siamees

Hoi Kape,

Ik merk zeker een duidelijke verbetering, hoewel ik vandaag niet echt achter mijn computer heb gezeten.

Maar de eerste indruk is dat het probleem aardig opgelost is, wil echter nog even het weekend afwachten/ uittesten.

Bedankt alvast,

ComboFix 12-09-27.03 - Rene 27-09-2012 21:39:56.1.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.3070.2377 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Rene\Bureaublad\ComboFix.exe

AV: Kaspersky Internet Security *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

FW: Kaspersky Internet Security *Disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\1012F8A2E0.sys

c:\documents and settings\Ellen\Application Data\PriceGong

c:\documents and settings\Ellen\Application Data\PriceGong\Data\1.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\a.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\b.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\c.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\d.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\e.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\f.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\g.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\h.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\i.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\j.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\k.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\l.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\m.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\mru.xml

c:\documents and settings\Ellen\Application Data\PriceGong\Data\n.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\o.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\p.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\q.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\r.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\s.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\t.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\u.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\v.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\w.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\wlu.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\x.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\y.txt

c:\documents and settings\Ellen\Application Data\PriceGong\Data\z.txt

c:\documents and settings\Rene\Application Data\PriceGong

c:\documents and settings\Rene\Application Data\PriceGong\Data\1.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\12192.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\126.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\2258.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\2620.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\4489.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\5007.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\a.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\b.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\c.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\d.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\e.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\f.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\g.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\h.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\i.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\j.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\k.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\l.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\m.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\mru.xml

c:\documents and settings\Rene\Application Data\PriceGong\Data\n.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\o.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\p.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\q.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\r.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\s.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\t.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\u.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\v.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\w.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\wlu.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\x.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\y.txt

c:\documents and settings\Rene\Application Data\PriceGong\Data\z.txt

c:\documents and settings\Rene\WINDOWS

c:\windows\IsUn0413.exe

c:\windows\system32\SET2B4.tmp

c:\windows\system32\SET2CF.tmp

c:\windows\system32\SET2D1.tmp

c:\windows\system32\SET2DF.tmp

c:\windows\system32\setb0.tmp

N:\autorun.inf

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_SSHNAS

-------\Service_SSHNAS

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-08-27 to 2012-09-27 ))))))))))))))))))))))))))))))

.

.

2012-09-23 19:17 . 2012-09-23 19:18 388096 ----a-r- c:\documents and settings\Rene\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-09-23 19:17 . 2012-09-23 19:17 -------- d-----w- c:\program files\Trend Micro

2012-09-12 10:21 . 2012-09-12 10:21 -------- d-----w- c:\program files\Silabs

2012-09-12 10:20 . 2012-09-12 10:20 -------- d-----w- c:\windows\system32\Silabs

2012-09-12 10:17 . 2012-09-12 10:17 -------- d-----w- c:\documents and settings\Rene\Local Settings\Application Data\ZoneFiveSoftware

2012-09-12 10:01 . 2009-11-17 09:13 18944 ----a-r- c:\windows\system32\drivers\SiLib.sys

2012-09-12 10:01 . 2009-11-17 09:13 14592 ----a-r- c:\windows\system32\drivers\SiUSBXp.sys

2012-09-12 09:57 . 2012-09-12 09:57 -------- d-----w- c:\program files\Zone Five Software

2012-09-12 09:57 . 2012-09-12 09:57 -------- d-----w- c:\documents and settings\All Users\Application Data\ZoneFiveSoftware

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-28 15:17 . 2003-04-08 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-08-28 15:17 . 2003-04-08 12:00 43520 ------w- c:\windows\system32\licmgr10.dll

2012-08-28 15:17 . 2003-04-08 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-08-28 12:07 . 2004-08-04 07:55 385024 ------w- c:\windows\system32\html.iec

2012-07-06 13:58 . 2003-04-08 12:00 78336 ----a-w- c:\windows\system32\browser.dll

2012-07-04 14:05 . 2009-10-24 16:48 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-07-03 18:23 . 2003-04-08 12:00 1866240 ----a-w- c:\windows\system32\win32k.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-08-29 39408]

"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-05-11 880496]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656]

"nwiz"="nwiz.exe" [2005-08-02 1519616]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-08-02 86016]

"RTHDCPL"="RTHDCPL.EXE" [2006-03-08 16010240]

"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]

"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]

"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]

"NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2011-04-08 1406248]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]

"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"NSU_agent"="c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2011-12-13 190768]

"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-24 202296]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Nokia Nseries PC Suite.lnk - c:\program files\Nokia\NNPCS\RunLauncher.exe [2008-5-8 943568]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Vuze\\Azureus.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\WINDOWS\\system32\\msiexec.exe"=

.

R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [4-3-2011 14:23 11352]

R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [22-7-2011 14:26 690472]

R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13-5-2009 17:46 34608]

R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16-5-2009 20:59 19472]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29-8-2011 11:15 136176]

S3 AEILAB;AEI USB To Fast Ethernet Adapter;c:\windows\system32\drivers\AEILAB.SYS [24-10-2009 18:57 24299]

S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [30-7-2006 22:44 580992]

S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [29-8-2011 11:15 136176]

S3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys [12-9-2012 12:01 14592]

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2011-06-20 13:05 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-29 09:15]

.

2012-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-29 09:15]

.

2011-10-18 c:\windows\Tasks\Rene Local Autobackup 5 4.job

- c:\program files\Nero\Nero 10\Nero BackItUp\NBCore.exe [2011-04-08 06:50]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.nl/

IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.178.1

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)

HKCU-Run-IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

HKCU-Run-Registry Reviver - c:\program files\Reviversoft\Registry Reviver\RegistryReviver.exe

AddRemove-OVT Scanner - c:\windows\omniuns.exe USB\Vid_05a9&PID_1550 OVT Scanner

AddRemove-SIUSBXP&10C4&EA61 - c:\windows\system32\Silabs\DriverUninstaller.exe USBXpress\SIUSBXP&10C4&EA61

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-09-27 21:56

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'explorer.exe'(780)

c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll

c:\windows\system32\msi.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe

c:\windows\system32\nvsvc32.exe

c:\windows\system32\IoctlSvc.exe

c:\program files\Common Files\Protexis\License Service\PsiService_2.exe

c:\windows\RTHDCPL.EXE

c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe

.

**************************************************************************

.

Voltooingstijd: 2012-09-27 22:02:35 - machine werd herstart

ComboFix-quarantined-files.txt 2012-09-27 20:02

.

Pre-Run: 56.630.235.136 bytes beschikbaar

Post-Run: 69.422.637.056 bytes beschikbaar

.

WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

.

- - End Of File - - 1004837353BA3D3F5A1D3ED243CB6029

Is het nu de bedoeling dat ik deze ene regel delete:

O8 - Extra context menu item: Zoek op het web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html

of dat de rest ge-delete wordt?

Datgene wat eruit moet, moet aangevinkt worden als ik het goed begrijp.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 9:09:01, on 24-9-2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe

C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\HP\KBD\KBD.EXE

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Nero\Update\NASvc.exe

C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\IoctlSvc.exe

c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtblfs.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"

O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles

O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"

O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [Registry Reviver] C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Nokia Nseries PC Suite.lnk = C:\Program Files\Nokia\NNPCS\RunLauncher.exe

O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Zoek op het web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab

O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} (System Requirements Lab) - http://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1256403500300

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1288017627906

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--

End of file - 11035 bytes

In taakbeheer neemt iexplore.exe bijna alle ruimte in zodat de computer vreselijk vertraagt.

Ik heb hijackthis al gedownload en een logje gemaakt.

Hoe nu verder?