakt van 2008-03-04 to 2008-04-04 )))))))))))))))))))))))))))))) . 2008-04-04 16:07 . 2008-04-04 16:08 <DIR> d-------- C:\Program Files\querta 2008-04-03 20:53 . 2008-04-03 20:53 <DIR> d-------- C:\WINDOWS\ERUNT 2008-04-03 20:49 . 2006-07-27 15:58 <DIR> d--h----- C:\Documents and Settings\Administrator\Sjablonen 2008-04-03 20:49 . 2008-04-03 20:52 <DIR> dr-h----- C:\Documents and Settings\Administrator\Onlangs geopend 2008-04-03 20:49 . 2006-07-27 17:53 <DIR> d--h----- C:\Documents and Settings\Administrator\Netwerkprinteromgeving 2008-04-03 20:49 . 2006-07-27 16:05 <DIR> dr------- C:\Documents and Settings\Administrator\Mijn documenten 2008-04-03 20:49 . 2006-07-27 17:53 <DIR> dr------- C:\Documents and Settings\Administrator\Menu Start 2008-04-03 20:49 . 2006-07-27 16:05 <DIR> dr------- C:\Documents and Settings\Administrator\Favorieten 2008-04-03 20:49 . 2008-04-04 18:27 <DIR> d-------- C:\Documents and Settings\Administrator\Bureaublad 2008-04-03 20:49 . 2006-08-08 20:53 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Intel 2008-04-03 13:34 . 2008-04-03 14:19 <DIR> d-------- C:\Program Files\a-squared Anti-Malware 2008-04-02 19:37 . 2008-04-02 19:37 <DIR> d-------- C:\Program Files\PC-Cleaner 2008-04-02 19:05 . 2008-02-27 13:15 28,416 --a------ C:\WINDOWS\system32\uxtuneup.dll 2008-04-02 19:03 . 2008-04-02 19:03 307,968 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe 2008-04-01 20:03 . 2008-04-01 20:03 91,700 --a------ C:\WINDOWS\system32\drivers\klin.dat 2008-04-01 20:03 . 2008-04-01 20:03 85,860 --a------ C:\WINDOWS\system32\drivers\klick.dat 2008-04-01 20:01 . 2008-04-01 20:01 <DIR> d-------- C:\Program Files\Kaspersky Lab 2008-04-01 20:01 . 2008-04-04 21:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-04-01 20:01 . 2008-04-04 19:29 3,584,032 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-04-01 20:01 . 2008-04-03 21:29 119,072 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-04-01 20:01 . 2008-04-03 21:29 42,236 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-04-01 20:01 . 2008-04-03 21:29 4,076 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2008-04-01 19:59 . 2008-04-01 19:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-04-01 17:50 . 2008-04-01 17:50 <DIR> d-------- C:\Program Files\Enigma Software Group 2008-04-01 16:31 . 2008-04-01 16:31 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\Ufasoft 2008-04-01 14:04 . 2008-04-01 14:06 <DIR> d-------- C:\Program Files\SUPERAntiSpyware 2008-04-01 14:04 . 2008-04-01 14:04 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\SUPERAntiSpyware.com 2008-04-01 14:04 . 2008-04-01 14:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2008-03-31 21:39 . 2008-04-01 13:56 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-03-31 15:08 . 2008-03-31 15:08 <DIR> d-------- C:\Program Files\Ufasoft 2008-03-31 15:01 . 2008-03-31 15:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\vonuzsbi 2008-03-29 12:55 . 2008-03-29 12:55 <DIR> d--h----- C:\WINDOWS\PIF 2008-03-28 22:15 . 2008-03-29 19:45 <DIR> d-------- C:\Program Files\World of Warcraft 2008-03-28 22:05 . 2008-03-28 22:05 <DIR> d-------- C:\Program Files\WinISO 2008-03-28 21:27 . 2008-03-28 21:27 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\DAEMON Tools Pro 2008-03-28 21:27 . 2008-03-28 21:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro 2008-03-28 21:21 . 2008-03-28 21:31 <DIR> d-------- C:\Program Files\DAEMON Tools Pro 2008-03-28 21:15 . 2008-03-28 21:15 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2008-03-28 20:23 . 2008-03-28 22:15 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment 2008-03-28 20:20 . 2008-03-29 18:55 145 --a------ C:\WINDOWS\wowCP.ini 2008-03-24 18:01 . 2008-03-24 18:01 552 --a------ C:\WINDOWS\system32\d3d8caps.dat 2008-03-24 16:13 . 2008-04-04 19:27 116 --a------ C:\WINDOWS\NeroDigital.ini 2008-03-24 15:27 . 2008-03-24 17:16 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\Ahead 2008-03-24 15:25 . 2008-03-24 15:25 <DIR> d-------- C:\Program Files\Nero 2008-03-24 15:25 . 2008-03-24 15:28 <DIR> d-------- C:\Program Files\Common Files\Ahead 2008-03-24 15:25 . 2008-03-24 15:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero 2008-03-24 00:07 . 2008-03-24 00:07 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\DivX 2008-03-24 00:06 . 2008-03-24 00:06 <DIR> d-------- C:\Program Files\DivX 2008-03-23 11:16 . 2008-03-23 11:16 <DIR> d-------- C:\Program Files\TopDesk 2008-03-23 11:05 . 2008-03-23 11:06 <DIR> d-------- C:\Documents and Settings\kevin deswarte.LAPTOP\Application Data\BitTorrent 2008-03-23 11:01 . 2008-03-23 11:07 <DIR> d-------- C:\Documents and Settings\kevin deswarte.LAPTOP\Sjablonen 2008-03-23 11:01 . 2008-03-23 11:07 <DIR> d-------- C:\Documents and Settings\kevin deswarte.LAPTOP\Favorieten 2008-03-23 11:01 . 2006-08-08 20:53 <DIR> d-------- C:\Documents and Settings\kevin deswarte.LAPTOP\Application Data\Intel 2008-03-23 10:59 . 2008-03-23 10:59 3,072,054 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp 2008-03-23 10:56 . 2008-03-23 11:08 <DIR> d-------- C:\WINDOWS\BricoPacks 2008-03-22 21:09 . 2008-04-02 19:03 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008 2008-03-22 21:09 . 2008-03-22 21:09 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\TuneUp Software 2008-03-22 21:09 . 2008-03-22 21:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2008-03-22 21:07 . 2008-04-01 14:03 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-03-22 20:07 . 2008-03-22 20:07 <DIR> d-------- C:\Program Files\DNA 2008-03-22 20:07 . 2008-03-22 20:07 <DIR> d-------- C:\Program Files\BitTorrent 2008-03-22 20:07 . 2008-04-04 22:04 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\DNA 2008-03-22 20:07 . 2008-04-04 20:34 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\BitTorrent 2008-03-21 23:22 . 2008-03-21 23:22 <DIR> d-------- C:\Program Files\MSXML 4.0 2008-03-21 21:12 . 2008-03-21 21:12 <DIR> d-------- C:\Program Files\Alwil Software 2008-03-21 21:12 . 2003-03-18 22:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2008-03-21 21:09 . 2008-03-21 21:09 <DIR> d-------- C:\Program Files\Common Files\Adobe 2008-03-21 21:02 . 2008-03-21 21:02 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\AdobeUM 2008-03-21 15:36 . 2008-03-21 16:02 <DIR> d-------- C:\Program Files\Conquer 2.0 2008-03-21 15:36 . 2008-03-21 15:36 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\InstallShield 2008-03-21 14:50 . 2007-07-30 20:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-03-21 14:50 . 2007-07-30 20:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-03-21 14:50 . 2007-07-30 20:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-03-21 14:41 . 2008-04-01 19:57 <DIR> d-------- C:\Downloads 2008-03-21 14:37 . 2008-04-04 21:52 <DIR> d-------- C:\Program Files\FlashGet 2008-03-20 20:06 . 2008-03-20 20:08 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\DMCache 2008-03-20 20:03 . 2008-03-20 20:03 1,158 --a------ C:\WINDOWS\mozver.dat 2008-03-20 18:28 . 2008-03-20 18:28 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\3M 2008-03-20 18:11 . 2008-03-20 18:11 <DIR> d---s---- C:\Documents and Settings\kevin deswarte\UserData 2008-03-20 18:06 . 2008-03-20 18:06 0 --a------ C:\WINDOWS\nsreg.dat 2008-03-20 17:58 . 2008-03-20 17:58 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Contacts 2008-03-20 17:57 . 2006-11-29 14:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2008-03-20 17:56 . 2008-03-20 17:56 <DIR> d-------- C:\Program Files\Windows Live Toolbar 2008-03-20 17:53 . 2008-03-20 17:55 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-03-20 17:52 . 2008-03-22 15:26 <DIR> d-------- C:\Program Files\Windows Live 2008-03-20 17:52 . 2008-03-20 17:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-03-20 15:52 . 2006-07-27 15:58 <DIR> d--h----- C:\Documents and Settings\kevin deswarte\Sjablonen 2008-03-20 15:52 . 2008-04-04 21:52 <DIR> dr-h----- C:\Documents and Settings\kevin deswarte\Onlangs geopend 2008-03-20 15:52 . 2006-07-27 17:53 <DIR> d--h----- C:\Documents and Settings\kevin deswarte\Netwerkprinteromgeving 2008-03-20 15:52 . 2008-04-03 21:06 <DIR> dr------- C:\Documents and Settings\kevin deswarte\Mijn documenten 2008-03-20 15:52 . 2006-07-27 17:53 <DIR> dr------- C:\Documents and Settings\kevin deswarte\Menu Start 2008-03-20 15:52 . 2008-03-26 23:49 <DIR> dr------- C:\Documents and Settings\kevin deswarte\Favorieten 2008-03-20 15:52 . 2008-04-04 21:54 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Bureaublad 2008-03-20 15:52 . 2006-08-08 20:53 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\Intel 2008-03-20 15:47 . 2008-03-20 15:47 8,192 --a------ C:\WINDOWS\REGLOCS.OLD . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-21 13:36 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-08 16:37 219,664 ----a-w C:\WINDOWS\system32\klogon.dll 2008-02-08 16:35 23,604 ----a-w C:\WINDOWS\system32\drivers\klopp.dat 2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR . ((((((((((((((((((((((((((((( snapshot@2008-04-04_18.48.08,84 ))))))))))))))))))))))))))))))))))))))))) . - 2008-04-04 12:53:15 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat + 2008-04-04 19:12:32 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - 2008-04-04 12:53:15 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat + 2008-04-04 19:12:32 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat - 2008-04-04 12:53:15 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-04-04 19:12:32 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184] "BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-03-26 16:42 288576] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 20:04 139264] "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 15:08 136136] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-04-01 14:07 1470464] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-02-07 02:39 94208] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-02-07 02:36 77824] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-02-07 02:40 118784] "RTHDCPL"="RTHDCPL.EXE" [2006-06-13 14:05 16239616 C:\WINDOWS\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe] "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-04-14 11:51 667718] "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-04-14 11:52 602182] "EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [2006-04-14 11:56 569413] "AGRSMMSG"="AGRSMMSG.exe" [2005-09-09 05:20 88203 C:\WINDOWS\AGRSMMSG.exe] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-03 22:00 110592 C:\WINDOWS\system32\bthprops.cpl] "tsnp2std"="C:\WINDOWS\tsnp2std.exe" [2006-05-15 14:44 266240] "snp2std"="C:\WINDOWS\vsnp2std.exe" [2006-05-15 15:52 675840] "MGSysCtrl"="C:\Program Files\System Control Manager\MGSysCtrl.exe" [2006-08-03 15:24 178688] "LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2006-06-07 14:22 484352] "Flashget"="C:\Program Files\FlashGet\FlashGet.exe" [2007-06-29 13:44 1990704] "TopDesk"="C:\Program Files\TopDesk\topdesk.exe" [2006-03-01 19:03 201216] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2008-02-08 18:36 227856] "a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2008-01-07 17:56 1816208] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 22:00 15360] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696] Ralink Wireless Utility.lnk - C:\Program Files\RALINK\Common\RaUI.exe [2006-08-08 21:02:19 593920] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "MSVideo8"= VfWWDM32.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\FlashGet\\flashget.exe"= "C:\\Program Files\\DNA\\btdna.exe"= "C:\\Program Files\\BitTorrent\\bittorrent.exe"= "C:\\Program Files\\World of Warcraft\\WoW-1.12.0-enUS-downloader.exe"= "C:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe"= "C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\English\\setup.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= R0 O2MDRDR;O2MDRDR;C:\WINDOWS\system32\DRIVERS\o2media.sys [2006-02-27 09:00] R0 O2SDRDR;O2SDRDR;C:\WINDOWS\system32\DRIVERS\o2sd.sys [2006-06-21 11:09] R2 NishService;SCM Driver Daemon;C:\Program Files\System Control Manager\edd.exe [2006-03-22 11:07] R2 UxTuneUp;TuneUp Thema-uitbreiding;C:\WINDOWS\System32\svchost.exe [2004-08-03 22:00] R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 13:28] R3 MGHwCtrl;MGHwCtrl;C:\WINDOWS\system32\drivers\MGHwCtrl.sys [2006-07-03 10:31] S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-05-03 20:36] S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-04-02 19:03] S3 UfasoftSnifDriver4;Ufasoft Snif Driver v4;C:\Program Files\Ufasoft\Sniffer\usft_sn4.sys [2008-01-17 05:22] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhoud van de 'Gedeelde Taken' map "2008-04-04 20:01:15 C:\WINDOWS\Tasks\1-Click Maintenance.job" - C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe "2008-04-04 19:14:05 C:\WINDOWS\Tasks\Controleren op updates voor Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-04 22:05:39 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2008-04-04 22:07:17 ComboFix-quarantined-files.txt 2008-04-04 20:07:12 ComboFix2.txt 2008-04-04 16:49:37 Pre-Run: 67,384,758,272 bytes beschikbaar Post-Run: 67,394,953,216 bytes beschikbaar . 2008-03-22 13:26:51 --- E O F --- voila , voorlopig geen meldinge gekregen maar khou men hart vast nogmaals becankt voo je tyd en inspaningen !

combofix : ComboFix 08-04-03.5 - kevin deswarte 2008-04-04 18:11:00.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.235 [GMT 2:00] Gestart vanuit: C:\Documents and Settings\kevin deswarte\Bureaublad\ComboFix.exe * Nieuw herstelpunt werd aangemaakt WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . (((((((((((((((((((( Bestanden Gemaakt van 2008-03-04 to 2008-04-04 )))))))))))))))))))))))))))))) . 2008-04-04 18:25 . 2008-04-04 18:25 6,736 --a------ C:\WINDOWS\system32\drivers\PROCEXP90.SYS 2008-04-04 16:07 . 2008-04-04 16:08 <DIR> d-------- C:\Program Files\querta 2008-04-03 20:53 . 2008-04-03 20:53 <DIR> d-------- C:\WINDOWS\ERUNT 2008-04-03 20:49 . 2006-07-27 15:58 <DIR> d--h----- C:\Documents and Settings\Administrator\Sjablonen 2008-04-03 20:49 . 2008-04-03 20:52 <DIR> dr-h----- C:\Documents and Settings\Administrator\Onlangs geopend 2008-04-03 20:49 . 2006-07-27 17:53 <DIR> d--h----- C:\Documents and Settings\Administrator\Netwerkprinteromgeving 2008-04-03 20:49 . 2006-07-27 16:05 <DIR> dr------- C:\Documents and Settings\Administrator\Mijn documenten 2008-04-03 20:49 . 2006-07-27 17:53 <DIR> dr------- C:\Documents and Settings\Administrator\Menu Start 2008-04-03 20:49 . 2006-07-27 16:05 <DIR> dr------- C:\Documents and Settings\Administrator\Favorieten 2008-04-03 20:49 . 2008-04-04 18:27 <DIR> d-------- C:\Documents and Settings\Administrator\Bureaublad 2008-04-03 20:49 . 2006-08-08 20:53 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Intel 2008-04-03 20:38 . 2008-04-03 21:02 <DIR> d-------- C:\SDFix 2008-04-03 13:34 . 2008-04-03 14:19 <DIR> d-------- C:\Program Files\a-squared Anti-Malware 2008-04-02 19:37 . 2008-04-02 19:37 <DIR> d-------- C:\Program Files\PC-Cleaner 2008-04-02 19:05 . 2008-02-27 13:15 28,416 --a------ C:\WINDOWS\system32\uxtuneup.dll 2008-04-02 19:03 . 2008-04-02 19:03 307,968 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe 2008-04-01 20:11 . 2008-04-01 20:11 90,112 --a------ C:\WINDOWS\system32\kxcdansr.exe 2008-04-01 20:03 . 2008-04-01 20:03 91,700 --a------ C:\WINDOWS\system32\drivers\klin.dat 2008-04-01 20:03 . 2008-04-01 20:03 85,860 --a------ C:\WINDOWS\system32\drivers\klick.dat 2008-04-01 20:01 . 2008-04-01 20:01 <DIR> d-------- C:\Program Files\Kaspersky Lab 2008-04-01 20:01 . 2008-04-04 14:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-04-01 20:01 . 2008-04-04 18:47 3,471,136 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-04-01 20:01 . 2008-04-03 21:29 119,072 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-04-01 20:01 . 2008-04-03 21:29 42,236 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-04-01 20:01 . 2008-04-03 21:29 4,076 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2008-04-01 19:59 . 2008-04-01 19:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-04-01 18:54 . 2008-04-01 18:54 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\Malwarebytes 2008-04-01 18:54 . 2008-04-01 18:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-04-01 17:50 . 2008-04-01 17:50 <DIR> d-------- C:\Program Files\Enigma Software Group 2008-04-01 16:31 . 2008-04-01 16:31 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\Ufasoft 2008-04-01 14:04 . 2008-04-01 14:06 <DIR> d-------- C:\Program Files\SUPERAntiSpyware 2008-04-01 14:04 . 2008-04-01 14:04 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\SUPERAntiSpyware.com 2008-04-01 14:04 . 2008-04-01 14:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2008-03-31 21:39 . 2008-04-01 13:56 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-03-31 15:08 . 2008-03-31 15:08 <DIR> d-------- C:\Program Files\Ufasoft 2008-03-31 15:01 . 2008-03-31 15:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\vonuzsbi 2008-03-31 15:01 . 2008-03-31 15:01 90,112 --a------ C:\WINDOWS\system32\tifyxefm.exe 2008-03-29 12:55 . 2008-03-29 12:55 <DIR> d--h----- C:\WINDOWS\PIF 2008-03-28 22:15 . 2008-03-29 19:45 <DIR> d-------- C:\Program Files\World of Warcraft 2008-03-28 22:05 . 2008-03-28 22:05 <DIR> d-------- C:\Program Files\WinISO 2008-03-28 21:27 . 2008-03-28 21:27 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\DAEMON Tools Pro 2008-03-28 21:27 . 2008-03-28 21:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro 2008-03-28 21:21 . 2008-03-28 21:31 <DIR> d-------- C:\Program Files\DAEMON Tools Pro 2008-03-28 21:15 . 2008-03-28 21:15 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2008-03-28 20:23 . 2008-03-28 22:15 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment 2008-03-28 20:20 . 2008-03-29 18:55 145 --a------ C:\WINDOWS\wowCP.ini 2008-03-24 18:01 . 2008-03-24 18:01 552 --a------ C:\WINDOWS\system32\d3d8caps.dat 2008-03-24 16:13 . 2008-04-04 15:15 116 --a------ C:\WINDOWS\NeroDigital.ini 2008-03-24 15:27 . 2008-03-24 17:16 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\Ahead 2008-03-24 15:25 . 2008-03-24 15:25 <DIR> d-------- C:\Program Files\Nero 2008-03-24 15:25 . 2008-03-24 15:28 <DIR> d-------- C:\Program Files\Common Files\Ahead 2008-03-24 15:25 . 2008-03-24 15:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero 2008-03-24 00:07 . 2008-03-24 00:07 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\DivX 2008-03-24 00:06 . 2008-03-24 00:06 <DIR> d-------- C:\Program Files\DivX 2008-03-23 11:16 . 2008-03-23 11:16 <DIR> d-------- C:\Program Files\TopDesk 2008-03-23 11:05 . 2008-03-23 11:06 <DIR> d-------- C:\Documents and Settings\kevin deswarte.LAPTOP\Application Data\BitTorrent 2008-03-23 11:01 . 2008-03-23 11:07 <DIR> d-------- C:\Documents and Settings\kevin deswarte.LAPTOP\Sjablonen 2008-03-23 11:01 . 2008-03-23 11:07 <DIR> d-------- C:\Documents and Settings\kevin deswarte.LAPTOP\Favorieten 2008-03-23 11:01 . 2006-08-08 20:53 <DIR> d-------- C:\Documents and Settings\kevin deswarte.LAPTOP\Application Data\Intel 2008-03-23 10:59 . 2008-03-23 10:59 3,072,054 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp 2008-03-23 10:56 . 2008-03-23 11:08 <DIR> d-------- C:\WINDOWS\BricoPacks 2008-03-22 21:09 . 2008-04-02 19:03 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008 2008-03-22 21:09 . 2008-03-22 21:09 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\TuneUp Software 2008-03-22 21:09 . 2008-03-22 21:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2008-03-22 21:07 . 2008-04-01 14:03 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-03-22 20:07 . 2008-03-22 20:07 <DIR> d-------- C:\Program Files\DNA 2008-03-22 20:07 . 2008-03-22 20:07 <DIR> d-------- C:\Program Files\BitTorrent 2008-03-22 20:07 . 2008-04-04 18:44 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\DNA 2008-03-22 20:07 . 2008-04-04 14:51 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\BitTorrent 2008-03-21 23:22 . 2008-03-21 23:22 <DIR> d-------- C:\Program Files\MSXML 4.0 2008-03-21 21:12 . 2008-03-21 21:12 <DIR> d-------- C:\Program Files\Alwil Software 2008-03-21 21:12 . 2003-03-18 22:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2008-03-21 21:09 . 2008-03-21 21:09 <DIR> d-------- C:\Program Files\Common Files\Adobe 2008-03-21 21:02 . 2008-03-21 21:02 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\AdobeUM 2008-03-21 15:36 . 2008-03-21 16:02 <DIR> d-------- C:\Program Files\Conquer 2.0 2008-03-21 15:36 . 2008-03-21 15:36 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\InstallShield 2008-03-21 14:50 . 2007-07-30 20:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-03-21 14:50 . 2007-07-30 20:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-03-21 14:50 . 2007-07-30 20:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-03-21 14:41 . 2008-04-01 19:57 <DIR> d-------- C:\Downloads 2008-03-21 14:37 . 2008-04-04 18:39 <DIR> d-------- C:\Program Files\FlashGet 2008-03-20 20:06 . 2008-03-20 20:08 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\DMCache 2008-03-20 20:03 . 2008-03-20 20:03 1,158 --a------ C:\WINDOWS\mozver.dat 2008-03-20 18:28 . 2008-03-20 18:28 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\3M 2008-03-20 18:11 . 2008-03-20 18:11 <DIR> d---s---- C:\Documents and Settings\kevin deswarte\UserData 2008-03-20 18:06 . 2008-03-20 18:06 0 --a------ C:\WINDOWS\nsreg.dat 2008-03-20 17:58 . 2008-03-20 17:58 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Contacts 2008-03-20 17:57 . 2006-11-29 14:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2008-03-20 17:56 . 2008-03-20 17:56 <DIR> d-------- C:\Program Files\Windows Live Toolbar 2008-03-20 17:53 . 2008-03-20 17:55 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-03-20 17:52 . 2008-03-22 15:26 <DIR> d-------- C:\Program Files\Windows Live 2008-03-20 17:52 . 2008-03-20 17:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-03-20 15:52 . 2006-07-27 15:58 <DIR> d--h----- C:\Documents and Settings\kevin deswarte\Sjablonen 2008-03-20 15:52 . 2008-04-04 17:16 <DIR> dr-h----- C:\Documents and Settings\kevin deswarte\Onlangs geopend 2008-03-20 15:52 . 2006-07-27 17:53 <DIR> d--h----- C:\Documents and Settings\kevin deswarte\Netwerkprinteromgeving 2008-03-20 15:52 . 2008-04-03 21:06 <DIR> dr------- C:\Documents and Settings\kevin deswarte\Mijn documenten 2008-03-20 15:52 . 2006-07-27 17:53 <DIR> dr------- C:\Documents and Settings\kevin deswarte\Menu Start 2008-03-20 15:52 . 2008-03-26 23:49 <DIR> dr------- C:\Documents and Settings\kevin deswarte\Favorieten 2008-03-20 15:52 . 2008-04-04 18:27 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Bureaublad 2008-03-20 15:52 . 2006-08-08 20:53 <DIR> d-------- C:\Documents and Settings\kevin deswarte\Application Data\Intel . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-21 13:36 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-08 16:37 219,664 ----a-w C:\WINDOWS\system32\klogon.dll 2008-02-08 16:35 23,604 ----a-w C:\WINDOWS\system32\drivers\klopp.dat 2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184] "BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-03-26 16:42 288576] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 20:04 139264] "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 15:08 136136] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-04-01 14:07 1470464] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-02-07 02:39 94208] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-02-07 02:36 77824] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-02-07 02:40 118784] "RTHDCPL"="RTHDCPL.EXE" [2006-06-13 14:05 16239616 C:\WINDOWS\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe] "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-04-14 11:51 667718] "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-04-14 11:52 602182] "EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [2006-04-14 11:56 569413] "AGRSMMSG"="AGRSMMSG.exe" [2005-09-09 05:20 88203 C:\WINDOWS\AGRSMMSG.exe] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-03 22:00 110592 C:\WINDOWS\system32\bthprops.cpl] "tsnp2std"="C:\WINDOWS\tsnp2std.exe" [2006-05-15 14:44 266240] "snp2std"="C:\WINDOWS\vsnp2std.exe" [2006-05-15 15:52 675840] "MGSysCtrl"="C:\Program Files\System Control Manager\MGSysCtrl.exe" [2006-08-03 15:24 178688] "LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2006-06-07 14:22 484352] "Flashget"="C:\Program Files\FlashGet\FlashGet.exe" [2007-06-29 13:44 1990704] "TopDesk"="C:\Program Files\TopDesk\topdesk.exe" [2006-03-01 19:03 201216] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2008-02-08 18:36 227856] "a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2008-01-07 17:56 1816208] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 22:00 15360] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696] Ralink Wireless Utility.lnk - C:\Program Files\RALINK\Common\RaUI.exe [2006-08-08 21:02:19 593920] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "MSVideo8"= VfWWDM32.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\FlashGet\\flashget.exe"= "C:\\Program Files\\DNA\\btdna.exe"= "C:\\Program Files\\BitTorrent\\bittorrent.exe"= "C:\\Program Files\\World of Warcraft\\WoW-1.12.0-enUS-downloader.exe"= "C:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe"= "C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\English\\setup.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= R0 O2MDRDR;O2MDRDR;C:\WINDOWS\system32\DRIVERS\o2media.sys [2006-02-27 09:00] R0 O2SDRDR;O2SDRDR;C:\WINDOWS\system32\DRIVERS\o2sd.sys [2006-06-21 11:09] R2 NishService;SCM Driver Daemon;C:\Program Files\System Control Manager\edd.exe [2006-03-22 11:07] R2 UxTuneUp;TuneUp Thema-uitbreiding;C:\WINDOWS\System32\svchost.exe [2004-08-03 22:00] R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 13:28] R3 MGHwCtrl;MGHwCtrl;C:\WINDOWS\system32\drivers\MGHwCtrl.sys [2006-07-03 10:31] R3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-04-02 19:03] S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-05-03 20:36] S3 UfasoftSnifDriver4;Ufasoft Snif Driver v4;C:\Program Files\Ufasoft\Sniffer\usft_sn4.sys [2008-01-17 05:22] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhoud van de 'Gedeelde Taken' map "2008-04-04 16:00:01 C:\WINDOWS\Tasks\1-Click Maintenance.job" - C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe "2008-04-04 16:14:03 C:\WINDOWS\Tasks\Controleren op updates voor Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... ************************************************************************** . Voltooingstijd: 2008-04-04 18:49:35 ComboFix-quarantined-files.txt 2008-04-04 16:48:37 Pre-Run: 66,071,535,616 bytes beschikbaar Post-Run: 66,042,667,008 bytes beschikbaar . 2008-03-22 13:26:51 --- E O F --- hjt : Logfile of HijackThis v1.99.1 Scan saved at 18:55:01, on 4/04/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\System Control Manager\edd.exe C:\WINDOWS\system32\o2flash.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\tsnp2std.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\Program Files\MSI\Live Update 3\LMonitor.exe C:\Program Files\FlashGet\FlashGet.exe C:\Program Files\TopDesk\topdesk.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\DNA\btdna.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\DAEMON Tools Pro\DTProAgent.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\RALINK\Common\RaUI.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\drwtsn32.exe C:\WINDOWS\system32\drwtsn32.exe C:\WINDOWS\system32\drwtsn32.exe C:\WINDOWS\System32\TuneUpDefragService.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min O4 - HKLM\..\Run: [TopDesk] C:\Program Files\TopDesk\topdesk.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O8 - Extra context menu item: &Ontvang alles met FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Ontvang met FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O14 - IERESET.INF: START_PAGE_URL=http://www.msi.com.tw O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe allesinds al bedeankt dat je wil helpen en voor je tyd mvg

SDFix: Version 1.165 Run by Administrator on do 03/04/2008 at 20:55 Microsoft Windows XP [versie 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-03 20:59:56 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000df01f436d] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000df0259ae5] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000df02d1bf4] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 "h0"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC] "p0"="C:\Program Files\DAEMON Tools Pro\" "h0"=dword:00000000 "hdf12"=hex:8c,47,28,8f,bf,fc,c8,74,aa,0f,55,16,46,82,ce,11,42,ec,49,31,b9,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001] "a0"=hex:20,01,00,00,e4,f4,68,60,bf,df,e0,d0,84,e2,6e,7d,d8,14,76,d6,aa,.. "hdf12"=hex:b2,08,28,f2,16,e3,58,79,1b,97,54,91,d2,03,8f,e5,8c,2f,0f,53,d8,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0] "hdf12"=hex:69,33,f3,3e,d1,d2,7a,fc,83,fd,c1,33,ba,b2,b5,14,1b,45,3a,ae,a4,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1] "hdf12"=hex:37,c5,a0,e4,e8,eb,cd,b1,4e,03,91,d1,5c,e0,23,8c,06,0b,e2,01,16,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002] "a0"=hex:20,01,00,00,cb,67,52,60,60,bc,7b,ec,47,42,ef,58,0c,da,5e,26,de,.. "hdf12"=hex:53,50,01,e1,9a,6a,44,2d,57,60,8a,8d,99,fe,67,1d,27,0e,22,a3,80,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0] "hdf12"=hex:40,a3,c6,3d,56,38,9a,59,c4,e1,10,a9,93,b8,2f,5e,14,99,02,08,95,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000df01f436d] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000df0259ae5] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000df02d1bf4] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC] "p0"="C:\Program Files\DAEMON Tools Pro\" "h0"=dword:00000000 "hdf12"=hex:8c,47,28,8f,bf,fc,c8,74,aa,0f,55,16,46,82,ce,11,42,ec,49,31,b9,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001] "a0"=hex:20,01,00,00,e4,f4,68,60,bf,df,e0,d0,84,e2,6e,7d,d8,14,76,d6,aa,.. "hdf12"=hex:b2,08,28,f2,16,e3,58,79,1b,97,54,91,d2,03,8f,e5,8c,2f,0f,53,d8,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0] "hdf12"=hex:69,33,f3,3e,d1,d2,7a,fc,83,fd,c1,33,ba,b2,b5,14,1b,45,3a,ae,a4,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1] "hdf12"=hex:37,c5,a0,e4,e8,eb,cd,b1,4e,03,91,d1,5c,e0,23,8c,06,0b,e2,01,16,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002] "a0"=hex:20,01,00,00,cb,67,52,60,60,bc,7b,ec,47,42,ef,58,0c,da,5e,26,de,.. "hdf12"=hex:53,50,01,e1,9a,6a,44,2d,57,60,8a,8d,99,fe,67,1d,27,0e,22,a3,80,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0] "hdf12"=hex:40,a3,c6,3d,56,38,9a,59,c4,e1,10,a9,93,b8,2f,5e,14,99,02,08,95,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 84 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\FlashGet\\flashget.exe"="C:\\Program Files\\FlashGet\\flashget.exe:*:Enabled:Flashget" "C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA" "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent" "C:\\Program Files\\World of Warcraft\\WoW-1.12.0-enUS-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-1.12.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader" "C:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe:*:Enabled:Blizzard Downloader" "C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\English\\setup.exe"="C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\English\\setup.exe:*:Enabled:Kaspersky Anti-Virus 7.0 Setup" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes : Fri 21 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BITDD.tmp" Finished!

Logfile of HijackThis v1.99.1 Scan saved at 20:03:14, on 3/04/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\System Control Manager\edd.exe C:\WINDOWS\system32\o2flash.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\All Users\Application Data\vonuzsbi\zabebybi.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\tsnp2std.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\Program Files\MSI\Live Update 3\LMonitor.exe C:\Program Files\FlashGet\FlashGet.exe C:\Program Files\TopDesk\topdesk.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\DNA\btdna.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\DAEMON Tools Pro\DTProAgent.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\system32\kxcdansr.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\RALINK\Common\RaUI.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\TuneUp Utilities 2008\Integrator.exe C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe C:\Program Files\TuneUp Utilities 2008\WinStyler.exe C:\Program Files\WinRAR\WinRAR.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSI -- MICRO-STAR INT'L CO.,LTD. R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = MSI -- MICRO-STAR INT'L CO.,LTD. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min O4 - HKLM\..\Run: [TopDesk] C:\Program Files\TopDesk\topdesk.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [zdausejt] C:\WINDOWS\system32\kxcdansr.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O8 - Extra context menu item: &Ontvang alles met FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Ontvang met FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O14 - IERESET.INF: START_PAGE_URL=http://www.msi.com.tw O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

hallo , ik zit al paar dagen met ik denk deze trojan ? "antispyware reviews.biz" kheb al hopeloos gezocht op internet en niets gevonde dat me kan helpen. Of er zijn programmas , maar die zijn dan weer betalend ... Is de enige optie dan formateren ? ik heb als anti virus kaspersky 7.0 , eigenaardig genoeg vint die niks en het probleem blijft . Als antis spyware heb ik super antispyware maar dit helpt ook niet . Tot slot heb ik a squared anti male geinstaleerd maar dit helpt dan ook weer niet , ben ten einde raad kan iemand helpe ?