xxharesxx

Hallo iedereen, ik heb weer een nieuwe site namelijk: http://www.hsproductions.co.cc maar ik wil er een ad op plaatsen, ik gebruik SMF 2.0 RC1-1 zoals je kan zien op de afbeelding in de bijlage wil ik het op die plek hebben. dit is de code: <!-- Begin: AdBrite, Generated: 2009-07-03 11:41:45 --> <script type="text/javascript"> var AdBrite_Title_Color = 'CC0000'; var AdBrite_Text_Color = 'CC0000'; var AdBrite_Background_Color = 'CCCCCC'; var AdBrite_Border_Color = 'CCCCCC'; var AdBrite_URL_Color = '008000'; try{var AdBrite_Iframe=window.top!=window.self?2:1;var AdBrite_Referrer=document.referrer==''?document.location:document.referrer;AdBrite_Referrer=encodeURIComponent(AdBrite_Referrer);}catch(e){var AdBrite_Iframe='';var AdBrite_Referrer='';} </script> <span style="white-space:nowrap;"><script type="text/javascript">document.write(String.fromCharCode(60,83,67,82,73,80,84));document.write(' src="http://ads.adbrite.com/mb/text_group.php?sid=1232518&zs=3732385f3930&ifr='+AdBrite_Iframe+'&ref='+AdBrite_Referrer+'" type="text/javascript">');document.write(String.fromCharCode(60,47,83,67,82,73,80,84,62));</script> <a target="_top" href="http://www.adbrite.com/mb/commerce/purchase_form.php?opid=1232518&afsid=1"><img src="http://files.adbrite.com/mb/images/adbrite-your-ad-here-leaderboard.gif" style="background-color:#CCCCCC;border:none;padding:0;margin:0;" alt="Your Ad Here" width="14" height="90" border="0" /></a></span> <!-- End: AdBrite --> weten jullie waar ik deze code moet plaatsen?

aah, nu heeft ie het gevonden: c:\1386 mag ik het gewoon verwijderen?

Dat weet ik niet, daarom kan ik het niet verwijderen

Ik ben momenteel helemaal niks aan het doen, misschien java verwijderen en terug opnieuw instaleren?

Als ik het uitschakel via taakbeheer dan komt het terug als ik mijn computer opnieuw opstart, hoe kan ik zien welke programma's gebruik maken van javaw.exe?

De snelheid is beter, maar elke keer als ik mijn computer opstart dan is er een proces genaamd javaw.exe en dat gebruikt 50% of meer van mijn cpu, door dat wordt mijn computer heel traag en elke keer moet ik dan handmatig dat proces beëindigen, kan ik javaw.exe niet verwijderen?

Malwarebytes' Anti-Malware 1.38 Database versie: 2379 Windows 5.1.2600 Service Pack 2 6/07/2009 9:51:14 mbam-log-2009-07-06 (09-51-14).txt Scan type: Snelle Scan Objecten gescand: 126966 Verstreken tijd: 12 minute(s), 25 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 101 Registerwaarden geïnfecteerd: 2 Registerdata bestanden geïnfecteerd: 3 Mappen geïnfecteerd: 3 Bestanden geïnfecteerd: 4 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_CLASSES_ROOT\csetup.setup (Spyware.Marketscore) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\csetup.setup.1 (Spyware.Marketscore) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2e4a92ab-f2c0-456a-9935-b715439790d7} (Spyware.Marketscore) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2e4a92ab-f2c0-456a-9935-b715439790d7} (Spyware.Marketscore) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2e4a92ab-f2c0-456a-9935-b715439790d7} (Spyware.Marketscore) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCONSOL.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVP32.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapsvc.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapw32.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVNT.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navw32.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVWNT.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCAN32.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ZONEALARM.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\filemon.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpost.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regmon.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapro.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoruns.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrssvc.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.com (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVDX.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVStart.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32X.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPF.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OllyDBG.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regtool.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\niu.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\A2SERVICE.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGNT.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGUARD.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVSCAN.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdAgent.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CASecurityCENTER.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EKRN.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FAMEH32.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FPAVSERVER.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FPWIN.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FSAV32.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FSGK32ST.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FSMA32.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsserv.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drwadins.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drwebupw.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GFRing3.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ArcaCheck.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\arcavir.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashEnhcd.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashServ.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashUpd.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswUpdSv.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avadmin.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcls.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconfig.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avz.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avz4.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avz_se.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdinit.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\caav.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\caavguiscan.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccupdate.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfp.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfpupdat.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmdAgent.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DRWEB32.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fpscan.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardgui.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardxservice.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardxup.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navigator.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVSTUB.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Nvcc.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\preupd.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pskdr.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SfFnUp.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Vba32arkit.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vba32ldr.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Zanda.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Zlh.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zoneband.dll (Security.Hijack) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\anti-leech alnn (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Illysoft (Rogue.SpyNoMore) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Illysoft (Rogue.SpyNoMore) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\D (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\D.1 (Trojan.Agent) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\XML2u (Spyware.OnlineGames) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\w32id (Spyware.OnlineGames) -> Quarantined and deleted successfully. Registerdata bestanden geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Mappen geïnfecteerd: c:\program files\Anti-Leech (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. c:\program files\anti-leech\ALIE_1.0.2.3 (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. c:\program files\anti-leech\ALNN (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: c:\program files\anti-leech\ALNN\alhlp.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. c:\program files\anti-leech\ALNN\npalnn.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. c:\program files\anti-leech\ALNN\setup2.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully. c:\program files\KB41189.exe (Trojan.Agent) -> Quarantined and deleted successfully. Hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:52:32 , on 6/07/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\SYMANT~1\VPTray.exe C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\NCLAUNCH.EXe C:\Program Files\LClock\lclock.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ViStart\ViStart.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\VoipBusterPro.com\VoipBusterPro\VoipBusterPro.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\Notepad.exe C:\Program Files\Trend Micro\Hijack\Hijack.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = Internet Explorer 8: Home page R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Babylon - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - C:\Program Files\Babylon\Babylon Toolbar\BabylonIEToolBar.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513 O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [sSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot O4 - HKLM\..\Run: [DNS7reminder] "F:\Program Files\Nuance\NaturallySpeaking9\Program\ereg.exe" -r "F:\Program Files\Nuance\NaturallySpeaking9\Program\ereg.ini" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe O4 - HKCU\..\Run: [LClock] C:\\Program Files\\LClock\\lclock.exe O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [VoipBusterPro] "C:\Program Files\VoipBusterPro.com\VoipBusterPro\VoipBusterPro.exe" -nosplash -minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Snelkoppeling naar Multiclicker-win.lnk = C:\Documents and Settings\Hares\Mijn documenten\multyclicker\Multiclicker\Multiclicker\Multiclicker-win.exe O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Add to Windows &Live Favorites - Sign In O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab50997.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://powersoccer.spel.nl/applet/PowerLoader.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://funkyariana.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1181747713078 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://funkyariana.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab50997.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextnl.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Futuremark SystemInfo) - http://gameadvisor.futuremark.com/global/msc3121.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe O16 - DPF: {DA80E089-4648-43D5-93B4-7F37917084E6} (CacheManager.CacheManagerCtrl) - http://www.candystand.com/assets/activex/virtools/CacheManager.CAB O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://www.worldwinner.com/games/v53/h2hpool/h2hpool.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Password Validation ccPwdSvcJavaQuickStarterService (ccPwdSvcJavaQuickStarterService) - Unknown owner - C:\WINDOWS\system32\acctresg.exe (file missing) O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe -- End of file - 17681 bytes maar als ik op die wusfix klik dan komt er iets van cmd en na 2 seconden sluit het programma.

Je moet minimum internet explorer 6.0 hebben, heb je dat?

Hallo iedereen, deze keer is het niet mijn laptop die traag is maar mijn desktop dus willen jullie het even nakijken? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:31:57 , on 5/07/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\SYMANT~1\VPTray.exe C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\NCLAUNCH.EXe C:\Program Files\LClock\lclock.exe C:\Program Files\VoipBusterPro.com\VoipBusterPro\VoipBusterPro.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\sys\svchost.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\Hijack\Hijack.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = Internet Explorer 8: Home page R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: D - {6A2982A1-A259-3DB5-9F9F-1A7BE4DADB12} - C:\WINDOWS\system32\hq70013.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Babylon - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - C:\Program Files\Babylon\Babylon Toolbar\BabylonIEToolBar.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513 O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [PromoReg] C:\WINDOWS\Temp\wpv711242765100.exe O4 - HKLM\..\Run: [sSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot O4 - HKLM\..\Run: [DNS7reminder] "F:\Program Files\Nuance\NaturallySpeaking9\Program\ereg.exe" -r "F:\Program Files\Nuance\NaturallySpeaking9\Program\ereg.ini" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe O4 - HKCU\..\Run: [LClock] C:\\Program Files\\LClock\\lclock.exe O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [VoipBusterPro] "C:\Program Files\VoipBusterPro.com\VoipBusterPro\VoipBusterPro.exe" -nosplash -minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [svchost.exe] C:\WINDOWS\system32\sys\svchost.exe O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Snelkoppeling naar Multiclicker-win.lnk = C:\Documents and Settings\Hares\Mijn documenten\multyclicker\Multiclicker\Multiclicker\Multiclicker-win.exe O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Add to Windows &Live Favorites - Sign In O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Invul Formulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab50997.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {2E4A92AB-F2C0-456A-9935-B715439790D7} (Setup Class) - https://nl.permissionresearch.com/Config/CSetup_hooking_xp.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://powersoccer.spel.nl/applet/PowerLoader.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://funkyariana.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1181747713078 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://funkyariana.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab50997.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextnl.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Futuremark SystemInfo) - http://gameadvisor.futuremark.com/global/msc3121.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe O16 - DPF: {DA80E089-4648-43D5-93B4-7F37917084E6} (CacheManager.CacheManagerCtrl) - http://www.candystand.com/assets/activex/virtools/CacheManager.CAB O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://www.worldwinner.com/games/v53/h2hpool/h2hpool.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: Intelligente achtergrondsoverdrachtservice (BITS) - Unknown owner - C:\WINDOWS\ O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Password Validation ccPwdSvcJavaQuickStarterService (ccPwdSvcJavaQuickStarterService) - Unknown owner - C:\WINDOWS\system32\acctresg.exe (file missing) O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe O23 - Service: Automatische updates (wuauserv) - Unknown owner - C:\WINDOWS\ -- End of file - 17983 bytes

ok, nu is het dan wel opgelost

ja, na combofix is mijn computer heel wat sneller.

ComboFix 09-06-20.04 - Naim 21/06/2009 21:41.1 - NTFSx86 Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.32.1043.18.1015.454 [GMT 2:00] Gestart vanuit: c:\users\Naim\Desktop\ComboFix.exe AV: McAfee VirusScan Enterprise *On-access scanning disabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-1009998532-2736973582-4241982089-500 c:\$recycle.bin\S-1-5-21-2352982932-2050357921-82330296-500 c:\$recycle.bin\S-1-5-21-2365545147-1999384947-2466353664-500 c:\$recycle.bin\S-1-5-21-1009998532-2736973582-4241982089-500\desktop.ini c:\$recycle.bin\S-1-5-21-2352982932-2050357921-82330296-500\desktop.ini c:\$recycle.bin\S-1-5-21-2365545147-1999384947-2466353664-500\desktop.ini F:\Autorun.inf F:\Desktop.ini . (((((((((((((((((((( Bestanden Gemaakt van 2009-05-21 to 2009-06-21 )))))))))))))))))))))))))))))) . 2009-06-21 09:31 . 2009-06-21 09:31 -------- d-----w- c:\program files\CodeStuff 2009-06-21 09:13 . 2009-06-21 09:13 -------- d-----w- c:\users\Naim\AppData\Roaming\Malwarebytes 2009-06-21 09:13 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-21 09:13 . 2009-06-21 09:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-21 09:13 . 2009-06-21 09:13 -------- d-----w- c:\programdata\Malwarebytes 2009-06-21 09:13 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-20 11:36 . 2009-06-20 11:36 -------- d-----w- c:\program files\Trend Micro 2009-06-13 08:13 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys 2009-06-13 08:12 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll 2009-06-13 08:12 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll 2009-06-06 21:16 . 2009-06-06 21:16 -------- d-----w- c:\programdata\WindowsSearch . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-21 10:00 . 2006-11-21 16:26 12 ----a-w- c:\windows\bthservsdp.dat 2009-06-02 18:14 . 2006-11-02 16:07 677010 ----a-w- c:\windows\system32\perfh013.dat 2009-06-02 18:14 . 2006-11-02 16:07 131474 ----a-w- c:\windows\system32\perfc013.dat 2009-05-16 13:52 . 2009-05-16 13:52 -------- d-----w- c:\program files\The KMPlayer 2009-05-16 12:31 . 2008-06-09 14:50 2855 ----a-w- c:\users\Naim\AppData\Roaming\Microsoft\Windows\Recent\Comfy Cakes.pif 2009-05-15 17:03 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-04-24 16:05 . 2009-06-13 08:05 827904 ----a-w- c:\windows\system32\wininet.dll 2009-04-24 16:02 . 2009-06-13 08:05 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-04-24 13:44 . 2009-06-13 08:05 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-04-09 17:14 . 2009-04-09 17:14 390664 ----a-w- c:\users\Naim\AppData\Roaming\Real\RealPlayer\Update\RealPlayer11.exe 2009-04-09 17:14 . 2009-04-09 17:14 390664 ----a-w- c:\users\Naim\AppData\Roaming\Real\Update\temp\~Upg0\RealPlayer11.exe 2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll 2007-11-07 14:56 . 2007-11-07 14:54 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-12 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-12 154136] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-12 129560] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776] "WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128] "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-06-05 71176] "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-05-07 159744] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152] "ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2006-11-30 112216] "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2006-11-17 136768] "KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2007-03-06 212992] "MSConfig"="c:\windows\system32\msconfig.exe" [2008-01-19 227840] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\DVD Check.lnk backup=c:\windows\pss\DVD Check.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WhiteSmoke.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WhiteSmoke.lnk backup=c:\windows\pss\WhiteSmoke.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{059E562E-3D46-4DE6-AF66-ECE0B7EA38AB}"= UDP:c:\program files\McAfee\Common Framework\FrameworkService.exe:McAfee Framework Service "{93488CCE-378C-46BD-861C-A35084F170B7}"= TCP:c:\program files\McAfee\Common Framework\FrameworkService.exe:McAfee Framework Service "TCP Query User{6CD8546D-C83B-4C01-844B-62BF5EA73D99}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{9BB7077D-81C8-4404-83AD-1D956394A44E}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "{A67973D2-D201-4D42-BC0E-764E3B696DED}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{325B8E6F-D795-4105-A86D-96836AF13018}c:\\users\\naim\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= UDP:c:\users\naim\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe "UDP Query User{852EB4E0-8614-480C-94F1-DB59EC5C4969}c:\\users\\naim\\appdata\\locallow\\powerchallenge\\powersoccer\\powersoccer.exe"= TCP:c:\users\naim\appdata\locallow\powerchallenge\powersoccer\powersoccer.exe:powersoccer.exe "TCP Query User{14F6D4C7-3105-4992-9EF9-EE6438BC6503}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent "UDP Query User{CF91354E-0C29-4D33-A698-4A38D9026DDC}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent "TCP Query User{062EF694-0015-4720-B429-47A1D6BC8438}d:\\d-link.exe"= UDP:D:\d-link.exe:Setup Wizard Template "UDP Query User{804C53EA-8824-45EB-AA61-1F1C7113AC00}d:\\d-link.exe"= TCP:D:\d-link.exe:Setup Wizard Template "TCP Query User{61EED6F2-6021-4B82-A145-947CF846E85F}d:\\bin\\ia\\core\\mdm_util.exe"= UDP:d:\bin\ia\core\mdm_util.exe:MDM_Util "UDP Query User{F734E301-8076-4685-8B69-461435CD414D}d:\\bin\\ia\\core\\mdm_util.exe"= TCP:d:\bin\ia\core\mdm_util.exe:MDM_Util "{BD1A06A3-69DB-4528-986E-92FFDCBBC7BE}"= c:\program files\Skype\Phone\Skype.exe:Skype R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [5/04/2007 10:29 208896] S2 gupdate1c9b877fae1e8d0;Google Updateservice (gupdate1c9b877fae1e8d0);c:\program files\Google\Update\GoogleUpdate.exe [8/04/2009 20:29 133104] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [2/11/2006 12:25 167936] S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\System32\drivers\netr28u.sys [15/11/2008 21:40 552448] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ . Inhoud van de 'Gedeelde Taken' map 2009-06-21 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-08 18:29] 2009-06-20 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] 2009-06-21 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=74&bd=smb&pf=laptop IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} - hxxp://www.powerchallenge.com/applet/PowerLoader.cab FF - ProfilePath - c:\users\Naim\AppData\Roaming\Mozilla\Firefox\Profiles\31ka9bia.default\ FF - prefs.js: browser.startup.homepage - hxxp://be.msn.com/default.aspx/?lang=nl-be FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-06-21 21:48 Windows 6.0.6001 Service Pack 1 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2009-06-21 21:49 ComboFix-quarantined-files.txt 2009-06-21 19:49 Pre-Run: 51.347.939.328 bytes beschikbaar Post-Run: 51.527.725.056 bytes beschikbaar 144 --- E O F --- 2009-06-21 09:06

Malwarebytes' Anti-Malware 1.38 Database versie: 2318 Windows 6.0.6001 Service Pack 1 21/06/2009 11:24:08 mbam-log-2009-06-21 (11-24-08).txt Scan type: Snelle Scan Objecten gescand: 77805 Verstreken tijd: 9 minute(s), 13 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 1 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) HJT: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:25:47, on 21/06/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18248) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe C:\Program Files\McAfee\Common Framework\UdaterUI.exe C:\Program Files\Mouse Driver\StartAutorun.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Mouse Driver\KMConfig.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Mouse Driver\KMProcess.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\NOTEPAD.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = mijnAOL | HP voor kleine bedrijven R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = mijnAOL | HP voor kleine bedrijven R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://www.powerchallenge.com/applet/PowerLoader.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldnl-be.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://gameadvisor.futuremark.com/global/msc3121.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\system32\bgsvcgen.exe O23 - Service: Google Updateservice (gupdate1c9b877fae1e8d0) (gupdate1c9b877fae1e8d0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8993 bytes

hallo iedereen, willen jullie dit even nakijken? Mijn laptop begint heel traag te worden. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:37:47, on 20/06/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18226) Boot mode: Normal Running processes: C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe C:\Program Files\McAfee\Common Framework\UdaterUI.exe C:\Program Files\Mouse Driver\StartAutorun.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\MagicDisc\MagicDisc.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Mouse Driver\KMConfig.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\Program Files\Mouse Driver\KMProcess.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Windows\system32\conime.exe C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = mijnAOL | HP voor kleine bedrijven R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = mijnAOL | HP voor kleine bedrijven R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://www.powerchallenge.com/applet/PowerLoader.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldnl-be.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://gameadvisor.futuremark.com/global/msc3121.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\system32\bgsvcgen.exe O23 - Service: Google Updateservice (gupdate1c9b877fae1e8d0) (gupdate1c9b877fae1e8d0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9401 bytes

hallo iedereen, ik heb een avi bestand. resoluite ervan is 640-272 maar ik wil dit groter bv 640-400 weten jullie een programma dat dit kan doen?

nog steeds hetzelfde

in malware bits was niets gevonden combofix : ComboFix 09-05-02.4 - Sadaf 02.05.2009 12:22.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.511.104 [GMT 2:00] ausgeführt von:: c:\dokumente und einstellungen\Sadaf\Desktop\ComboFix.exe AV: G DATA InternetSecurity 2009 *On-access scanning disabled* (Updated) FW: G DATA Personal Firewall *enabled* * Neuer Wiederherstellungspunkt wurde erstellt . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . c:\dokumente und einstellungen\Habib\Lokale Einstellungen\Anwendungsdaten\qqkui.dat c:\dokumente und einstellungen\Habib\Lokale Einstellungen\Anwendungsdaten\qqkui_nav.dat c:\dokumente und einstellungen\Habib\Lokale Einstellungen\Anwendungsdaten\qqkui_navps.dat . ((((((((((((((((((((((( Dateien erstellt von 2009-04-02 bis 2009-05-02 )))))))))))))))))))))))))))))) . 2009-05-02 10:03 . 2009-05-02 10:03 -------- d-----w c:\dokumente und einstellungen\Sadaf\Anwendungsdaten\Malwarebytes 2009-05-02 10:03 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-05-02 10:03 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-05-02 10:03 . 2009-05-02 10:03 -------- d-----w c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes 2009-05-02 10:03 . 2009-05-02 10:03 -------- d-----w c:\programme\Malwarebytes' Anti-Malware 2009-05-02 09:01 . 2009-05-02 09:01 -------- d-----w c:\dokumente und einstellungen\Sadaf\Lokale Einstellungen\Anwendungsdaten\NewSoft 2009-05-02 08:55 . 2009-05-02 08:55 -------- d-----w c:\dokumente und einstellungen\Sadaf\Lokale Einstellungen\Anwendungsdaten\Google 2009-05-02 08:53 . 2009-05-02 08:53 -------- d-----w c:\dokumente und einstellungen\Sadaf\Anwendungsdaten\OpenOffice.org 2009-05-01 22:36 . 2009-05-01 22:36 -------- d-----w c:\programme\Trend Micro 2009-05-01 22:31 . 2009-05-01 22:31 -------- d-----w c:\programme\CCleaner 2009-04-25 17:21 . 2009-04-25 17:21 -------- d-----w c:\programme\GpotatoEu 2009-04-13 15:29 . 2009-04-14 21:41 -------- d-----w C:\Perfect World Multilanguage Service 2009-04-13 15:25 . 2005-05-10 16:54 258352 ----a-w c:\windows\system32\unicows.dll 2009-04-08 14:28 . 2007-05-16 14:45 443752 ----a-w c:\windows\system32\d3dx10_34.dll 2009-04-08 14:27 . 2005-05-26 13:34 2297552 ----a-w c:\windows\system32\d3dx9_26.dll 2009-04-08 14:26 . 2009-04-08 14:26 -------- d-----w c:\windows\Logs 2009-04-07 10:10 . 2009-04-07 10:10 -------- d-----w C:\CrashReport 2009-04-06 17:37 . 2009-04-06 17:37 -------- d-----w C:\Netts 2009-04-06 16:32 . 2009-04-06 16:32 -------- d-----w c:\dokumente und einstellungen\Sadaf\Anwendungsdaten\ATI 2009-04-06 16:32 . 2009-04-06 16:32 -------- d-----w c:\dokumente und einstellungen\Sadaf\Lokale Einstellungen\Anwendungsdaten\ATI 2009-04-04 10:57 . 2009-04-04 10:57 -------- d-----w c:\windows\system32\AGEIA 2009-04-04 10:57 . 2009-04-04 10:57 -------- d-----w c:\programme\AGEIA Technologies 2009-04-04 10:57 . 2009-04-04 10:57 -------- d-----w c:\programme\Gemeinsame Dateien\Wise Installation Wizard 2009-04-04 10:56 . 2009-03-27 08:03 453152 ----a-w c:\windows\system32\nvudisp.exe 2009-04-04 08:30 . 2001-08-18 02:53 8192 -c--a-w c:\windows\system32\dllcache\kbdkor.dll 2009-04-04 08:30 . 2001-08-18 02:53 8192 ----a-w c:\windows\system32\kbdkor.dll 2009-04-04 08:30 . 2001-08-18 02:53 8704 -c--a-w c:\windows\system32\dllcache\kbdjpn.dll 2009-04-04 08:30 . 2001-08-18 02:53 8704 ----a-w c:\windows\system32\kbdjpn.dll 2009-04-04 08:30 . 2001-08-17 12:55 5632 -c--a-w c:\windows\system32\dllcache\kbd103.dll 2009-04-04 08:30 . 2001-08-17 12:55 5632 ----a-w c:\windows\system32\kbd103.dll 2009-04-04 08:30 . 2001-08-17 12:55 6144 -c--a-w c:\windows\system32\dllcache\kbd101c.dll 2009-04-04 08:30 . 2001-08-17 12:55 6144 ----a-w c:\windows\system32\kbd101c.dll 2009-04-04 08:30 . 2001-08-17 12:55 6144 -c--a-w c:\windows\system32\dllcache\kbd101b.dll 2009-04-04 08:30 . 2001-08-17 12:55 6144 ----a-w c:\windows\system32\kbd101b.dll 2009-04-04 08:30 . 2008-04-14 05:50 6144 -c--a-w c:\windows\system32\dllcache\kbd106.dll 2009-04-04 08:30 . 2008-04-14 05:50 6144 ----a-w c:\windows\system32\kbd106.dll . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-02 10:19 . 2009-03-01 13:48 6 ---ha-w c:\windows\Tasks\SA.DAT 2009-05-02 09:39 . 2009-03-22 10:40 872 ----a-w c:\windows\Tasks\GoogleUpdateTaskMachine.job 2009-05-01 13:00 . 2009-03-30 22:36 392 ----a-w c:\windows\Tasks\Norton Security Scan for Habib.job 2009-04-24 17:34 . 2009-03-22 10:39 -------- d-----w c:\programme\Google 2009-04-15 10:51 . 2008-04-14 12:00 405118 ----a-w c:\windows\system32\perfh007.dat 2009-04-15 10:51 . 2008-04-14 12:00 70580 ----a-w c:\windows\system32\perfc007.dat 2009-04-07 09:55 . 2009-03-04 19:10 -------- d--h--w c:\programme\InstallShield Installation Information 2009-04-04 10:58 . 2009-03-31 15:55 664 ----a-w c:\windows\system32\d3d9caps.dat 2009-04-04 08:11 . 2009-03-06 20:01 -------- d-----w c:\programme\Java 2009-04-03 15:49 . 2009-03-30 22:41 -------- d-----w c:\programme\Spyware Doctor 2009-03-30 23:16 . 2009-03-30 22:41 81288 ----a-w c:\windows\system32\drivers\iksyssec.sys 2009-03-30 23:16 . 2009-03-30 22:41 66952 ----a-w c:\windows\system32\drivers\iksysflt.sys 2009-03-30 23:16 . 2009-03-30 22:41 40840 ----a-w c:\windows\system32\drivers\ikfilesec.sys 2009-03-30 22:40 . 2009-03-30 22:40 -------- d-----r c:\programme\Skype 2009-03-30 22:39 . 2009-03-30 22:39 -------- d-----w c:\programme\Gemeinsame Dateien\xing shared 2009-03-30 22:39 . 2009-03-30 22:38 -------- d-----w c:\programme\Gemeinsame Dateien\Real 2009-03-30 22:38 . 2009-03-30 22:38 -------- d-----w c:\programme\Real 2009-03-30 22:36 . 2009-03-30 22:36 -------- d-----w c:\programme\Gemeinsame Dateien\Symantec Shared 2009-03-30 22:36 . 2009-03-30 22:36 -------- d-----w c:\programme\Norton Security Scan 2009-03-30 14:25 . 2009-03-30 14:25 17544 ----a-w c:\dokumente und einstellungen\Lailuma\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT 2009-03-27 06:14 . 2009-03-08 19:28 453152 ----a-w c:\windows\system32\NVUNINST.EXE 2009-03-26 04:12 . 2009-03-26 04:12 -------- d-----w c:\programme\ZyDAS Technology Corporation 2009-03-24 09:57 . 2009-03-23 10:39 17544 ----a-w c:\dokumente und einstellungen\Habib\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT 2009-03-24 09:16 . 2009-03-24 09:16 -------- d-----w c:\programme\Gameforge4D 2009-03-24 07:54 . 2009-03-04 19:10 -------- d-----w c:\programme\ATI Technologies 2009-03-23 11:00 . 2009-03-23 10:53 -------- d-----w c:\programme\Windows Live 2009-03-23 11:00 . 2009-03-23 11:00 -------- d-----w c:\programme\Microsoft Sync Framework 2009-03-23 10:56 . 2009-03-23 10:56 -------- d-----w c:\programme\Microsoft SQL Server Compact Edition 2009-03-23 10:54 . 2009-03-23 10:54 -------- d-----w c:\programme\Microsoft 2009-03-23 10:53 . 2009-03-23 10:53 -------- d-----w c:\programme\Windows Live SkyDrive 2009-03-23 10:39 . 2009-03-23 10:39 -------- d-----w c:\programme\Gemeinsame Dateien\Windows Live 2009-03-23 10:26 . 2009-03-23 10:19 -------- d-----w c:\programme\GrandBilliards 2009-03-23 10:20 . 2009-03-23 10:20 40 ----a-w c:\windows\system32\d3d9prs.dat 2009-03-22 10:01 . 2009-03-22 10:01 -------- d-----w c:\programme\OpenOffice.org 3 2009-03-17 02:05 . 2009-03-17 02:05 -------- d-----w c:\programme\Windows Media Connect 2 2009-03-17 01:38 . 2009-03-01 13:44 76487 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-03-16 12:18 . 2009-04-08 14:29 69448 ----a-w c:\windows\system32\XAPOFX1_3.dll 2009-03-16 12:18 . 2009-04-08 14:29 517448 ----a-w c:\windows\system32\XAudio2_4.dll 2009-03-16 12:18 . 2009-04-08 14:29 235352 ----a-w c:\windows\system32\xactengine3_4.dll 2009-03-16 12:18 . 2009-04-08 14:29 22360 ----a-w c:\windows\system32\X3DAudio1_6.dll 2009-03-09 13:27 . 2009-04-08 14:29 453456 ----a-w c:\windows\system32\d3dx10_41.dll 2009-03-09 13:27 . 2009-04-08 14:29 1846632 ----a-w c:\windows\system32\D3DCompiler_41.dll 2009-03-09 13:27 . 2009-04-08 14:29 4178264 ----a-w c:\windows\system32\D3DX9_41.dll 2009-03-09 03:19 . 2009-03-06 20:02 410984 ----a-w c:\windows\system32\deploytk.dll 2009-03-07 21:43 . 2009-03-07 21:42 -------- d-----w c:\programme\LimeWire 2009-03-07 20:41 . 2009-03-07 20:41 0 ----a-w c:\windows\nsreg.dat 2009-03-06 14:19 . 2008-04-14 12:00 286720 ----a-w c:\windows\system32\pdh.dll 2009-03-05 18:18 . 2009-03-01 14:07 68424 ----a-w c:\windows\system32\drivers\GRD.sys 2009-03-05 18:18 . 2009-03-01 13:57 51016 ----a-w c:\windows\system32\drivers\GDTdiIcpt.sys 2009-03-05 18:16 . 2009-03-01 13:57 48712 ----a-w c:\windows\system32\drivers\MiniIcpt.sys 2009-03-05 18:16 . 2009-03-01 13:57 32328 ----a-w c:\windows\system32\drivers\HookCentre.sys 2009-03-05 17:32 . 2009-03-05 17:32 -------- d-----w c:\programme\MSXML 4.0 2009-03-04 20:21 . 2009-03-04 20:21 -------- d-----w c:\programme\Gemeinsame Dateien\NewSoft 2009-03-04 20:21 . 2009-03-04 20:21 -------- d-----w c:\programme\NewSoft 2009-03-04 20:21 . 2009-03-04 19:10 -------- d-----w c:\programme\Gemeinsame Dateien\InstallShield 2009-03-04 20:15 . 2009-03-04 20:12 -------- d-----w c:\programme\Brother 2009-03-04 20:13 . 2009-03-04 20:13 50 ----a-w c:\windows\system32\bridf07a.dat 2009-03-04 20:11 . 2009-03-04 20:11 -------- d-----w c:\programme\Nuance 2009-03-04 20:10 . 2009-03-04 20:10 -------- d-----w c:\programme\Gemeinsame Dateien\ScanSoft Shared 2009-03-04 20:10 . 2009-03-04 20:10 -------- d-----w c:\programme\ScanSoft 2009-03-04 19:07 . 2009-03-04 19:07 -------- d-----w c:\programme\Intel 2009-03-03 00:03 . 2008-04-14 12:00 826368 ----a-w c:\windows\system32\wininet.dll 2009-03-01 13:57 . 2009-03-01 13:57 22272 ----a-w c:\windows\system32\drivers\GDNdisIc.sys 2009-03-01 13:44 . 2008-04-14 12:00 67 --sha-w c:\windows\Fonts\desktop.ini 2009-03-01 13:42 . 2009-03-01 13:42 21740 ----a-w c:\windows\system32\emptyregdb.dat 2009-02-20 16:49 . 2008-04-14 12:00 78336 ----a-w c:\windows\system32\ieencode.dll 2009-02-10 17:03 . 2008-04-14 07:30 2068352 ----a-w c:\windows\system32\ntkrnlpa.exe 2009-02-09 14:04 . 2008-04-14 12:00 1846912 ----a-w c:\windows\system32\win32k.sys 2009-02-09 11:21 . 2008-04-14 12:00 2191360 ----a-w c:\windows\system32\ntoskrnl.exe 2009-02-09 11:21 . 2008-04-14 12:00 111104 ----a-w c:\windows\system32\services.exe 2009-02-09 10:51 . 2008-04-14 12:00 736768 ----a-w c:\windows\system32\lsasrv.dll 2009-02-09 10:51 . 2008-04-14 12:00 401408 ----a-w c:\windows\system32\rpcss.dll 2009-02-09 10:51 . 2008-04-14 12:00 678400 ----a-w c:\windows\system32\advapi32.dll 2009-02-09 10:51 . 2008-04-14 12:00 740352 ----a-w c:\windows\system32\ntdll.dll 2009-02-06 18:46 . 2009-02-06 18:46 308600 ----a-w c:\windows\WLXPGSS.SCR 2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll 2009-02-06 10:39 . 2008-04-14 12:00 35328 ----a-w c:\windows\system32\sc.exe 2009-02-03 19:57 . 2008-04-14 12:00 56832 ----a-w c:\windows\system32\secur32.dll . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PPort11reminder"="c:\programme\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528] "TkBellExe"="c:\programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [2009-03-30 185632] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\dokumente und einstellungen\Habib\Startmen\Programme\Autostart\ OpenOffice.org 3.0.lnk - c:\programme\OpenOffice.org 3\program\quickstart.exe [2008-12-15 384000] [HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^ZDWLan Utility.lnk] path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\ZDWLan Utility.lnk backup=c:\windows\pss\ZDWLan Utility.lnkCommon Startup [HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Navid^Startmenü^Programme^Autostart^OpenOffice.org 3.0.lnk] path=c:\dokumente und einstellungen\Navid\Startmenü\Programme\Autostart\OpenOffice.org 3.0.lnk backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Programme\\LimeWire\\LimeWire.exe"= "c:\\Programme\\Messenger\\msmsgs.exe"= "c:\\Programme\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programme\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Programme\\GpotatoEu\\Flyff\\Flyff.exe"= "c:\\Programme\\Skype\\Phone\\Skype.exe"= R2 gupdate1c9aadaad29d684;Google Update Service (gupdate1c9aadaad29d684);c:\programme\Google\Update\GoogleUpdate.exe [2009-03-22 133104] R3 sdAuxService;PC Tools Auxiliary Service;c:\programme\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920] S0 GDNdisIc;GDNdisIc;c:\windows\system32\drivers\GDNdisIc.sys [2009-03-01 22272] S1 GRD;G DATA Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2009-03-05 68424] S2 AVKProxy;G DATA AntiVirus Proxy;c:\programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe [2008-10-29 1089608] S2 AVKService;G DATA Scheduler;c:\programme\G DATA\InternetSecurity\AVK\AVKService.exe [2008-08-19 386120] S2 AVKWCtl;AntiVirus Wächter;c:\programme\G DATA\InternetSecurity\AVK\AVKWCtl.exe [2008-09-08 1185496] S2 GDTdiInterceptor;GDTdiInterceptor;c:\windows\system32\drivers\GDTdiIcpt.sys [2009-03-05 51016] S2 NwSapAgent;SAP-Agent;c:\windows\system32\svchost.exe [2008-04-14 14336] S2 SeaPort;SeaPort;c:\programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] S3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [2005-05-12 1287296] S3 GDFwSvc;G DATA Personal Firewall;c:\programme\G DATA\InternetSecurity\Firewall\GDFwSvc.exe [2008-10-30 1407976] S3 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2009-03-05 48712] S3 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2009-03-05 32328] . Inhalt des "geplante Tasks" Ordners 2009-05-02 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\programme\Google\Update\GoogleUpdate.exe [2009-03-22 10:40] 2009-05-01 c:\windows\Tasks\Norton Security Scan for Habib.job - c:\programme\Norton Security Scan\Nss.exe [2008-09-19 02:18] . . ------- Zusätzlicher Suchlauf ------- . Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll DPF: {7A0D1738-10EA-47FF-92BE-4E137B5BE1A4} - hxxps://mpsnare.iesnare.com/StmOCX.cab DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-02 12:24 Windows 5.1.2600 Service Pack 3 NTFS Scanne versteckte Prozesse... Scanne versteckte Autostarteinträge... Scanne versteckte Dateien... Scan erfolgreich abgeschlossen versteckte Dateien: 0 ************************************************************************** . --------------------- Durch laufende Prozesse gestartete DLLs --------------------- - - - - - - - > 'winlogon.exe'(712) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'winlogon.exe'(2964) c:\windows\system32\Ati2evxx.dll . Zeit der Fertigstellung: 2009-05-02 12:26 ComboFix-quarantined-files.txt 2009-05-02 10:26 Vor Suchlauf: 14 Verzeichnis(se), 103.563.419.648 Bytes frei Nach Suchlauf: 13 Verzeichnis(se), 104.183.939.072 Bytes frei WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptOut 219 --- E O F --- 2009-04-30 17:07

willen jullie de HJT logje van mijn vriend nakijken? zijm computer is heel traag Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:39:16, on 02.05.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe C:\Programme\G DATA\InternetSecurity\AVK\AVKService.exe C:\Programme\G DATA\InternetSecurity\AVK\AVKWCtl.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Programme\Google\Update\GoogleUpdate.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programme\Windows Live\Messenger\msnmsgr.exe C:\Programme\G DATA\InternetSecurity\Firewall\GDFwSvc.exe C:\Programme\LimeWire\LimeWire.exe C:\Programme\G DATA\InternetSecurity\AVK\AVK.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Windows Live\Toolbar\wltuser.exe C:\Programme\CCleaner\CCleaner.exe C:\Programme\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,c:\programme\g data\internetsecurity\avkkid\avkcks.exe O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G DATA\InternetSecurity\Webfilter\AVKWebIE.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G DATA\InternetSecurity\Webfilter\AVKWebIE.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [PPort11reminder] "C:\Programme\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O15 - Trusted Zone: http://asia.msi.com.tw O15 - Trusted Zone: http://global.msi.com.tw O15 - Trusted Zone: http://www.msi.com.tw O16 - DPF: {7A0D1738-10EA-47FF-92BE-4E137B5BE1A4} (Stm Class) - https://mpsnare.iesnare.com/StmOCX.cab O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe O23 - Service: G DATA Scheduler (AVKService) - G DATA Software AG - C:\Programme\G DATA\InternetSecurity\AVK\AVKService.exe O23 - Service: AntiVirus Wächter (AVKWCtl) - G DATA Software AG - C:\Programme\G DATA\InternetSecurity\AVK\AVKWCtl.exe O23 - Service: G DATA Personal Firewall (GDFwSvc) - G DATA Software AG - C:\Programme\G DATA\InternetSecurity\Firewall\GDFwSvc.exe O23 - Service: Google Update Service (gupdate1c9aadaad29d684) (gupdate1c9aadaad29d684) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Programme\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Programme\Spyware Doctor\pctsSvc.exe -- End of file - 7006 bytes

hoe doe ik dat dan?

hallo iedereen, ik heb deze dagen met mijn vriend een nieuwe site gemaakt: HSproductions.site90.com - If you want games, You want HS productions maar weten jullie misschien hoe ik daar meer bezoekers krijg?

Bedankt, nu heb ik ook ineens extra schijfruimte vrij door die java te verwijderen

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:26:28, on 11/12/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\NCLAUNCH.EXe C:\Program Files\LClock\lclock.exe C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Babylon - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - C:\Program Files\Babylon\Babylon Toolbar\BabylonIEToolBar.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe O4 - HKCU\..\Run: [LClock] C:\\Program Files\\LClock\\lclock.exe O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [VoipBusterPro] "C:\Program Files\VoipBusterPro.com\VoipBusterPro\VoipBusterPro.exe" -nosplash -minimized O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Add to Windows &Live Favorites - Add to Windows Live Favorites O8 - Extra context menu item: Download alles met Free Download Manager. - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download met Free Download Manager. - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Download selectie met Free Download Manager. - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab50997.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {2E4A92AB-F2C0-456A-9935-B715439790D7} (Setup Class) - https://nl.permissionresearch.com/Config/CSetup_hooking_xp.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://powersoccer.spel.nl/applet/PowerLoader.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://funkyariana.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1181747713078 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://funkyariana.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab50997.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextnl.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://gameadvisor.futuremark.com/global/msc3121.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe O16 - DPF: {DA80E089-4648-43D5-93B4-7F37917084E6} (CacheManager.CacheManagerCtrl) - http://www.candystand.com/assets/activex/virtools/CacheManager.CAB O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://www.worldwinner.com/games/v53/h2hpool/h2hpool.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe -- End of file - 15153 bytes

Malwarebytes' Anti-Malware 1.31 Database versie: 1489 Windows 5.1.2600 Service Pack 2 11/12/2008 19:16:36 mbam-log-2008-12-11 (19-16-36).txt Scan type: Snelle Scan Objecten gescand: 88642 Verstreken tijd: 23 minute(s), 27 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 15 Registerwaarden geïnfecteerd: 1 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 4 Bestanden geïnfecteerd: 76 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f919fbd3-a96b-4679-af26-f551439bb5fd} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{dc6be1d5-9b83-4c75-aceb-900781d28611} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\BitDownload (Trojan.Lop) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Carlson (Dialer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{dc6be1d5-9b83-4c75-aceb-900781d28611} (Trojan.Vundo) -> Quarantined and deleted successfully. Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: C:\Program Files\Live_TV (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Common Files\Carlson (Dialer) -> Quarantined and deleted successfully. C:\Program Files\SmartVideoCodec (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Documents and Settings\Hares\Local Settings\Application Data\Live_TV (Adware.Agent) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\WINDOWS\system32\eexfsyut.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tuysfxee.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\gjcauheo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\oehuacjg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ipxatymb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\bmytaxpi.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\jbhybgsf.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\fsgbyhbj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lnurnsld.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dlsnrunl.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ukqrepsx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\xsperqku.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\xdcmaguk.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kugamcdx.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cmsfhi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\awtsPIca.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\awtUOecC.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dqxejffl.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\efcbBQij.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\efcDSKcA.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\eiwnuvgm.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\khfCrRJA.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\khfFWqnO.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\pqtmjvaw.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ropamf.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rqRHxvvv.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rqRkIcDw.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\sukdsrjt.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\uovrhgmj.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lbijhfvs.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mwlcloaw.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nzcfsu.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\opnlIbXq.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\opnnMdBr.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\geBroOiF.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\geBrsPjg.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\geBuSigF.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cbXNGYpQ.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\fccaXNfE.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\fccdEuut.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hgGAstUM.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hgGyxxxU.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\jkkiHWMF.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\jkkijKcd.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\jkkJBQhh.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\jkkJbyax.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\jkkLBrrP.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ljJDwWnO.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\qoMfFVnK.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\qoMgFVME.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\poquxs.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\xxyayAQK.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\xxywTKbb.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nnnnKeeF.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tuvWMgGV.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vtUkkllM.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vtUOihGW.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vyxbdo.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ksppilxr.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\urqNHArQ.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\urqnLFUN.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\urqRKEWq.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\urqroNEU.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ddcYPfCs.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\qaihdx.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tdsslog.dll (Trojan.TDSS) -> Quarantined and deleted successfully. C:\WINDOWS\system32\wvUnLBSj.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\gquyidtr.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\groyjagc.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rsvp322.dllyrt (Trojan.Spambot) -> Quarantined and deleted successfully. C:\WINDOWS\xcvwer.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\ttvbonpwx.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.

hij is aan het scannen

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:41:05, on 11/12/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\Athan\Athan.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\NCLAUNCH.EXe C:\Program Files\LClock\lclock.exe C:\Program Files\VoipBusterPro.com\VoipBusterPro\VoipBusterPro.exe C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\PROGRA~1\FREEDO~1\fdm.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, entertainment, concerten, video, sport, lifestyle, auto en nog veel meer, dat is MSN ! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: (no name) - {ebba2a2f-7b79-462a-a550-e500fe0dd556} - (no file) O2 - BHO: (no name) - {046B96BF-68B7-4CAA-9669-4EA75CC1E740} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: (no name) - {6FC833E3-2AA7-45CD-9281-221C90238A9B} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {82D87C72-8DC2-4BB3-9770-6D00EDBA9573} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {9d2160f5-d0bf-46fc-a860-872d65d77f65} - (no file) O2 - BHO: (no name) - {A7D4B81B-B288-4A01-8E64-19B6C7F289B1} - (no file) O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: (no name) - {DC6BE1D5-9B83-4C75-ACEB-900781D28611} - (no file) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Babylon - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - C:\Program Files\Babylon\Babylon Toolbar\BabylonIEToolBar.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O3 - Toolbar: (no name) - {ebba2a2f-7b79-462a-a550-e500fe0dd556} - (no file) O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe O4 - HKCU\..\Run: [LClock] C:\\Program Files\\LClock\\lclock.exe O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [VoipBusterPro] "C:\Program Files\VoipBusterPro.com\VoipBusterPro\VoipBusterPro.exe" -nosplash -minimized O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Search - O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Add to Windows &Live Favorites - Add to Windows Live Favorites O8 - Extra context menu item: Download alles met Free Download Manager. - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download met Free Download Manager. - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Download selectie met Free Download Manager. - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab50997.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {2E4A92AB-F2C0-456A-9935-B715439790D7} (Setup Class) - https://nl.permissionresearch.com/Config/CSetup_hooking_xp.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/binary/MJSS.cab69309.cab O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://powersoccer.spel.nl/applet/PowerLoader.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://funkyariana.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1181747713078 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://funkyariana.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab50997.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/6c5b0a1ae398e3/player.virtools.com/downloads/player/Install2.5/Installer.exe O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextnl.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://gameadvisor.futuremark.com/global/msc3121.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe O16 - DPF: {DA80E089-4648-43D5-93B4-7F37917084E6} (CacheManager.CacheManagerCtrl) - http://www.candystand.com/assets/activex/virtools/CacheManager.CAB O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} (DGTx.uc1) - http://69.57.132.82/DGTx.CAB O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://www.worldwinner.com/games/v53/h2hpool/h2hpool.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: ddayw - C:\WINDOWS\ O20 - Winlogon Notify: jkhfd - C:\WINDOWS\ O20 - Winlogon Notify: jkkIYpQI - jkkIYpQI.dll (file missing) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe -- End of file - 16952 bytes