Stefert

Hieronder vindt u de log dat u gevraagd hebt. ComboFix 09-07-28.04 - Steven 29/07/2009 15:29.1.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.255.115 [GMT 2:00] Gestart vanuit: c:\documents and settings\Steven\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\FunWebProducts c:\program files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL c:\program files\FunWebProducts\Installr\Cache\000B8C6B.exe c:\program files\FunWebProducts\Installr\Cache\files.ini c:\program files\HbTools c:\program files\HbTools\HbTools.log c:\program files\Need2Find c:\program files\Need2Find\bar\1.bin\N2FFXTBR.JAR c:\program files\Need2Find\bar\1.bin\N2NTSTBR.JAR c:\program files\Need2Find\bar\1.bin\PARTNER.DAT c:\program files\Need2Find\bar\Cache\0060A390 c:\program files\Need2Find\bar\Cache\files.ini c:\program files\Need2Find\bar\History\search c:\program files\Need2Find\bar\Settings\prevcfg.htm c:\program files\zango c:\windows\smdat32a.sys c:\windows\smdat32m.sys c:\windows\system32\mdm.exe . (((((((((((((((((((( Bestanden Gemaakt van 2009-06-28 to 2009-07-29 )))))))))))))))))))))))))))))) . 2009-07-18 13:08 . 2009-07-02 12:47 327688 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgldx86.sys 2009-07-18 13:08 . 2009-07-02 12:47 2052376 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll 2009-07-18 13:08 . 2009-07-02 12:47 906520 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgemc.exe 2009-07-18 13:08 . 2009-07-02 12:47 2167576 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgresf.dll 2009-07-18 13:08 . 2009-07-02 12:47 2301208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avguiadv.dll 2009-07-18 13:07 . 2009-07-02 12:47 3402008 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe 2009-07-18 13:07 . 2009-07-02 12:47 1204504 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgabout.dll 2009-07-18 13:07 . 2009-07-02 12:47 353048 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgxch32.dll 2009-07-18 13:07 . 2009-07-02 12:46 337176 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avglogx.dll 2009-07-18 13:07 . 2009-07-02 12:46 829208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcfgx.dll 2009-07-18 13:07 . 2009-07-02 12:46 3298072 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\setup.exe 2009-07-18 13:02 . 2009-07-02 12:45 1085208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.exe 2009-07-18 13:02 . 2009-07-02 12:45 1454360 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-29 11:52 . 2007-12-06 18:59 -------- d-----w- c:\documents and settings\Steven\Application Data\U3 2009-07-22 16:15 . 2009-06-14 09:28 -------- d-----w- c:\program files\Microsoft Silverlight 2009-07-18 13:04 . 2008-07-09 13:56 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-07-02 12:47 . 2008-07-09 13:56 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-07-02 12:47 . 2008-07-09 13:56 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-06-16 14:55 . 2003-04-08 12:00 82432 ----a-w- c:\windows\system32\fontsub.dll 2009-06-16 14:55 . 2003-04-08 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-06-03 19:27 . 2003-04-08 12:00 1294848 ----a-w- c:\windows\system32\quartz.dll 2009-05-08 19:06 . 2008-07-09 13:56 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-05-07 15:44 . 2003-04-08 12:00 345600 ----a-w- c:\windows\system32\localspl.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2002-11-23 631362] "AdaptecDirectCD"="c:\program files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" [2005-02-16 684032] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd.exe" [2003-06-25 49152] "HPpromo psc 2400 series"="c:\program files\HP\Digital Imaging\Promotions\HPpromo.exe" [2003-10-09 126976] "Creative WebCam Tray"="c:\program files\Creative\Shared Files\CamTray.exe" [2003-06-26 184320] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-28 136600] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-07-02 1948440] "SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2003-06-10 55296] "Realtime Audio Engine"="mmrtkrnl.exe" - c:\windows\system32\mmrtkrnl.exe [2007-07-18 70144] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2003-7-7 233472] Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-07-02 12:47 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\EA GAMES\\Battlefield Vietnam\\bfvietnam.exe"= "c:\\Program Files\\Illusion Softworks\\Hidden & Dangerous 2\\hd2.exe"= "c:\\WINDOWS\\system32\\dpnsvr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\StubInstaller.exe"= "c:\\Program Files\\Windows Media Player\\wmplayer.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R3 cdiskdun;cdiskdun;c:\docume~1\STEFKE~1\LOCALS~1\Temp\cdiskdun.sys [x] R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900] R3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768] S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-07-18 335752] S1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-05-08 108552] S2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-07-18 907032] S2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-07-02 298776] S2 LF30FS;LF30FS;c:\program files\Everstrike Software\Lock Folder XP 3.5\LF30XP.sys [2004-11-19 101488] . Inhoud van de 'Gedeelde Taken' map 2009-07-18 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 11:42] . - - - - ORPHANS VERWIJDERD - - - - BHO-{6F13F0A2-7197-50FB-6031-67289FFF20E4} - c:\docume~1\ronny\APPLIC~1\LITENU~1\Browse Kind.exe HKCU-Run-ares - c:\program files\Ares\Ares.exe HKCU-Run-Skype - c:\program files\Skype\Phone\Skype.exe HKLM-Run-SS1HelperStartUp - c:\progra~1\SEASID~1\SS1HEL~1.EXE HKLM-Run-DXDllRegExe - dxdllreg.exe HKLM-Run-LFAgent - (no file) . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Search - Search DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-07-29 15:48 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2009-07-29 15:54 ComboFix-quarantined-files.txt 2009-07-29 13:54 Pre-Run: 54.813.212.672 bytes beschikbaar Post-Run: 62.876.811.264 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn 146 --- E O F --- 2009-07-22 10:02

Hallo Al een hele tijd werkt mijn computer heel traag. Hoe kan ik dit oplossen zodanig dat mijn pc weer wat rapper gaat? (ook internet gaat traag) Hopelijk kunnen jullie mij helpen. Alvast bedankt Stefert

Heel erg bedankt Voor mij te helpen.

ik kan Avi bestanden niet openen. En zou dit graag willen omzetten naar Wmv zodanig dat ik het wel kan afspelen.

Sorry Maar toch bedankt

Hallo, Ik zou graag een programma willen downloaden dat films van AVI naar WMV converteert kunt u mij iets aanraden. Alvast bedankt Steven

Op deze website kan ik niet veranderen van foto Introductiepagina

Hallo, Ik heb een probleem met het openen van foto's op website. Telkens wanneer ik naar een volgende foto wil gaan komt er onderaan een uittroepingsteken met het volgende "Fout op de pagina". En als ik met mijn muisaanwijzer op de foto sta dan staat er "javascript:jumpToImage(replace character...). Zou er iemand mij kunnen helpen dit op te lossen. Zodanig dat ik deze foto's wel kan zien. Alvast Bedankt.

Hallo, hier is het logje. ComboFix 09-02-25.02 - Steven Scherrens 2009-02-26 13:17:00.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2029.1414 [GMT 1:00] Gestart vanuit: c:\documents and settings\Steven Scherrens\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Steven Scherrens\Bureaublad\CFScript.txt..txt AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\101B5 c:\documents and settings\All Users\Application Data\101B5\{10AAE29A-BE01-462E-8DAC-D1E7FBC21E12}.swf c:\documents and settings\All Users\Application Data\11217 c:\documents and settings\All Users\Application Data\11217\{70526D7D-DF16-4B1B-9553-78A945EE4425}.swf c:\documents and settings\All Users\Application Data\11F c:\documents and settings\All Users\Application Data\11F\{5E26A8E0-1158-43C2-AEA1-462B47E6E4D0}.swf c:\documents and settings\All Users\Application Data\13DA c:\documents and settings\All Users\Application Data\13DA\{495A7678-1529-420F-B8B3-B7ACEDA72605}.swf c:\documents and settings\All Users\Application Data\193AF c:\documents and settings\All Users\Application Data\193AF\{7CE4A82F-3439-4DC7-9B78-EF26A7CD2ACE}.swf c:\documents and settings\All Users\Application Data\1B35B c:\documents and settings\All Users\Application Data\1B35B\{307D83B0-3FFD-4281-B7DD-9C2DBCC61A3B}.swf c:\documents and settings\All Users\Application Data\1C29F c:\documents and settings\All Users\Application Data\1C29F\{97CA273E-68E7-490E-A972-85BB772596AF}.swf c:\documents and settings\All Users\Application Data\1D157 c:\documents and settings\All Users\Application Data\1D157\{802E8E2F-578A-4979-9BA0-8132BC9A10C4}.swf c:\documents and settings\All Users\Application Data\2090410918 c:\documents and settings\All Users\Application Data\2090410918\config.udb c:\documents and settings\All Users\Application Data\2090410918\init.udb c:\documents and settings\All Users\Application Data\2090410918\Langs.udb c:\documents and settings\All Users\Application Data\2213 c:\documents and settings\All Users\Application Data\2213\{EECCD9C5-AF2C-403A-A9D3-9B7E8FD4EC41}.swf c:\documents and settings\All Users\Application Data\244E c:\documents and settings\All Users\Application Data\244E\{56EA3B97-DFD5-48D6-8262-17522F30834D}.swf c:\documents and settings\All Users\Application Data\25138 c:\documents and settings\All Users\Application Data\25138\{73235BBB-0A1C-4B51-AB71-5032CC97D369}.swf c:\documents and settings\All Users\Application Data\251F c:\documents and settings\All Users\Application Data\251F\{29C81F89-C056-44BE-9436-FD0F315D0DD8}.swf c:\documents and settings\All Users\Application Data\272E c:\documents and settings\All Users\Application Data\272E\{AD67C444-C257-4793-9F31-618650858315}.swf c:\documents and settings\All Users\Application Data\2A109 c:\documents and settings\All Users\Application Data\2A109\{AC1BE271-0DE3-4D10-8959-5364EC204D09}.swf c:\documents and settings\All Users\Application Data\2A213 c:\documents and settings\All Users\Application Data\2A213\{F2A16F65-6EA8-4BBF-A21A-FE926623C609}.swf c:\documents and settings\All Users\Application Data\2C138 c:\documents and settings\All Users\Application Data\2C138\{7E7AF30D-474C-4EC3-8ED6-53918DF5AAC4}.swf c:\documents and settings\All Users\Application Data\2D3B9 c:\documents and settings\All Users\Application Data\2D3B9\{6B0D67B8-DF42-4326-859E-F655C64A4C44}.swf c:\documents and settings\All Users\Application Data\2F3A9 c:\documents and settings\All Users\Application Data\2F3A9\{1557B21C-907A-4D9F-B818-A9D8CCBDBE10}.swf c:\documents and settings\All Users\Application Data\31F9 c:\documents and settings\All Users\Application Data\31F9\{D2F1B923-1B05-4BCD-A7A6-0318A14E0FA5}.swf c:\documents and settings\All Users\Application Data\3238A c:\documents and settings\All Users\Application Data\3238A\{465740B1-DE2C-45F1-AB1D-9EF297C2F7B0}.swf c:\documents and settings\All Users\Application Data\33242 c:\documents and settings\All Users\Application Data\33242\{377AA634-AA5C-4640-B404-2B4A4251899B}.swf c:\documents and settings\All Users\Application Data\341F c:\documents and settings\All Users\Application Data\341F\{B1BD81B5-672C-44CF-8554-79E657104D94}.swf c:\documents and settings\All Users\Application Data\349C c:\documents and settings\All Users\Application Data\349C\{3950FFE2-B7F9-432F-9BEE-6FDE12D461CF}.swf c:\documents and settings\All Users\Application Data\35232 c:\documents and settings\All Users\Application Data\35232\{2C793C24-B52D-4620-8737-D9DFBDB35AF8}.swf c:\documents and settings\All Users\Application Data\3ADA c:\documents and settings\All Users\Application Data\3ADA\{E7254E29-D96E-484C-91AB-BCA246413798}.swf c:\documents and settings\All Users\Application Data\536B c:\documents and settings\All Users\Application Data\536B\{C40B55FF-9846-4F33-AE65-D5C7B38B6995}.swf c:\documents and settings\All Users\Application Data\634B c:\documents and settings\All Users\Application Data\634B\{1617AB90-E44A-4467-A4FE-0D0CC5410E0A}.swf c:\documents and settings\All Users\Application Data\63E c:\documents and settings\All Users\Application Data\63E\{99482D56-65C1-4261-8313-96E4808A119F}.swf c:\documents and settings\All Users\Application Data\73B9 c:\documents and settings\All Users\Application Data\73B9\{77FA9950-D4FB-4DFB-A877-69B38A2915CD}.swf c:\documents and settings\All Users\Application Data\81A5 c:\documents and settings\All Users\Application Data\81A5\{3B1D813A-E122-473F-843D-9F1A3433D32C}.swf c:\documents and settings\All Users\Application Data\D2AF c:\documents and settings\All Users\Application Data\D2AF\{505921AA-F93F-4519-B44E-1CE23F79D82B}.swf c:\documents and settings\All Users\Application Data\ECB c:\documents and settings\All Users\Application Data\ECB\{4E22389C-A7DF-49DA-94F9-76126A096E9C}.swf c:\documents and settings\All Users\Application Data\F38A c:\documents and settings\All Users\Application Data\F38A\{92A62392-8927-4A7A-AC68-2F86DB88629A}.swf . (((((((((((((((((((( Bestanden Gemaakt van 2009-01-26 to 2009-02-26 )))))))))))))))))))))))))))))) . 2009-02-26 10:20 . 2009-02-26 10:20 <DIR> d-------- c:\documents and settings\All Users\Application Data\EFA 2009-02-24 16:32 . 2009-02-24 16:32 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf 2009-02-24 16:31 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll 2009-02-24 16:31 . 2009-02-24 16:31 1,374 --a------ c:\windows\imsins.BAK 2009-02-24 16:31 . 2009-02-24 16:31 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf 2009-02-24 15:37 . 2009-02-26 13:15 <DIR> dr-h----- c:\documents and settings\Steven Scherrens\Onlangs geopend 2009-02-24 15:32 . 2009-02-24 15:32 <DIR> d-------- c:\program files\CCleaner 2009-02-24 14:27 . 2009-02-24 14:27 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-02-24 14:27 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-24 14:27 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-02-24 13:10 . 2009-02-24 13:10 <DIR> d-------- c:\program files\Common Files\PCSuite 2009-02-24 13:10 . 2009-02-24 13:10 <DIR> d-------- c:\program files\Common Files\Nokia 2009-02-24 13:09 . 2009-02-24 13:09 <DIR> d-------- c:\program files\PC Connectivity Solution 2009-02-24 13:08 . 2008-09-15 07:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll 2009-02-24 13:08 . 2008-09-15 07:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll 2009-02-24 13:08 . 2008-09-15 07:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys 2009-02-24 13:08 . 2008-09-15 07:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys 2009-02-24 13:08 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys 2009-02-24 13:08 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys 2009-02-14 17:00 . 2001-06-18 09:41 282,624 --a------ c:\windows\system32\ActiveSkin.ocx 2009-02-14 17:00 . 2001-01-10 12:23 162,304 --a------ C:\UNWISE.EXE 2009-02-14 17:00 . 2001-06-18 09:41 112 --a------ c:\windows\ActiveSkin.INI 2009-02-14 14:57 . 2009-02-14 14:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\262FD 2009-02-11 18:19 . 2008-04-14 18:02 219,136 --a--c--- c:\windows\system32\dllcache\uxtheme.dll 2009-02-11 18:16 . 2009-02-11 18:16 <DIR> d-------- c:\program files\Microsoft Plus! Digital Media Edition 2009-02-11 18:12 . 2009-02-11 18:12 <DIR> d-------- c:\windows\Performance 2009-02-11 18:12 . 2009-02-11 18:12 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Corporation 2009-02-11 18:07 . 2009-02-11 18:27 <DIR> d-------- c:\windows\Icons 2009-02-10 20:04 . 2007-08-01 11:03 93,184 --a------ c:\windows\system32\UnPoker.exe 2009-02-06 19:55 . 2009-02-06 19:55 308,616 --a------ c:\windows\WLXPGSS.SCR 2009-02-06 18:52 . 2009-02-06 18:52 49,504 --a------ c:\windows\system32\sirenacm.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-26 12:11 --------- d-----w c:\program files\Steam 2009-02-25 19:27 201,352 ----a-w c:\windows\system32\PnkBstrB.exe 2009-02-25 19:27 140,216 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2009-02-25 16:19 --------- d-----w c:\documents and settings\All Users\Application Data\avg8 2009-02-24 15:44 --------- d-----w c:\documents and settings\Steven Scherrens\Application Data\Nokia 2009-02-24 12:10 --------- d-----w c:\program files\Nokia 2009-02-24 12:08 --------- d-----w c:\documents and settings\All Users\Application Data\Installations 2009-02-21 10:01 --------- d-----w c:\program files\Windows Live 2009-02-18 15:53 --------- d-----w c:\documents and settings\Steven Scherrens\Application Data\U3 2009-02-12 17:41 --------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-02-12 17:25 --------- d-----w c:\documents and settings\Steven Scherrens\Application Data\skypePM 2009-02-11 15:57 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-02-06 18:46 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys 2009-02-06 18:46 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys 2009-02-06 18:46 10,520 ----a-w c:\windows\system32\avgrsstx.dll 2009-01-24 15:20 --------- d-----w c:\documents and settings\All Users\Application Data\Electronic Arts 2009-01-12 16:45 --------- d-----w c:\program files\Google 2009-01-03 13:29 --------- d-----w c:\documents and settings\Steven Scherrens\Application Data\Malwarebytes 2009-01-03 13:29 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2009-01-03 11:43 --------- d-----w c:\program files\Trend Micro 2009-01-02 13:42 1,700,352 ----a-w c:\windows\system32\gdiplus.dll 2009-01-02 12:52 410,984 ----a-w c:\windows\system32\deploytk.dll 2009-01-02 12:52 --------- d-----w c:\program files\Java 2008-12-25 13:05 107,888 ----a-w c:\windows\system32\CmdLineExt.dll 2008-12-20 23:03 826,368 ------w c:\windows\system32\wininet.dll . ((((((((((((((((((((((((((((( SnapShot@2009-02-25_17.55.08.89 ))))))))))))))))))))))))))))))))))))))))) . + 2008-06-17 19:03:19 8,508,416 -c----w c:\windows\system32\dllcache\shell32.dll - 2008-04-14 17:02:39 8,508,416 ----a-w c:\windows\system32\shell32.dll + 2008-06-17 19:03:19 8,508,416 ----a-w c:\windows\system32\shell32.dll + 2009-02-26 12:10:56 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_1ec.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-07 68856] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-01-09 3321856] "Steam"="c:\program files\Steam\Steam.exe" [2008-11-22 1410296] "RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-12-18 306088] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288] "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-03-24 13524992] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-03-24 86016] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-06-25 1629480] "InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-06-25 1057064] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-06 1601304] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-02 136600] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "SigmatelSysTrayApp"="sttray.exe" [2008-02-01 c:\windows\sttray.exe] "nwiz"="nwiz.exe" [2008-03-24 c:\windows\system32\nwiz.exe] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 c:\windows\KHALMNPR.Exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil9f.exe" [2008-03-25 218496] c:\documents and settings\Steven Scherrens\Menu Start\Programma's\Opstarten\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-07-09 692224] Wireless Connection Manager.lnk - c:\program files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe [2008-07-09 19357696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-02-06 19:46 10520 c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Steam\\SteamApps\\stefert1993\\counter-strike source\\hl2.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"= "c:\\Program Files\\Call of Duty\\CoDMP.exe"= "c:\\Program Files\\Steam\\SteamApps\\stefert1993\\insurgency\\hl2.exe"= "c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"= "c:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe"= "c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"= "c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-07-09 325128] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-07-09 107272] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-07-11 903960] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-07-11 298264] S3 aaudstum;aaudstum;\??\c:\docume~1\STEVEN~1\LOCALS~1\Temp\aaudstum.sys --> c:\docume~1\STEVEN~1\LOCALS~1\Temp\aaudstum.sys [?] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [2006-03-24 33536] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2008-07-26 1527900] S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2008-07-26 544768] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ddea745a-4f4e-11dd-b557-001cc056ac9f}] \Shell\AutoRun\command - I:\LaunchU3.exe -a [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://www.google.com uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-26 13:19:19 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-292133596-1602540513-1142094642-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:71,6d,64,e3,38,e4,24,e1,f2,cb,88,4a,46,40,03,f9,14,9d,90,2d,89,7d,b3, ad,cc,4e,19,30,e4,35,d4,fc,f4,8e,5f,8d,fd,93,d0,32,5a,83,02,46,53,1b,04,d2,\ "??"=hex:26,1d,53,4c,c2,af,ac,5b,8a,b6,ba,0c,2c,fa,b3,09 [HKEY_USERS\S-1-5-21-292133596-1602540513-1142094642-1006\Software\SecuROM\License information*] "datasecu"=hex:ca,6d,78,3f,76,f2,a4,f3,4e,79,f5,22,22,13,bc,69,84,42,53,64,a8, 66,4b,4d,4a,92,be,28,d0,0d,7c,ed,a2,15,6d,2c,52,b5,4c,c4,c9,cf,04,77,0d,94,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . Voltooingstijd: 2009-02-26 13:20:09 ComboFix-quarantined-files.txt 2009-02-26 12:20:07 ComboFix2.txt 2009-02-25 17:46:16 ComboFix3.txt 2009-02-25 16:55:44 Pre-Run: 185.917.206.528 bytes beschikbaar Post-Run: 186,029,486,080 bytes beschikbaar 264 --- E O F --- 2009-02-25 19:45:00 En alles is opgelost. Merci, echt merci

ComboFix 09-02-24.02 - Steven Scherrens 2009-02-25 18:44:22.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2029.1376 [GMT 1:00] Gestart vanuit: c:\documents and settings\Steven Scherrens\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Steven Scherrens\Bureaublad\CFScript.txt..txt AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) * Nieuw herstelpunt werd aangemaakt FILE :: c:\documents and settings\All Users\Application Data\101B5 c:\documents and settings\All Users\Application Data\11217 c:\documents and settings\All Users\Application Data\11F c:\documents and settings\All Users\Application Data\13DA c:\documents and settings\All Users\Application Data\193AF c:\documents and settings\All Users\Application Data\1B35B c:\documents and settings\All Users\Application Data\1C29F c:\documents and settings\All Users\Application Data\1D157 c:\documents and settings\All Users\Application Data\2090410918 c:\documents and settings\All Users\Application Data\2213 c:\documents and settings\All Users\Application Data\244E c:\documents and settings\All Users\Application Data\25138 c:\documents and settings\All Users\Application Data\251F c:\documents and settings\All Users\Application Data\272E c:\documents and settings\All Users\Application Data\2A109 c:\documents and settings\All Users\Application Data\2A213 c:\documents and settings\All Users\Application Data\2C138 c:\documents and settings\All Users\Application Data\2D3B9 c:\documents and settings\All Users\Application Data\2F3A9 c:\documents and settings\All Users\Application Data\31F9 c:\documents and settings\All Users\Application Data\3238A c:\documents and settings\All Users\Application Data\33242 c:\documents and settings\All Users\Application Data\341F c:\documents and settings\All Users\Application Data\349C c:\documents and settings\All Users\Application Data\35232 c:\documents and settings\All Users\Application Data\3ADA c:\documents and settings\All Users\Application Data\536B c:\documents and settings\All Users\Application Data\634B c:\documents and settings\All Users\Application Data\63E c:\documents and settings\All Users\Application Data\73B9 c:\documents and settings\All Users\Application Data\81A5 c:\documents and settings\All Users\Application Data\D2AF c:\documents and settings\All Users\Application Data\ECB c:\documents and settings\All Users\Application Data\F38A c:\windows\system32\71AL3dmP.exe . (((((((((((((((((((( Bestanden Gemaakt van 2009-01-25 to 2009-02-25 )))))))))))))))))))))))))))))) . 2009-02-24 16:32 . 2009-02-24 16:32 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf 2009-02-24 16:31 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll 2009-02-24 16:31 . 2009-02-24 16:31 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf 2009-02-24 15:37 . 2009-02-25 18:42 <DIR> dr-h----- c:\documents and settings\Steven Scherrens\Onlangs geopend 2009-02-24 15:32 . 2009-02-24 15:32 <DIR> d-------- c:\program files\CCleaner 2009-02-24 14:27 . 2009-02-24 14:27 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-02-24 14:27 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-24 14:27 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-02-24 13:10 . 2009-02-24 13:10 <DIR> d-------- c:\program files\Common Files\PCSuite 2009-02-24 13:10 . 2009-02-24 13:10 <DIR> d-------- c:\program files\Common Files\Nokia 2009-02-24 13:09 . 2009-02-24 13:09 <DIR> d-------- c:\program files\PC Connectivity Solution 2009-02-24 13:08 . 2008-09-15 07:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll 2009-02-24 13:08 . 2008-09-15 07:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll 2009-02-24 13:08 . 2008-09-15 07:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys 2009-02-24 13:08 . 2008-09-15 07:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys 2009-02-24 13:08 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys 2009-02-24 13:08 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys 2009-02-22 10:58 . 2009-02-22 10:58 <DIR> d-------- c:\documents and settings\All Users\Application Data\81A5 2009-02-18 13:35 . 2009-02-18 13:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\2213 2009-02-17 20:41 . 2009-02-17 20:41 <DIR> d-------- c:\documents and settings\All Users\Application Data\349C 2009-02-15 16:48 . 2009-02-15 16:48 <DIR> d-------- c:\documents and settings\All Users\Application Data\536B 2009-02-15 13:07 . 2009-02-15 13:07 <DIR> d-------- c:\documents and settings\All Users\Application Data\341F 2009-02-14 17:00 . 2001-06-18 09:41 282,624 --a------ c:\windows\system32\ActiveSkin.ocx 2009-02-14 17:00 . 2001-01-10 12:23 162,304 --a------ C:\UNWISE.EXE 2009-02-14 17:00 . 2001-06-18 09:41 112 --a------ c:\windows\ActiveSkin.INI 2009-02-14 14:57 . 2009-02-14 14:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\262FD 2009-02-11 18:19 . 2008-04-14 18:02 219,136 --a--c--- c:\windows\system32\dllcache\uxtheme.dll 2009-02-11 18:16 . 2009-02-11 18:16 <DIR> d-------- c:\program files\Microsoft Plus! Digital Media Edition 2009-02-11 18:12 . 2009-02-11 18:12 <DIR> d-------- c:\windows\Performance 2009-02-11 18:12 . 2009-02-11 18:12 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Corporation 2009-02-11 18:07 . 2009-02-11 18:27 <DIR> d-------- c:\windows\Icons 2009-02-11 14:39 . 2009-02-11 14:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\35232 2009-02-10 20:04 . 2007-08-01 11:03 93,184 --a------ c:\windows\system32\UnPoker.exe 2009-02-10 18:54 . 2009-02-10 18:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\63E 2009-02-09 21:00 . 2009-02-09 21:00 <DIR> d-------- c:\documents and settings\All Users\Application Data\31F9 2009-02-06 19:55 . 2009-02-06 19:55 308,616 --a------ c:\windows\WLXPGSS.SCR 2009-02-06 18:52 . 2009-02-06 18:52 49,504 --a------ c:\windows\system32\sirenacm.dll 2009-02-04 13:30 . 2009-02-04 13:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\2D3B9 2009-02-01 10:29 . 2009-02-01 10:29 <DIR> d-------- c:\documents and settings\All Users\Application Data\25138 2009-01-31 19:39 . 2009-01-31 19:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\634B 2009-01-31 16:04 . 2009-01-31 16:04 <DIR> d-------- c:\documents and settings\All Users\Application Data\1B35B 2009-01-30 19:34 . 2009-01-30 19:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\3ADA 2009-01-29 20:16 . 2009-01-29 20:16 <DIR> d-------- c:\documents and settings\All Users\Application Data\3238A 2009-01-28 14:07 . 2009-01-28 14:07 <DIR> d-------- c:\documents and settings\All Users\Application Data\2A109 2009-01-27 17:48 . 2009-01-27 17:48 <DIR> d-------- c:\documents and settings\All Users\Application Data\251F 2009-01-26 22:15 . 2009-01-26 22:15 <DIR> d-------- c:\documents and settings\All Users\Application Data\193AF . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-25 16:51 --------- d-----w c:\program files\Steam 2009-02-25 16:19 --------- d-----w c:\documents and settings\All Users\Application Data\avg8 2009-02-24 15:44 --------- d-----w c:\documents and settings\Steven Scherrens\Application Data\Nokia 2009-02-24 12:52 201,352 ----a-w c:\windows\system32\PnkBstrB.exe 2009-02-24 12:52 140,216 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2009-02-24 12:10 --------- d-----w c:\program files\Nokia 2009-02-24 12:08 --------- d-----w c:\documents and settings\All Users\Application Data\Installations 2009-02-21 10:01 --------- d-----w c:\program files\Windows Live 2009-02-18 15:53 --------- d-----w c:\documents and settings\Steven Scherrens\Application Data\U3 2009-02-12 17:41 --------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-02-12 17:25 --------- d-----w c:\documents and settings\Steven Scherrens\Application Data\skypePM 2009-02-11 15:57 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-02-06 18:46 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys 2009-02-06 18:46 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys 2009-02-06 18:46 10,520 ----a-w c:\windows\system32\avgrsstx.dll 2009-01-24 15:20 --------- d-----w c:\documents and settings\All Users\Application Data\Electronic Arts 2009-01-22 18:16 --------- d-----w c:\documents and settings\All Users\Application Data\244E 2009-01-21 16:34 --------- d-----w c:\documents and settings\All Users\Application Data\73B9 2009-01-20 18:15 --------- d-----w c:\documents and settings\All Users\Application Data\272E 2009-01-19 17:33 --------- d-----w c:\documents and settings\All Users\Application Data\11217 2009-01-17 12:34 --------- d-----w c:\documents and settings\All Users\Application Data\D2AF 2009-01-15 17:21 --------- d-----w c:\documents and settings\All Users\Application Data\13DA 2009-01-12 16:45 --------- d-----w c:\program files\Google 2009-01-11 19:08 --------- d-----w c:\documents and settings\All Users\Application Data\2F3A9 2009-01-09 17:14 --------- d-----w c:\documents and settings\All Users\Application Data\2A213 2009-01-08 17:12 --------- d-----w c:\documents and settings\All Users\Application Data\33242 2009-01-03 13:42 --------- d-----w c:\documents and settings\All Users\Application Data\2090410918 2009-01-03 13:29 --------- d-----w c:\documents and settings\Steven Scherrens\Application Data\Malwarebytes 2009-01-03 13:29 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2009-01-03 11:43 --------- d-----w c:\program files\Trend Micro 2009-01-02 13:42 1,700,352 ----a-w c:\windows\system32\gdiplus.dll 2009-01-02 12:52 410,984 ----a-w c:\windows\system32\deploytk.dll 2009-01-02 12:52 --------- d-----w c:\program files\Java 2009-01-02 11:31 --------- d-----w c:\documents and settings\All Users\Application Data\ECB 2008-12-31 10:37 --------- d-----w c:\documents and settings\All Users\Application Data\2C138 2008-12-30 16:56 --------- d-----w c:\documents and settings\All Users\Application Data\F38A 2008-12-30 10:37 --------- d-----w c:\documents and settings\All Users\Application Data\1D157 2008-12-28 18:39 --------- d-----w c:\documents and settings\All Users\Application Data\11F 2008-12-27 09:35 --------- d-----w c:\documents and settings\All Users\Application Data\101B5 2008-12-25 13:05 107,888 ----a-w c:\windows\system32\CmdLineExt.dll 2008-12-25 12:36 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-25 12:24 --------- d-----w c:\program files\EA GAMES 2008-12-25 10:31 --------- d-----w c:\documents and settings\All Users\Application Data\1C29F 2008-12-20 23:03 826,368 ------w c:\windows\system32\wininet.dll . ((((((((((((((((((((((((((((( SnapShot@2009-02-25_17.55.08.89 ))))))))))))))))))))))))))))))))))))))))) . + 2009-02-25 16:51:03 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_1b0.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-07 68856] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-01-09 3321856] "Steam"="c:\program files\Steam\Steam.exe" [2008-11-22 1410296] "RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-12-18 306088] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288] "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-03-24 13524992] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-03-24 86016] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-06-25 1629480] "InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-06-25 1057064] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-06 1601304] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-02 136600] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "SigmatelSysTrayApp"="sttray.exe" [2008-02-01 c:\windows\sttray.exe] "nwiz"="nwiz.exe" [2008-03-24 c:\windows\system32\nwiz.exe] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 c:\windows\KHALMNPR.Exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil9f.exe" [2008-03-25 218496] c:\documents and settings\Steven Scherrens\Menu Start\Programma's\Opstarten\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-07-09 692224] Wireless Connection Manager.lnk - c:\program files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe [2008-07-09 19357696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-02-06 19:46 10520 c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Steam\\SteamApps\\stefert1993\\counter-strike source\\hl2.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"= "c:\\Program Files\\Call of Duty\\CoDMP.exe"= "c:\\Program Files\\Steam\\SteamApps\\stefert1993\\insurgency\\hl2.exe"= "c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"= "c:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe"= "c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"= "c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-07-09 325128] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-07-09 107272] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-07-11 903960] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-07-11 298264] S3 aaudstum;aaudstum;\??\c:\docume~1\STEVEN~1\LOCALS~1\Temp\aaudstum.sys --> c:\docume~1\STEVEN~1\LOCALS~1\Temp\aaudstum.sys [?] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [2006-03-24 33536] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2008-07-26 1527900] S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2008-07-26 544768] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ddea745a-4f4e-11dd-b557-001cc056ac9f}] \Shell\AutoRun\command - I:\LaunchU3.exe -a [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://www.google.com uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-25 18:45:26 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-292133596-1602540513-1142094642-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:71,6d,64,e3,38,e4,24,e1,f2,cb,88,4a,46,40,03,f9,14,9d,90,2d,89,7d,b3, ad,cc,4e,19,30,e4,35,d4,fc,f4,8e,5f,8d,fd,93,d0,32,5a,83,02,46,53,1b,04,d2,\ "??"=hex:26,1d,53,4c,c2,af,ac,5b,8a,b6,ba,0c,2c,fa,b3,09 [HKEY_USERS\S-1-5-21-292133596-1602540513-1142094642-1006\Software\SecuROM\License information*] "datasecu"=hex:ca,6d,78,3f,76,f2,a4,f3,4e,79,f5,22,22,13,bc,69,84,42,53,64,a8, 66,4b,4d,4a,92,be,28,d0,0d,7c,ed,a2,15,6d,2c,52,b5,4c,c4,c9,cf,04,77,0d,94,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . Voltooingstijd: 2009-02-25 18:46:14 ComboFix-quarantined-files.txt 2009-02-25 17:46:12 ComboFix2.txt 2009-02-25 16:55:44 Pre-Run: 186.160.291.840 bytes beschikbaar Post-Run: 186,190,893,056 bytes beschikbaar 257 --- E O F --- 2009-02-11 15:58:48 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:49:31, on 25/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\sttray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Steam\Steam.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [securDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe (User 'Default user') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Wireless Connection Manager.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 10970 bytes

Hallo, Dit is het logje. ComboFix 09-02-24.02 - Steven Scherrens 2009-02-25 17:48:16.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2029.1423 [GMT 1:00] Gestart vanuit: c:\documents and settings\Steven Scherrens\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Steven Scherrens\Application Data\MBSMainPlugin1635.dll c:\windows\system32\init32.exe Besmet exemplaar van c:\windows\system32\userinit.exe werd aangetroffen en gedesinfecteerd Hersteld exemplaar van - c:\qoobox\Quarantine\C\WINDOWS\system32\userinit.exe.vir . (((((((((((((((((((( Bestanden Gemaakt van 2009-01-25 to 2009-02-25 )))))))))))))))))))))))))))))) . 2009-02-24 16:32 . 2009-02-24 16:32 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf 2009-02-24 16:31 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll 2009-02-24 16:31 . 2009-02-24 16:31 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf 2009-02-24 15:37 . 2009-02-24 16:46 <DIR> dr-h----- c:\documents and settings\Steven Scherrens\Onlangs geopend 2009-02-24 15:32 . 2009-02-24 15:32 <DIR> d-------- c:\program files\CCleaner 2009-02-24 14:27 . 2009-02-24 14:27 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-02-24 14:27 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-24 14:27 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-02-24 13:10 . 2009-02-24 13:10 <DIR> d-------- c:\program files\Common Files\PCSuite 2009-02-24 13:10 . 2009-02-24 13:10 <DIR> d-------- c:\program files\Common Files\Nokia 2009-02-24 13:09 . 2009-02-24 13:09 <DIR> d-------- c:\program files\PC Connectivity Solution 2009-02-24 13:08 . 2008-09-15 07:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll 2009-02-24 13:08 . 2008-09-15 07:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll 2009-02-24 13:08 . 2008-09-15 07:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys 2009-02-24 13:08 . 2008-09-15 07:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys 2009-02-24 13:08 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys 2009-02-24 13:08 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys 2009-02-22 10:58 . 2009-02-22 10:58 <DIR> d-------- c:\documents and settings\All Users\Application Data\81A5 2009-02-18 13:35 . 2009-02-18 13:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\2213 2009-02-17 20:41 . 2009-02-17 20:41 <DIR> d-------- c:\documents and settings\All Users\Application Data\349C 2009-02-15 16:48 . 2009-02-15 16:48 <DIR> d-------- c:\documents and settings\All Users\Application Data\536B 2009-02-15 13:07 . 2009-02-15 13:07 <DIR> d-------- c:\documents and settings\All Users\Application Data\341F 2009-02-14 17:00 . 2001-06-18 09:41 282,624 --a------ c:\windows\system32\ActiveSkin.ocx 2009-02-14 17:00 . 2001-01-10 12:23 162,304 --a------ C:\UNWISE.EXE 2009-02-14 17:00 . 2001-06-18 09:41 112 --a------ c:\windows\ActiveSkin.INI 2009-02-14 14:57 . 2009-02-14 14:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\262FD 2009-02-11 18:19 . 2008-04-14 18:02 219,136 --a--c--- c:\windows\system32\dllcache\uxtheme.dll 2009-02-11 18:16 . 2009-02-11 18:16 <DIR> d-------- c:\program files\Microsoft Plus! Digital Media Edition 2009-02-11 18:12 . 2009-02-11 18:12 <DIR> d-------- c:\windows\Performance 2009-02-11 18:12 . 2009-02-11 18:12 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Corporation 2009-02-11 18:07 . 2009-02-11 18:27 <DIR> d-------- c:\windows\Icons 2009-02-11 14:39 . 2009-02-11 14:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\35232 2009-02-10 20:04 . 2007-08-01 11:03 93,184 --a------ c:\windows\system32\UnPoker.exe 2009-02-10 18:54 . 2009-02-10 18:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\63E 2009-02-09 21:00 . 2009-02-09 21:00 <DIR> d-------- c:\documents and settings\All Users\Application Data\31F9 2009-02-06 19:55 . 2009-02-06 19:55 308,616 --a------ c:\windows\WLXPGSS.SCR 2009-02-06 18:52 . 2009-02-06 18:52 49,504 --a------ c:\windows\system32\sirenacm.dll 2009-02-04 13:30 . 2009-02-04 13:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\2D3B9 2009-02-01 10:29 . 2009-02-01 10:29 <DIR> d-------- c:\documents and settings\All Users\Application Data\25138 2009-01-31 19:39 . 2009-01-31 19:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\634B 2009-01-31 16:04 . 2009-01-31 16:04 <DIR> d-------- c:\documents and settings\All Users\Application Data\1B35B 2009-01-30 19:34 . 2009-01-30 19:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\3ADA 2009-01-29 20:16 . 2009-01-29 20:16 <DIR> d-------- c:\documents and settings\All Users\Application Data\3238A 2009-01-28 14:07 . 2009-01-28 14:07 <DIR> d-------- c:\documents and settings\All Users\Application Data\2A109 2009-01-27 17:48 . 2009-01-27 17:48 <DIR> d-------- c:\documents and settings\All Users\Application Data\251F 2009-01-26 22:15 . 2009-01-26 22:15 <DIR> d-------- c:\documents and settings\All Users\Application Data\193AF . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-25 16:51 --------- d-----w c:\program files\Steam 2009-02-25 16:19 --------- d-----w c:\documents and settings\All Users\Application Data\avg8 2009-02-24 15:44 --------- d-----w c:\documents and settings\Steven Scherrens\Application Data\Nokia 2009-02-24 12:52 140,216 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2009-02-24 12:10 --------- d-----w c:\program files\Nokia 2009-02-24 12:08 --------- d-----w c:\documents and settings\All Users\Application Data\Installations 2009-02-21 10:01 --------- d-----w c:\program files\Windows Live 2009-02-18 15:53 --------- d-----w c:\documents and settings\Steven Scherrens\Application Data\U3 2009-02-12 17:41 --------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-02-12 17:25 --------- d-----w c:\documents and settings\Steven Scherrens\Application Data\skypePM 2009-02-11 15:57 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-02-06 18:46 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys 2009-02-06 18:46 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys 2009-01-24 15:20 --------- d-----w c:\documents and settings\All Users\Application Data\Electronic Arts 2009-01-22 18:16 --------- d-----w c:\documents and settings\All Users\Application Data\244E 2009-01-21 16:34 --------- d-----w c:\documents and settings\All Users\Application Data\73B9 2009-01-20 18:15 --------- d-----w c:\documents and settings\All Users\Application Data\272E 2009-01-19 17:33 --------- d-----w c:\documents and settings\All Users\Application Data\11217 2009-01-17 12:34 --------- d-----w c:\documents and settings\All Users\Application Data\D2AF 2009-01-15 17:21 --------- d-----w c:\documents and settings\All Users\Application Data\13DA 2009-01-12 16:45 --------- d-----w c:\program files\Google 2009-01-11 19:08 --------- d-----w c:\documents and settings\All Users\Application Data\2F3A9 2009-01-09 17:14 --------- d-----w c:\documents and settings\All Users\Application Data\2A213 2009-01-08 17:12 --------- d-----w c:\documents and settings\All Users\Application Data\33242 2009-01-03 13:42 --------- d-----w c:\documents and settings\All Users\Application Data\2090410918 2009-01-03 13:29 --------- d-----w c:\documents and settings\Steven Scherrens\Application Data\Malwarebytes 2009-01-03 13:29 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2009-01-03 11:43 --------- d-----w c:\program files\Trend Micro 2009-01-02 12:52 --------- d-----w c:\program files\Java 2009-01-02 11:31 --------- d-----w c:\documents and settings\All Users\Application Data\ECB 2008-12-31 10:37 --------- d-----w c:\documents and settings\All Users\Application Data\2C138 2008-12-30 16:56 --------- d-----w c:\documents and settings\All Users\Application Data\F38A 2008-12-30 10:37 --------- d-----w c:\documents and settings\All Users\Application Data\1D157 2008-12-28 18:39 --------- d-----w c:\documents and settings\All Users\Application Data\11F 2008-12-27 09:35 --------- d-----w c:\documents and settings\All Users\Application Data\101B5 2008-12-25 12:36 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-25 12:24 --------- d-----w c:\program files\EA GAMES 2008-12-25 10:31 --------- d-----w c:\documents and settings\All Users\Application Data\1C29F . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-07 68856] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-01-09 3321856] "Steam"="c:\program files\Steam\Steam.exe" [2008-11-22 1410296] "RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-12-18 306088] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288] "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-03-24 13524992] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-03-24 86016] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-06-25 1629480] "InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-06-25 1057064] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-06 1601304] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-02 136600] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "SigmatelSysTrayApp"="sttray.exe" [2008-02-01 c:\windows\sttray.exe] "nwiz"="nwiz.exe" [2008-03-24 c:\windows\system32\nwiz.exe] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 c:\windows\KHALMNPR.Exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil9f.exe" [2008-03-25 218496] c:\documents and settings\Steven Scherrens\Menu Start\Programma's\Opstarten\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-07-09 692224] Wireless Connection Manager.lnk - c:\program files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe [2008-07-09 19357696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-02-06 19:46 10520 c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Steam\\SteamApps\\stefert1993\\counter-strike source\\hl2.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"= "c:\\Program Files\\Call of Duty\\CoDMP.exe"= "c:\\Program Files\\Steam\\SteamApps\\stefert1993\\insurgency\\hl2.exe"= "c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"= "c:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe"= "c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"= "c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-07-09 325128] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-07-09 107272] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-07-11 903960] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-07-11 298264] S3 aaudstum;aaudstum;\??\c:\docume~1\STEVEN~1\LOCALS~1\Temp\aaudstum.sys --> c:\docume~1\STEVEN~1\LOCALS~1\Temp\aaudstum.sys [?] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [2006-03-24 33536] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2008-07-26 1527900] S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2008-07-26 544768] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{08e5698b-4d33-11dd-b549-806d6172696f}] \Shell\AutoRun\command - D:\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ddea745a-4f4e-11dd-b557-001cc056ac9f}] \Shell\AutoRun\command - I:\LaunchU3.exe -a [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . Inhoud van de 'Gedeelde Taken' map 2009-01-02 c:\windows\Tasks\At1.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At10.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At11.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-22 c:\windows\Tasks\At12.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-22 c:\windows\Tasks\At13.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-22 c:\windows\Tasks\At14.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-24 c:\windows\Tasks\At15.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-24 c:\windows\Tasks\At16.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-24 c:\windows\Tasks\At17.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-24 c:\windows\Tasks\At18.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-23 c:\windows\Tasks\At19.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At2.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-22 c:\windows\Tasks\At20.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-20 c:\windows\Tasks\At21.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-20 c:\windows\Tasks\At22.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-16 c:\windows\Tasks\At23.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-28 c:\windows\Tasks\At24.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At25.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At26.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At27.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At28.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At29.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At3.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At30.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At31.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At32.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At33.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At34.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At35.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-22 c:\windows\Tasks\At36.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-22 c:\windows\Tasks\At37.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-22 c:\windows\Tasks\At38.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-24 c:\windows\Tasks\At39.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At4.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-24 c:\windows\Tasks\At40.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-24 c:\windows\Tasks\At41.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-24 c:\windows\Tasks\At42.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-24 c:\windows\Tasks\At43.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-22 c:\windows\Tasks\At44.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-20 c:\windows\Tasks\At45.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-20 c:\windows\Tasks\At46.job - c:\windows\system32\71AL3dmP.exe [] 2009-02-16 c:\windows\Tasks\At47.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-28 c:\windows\Tasks\At48.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At5.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At6.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At7.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At8.job - c:\windows\system32\71AL3dmP.exe [] 2009-01-02 c:\windows\Tasks\At9.job - c:\windows\system32\71AL3dmP.exe [] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://www.google.com uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-25 17:53:47 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-292133596-1602540513-1142094642-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:71,6d,64,e3,38,e4,24,e1,f2,cb,88,4a,46,40,03,f9,14,9d,90,2d,89,7d,b3, ad,cc,4e,19,30,e4,35,d4,fc,f4,8e,5f,8d,fd,93,d0,32,5a,83,02,46,53,1b,04,d2,\ "??"=hex:26,1d,53,4c,c2,af,ac,5b,8a,b6,ba,0c,2c,fa,b3,09 [HKEY_USERS\S-1-5-21-292133596-1602540513-1142094642-1006\Software\SecuROM\License information*] "datasecu"=hex:ca,6d,78,3f,76,f2,a4,f3,4e,79,f5,22,22,13,bc,69,84,42,53,64,a8, 66,4b,4d,4a,92,be,28,d0,0d,7c,ed,a2,15,6d,2c,52,b5,4c,c4,c9,cf,04,77,0d,94,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\scardsvr.exe c:\program files\Nero\Nero 7\InCD\InCDsrv.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\nvsvc32.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PnkBstrB.exe c:\program files\SigmaTel\C-Major Audio\WDM\stacsv.exe c:\program files\AVG\AVG8\avgrsx.exe c:\progra~1\AVG\AVG8\avgnsx.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\AVG\AVG8\avgcsrvx.exe c:\windows\system32\rundll32.exe c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe c:\program files\Common Files\Logitech\KhalShared\KHALMNPR.exe c:\program files\PC Connectivity Solution\ServiceLayer.exe c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe . ************************************************************************** . Voltooingstijd: 2009-02-25 17:55:42 - machine werd herstart ComboFix-quarantined-files.txt 2009-02-25 16:55:39 Pre-Run: 183.201.984.512 bytes beschikbaar Post-Run: 186,196,271,104 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect 349 --- E O F --- 2009-02-11 15:58:48

Die ik niet gedownload heb. (Sorry maar ik heb zojuist mijn computer een keer opnieuw opgestart en wanneer het terug open ging dan kwam er weer WARNING: you have a security problem! ik denk dat het toch nog niet opgelost is. sorry)

Ik heb wel nog 1 probleempje. Er komen nu heel de tijd programma's op mijn scherm. Zoals antivirus ..., enz. Hoe krijg ik dit weg??? Anders is alles goed. Dank U!!!! Ik ben je heel dankbaar.

Hier is het logje. Malwarebytes' Anti-Malware 1.34 Database versie: 1798 Windows 5.1.2600 Service Pack 3 24/02/2009 14:35:01 mbam-log-2009-02-24 (14-35-01).txt Scan type: Snelle Scan Objecten gescand: 73990 Verstreken tijd: 6 minute(s), 44 second(s) Geheugenprocessen geïnfecteerd: 1 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 2 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 2 Mappen geïnfecteerd: 6 Bestanden geïnfecteerd: 6 Geheugenprocessen geïnfecteerd: C:\WINDOWS\system32\71AL3dmP.exe (Trojan.Dropper) -> Unloaded process successfully. Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\CrucialSoft Ltd (Rogue.MSantispyware2009) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\userinit.exe -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\userinit.exe -> Quarantined and deleted successfully. Mappen geïnfecteerd: C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009 (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\BASE (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\DELETED (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\LOG (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\SAVED (Rogue.Multiple) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\WINDOWS\system32\71AL3dmP.exe (Trojan.Dropper) -> Delete on reboot. C:\Documents and Settings\Steven Scherrens\Local Settings\Temp\6157.exe (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\20090223163857468.log (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\msas2009.exe (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\LOG\20090223162115218.log (Rogue.Multiple) -> Quarantined and deleted successfully. C:\WINDOWS\system32\71AL3dmP.exe.a_a (Trojan.Agent) -> Quarantined and deleted successfully. Logje HijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:44:36, on 24/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\userinit.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\sttray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Steam\Steam.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [securDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Netlog 24] "C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe" O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe (User 'Default user') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Wireless Connection Manager.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 11152 bytes

Hallo, Het is toch nog niet van mijn computer sorry. Hier heb je een logje. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:21:33, on 24/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\userinit.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\sttray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Steam\Steam.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [securDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Netlog 24] "C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe" O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Cognac] C:\DOCUME~1\STEVEN~1\LOCALS~1\Temp\5301.exe O4 - HKCU\..\RunOnce: [PCSuite.exe] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray -install -startgcw O4 - HKCU\..\RunOnce: [PcSync2.exe] C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe /NoDialog O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Wireless Connection Manager.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Keenfinder Service - Unknown owner - C:\Program Files\Keenfinder\keenfinder.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 11047 bytes Hopelijk kun je het zo rap mogelijk oplossen. Dank u!

Hallo, bedankt voor jouw hulp. Maar ik denk dat het al van mijn computer is. Toch bedankt

Hallo, Ik heb een klein probleempje. Ik deed mijn computer open. En opeens verschijnt er heel de tijd WARNING: You have a security problem! Ik weet niet hoe ik dit iritante melding kan weg krijgen. Hopelijk kunnen jullie mij helpen. Grtz

Het is weg Merci!

Hier zijn de logje 1. MBAM Malwarebytes' Anti-Malware 1.31 Database versie: 1602 Windows 5.1.2600 Service Pack 3 3/01/2009 14:42:08 mbam-log-2009-01-03 (14-42-08).txt Scan type: Snelle Scan Objecten gescand: 60594 Verstreken tijd: 11 minute(s), 3 second(s) Geheugenprocessen geïnfecteerd: 1 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 5 Registerwaarden geïnfecteerd: 1 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 1 Bestanden geïnfecteerd: 10 Geheugenprocessen geïnfecteerd: C:\Documents and Settings\All Users\Application Data\2090410918\948614148.exe (Rogue.SystemSecurity) -> Unloaded process successfully. Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{5d2631e5-8696-7543-50b2-f674cd4308eb} (Trojan.Fakealert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\MSFox (Trojan.Agent) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\948614148 (Rogue.SystemSecurity) -> Quarantined and deleted successfully. Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\Documents and Settings\All Users\Application Data\2090410918\948614148.exe (Rogue.SystemSecurity) -> Quarantined and deleted successfully. C:\Documents and Settings\Steven Scherrens\Local Settings\Temp\~tmpc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Steven Scherrens\Local Settings\Temp\~tmpd.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\Steven Scherrens\Local Settings\Temp\~tmpg.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\1.ico (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\2.ico (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\Thumbs.db (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\71AL3dmP.exe.a_a (Trojan.Agent) -> Quarantined and deleted successfully. 2. HIJACHTHIS Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:46:04, on 3/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\sttray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Electronic Arts\EADM\Core.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Steam\Steam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [securDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Netlog 24] "C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe" O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Wireless Connection Manager.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 11857 bytes Is het erg als MBAM niet gevraagd heeft om de computer herop te starten??

Hallo, Ik heb vandaag ineens een heel irritant programma op mijn PC, System Security. Hoe krijg ik dit weer van mijn PC? Ik heb alvast Hijachthis gedownload. En dit is mijn logje. Hopelijk kunnen jullie mij helpen? Alvast bedankt! Steven Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:49:53, on 3/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\sttray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Documents and Settings\All Users\Application Data\2090410918\948614148.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Electronic Arts\EADM\Core.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Steam\Steam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\WINDOWS\system32\msxml71.dll (file missing) O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [securDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [948614148] "C:\Documents and Settings\All Users\Application Data\2090410918\948614148.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Netlog 24] "C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe" O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Cognac] C:\DOCUME~1\STEVEN~1\LOCALS~1\Temp\~tmpb.exe O4 - HKCU\..\Run: [MSFox] C:\DOCUME~1\STEVEN~1\LOCALS~1\Temp\yyy10579.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Wireless Connection Manager.lnk = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/STEVEN~1/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg O24 - Desktop Component 1: (no name) - file:///C:/DOCUME~1/STEVEN~1/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg O24 - Desktop Component 2: (no name) - file:///C:/DOCUME~1/STEVEN~1/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.jpg O24 - Desktop Component 3: (no name) - file:///C:/DOCUME~1/STEVEN~1/LOCALS~1/Temp/msohtmlclip1/01/clip_image001.jpg O24 - Desktop Component 4: (no name) - http://nl.netlogstatic.com/p/tt/043/352/43352616.jpg -- End of file - 12691 bytes