l.maas79

na het opnieuw opstarten om het systeemherstel in te schakelen krijg ik het volgende berichtsysteemconfiguratieer is een toegang geweigerd-fout opgetreden bij de poging om een service te veranderen.u dient mogelijk u aan te meldenmet een beheerdersaccount als u de opgegeven veranderingen wilt doorvoeren.

nee heb ik niet

ComboFix 12-08-14.05 - bert 15-08-2012 17:19:45.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1023.456 [GMT 2:00] Gestart vanuit: c:\documents and settings\bert\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\bert\Bureaublad\CFScript.txt AV: Norton 360 *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} . FILE :: "C:\user.js" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\Babylon c:\documents and settings\All Users\Application Data\SweetIM c:\documents and settings\All Users\Application Data\SweetIM\Communicator\conf\communicator.xml c:\documents and settings\All Users\Application Data\SweetIM\Messenger\conf\adapter.xml c:\documents and settings\All Users\Application Data\SweetIM\Messenger\conf\autoupdate.xml c:\documents and settings\All Users\Application Data\SweetIM\Messenger\conf\contentpackages.xml c:\documents and settings\All Users\Application Data\SweetIM\Messenger\conf\logger.xml c:\documents and settings\All Users\Application Data\SweetIM\Messenger\conf\messages.xml c:\documents and settings\All Users\Application Data\SweetIM\Messenger\conf\sweetim.xml c:\documents and settings\All Users\Application Data\SweetIM\Messenger\conf\sweetimapp.xml c:\documents and settings\All Users\Application Data\SweetIM\Messenger\conf\users\main_user_config.xml c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\100\bar.html c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\100\bar.js c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\100\bar.swf c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\200\bar.html c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\200\bar.js c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\200\bar.swf c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\400\bar.html c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\400\bar.js c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\400\bar.swf c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\cache_indx.dat c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\installcontentvalidation.xml c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\packages\FailDialog\activationFail.htm c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\packages\FailDialog\close_but.gif c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\packages\FailDialog\failure_dialog_BG.jpg c:\documents and settings\All Users\Application Data\SweetIM\Toolbars\Internet Explorer\cache\473d5c007e793590a1db512a6ef4eb57.games2.png c:\documents and settings\All Users\Application Data\SweetIM\Toolbars\Internet Explorer\cache\53b597b55d8412d563b720d3585c1af8.facebook.png c:\documents and settings\All Users\Application Data\SweetIM\Toolbars\Internet Explorer\cache\5af11f47db7e11200db081b18faa30a0.options_remote44b.html c:\documents and settings\All Users\Application Data\SweetIM\Toolbars\Internet Explorer\cache\7c1329c14e8f09f2e97e3522bcd7e126.toolbar46.xml c:\documents and settings\All Users\Application Data\SweetIM\Toolbars\Internet Explorer\cache\dda5971490977d5465f836a12522f1a1.games3.png c:\documents and settings\bert\Application Data\Babylon c:\documents and settings\bert\Application Data\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1 c:\documents and settings\bert\Application Data\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1\Local Store\activation.key c:\documents and settings\bert\Application Data\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1\Local Store\activity.log c:\documents and settings\bert\Application Data\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1\Local Store\config2.db c:\documents and settings\bert\Local Settings\Application Data\Conduit c:\documents and settings\bert\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1613210_1606743_NL.xml c:\program files\Conduit c:\program files\Conduit\Community Alerts\Alert.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-15 to 2012-08-15 )))))))))))))))))))))))))))))) . . 2012-09-04 16:28 . 2012-09-04 16:28 -------- d-----w- c:\documents and settings\All Users\Application Data\RoboForm 2012-09-04 09:10 . 2012-09-04 09:10 -------- d-----w- c:\documents and settings\bert\Application Data\PandoraRecovery 2012-09-04 09:10 . 2012-09-04 09:22 -------- d-----w- c:\program files\Pandora Recovery 2012-08-15 15:01 . 2012-08-15 15:02 -------- d-----w- c:\windows\system32\drivers\N360\0603000.00E 2012-08-13 18:59 . 2012-08-13 18:59 388096 ----a-r- c:\documents and settings\bert\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-08-13 18:59 . 2012-08-13 18:59 -------- d-----w- c:\program files\Trend Micro 2012-08-13 13:33 . 2012-08-13 13:37 -------- d-----w- c:\program files\jv16 PowerTools 2012-08-12 10:37 . 2012-08-12 10:37 -------- d-----w- c:\documents and settings\bert\Application Data\SUPERAntiSpyware.com 2012-08-12 10:36 . 2012-08-12 10:37 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-08-12 10:36 . 2012-08-12 10:36 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2012-08-12 10:30 . 2012-08-12 10:30 -------- d-----w- c:\program files\WiseConvert_1.4 2012-08-12 09:11 . 2012-08-12 09:11 -------- d-----w- c:\windows\system32\wbem\Repository 2012-08-12 09:11 . 2012-08-15 15:12 -------- d--h--r- c:\documents and settings\bert\Onlangs geopend 2012-08-12 09:06 . 2012-08-12 09:06 -------- d-----w- c:\documents and settings\bert\Downloads 2012-08-11 09:04 . 2012-08-11 09:04 22 --sha-w- c:\documents and settings\bert\Application Data\Windows1569_SettingsRepository.bin 2012-08-10 23:01 . 2012-08-12 09:06 -------- d-----w- c:\documents and settings\bert\Application Data\vlc 2012-08-10 20:25 . 2012-08-12 09:06 -------- d-----w- c:\documents and settings\All Users\Application Data\HitmanPro 2012-08-10 18:52 . 2012-08-12 09:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2012-08-09 01:38 . 2012-08-12 09:11 -------- d-----w- c:\program files\Windows Installer Clean Up 2012-08-09 01:37 . 2012-08-09 01:37 -------- d-----w- c:\program files\MSECACHE 2012-08-08 19:40 . 2012-08-08 19:40 -------- d-----w- c:\program files\Common Files\Adobe AIR 2012-08-05 23:36 . 2012-08-05 23:36 -------- d-----w- C:\Rbackup 2012-08-03 19:26 . 2012-08-03 19:26 -------- d-----w- c:\program files\FileZilla FTP Client 2012-08-03 19:23 . 2012-08-03 19:27 -------- d-----w- c:\documents and settings\bert\Application Data\FileZilla 2012-08-03 13:51 . 2012-08-03 13:51 317 ----a-w- C:\user.js 2012-08-02 21:31 . 2012-08-02 21:31 -------- d-----w- c:\documents and settings\bert\Application Data\OpenOffice.org 2012-08-02 21:28 . 2012-08-03 14:00 -------- d-----w- c:\program files\OpenOffice.org 3 2012-08-02 20:22 . 2012-08-10 20:45 -------- d-----w- c:\windows\system32\Adobe 2012-08-02 14:17 . 2012-08-02 14:17 -------- d-----w- c:\windows\Sun 2012-08-02 14:17 . 2012-08-02 14:17 -------- d-----w- c:\documents and settings\bert\Local Settings\Application Data\Sun 2012-08-02 00:55 . 2012-08-02 00:55 -------- d-----w- c:\program files\Common Files\Java 2012-08-02 00:55 . 2012-08-02 00:55 -------- d-----w- c:\program files\Oracle 2012-08-02 00:54 . 2012-07-05 20:07 143872 ----a-w- c:\windows\system32\javacpl.cpl 2012-08-02 00:54 . 2012-07-05 20:06 772544 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-08-02 00:54 . 2012-07-05 20:06 687544 ----a-w- c:\windows\system32\deployJava1.dll 2012-08-02 00:53 . 2012-08-02 00:53 -------- d-----w- c:\program files\Java 2012-08-01 11:19 . 2012-08-01 11:19 -------- d-----w- C:\bert 2012-07-29 13:55 . 2012-07-29 13:55 -------- d-----w- c:\windows\system32\N360_BACKUP 2012-07-26 11:40 . 2012-07-26 11:40 -------- d-----w- c:\program files\Common Files\HP 2012-07-26 11:37 . 2012-07-26 11:37 -------- d-----w- c:\program files\Hewlett-Packard 2012-07-26 11:36 . 2012-07-26 11:36 -------- d-----w- c:\program files\Common Files\Hewlett-Packard 2012-07-26 11:34 . 2008-04-13 18:45 26368 ----a-w- c:\windows\system32\dllcache\usbstor.sys 2012-07-26 11:34 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2012-07-26 11:34 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys 2012-07-26 11:34 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys 2012-07-26 11:34 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys 2012-07-26 11:34 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2012-07-26 11:34 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\dllcache\usbccgp.sys 2012-07-26 11:33 . 2004-09-29 10:15 204800 ----a-w- c:\windows\system32\HPZipr12.dll 2012-07-26 11:33 . 2004-09-29 10:14 69632 ----a-w- c:\windows\system32\HPZipm12.exe 2012-07-26 11:33 . 2004-09-29 10:09 57344 ----a-w- c:\windows\system32\HPZisn12.dll 2012-07-26 11:33 . 2004-09-29 10:09 94208 ----a-w- c:\windows\system32\HPZipt12.dll 2012-07-26 11:33 . 2004-09-29 10:08 61440 ----a-w- c:\windows\system32\HPZinw12.exe 2012-07-26 11:33 . 2004-09-29 10:12 278584 ----a-w- c:\windows\system32\HPZidr12.dll 2012-07-26 11:32 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe 2012-07-26 11:29 . 2012-07-26 11:42 -------- d-----w- c:\program files\HP 2012-07-25 16:59 . 2012-07-26 15:41 -------- d-----w- c:\windows\SxsCaPendDel 2012-07-22 12:27 . 2012-07-22 12:27 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache 2012-07-22 12:26 . 2012-07-22 12:26 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE 2012-07-22 12:26 . 2012-07-22 12:26 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ATI 2012-07-22 12:26 . 2012-07-22 12:26 -------- d-----w- c:\documents and settings\Administrator\Application Data\ATI 2012-07-22 12:24 . 2012-07-22 12:24 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache 2012-07-18 20:07 . 2012-07-18 20:07 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2012-07-18 20:04 . 2012-07-18 20:04 -------- d-----w- c:\program files\Lavasoft 2012-07-18 20:04 . 2012-07-25 16:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-27 16:50 . 2012-06-27 17:03 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-27 16:50 . 2012-06-27 17:03 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-11 17:28 . 2003-02-21 02:42 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-07-11 17:28 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-07-06 13:58 . 2005-05-30 09:39 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-04 14:05 . 2006-06-27 20:39 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 18:23 . 2005-05-30 09:40 1866240 ----a-w- c:\windows\system32\win32k.sys 2012-07-02 17:38 . 2005-05-30 09:40 916992 ----a-w- c:\windows\system32\wininet.dll 2012-07-02 17:38 . 2005-05-30 09:39 43520 ------w- c:\windows\system32\licmgr10.dll 2012-07-02 17:38 . 2005-05-30 09:39 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-07-02 12:05 . 2005-05-30 09:39 385024 ------w- c:\windows\system32\html.iec 2012-06-30 09:20 . 2012-06-27 15:06 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL 2012-06-30 09:20 . 2012-06-27 15:06 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2012-06-24 18:30 . 2012-06-26 21:14 234 ----a-w- c:\documents and settings\bert\out.reg 2012-06-05 15:49 . 2008-04-14 17:02 1372672 ------w- c:\windows\system32\msxml6.dll 2012-06-05 15:49 . 2005-05-30 09:39 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 15:35 . 2006-06-27 20:41 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-04 15:35 . 2012-06-04 15:35 222448 ----a-w- c:\windows\system32\muweb.dll 2012-06-04 04:32 . 2005-05-30 09:40 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 13:19 . 2009-08-06 17:24 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2006-06-27 20:41 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2006-06-27 20:41 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2009-08-06 17:24 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2006-06-27 20:41 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2006-06-27 20:41 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2005-05-30 09:39 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2009-08-06 17:24 15896 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2009-08-06 17:23 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2006-06-27 20:41 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2009-08-06 17:23 24088 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2006-06-27 20:41 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2012-06-27 04:26 18160 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2012-06-27 04:26 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-05-31 13:22 . 2005-05-30 09:39 602624 ----a-w- c:\windows\system32\crypt32.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2004-09-02 12:00 . 61A79E8D4A440095EA2EB9FD694CD1AE . 25600 . . [10.0.3790.3646] . . c:\windows\system32\mspmsnsv.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HControl"="c:\windows\ATK0100\HControl.exe" [2005-12-14 106496] "ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2005-11-08 17920] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 0 (0x0) "NoFileAssociate"= 0 (0x0) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoThumbnailCache"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk] backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Bluetooth Manager.lnk] backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Catalyst System Tray.lnk] backup=c:\windows\pss\Catalyst System Tray.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Snelstart HP Image Zone.lnk] backup=c:\windows\pss\Snelstart HP Image Zone.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABLKSR] 2006-01-02 19:14 61440 ----a-w- c:\windows\ABLKSR\ABLKSR.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update] 2005-11-02 17:33 180224 ----a-w- c:\program files\ASUS\ASUS Live Update\ALU.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC] 2005-08-12 12:43 45056 ----a-w- c:\program files\ATI Technologies\ATI.ACE\CLI.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA] 2006-01-02 18:36 49152 ----a-w- c:\program files\ASUS\ATK Media\DMedia.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice] 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray] 2004-08-10 02:04 59392 ----a-w- c:\windows\ehome\ehtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EOUApp] 2005-11-28 09:47 569413 ----a-w- c:\program files\Intel\Wireless\Bin\EOUWiz.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2004-09-13 13:49 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless] 2005-11-28 09:41 602182 ----a-w- c:\program files\Intel\Wireless\Bin\iFrmewrk.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig] 2005-12-05 10:37 667718 ----a-w- c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Download Manager{N360P_prod_1.6.18_5.1.0.29}] 2012-01-20 21:05 397768 ----a-w- c:\documents and settings\All Users\Documenten\Norton\{N360P_prod_1.6.18_5.1.0.29}\N360Downloader.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone] 2006-01-03 13:51 561152 ----a-w- c:\program files\ASUS\PowerForPhone\PowerForPhone.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power_Gear] 2005-12-05 18:24 86016 ----a-w- c:\program files\ASUS\Power4 Gear\BatteryLife.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2004-11-02 18:24 32768 ----a-w- c:\program files\ASUSTeK\ASUSDVD\PDVDServ.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2005-12-09 00:49 15691264 ----a-r- c:\windows\RTHDCPL.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-01-17 09:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] 2012-07-09 23:38 4777856 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2005-10-21 00:26 761945 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 2] 2005-10-17 15:09 987136 ----a-w- c:\program files\Wireless Console 2\wcourier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0603000.00E\symds.sys [15-8-2012 17:02 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0603000.00E\symefa.sys [15-8-2012 17:02 924320] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120811.003\BHDrvx86.sys [11-8-2012 2:25 995488] R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\0603000.00E\ccsetx86.sys [15-8-2012 17:01 132768] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22-7-2011 18:27 12880] R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [12-7-2011 23:55 67664] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0603000.00E\ironx86.sys [15-8-2012 17:01 149624] R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [12-8-2011 1:38 116608] R2 ITECIRService;ITE Remote Control Service;c:\windows\system32\RemoteControlService.exe [28-6-2006 8:45 656384] R2 N360;Norton 360;c:\program files\Norton 360\Engine\6.3.0.14\ccsvchst.exe [15-8-2012 17:01 138272] R3 AVerM115;AVerM115 service;c:\windows\system32\drivers\AVerM115.sys [28-6-2006 8:27 692992] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12-8-2012 9:21 106656] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120814.005\IDSXpx86.sys [15-8-2012 17:03 369632] R3 ITECIR;ITE CIR Driver;c:\windows\system32\drivers\ITECIR.sys [28-6-2006 8:45 7366] R3 SynMini;USB2.0 1.3M Web Cam;c:\windows\system32\drivers\SynMini.sys [28-6-2006 8:39 702326] R3 SynScan;USB2.0 1.3M Web Cam Still Image;c:\windows\system32\drivers\SynScan.sys [28-6-2006 8:39 4790] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [27-6-2012 19:03 250056] . Inhoud van de 'Gedeelde Taken' map . 2012-08-15 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-27 16:50] . 2012-08-13 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 5913b5bc-ec2a-46d9-b533-3fd7db72b150.job - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52] . 2012-08-15 c:\windows\Tasks\User_Feed_Synchronization-{A112130D-0FD4-49BE-B380-D0336C9E6BEA}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startkabel.nl/ IE: Google Sidewiki... TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58 . - - - - ORPHANS VERWIJDERD - - - - . MSConfigStartUp-Google Update - c:\documents and settings\bert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-08-15 17:36 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\6.3.0.14\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\6.3.0.14\diMaster.dll\" /prefetch:1" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(964) c:\program files\SUPERAntiSpyware\SASWINLO.DLL c:\windows\system32\Ati2evxx.dll . Voltooingstijd: 2012-08-15 17:40:18 ComboFix-quarantined-files.txt 2012-08-15 15:40 ComboFix2.txt 2012-08-14 15:49 . Pre-Run: 40.829.515.264 bytes beschikbaar Post-Run: 40.924.854.272 bytes beschikbaar . - - End Of File - - 01C8034C7ECBD24440586D9D8F79D090

vandaag om 2 uur s'nacht starte laptop weer vanzelf op. wat bleek dat superantispyware een taak ging uitvoeren op 2 uur om de laptop te scannen. kan een programma de laptop vanzeif opstarten ? .bert

hier het combi log ComboFix 12-08-13.01 - bert 14-08-2012 17:33:54.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1023.512 [GMT 2:00] Gestart vanuit: c:\documents and settings\bert\Bureaublad\ComboFix.exe AV: Norton 360 *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Voorgaande Run ------- . c:\documents and settings\bert\Application Data\PriceGong c:\documents and settings\bert\Application Data\PriceGong\Data\1.txt c:\documents and settings\bert\Application Data\PriceGong\Data\a.txt c:\documents and settings\bert\Application Data\PriceGong\Data\b.txt c:\documents and settings\bert\Application Data\PriceGong\Data\c.txt c:\documents and settings\bert\Application Data\PriceGong\Data\d.txt c:\documents and settings\bert\Application Data\PriceGong\Data\e.txt c:\documents and settings\bert\Application Data\PriceGong\Data\f.txt c:\documents and settings\bert\Application Data\PriceGong\Data\g.txt c:\documents and settings\bert\Application Data\PriceGong\Data\h.txt c:\documents and settings\bert\Application Data\PriceGong\Data\i.txt c:\documents and settings\bert\Application Data\PriceGong\Data\j.txt c:\documents and settings\bert\Application Data\PriceGong\Data\k.txt c:\documents and settings\bert\Application Data\PriceGong\Data\l.txt c:\documents and settings\bert\Application Data\PriceGong\Data\m.txt c:\documents and settings\bert\Application Data\PriceGong\Data\mru.xml c:\documents and settings\bert\Application Data\PriceGong\Data\n.txt c:\documents and settings\bert\Application Data\PriceGong\Data\o.txt c:\documents and settings\bert\Application Data\PriceGong\Data\p.txt c:\documents and settings\bert\Application Data\PriceGong\Data\q.txt c:\documents and settings\bert\Application Data\PriceGong\Data\r.txt c:\documents and settings\bert\Application Data\PriceGong\Data\s.txt c:\documents and settings\bert\Application Data\PriceGong\Data\t.txt c:\documents and settings\bert\Application Data\PriceGong\Data\u.txt c:\documents and settings\bert\Application Data\PriceGong\Data\v.txt c:\documents and settings\bert\Application Data\PriceGong\Data\w.txt c:\documents and settings\bert\Application Data\PriceGong\Data\wlu.txt c:\documents and settings\bert\Application Data\PriceGong\Data\x.txt c:\documents and settings\bert\Application Data\PriceGong\Data\y.txt c:\documents and settings\bert\Application Data\PriceGong\Data\z.txt c:\documents and settings\bert\g2mdlhlpx.exe C:\Install.exe c:\windows\system32\URTTemp c:\windows\system32\URTTemp\fusion.dll c:\windows\system32\URTTemp\mscoree.dll c:\windows\system32\URTTemp\mscoree.dll.local c:\windows\system32\URTTemp\mscorsn.dll c:\windows\system32\URTTemp\mscorwks.dll c:\windows\system32\URTTemp\msvcr71.dll c:\windows\system32\URTTemp\regtlib.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-14 to 2012-08-14 )))))))))))))))))))))))))))))) . . 2012-09-04 16:28 . 2012-09-04 16:28 -------- d-----w- c:\documents and settings\All Users\Application Data\RoboForm 2012-09-04 09:10 . 2012-09-04 09:10 -------- d-----w- c:\documents and settings\bert\Application Data\PandoraRecovery 2012-09-04 09:10 . 2012-09-04 09:22 -------- d-----w- c:\program files\Pandora Recovery 2012-08-13 18:59 . 2012-08-13 18:59 388096 ----a-r- c:\documents and settings\bert\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-08-13 18:59 . 2012-08-13 18:59 -------- d-----w- c:\program files\Trend Micro 2012-08-13 13:33 . 2012-08-13 13:37 -------- d-----w- c:\program files\jv16 PowerTools 2012-08-12 10:37 . 2012-08-12 10:37 -------- d-----w- c:\documents and settings\bert\Application Data\SUPERAntiSpyware.com 2012-08-12 10:36 . 2012-08-12 10:37 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-08-12 10:36 . 2012-08-12 10:36 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2012-08-12 10:30 . 2012-08-12 10:30 -------- d-----w- c:\program files\WiseConvert_1.4 2012-08-12 09:11 . 2012-08-12 09:11 -------- d-----w- c:\windows\system32\wbem\Repository 2012-08-12 09:11 . 2012-08-13 13:31 -------- d--h--r- c:\documents and settings\bert\Onlangs geopend 2012-08-12 09:07 . 2012-08-12 09:07 -------- d-----w- c:\documents and settings\bert\Application Data\Babylon 2012-08-12 09:07 . 2012-08-12 09:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon 2012-08-12 09:06 . 2012-08-12 09:06 -------- d-----w- c:\documents and settings\bert\Downloads 2012-08-12 08:27 . 2012-08-12 08:35 -------- d-----w- c:\documents and settings\All Users\Application Data\SweetIM 2012-08-11 09:04 . 2012-08-11 09:04 22 --sha-w- c:\documents and settings\bert\Application Data\Windows1569_SettingsRepository.bin 2012-08-10 23:01 . 2012-08-12 09:06 -------- d-----w- c:\documents and settings\bert\Application Data\vlc 2012-08-10 20:25 . 2012-08-12 09:06 -------- d-----w- c:\documents and settings\All Users\Application Data\HitmanPro 2012-08-10 18:52 . 2012-08-12 09:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2012-08-09 01:38 . 2012-08-12 09:11 -------- d-----w- c:\program files\Windows Installer Clean Up 2012-08-09 01:37 . 2012-08-09 01:37 -------- d-----w- c:\program files\MSECACHE 2012-08-08 19:41 . 2012-08-08 19:41 -------- d-----w- c:\documents and settings\bert\Application Data\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1 2012-08-08 19:40 . 2012-08-08 19:40 -------- d-----w- c:\program files\Common Files\Adobe AIR 2012-08-06 14:37 . 2012-08-06 14:37 -------- d-----w- c:\program files\Conduit 2012-08-06 14:37 . 2012-08-06 14:52 -------- d-----w- c:\documents and settings\bert\Local Settings\Application Data\Conduit 2012-08-05 23:36 . 2012-08-05 23:36 -------- d-----w- C:\Rbackup 2012-08-03 19:26 . 2012-08-03 19:26 -------- d-----w- c:\program files\FileZilla FTP Client 2012-08-03 19:23 . 2012-08-03 19:27 -------- d-----w- c:\documents and settings\bert\Application Data\FileZilla 2012-08-03 13:51 . 2012-08-03 13:51 317 ----a-w- C:\user.js 2012-08-02 21:31 . 2012-08-02 21:31 -------- d-----w- c:\documents and settings\bert\Application Data\OpenOffice.org 2012-08-02 21:28 . 2012-08-03 14:00 -------- d-----w- c:\program files\OpenOffice.org 3 2012-08-02 20:22 . 2012-08-10 20:45 -------- d-----w- c:\windows\system32\Adobe 2012-08-02 14:17 . 2012-08-02 14:17 -------- d-----w- c:\windows\Sun 2012-08-02 14:17 . 2012-08-02 14:17 -------- d-----w- c:\documents and settings\bert\Local Settings\Application Data\Sun 2012-08-02 00:55 . 2012-08-02 00:55 -------- d-----w- c:\program files\Common Files\Java 2012-08-02 00:55 . 2012-08-02 00:55 -------- d-----w- c:\program files\Oracle 2012-08-02 00:54 . 2012-07-05 20:07 143872 ----a-w- c:\windows\system32\javacpl.cpl 2012-08-02 00:54 . 2012-07-05 20:06 772544 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-08-02 00:54 . 2012-07-05 20:06 687544 ----a-w- c:\windows\system32\deployJava1.dll 2012-08-02 00:53 . 2012-08-02 00:53 -------- d-----w- c:\program files\Java 2012-08-01 11:19 . 2012-08-01 11:19 -------- d-----w- C:\bert 2012-07-29 13:55 . 2012-07-29 13:55 -------- d-----w- c:\windows\system32\N360_BACKUP 2012-07-26 11:40 . 2012-07-26 11:40 -------- d-----w- c:\program files\Common Files\HP 2012-07-26 11:37 . 2012-07-26 11:37 -------- d-----w- c:\program files\Hewlett-Packard 2012-07-26 11:36 . 2012-07-26 11:36 -------- d-----w- c:\program files\Common Files\Hewlett-Packard 2012-07-26 11:34 . 2008-04-13 18:45 26368 ----a-w- c:\windows\system32\dllcache\usbstor.sys 2012-07-26 11:34 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2012-07-26 11:34 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys 2012-07-26 11:34 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys 2012-07-26 11:34 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys 2012-07-26 11:34 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2012-07-26 11:34 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\dllcache\usbccgp.sys 2012-07-26 11:33 . 2004-09-29 10:15 204800 ----a-w- c:\windows\system32\HPZipr12.dll 2012-07-26 11:33 . 2004-09-29 10:14 69632 ----a-w- c:\windows\system32\HPZipm12.exe 2012-07-26 11:33 . 2004-09-29 10:09 57344 ----a-w- c:\windows\system32\HPZisn12.dll 2012-07-26 11:33 . 2004-09-29 10:09 94208 ----a-w- c:\windows\system32\HPZipt12.dll 2012-07-26 11:33 . 2004-09-29 10:08 61440 ----a-w- c:\windows\system32\HPZinw12.exe 2012-07-26 11:33 . 2004-09-29 10:12 278584 ----a-w- c:\windows\system32\HPZidr12.dll 2012-07-26 11:32 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe 2012-07-26 11:29 . 2012-07-26 11:42 -------- d-----w- c:\program files\HP 2012-07-25 16:59 . 2012-07-26 15:41 -------- d-----w- c:\windows\SxsCaPendDel 2012-07-22 12:27 . 2012-07-22 12:27 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache 2012-07-22 12:26 . 2012-07-22 12:26 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE 2012-07-22 12:26 . 2012-07-22 12:26 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ATI 2012-07-22 12:26 . 2012-07-22 12:26 -------- d-----w- c:\documents and settings\Administrator\Application Data\ATI 2012-07-22 12:24 . 2012-07-22 12:24 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache 2012-07-18 20:07 . 2012-07-18 20:07 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2012-07-18 20:04 . 2012-07-18 20:04 -------- d-----w- c:\program files\Lavasoft 2012-07-18 20:04 . 2012-07-25 16:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-27 16:50 . 2012-06-27 17:03 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-27 16:50 . 2012-06-27 17:03 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-11 17:28 . 2003-02-21 02:42 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-07-11 17:28 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-06-30 09:20 . 2012-06-27 15:06 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL 2012-06-30 09:20 . 2012-06-27 15:06 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2012-06-24 18:30 . 2012-06-26 21:14 234 ----a-w- c:\documents and settings\bert\out.reg 2012-06-13 13:55 . 2005-05-30 09:40 1866240 ----a-w- c:\windows\system32\win32k.sys 2012-06-05 15:49 . 2008-04-14 17:02 1372672 ------w- c:\windows\system32\msxml6.dll 2012-06-05 15:49 . 2005-05-30 09:39 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 15:35 . 2006-06-27 20:41 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-04 15:35 . 2012-06-04 15:35 222448 ----a-w- c:\windows\system32\muweb.dll 2012-06-04 04:32 . 2005-05-30 09:40 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 13:19 . 2009-08-06 17:24 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2006-06-27 20:41 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2006-06-27 20:41 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2009-08-06 17:24 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2006-06-27 20:41 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2006-06-27 20:41 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2005-05-30 09:39 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2009-08-06 17:24 15896 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2009-08-06 17:23 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2006-06-27 20:41 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2009-08-06 17:23 24088 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2006-06-27 20:41 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2012-06-27 04:26 18160 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2012-06-27 04:26 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-05-31 13:22 . 2005-05-30 09:39 602624 ----a-w- c:\windows\system32\crypt32.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2004-09-02 12:00 . 61A79E8D4A440095EA2EB9FD694CD1AE . 25600 . . [10.0.3790.3646] . . c:\windows\system32\mspmsnsv.dll . ((((((((((((((((((((((((((((( SnapShot@2012-08-14_00.54.36 ))))))))))))))))))))))))))))))))))))))))) . + 2012-08-14 01:11 . 2012-08-14 01:11 16384 c:\windows\Temp\Perflib_Perfdata_658.dat + 2012-08-14 01:06 . 2012-08-14 01:06 16384 c:\windows\Temp\Perflib_Perfdata_5c0.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HControl"="c:\windows\ATK0100\HControl.exe" [2005-12-14 106496] "ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2005-11-08 17920] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 0 (0x0) "NoFileAssociate"= 0 (0x0) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoThumbnailCache"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk] backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Bluetooth Manager.lnk] backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Catalyst System Tray.lnk] backup=c:\windows\pss\Catalyst System Tray.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Snelstart HP Image Zone.lnk] backup=c:\windows\pss\Snelstart HP Image Zone.lnkCommon Startup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zshutdown . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABLKSR] 2006-01-02 19:14 61440 ----a-w- c:\windows\ABLKSR\ABLKSR.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update] 2005-11-02 17:33 180224 ----a-w- c:\program files\ASUS\ASUS Live Update\ALU.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC] 2005-08-12 12:43 45056 ----a-w- c:\program files\ATI Technologies\ATI.ACE\CLI.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA] 2006-01-02 18:36 49152 ----a-w- c:\program files\ASUS\ATK Media\DMedia.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice] 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray] 2004-08-10 02:04 59392 ----a-w- c:\windows\ehome\ehtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EOUApp] 2005-11-28 09:47 569413 ----a-w- c:\program files\Intel\Wireless\Bin\EOUWiz.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2012-06-30 14:56 116648 ----atw- c:\documents and settings\bert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2004-09-13 13:49 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless] 2005-11-28 09:41 602182 ----a-w- c:\program files\Intel\Wireless\Bin\iFrmewrk.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig] 2005-12-05 10:37 667718 ----a-w- c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Download Manager{N360P_prod_1.6.18_5.1.0.29}] 2012-01-20 21:05 397768 ----a-w- c:\documents and settings\All Users\Documenten\Norton\{N360P_prod_1.6.18_5.1.0.29}\N360Downloader.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone] 2006-01-03 13:51 561152 ----a-w- c:\program files\ASUS\PowerForPhone\PowerForPhone.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power_Gear] 2005-12-05 18:24 86016 ----a-w- c:\program files\ASUS\Power4 Gear\BatteryLife.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2004-11-02 18:24 32768 ----a-w- c:\program files\ASUSTeK\ASUSDVD\PDVDServ.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2005-12-09 00:49 15691264 ----a-r- c:\windows\RTHDCPL.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-01-17 09:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] 2012-07-09 23:38 4777856 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2005-10-21 00:26 761945 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 2] 2005-10-17 15:09 987136 ----a-w- c:\program files\Wireless Console 2\wcourier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0602010.005\SymDS.sys [30-6-2012 11:19 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0602010.005\SymEFA.sys [30-6-2012 11:19 905336] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120804.001\BHDrvx86.sys [9-8-2012 2:26 821920] R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\0602010.005\ccSetx86.sys [30-6-2012 11:19 132744] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22-7-2011 18:27 12880] R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [12-7-2011 23:55 67664] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0602010.005\Ironx86.sys [30-6-2012 11:19 149624] R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [12-8-2011 1:38 116608] R2 ITECIRService;ITE Remote Control Service;c:\windows\system32\RemoteControlService.exe [28-6-2006 8:45 656384] R2 N360;Norton 360;c:\program files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe [30-6-2012 11:19 138232] R3 AVerM115;AVerM115 service;c:\windows\system32\drivers\AVerM115.sys [28-6-2006 8:27 692992] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12-8-2012 9:21 106656] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120810.001\IDSXpx86.sys [11-8-2012 9:02 369632] R3 ITECIR;ITE CIR Driver;c:\windows\system32\drivers\ITECIR.sys [28-6-2006 8:45 7366] R3 SynMini;USB2.0 1.3M Web Cam;c:\windows\system32\drivers\SynMini.sys [28-6-2006 8:39 702326] R3 SynScan;USB2.0 1.3M Web Cam Still Image;c:\windows\system32\drivers\SynScan.sys [28-6-2006 8:39 4790] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [27-6-2012 19:03 250056] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . Inhoud van de 'Gedeelde Taken' map . 2012-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-27 16:50] . 2012-08-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3901287656-3653710526-1428958920-1005Core.job - c:\documents and settings\bert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-06-30 14:56] . 2012-08-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3901287656-3653710526-1428958920-1005UA.job - c:\documents and settings\bert\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-06-30 14:56] . 2012-08-13 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 5913b5bc-ec2a-46d9-b533-3fd7db72b150.job - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52] . 2012-08-14 c:\windows\Tasks\User_Feed_Synchronization-{A112130D-0FD4-49BE-B380-D0336C9E6BEA}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startkabel.nl/ IE: Google Sidewiki... TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58 . - - - - ORPHANS VERWIJDERD - - - - . ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-08-14 17:44 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\6.2.1.5\diMaster.dll\" /prefetch:1" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(944) c:\program files\SUPERAntiSpyware\SASWINLO.DLL c:\windows\system32\Ati2evxx.dll c:\windows\system32\sirenacm.dll . - - - - - - - > 'explorer.exe'(3108) c:\windows\system32\webcheck.dll c:\windows\system32\sirenacm.dll . Voltooingstijd: 2012-08-14 17:49:13 ComboFix-quarantined-files.txt 2012-08-14 15:49 . Pre-Run: 41.410.896.896 bytes beschikbaar Post-Run: 41.401.067.008 bytes beschikbaar . - - End Of File - - 80839076376165A97BCBF0842907CC99

hier het log je Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:10:39, on 13-8-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\RemoteControlService.exe C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ATK0100\HControl.exe C:\Program Files\ASUS\Splendid\ACMON.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\ACEngSvr.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\ATK0100\ATKOSD.exe D:\idownloader\jv16_PowerTools_v1[1].4.1.248\jv16 PowerTools.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startkabel.nl, mijn internet R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O1 - Hosts: ::1 localhost #[iPv6] O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\6.2.1.5\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\6.2.1.5\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\6.2.1.5\coIEPlg.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1340738817466 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340738893180 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: ITE Remote Control Service (ITECIRService) - ITE Tech. Inc. - C:\WINDOWS\system32\RemoteControlService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- End of file - 6825 bytes

ik kan die programma's niet draaien of ik moet norton360 deinstalleren hier het logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:10:39, on 13-8-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\RemoteControlService.exe C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ATK0100\HControl.exe C:\Program Files\ASUS\Splendid\ACMON.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\ACEngSvr.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\ATK0100\ATKOSD.exe D:\idownloader\jv16_PowerTools_v1[1].4.1.248\jv16 PowerTools.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startkabel.nl, mijn internet R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O1 - Hosts: ::1 localhost #[iPv6] O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\6.2.1.5\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\6.2.1.5\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\6.2.1.5\coIEPlg.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1340738817466 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340738893180 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: ITE Remote Control Service (ITECIRService) - ITE Tech. Inc. - C:\WINDOWS\system32\RemoteControlService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- End of file - 6825 bytes

mijn laptop starte gisteren vanzelf op als ik msconfig gebruik komt de melding u moet zich aanmelden met een beheerders account en er verdwijnen programma's van mijn laptop en er is op mijn naam en emailadres dingen besteld