Ga naar inhoud

charlottebru

Lid
  • Items

    20
  • Registratiedatum

  • Laatst bezocht

Berichten die geplaatst zijn door charlottebru

  1. Beste,

    Zoals hierboven vermeld heb ik volgend probleem:

    Foutmelding: "System werd onverwacht afgesloten" bij hervatting vanuit slaapstand

    Als ik mijn windows 7 laptop laat in slaapstand gaan, en hem de volgende keer wil hervatten, krijg ik ongeveeer 7 à 8 keer op de tien de foutmelding dat het systeem onverwacht werd afgesloten. Daarna heb ik de keuze om in veilige modus op te starten of normaal.

    Redelijk irritant. Ik probeerde het probleem al even te googlelen, maar vond enkel een microsoft antwoord ivm xp service pack 1 Foutbericht 'System was shutdown unexpectedly' als een computer met Windows Vista SP1 uit de sluimerstand wordt gehaald

    Daar probeerde ik die opgegeven code in te geven in het cmd programma, maar dan kreeg ik als foutmelding dat de toegang geweigerd is.

    Iemand die me kan helpen?

    Hartelijk dank.

  2. Beste,

    Ik heb sinds vorige week een nieuwe laptop (dell xps 15z), windows 7.

    Sinds ik deze in gebruik heb, valt de wifi internetverbinding om de haverklap weg.

    Dat kan na 5 minuten zijn, na een kwartier, of soms zelfs na 2 minuten. Dan krijg ik dat ik beperkte internettoegang heb.

    Het euvel is te verhelpen door de sneltoetsen op de laptop te gebruiken om het wifi signaal aan en uit te zetten, maar natuurlijk is dit erg ergerlijk.

    Vooral aangezien de modem/router (belgacom bbox-2) op 1,5 meter staat, in dezelfde kamer.

    Met mijn vorige laptops heb ik geen problemen gehad (een xp en een vista).

    Ik vraag me dus af of het aan de modem zou liggen, of aan de spiksplinternieuwe laptop..

    Kan iemand me helpen?

    Alvast bedankt

    (ps: ik heb nog een tweede vraag: zijnde dat deze laptop er blijkbaar niet in slaagt om mijn opgeslagen instellingen te onthouden. Als ik de laptop heropstart, zijn de instellingen die ik heb gewijzigd aan het trackpad steeds de oorspronkelijke. Ook als ik in de office programma's wens dat bij de auto-correctie bijvoorbeeld steeds met een hoofdletter na een punt dient te worden beginnen, is dit bij het heropstarten niet het geval.

    Is dit ook een laptop gerelateerd probleem? Het lijkt me erg moeilijk om me hierop te beroepen op de garantie, aangezien ik niet echt goed kan uitleggen wat het probleem is...)

  3. Na wat zoeken vond ik dit logje ivm schijfcontrole van Bron Wininit (niet winlogon)

     

    Het bestandssysteem op C: wordt gecontroleerd...

    Het type bestandssysteem is NTFS.

    Volumenaam is BOOT.

    De schijfruimte van één of meer stations moet op consistentie worden

    gecontroleerd. U kunt de schijfcontrole annuleren, maar wordt aangeraden

    deze procedure niet af te breken.

    Windows zal de schijf nu controleren.

    Kenmerkrecord van type 0x80 en instantielabel 0x0 is kruisgekoppeld,

    beginnend bij 0x2c5cd9c, voor mogelijk 0x16 clusters.

    Kenmerkrecord van type 0x80 en instantielabel 0x0 is kruisgekoppeld,

    beginnend bij 0x2c5cd9c, voor mogelijk 0x16 clusters.

    Sommige clusters die door het kenmerk van het type 0x80 en het instantielabel

    0x0 in het bestand 0x14357 bezet zijn, zijn reeds in gebruik.

    Het kenmerk van type 0x80 en instantielabel 0x0 in

    bestand 0x14357 heeft als toegewezen lengte 0x2065000 in plaats

    van 0x1b40000.

    Beschadigde vermelding in kenmerklijst verwijderd

    met typecode 128 in bestand 82775.

    Kan het kenmerk met de instantielabel 0x0 en de segmentverwijzing 0x5300000001e32e

    niet vinden. Het kenmerktype dat wordt verwacht, is 0x80.

    Beschadigd kenmerkrecord (128, "") verwijderen

    uit bestandsrecordsegment 123694.

    Kan het kenmerk met de instantielabel 0x0 en de segmentverwijzing 0x1b800000002013d

    niet vinden. Het kenmerktype dat wordt verwacht, is 0x80.

    Beschadigd kenmerkrecord (128, "") verwijderen

    uit bestandsrecordsegment 131389.

    Kenmerkrecord van type 0x80 en instantielabel 0x3 is kruisgekoppeld,

    beginnend bij 0x7a8, voor mogelijk 0x6 clusters.

    Kenmerkrecord van type 0x80 en instantielabel 0x3 is kruisgekoppeld,

    beginnend bij 0x7a8, voor mogelijk 0x6 clusters.

    Sommige clusters die door het kenmerk van het type 0x80 en het instantielabel

    0x3 in het bestand 0x144d5 bezet zijn, zijn reeds in gebruik.

    Beschadigd kenmerkrecord (128, "") verwijderen

    uit bestandsrecordsegment 83157.

    Kenmerkrecord van type 0x80 en instantielabel 0x3 is kruisgekoppeld,

    beginnend bij 0x115468, voor mogelijk 0x10 clusters.

    Kenmerkrecord van type 0x80 en instantielabel 0x3 is kruisgekoppeld,

    beginnend bij 0x115468, voor mogelijk 0x10 clusters.

    Sommige clusters die door het kenmerk van het type 0x80 en het instantielabel

    0x3 in het bestand 0x1859d bezet zijn, zijn reeds in gebruik.

    Beschadigd kenmerkrecord (128, "") verwijderen

    uit bestandsrecordsegment 99741.

    263808 bestandsrecords verwerkt. 1480 records met grote bestanden verwerkt. 0 records met beschadigde bestanden verwerkt. 0 EA-records verwerkt. 80 reparserecords verwerkt. De twee indexingangen met de lengte 0x38 en 0x30 zijn hetzelfde

    of staan in de verkeerde volgorde.

    18 00 14 00 00 00 00 00 38 00 08 00 01 00 00 00 ........8.......

    ee 2e 45 d8 2a 20 00 00 ee 2e 45 d8 2a 20 00 00 ..E.* ....E.* ..

    20 e2 60 00 00 00 00 00 b0 01 00 00 00 00 00 00 .`.............

    04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

    ----------------------------------------------------------------------

    18 00 14 00 00 00 00 00 30 00 08 00 00 00 00 00 ........0.......

    6d 39 44 d8 f2 1e 00 00 6d 39 44 d8 f2 1e 00 00 m9D.....m9D.....

    40 d2 5a 00 00 00 00 00 b0 01 00 00 00 00 00 00 @.Z.............

    18 00 14 00 00 00 00 00 30 00 08 00 00 00 00 00 ........0.......

    Index $SDH in bestand 9 sorteren.

    De indexbitmapafbeelding $I30 in bestand 0x1355c in onjuist.

    Fout in index $I30 voor bestand 79196 herstellen.

    De indexingang ~JME_E~1.TMP van de index $I30 in het bestand 0x15d87

    verwijst naar het ongebruikte bestand 0x1dd45.

    Indexvermelding ~JME_E~1.TMP in index $I30 van bestand 89479 verwijderen.

    324850 indexvermeldingen verwerkt. Verloren bestanden wordt hersteld.

    Er bevindt zich geen NTFS-bestandsnaamkenmerk in bestand 0xab16.

    Kleine bestandsnaamfouten in bestand 43798 herstellen.

    Zwevend bestand vdevselCAG5AMR0 (45086) naar mapbestand 79196 herstellen.

    Zwevend bestand ~VANDE~1.TMP (47238) naar mapbestand 133807 herstellen.

    Zwevend bestand ~vanderelstcharlotte_hotmail.ost.tmp (47238) naar mapbestand 133807 herstellen.

    Zwevend bestand vdevselCADBFQWB (51365) naar mapbestand 79196 herstellen.

    Er bevindt zich geen NTFS-bestandsnaamkenmerk in bestand 0xcf28.

    Kleine bestandsnaamfouten in bestand 53032 herstellen.

    Zwevend bestand vdevselCAEQOCBI (87949) naar mapbestand 79196 herstellen.

    Zwevend bestand vdevsel[11] (124700) naar mapbestand 79196 herstellen.

    Zwevend bestand vdevselCAGPK8SE (124766) naar mapbestand 79196 herstellen.

    Zwevend bestand vdevselCAE0DPGX (138739) naar mapbestand 79196 herstellen.

    Zwevend bestand vdevselCAYAYPRY (140291) naar mapbestand 79196 herstellen.

    Zwevend bestand vdevselCAZY636B (143808) naar mapbestand 79196 herstellen.

    Zwevend bestand vdevsel[2] (151478) naar mapbestand 79196 herstellen.

    Zwevend bestand vdevselCAW965I6 (179238) naar mapbestand 79196 herstellen.

    Zwevend bestand vdevselCAN2M1WZ (219685) naar mapbestand 79196 herstellen.

    Zwevend bestand vdevselCASYCSXG (223062) naar mapbestand 79196 herstellen.

    Zwevend bestand vdevselCAT4K9JX (224244) naar mapbestand 79196 herstellen.

    Zwevend bestand vdevselCADMZA7O (225064) naar mapbestand 79196 herstellen.

    18 niet-geïndexeerde bestanden verwerkt. Zwevend bestand vdevselCAFZ65GV (241407) naar mapbestand 79196 herstellen.

    Een vermelding met id 7922 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 7852 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 7924 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 7925 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 7921 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 8128 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 8233 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 8315 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 7923 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 8248 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 8646 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 8005 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 8247 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 7952 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 8249 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 7953 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 7951 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 8294 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 8127 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 7631 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 7632 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 8004 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 7633 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 7373 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 8321 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 13487 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 14475 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 11773 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 13430 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 13673 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 7874 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 8610 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 8350 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 8349 uit index $SDH van bestand 9 verwijderen.

    Een vermelding met id 8351 uit index $SDH van bestand 9 verwijderen.

    263808 security descriptors verwerkt. 379 ongebruikte indexvermeldingen uit index $SII van bestand 9 verwijderen.

    379 ongebruikte indexvermeldingen uit index $SDH van bestand 9 verwijderen.

    379 ongebruikte security descriptors verwijderen.

    De mirror van het blok met de security descriptor wijkt bij offset 0x0 af van

    de master security descriptor.

    De mirror van het blok met de security descriptor wijkt bij offset 0x200000 af van

    de master security descriptor.

    De mirror van het blok met de security descriptor wijkt bij offset 0x280000 af van

    de master security descriptor.

    De mirror van het blok met de security descriptor wijkt bij offset 0x400000 af van

    de master security descriptor.

    De mirror van het blok met de security descriptor wijkt bij offset 0x600000 af van

    de master security descriptor.

    De mirror van het blok met de security descriptor wijkt bij offset 0x680000 af van

    de master security descriptor.

    De mirror van het blok met de security descriptor wijkt bij offset 0x700000 af van

    de master security descriptor.

    De mirror van het blok met de security descriptor wijkt bij offset 0x800000 af van

    de master security descriptor.

    De mirror van het blok met de security descriptor wijkt bij offset 0x880000 af van

    de master security descriptor.

    De mirror van het blok met de security descriptor wijkt bij offset 0x900000 af van

    de master security descriptor.

    De mirror van het blok met de security descriptor wijkt bij offset 0x980000 af van

    de master security descriptor.

    De mirror van het blok met de security descriptor wijkt bij offset 0xa00000 af van

    de master security descriptor.

    De mirror van het blok met de security descriptor wijkt bij offset 0xa80000 af van

    de master security descriptor.

    De mirror van het blok met de security descriptor wijkt bij offset 0xb00000 af van

    de master security descriptor.

    De mirror van het blok met de security descriptor wijkt bij offset 0xb80000 af van

    de master security descriptor.

    De mirrorkopie van de gegevensstream voor security descriptors herstellen.

    Gegevenskenmerk in bestand 82775 invoegen.

    Gegevenskenmerk in bestand 83157 invoegen.

    Gegevenskenmerk in bestand 99741 invoegen.

    30525 gegevensbestanden verwerkt. Het USN-logboek controleren...

    33678256 USN-bytes verwerkt. Controle van USN-logboek is voltooid.

    CHKDSK controleert de bestandsgegevens (stap 4 van 5)...

    263792 bestanden verwerkt. De controle van bestandsgegevens is voltooid.

    Vrije ruimte controleren (stap 5 van 5)...

    13986440 vrije clusters verwerkt. De controle op vrije schijfruimte is voltooid.

    Fouten in het BITMAP-kenmerk van MFT herstellen.

    Fouten in de volumebitmap herstellen.

    Het bestandssysteem is hersteld.

    281852360 kB totale schijfruimte.

    225406220 kB in 224545 bestanden.

    116708 kB in 30523 indexen.

    0 kB in beschadigde sectoren.

    383672 kB in gebruik door het systeem.

    Het logboekbestand neemt 65536 kB in beslag.

    55945760 kB beschikbaar op schijf.

    4096 bytes per cluster

    70463090 clusters in totaal op schijf

    13986440 clusters beschikbaar op schijf

    Interne info:

    80 06 04 00 69 e4 03 00 61 a6 06 00 00 00 00 00 ....i...a.......

    dd 2c 00 00 50 00 00 00 00 00 00 00 00 00 00 00 .,..P...........

    42 00 00 00 52 73 3a 77 80 86 31 00 80 7e 31 00 B...Rs:w..1..~1.

    Windows heeft de schijfcontrole voltooid.

    Een ogenblik geduld. De computer wordt opnieuw opgestart.

     

    Het bestandssysteem op C: wordt gecontroleerd...

    Het type bestandssysteem is NTFS.

    Volumenaam is BOOT.

    Er is in een eerder stadium een schijfcontrole gepland.

    Windows zal de schijf nu controleren.

    263808 bestandsrecords verwerkt. 1480 records met grote bestanden verwerkt. 0 records met beschadigde bestanden verwerkt. 0 EA-records verwerkt. 80 reparserecords verwerkt. 324850 indexvermeldingen verwerkt. 0 niet-geïndexeerde bestanden verwerkt. 263808 security descriptors verwerkt. 30522 gegevensbestanden verwerkt. Het USN-logboek controleren...

    33681008 USN-bytes verwerkt. Controle van USN-logboek is voltooid.

    CHKDSK controleert de bestandsgegevens (stap 4 van 5)...

    263792 bestanden verwerkt. De controle van bestandsgegevens is voltooid.

    Vrije ruimte controleren (stap 5 van 5)...

    13986460 vrije clusters verwerkt. De controle op vrije schijfruimte is voltooid.

    Het bestandssysteem is gecontroleerd. Er zijn geen problemen vastgesteld.

    281852360 kB totale schijfruimte.

    225406140 kB in 224547 bestanden.

    116712 kB in 30523 indexen.

    0 kB in beschadigde sectoren.

    383668 kB in gebruik door het systeem.

    Het logboekbestand neemt 65536 kB in beslag.

    55945840 kB beschikbaar op schijf.

    4096 bytes per cluster

    70463090 clusters in totaal op schijf

    13986460 clusters beschikbaar op schijf

    Interne info:

    80 06 04 00 69 e4 03 00 5f a6 06 00 00 00 00 00 ....i..._.......

    dd 2c 00 00 50 00 00 00 00 00 00 00 00 00 00 00 .,..P...........

    42 00 00 00 52 73 87 77 80 86 2d 00 80 7e 2d 00 B...Rs.w..-..~-.

    Windows heeft de schijfcontrole voltooid.

    Een ogenblik geduld. De computer wordt opnieuw opgestart.

    En als ik verder lees in de logbestanden, kom ik veelal meldingen tegen zoals deze:

    Windows (3024) Windows: Het lezen van bestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb bij offset 172687360 (0x000000000a4b0000) voor 8192 (0x00002000) bytes is voltooid, maar de verwerking door het besturingssysteem heeft uitzonderlijk lang geduurd (60 seconden). Dit probleem wordt waarschijnlijk veroorzaakt door beschadigde hardware. Neem contact op met de leverancier van uw hardware voor verdere hulp bij het vaststellen van de oorzaak van het probleem.

    en

    Kan de beschrijving van gebeurtenis-id 0 van bron RichVideo niet vinden. Het onderdeel dat de gebeurtenis heeft gestart is mogelijk niet op de lokale computer geïnstalleerd, of de installatie is beschadigd. U kunt het onderdeel op de lokale computer installeren of herstellen.

    Als de gebeurtenis van een andere computer afkomstig is, moest de weergave-informatie bij de gebeurtenis zijn opgeslagen.

    De volgende informatie is in de gebeurtenis opgenomen:

    Service started

    Dit lijkt me allemaal niet goed...

  4. Sorry voor al de moeilijkheden, maar nu heb ik het oude logje verwijderd, en nog steeds als ik op save log klik, vraagt HJT mij of ik het bestaand bestand (dat dus volgens de mededeling van HJT nog bestaat) wil vervangen. Als ik dan ja klik, komt er er naamloos kladblok zonder iets tevoorschijn, en in de windows verkenner is het logje niet te vinden...

    Deze laptop doet echt zeer vreemd.

    Hulp?

    PS nu zie ik ook dat deze mappen in de verkenner als alleen lezen staan aangeduid. Als ik dit probeer te veranderen, vraagt hij mijn machtiging als administrator, maar als ik dan terug op eigenschappen klik erna, is het opnieuw alleen lezen. Weet niet of dit nuttige info is, maar bij deze

    ---------- Post toegevoegd om 22:28 ---------- Vorige post was om 22:16 ----------

    Volgens mij heb ik geen machtigingen of zoiets meer over program files.

    Als ik bij wijze van test een word document wilde opslaan in program files ging dit niet, en werd me gevraagd dit in mijn documenten op te slaan. Daar ging het wel.

    En als ik probeer om via eigenschappen van program files de wijzigingen wil aanpassen, zijn alle vinkjes grijs, dus kan ik niets aan of uit vinken.

    ---------- Post toegevoegd om 22:30 ---------- Vorige post was om 22:28 ----------

    PS dit is HJT log opgeslaan op bureaublad:

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 0:29:29, on 30/03/2011

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v8.00 (8.00.6001.19019)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\taskeng.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Program Files\Launch Manager\WButton.exe

    C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    C:\Windows\RtHDVCpl.exe

    C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe

    C:\Program Files\Softex\OmniPass\scureapp.exe

    C:\Program Files\Launch Manager\OSD.exe

    C:\Program Files\Launch Manager\LaunchAp.exe

    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

    C:\Program Files\Launch Manager\HotkeyApp.exe

    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    C:\Windows\System32\rundll32.exe

    C:\Program Files\HP\HP Software Update\hpwuschd2.exe

    C:\Program Files\Common Files\Java\Java Update\jusched.exe

    C:\Program Files\Windows Sidebar\sidebar.exe

    C:\Windows\ehome\ehtray.exe

    C:\Program Files\DAEMON Tools Lite\daemon.exe

    C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe

    C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\TeaTimer.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Program Files\WiFiConnector\NintendoWFCReg.exe

    C:\Windows\System32\rundll32.exe

    C:\Windows\ehome\ehmsas.exe

    C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

    C:\Program Files\Windows Sidebar\sidebar.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Windows\system32\Macromed\Flash\FlashUtil10o_ActiveX.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe

    C:\Program Files\Windows Media Player\wmplayer.exe

    C:\Windows\System32\mobsync.exe

    C:\Windows\system32\conime.exe

    C:\Program Files\Common Files\Real\Update_OB\realsched.exe

    C:\Program Files\ANTI SPYWARE EN VIRUS\Trend Micro\HiJackThis\HiJackThis.exe

    C:\Program Files\Real\RealPlayer\RealPlay.exe

    C:\Windows\System32\rundll32.exe

    C:\Windows\System32\rundll32.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\IPSBHO.DLL

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

    O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\HomeCinema\YouCam" update "Software\CyberLink\YouCam\1.0"

    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    O4 - HKLM\..\Run: [skytel] Skytel.exe

    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe

    O4 - HKLM\..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

    O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"

    O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"

    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe"

    O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

    O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"

    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [DivX Free Codec] C:\Program Files\DivX Free Codec\Divx Free Update.exe

    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

    O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"

    O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\TeaTimer.exe

    O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    O4 - Global Startup: Registratiesoftware starten.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

    O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe

    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe

    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

    O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --

    End of file - 13234 bytes

    ---------- Post toegevoegd om 22:39 ---------- Vorige post was om 22:30 ----------

    PS 2

    Heb net geprobeerd om mij als en administrator en als gebruiker volledig beheer te geven over de c schijf, en dat leek te lukken, behalve voor de belangrijke mappen windows en program files. Daar ging het niet, en waren de mogelijkheden weer grijs weergegeven.

  5. MBAM:

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 22:47:30, on 1/10/2010

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v8.00 (8.00.6001.18943)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\Dwm.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe

    C:\Windows\system32\conime.exe

    C:\Windows\System32\mobsync.exe

    C:\Windows\Explorer.exe

    C:\Windows\system32\wuauclt.exe

    C:\Windows\system32\notepad.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe

    C:\Program Files\ANTI SPYWARE EN VIRUS\Trend Micro\HiJackThis\HiJackThis.exe

    C:\Windows\system32\SearchFilterHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\IPSBHO.DLL

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

    O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\HomeCinema\YouCam" update "Software\CyberLink\YouCam\1.0"

    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    O4 - HKLM\..\Run: [skytel] Skytel.exe

    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe

    O4 - HKLM\..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

    O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"

    O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"

    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe"

    O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

    O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"

    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [DivX Free Codec] C:\Program Files\DivX Free Codec\Divx Free Update.exe

    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

    O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"

    O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\TeaTimer.exe

    O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

    O4 - Global Startup: Registratiesoftware starten.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

    O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -

    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Ad-Aware\aawservice.exe

    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe

    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe

    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

    O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --

    End of file - 11057 bytes

    HJT

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 22:47:30, on 1/10/2010

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v8.00 (8.00.6001.18943)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\Dwm.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe

    C:\Windows\system32\conime.exe

    C:\Windows\System32\mobsync.exe

    C:\Windows\Explorer.exe

    C:\Windows\system32\wuauclt.exe

    C:\Windows\system32\notepad.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe

    C:\Program Files\ANTI SPYWARE EN VIRUS\Trend Micro\HiJackThis\HiJackThis.exe

    C:\Windows\system32\SearchFilterHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\IPSBHO.DLL

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

    O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\HomeCinema\YouCam" update "Software\CyberLink\YouCam\1.0"

    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    O4 - HKLM\..\Run: [skytel] Skytel.exe

    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe

    O4 - HKLM\..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

    O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"

    O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"

    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe"

    O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

    O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"

    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [DivX Free Codec] C:\Program Files\DivX Free Codec\Divx Free Update.exe

    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

    O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"

    O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\TeaTimer.exe

    O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

    O4 - Global Startup: Registratiesoftware starten.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

    O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -

    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Ad-Aware\aawservice.exe

    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe

    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe

    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

    O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --

    End of file - 11057 bytes

    Bedankt

  6. MBAM log:

    Malwarebytes' Anti-Malware 1.50.1.1100

    Databaseversie: 6183

    Windows 6.0.6002 Service Pack 2

    Internet Explorer 8.0.6001.19019

    27/03/2011 16:38:01

    mbam-log-2011-03-27 (16-38-01).txt

    Scantype: Snelle scan

    Objecten gescand: 189922

    Verstreken tijd: 13 minuut/minuten, 52 seconde(n)

    Geheugenprocessen geïnfecteerd: 0

    Geheugenmodulen geïnfecteerd: 0

    Registersleutels geïnfecteerd: 0

    Registerwaarden geïnfecteerd: 0

    Registerdata geïnfecteerd: 0

    Mappen geïnfecteerd: 0

    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    HJT log:

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 22:47:30, on 1/10/2010

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v8.00 (8.00.6001.18943)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\Dwm.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe

    C:\Windows\system32\conime.exe

    C:\Windows\System32\mobsync.exe

    C:\Windows\Explorer.exe

    C:\Windows\system32\wuauclt.exe

    C:\Windows\system32\notepad.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe

    C:\Program Files\ANTI SPYWARE EN VIRUS\Trend Micro\HiJackThis\HiJackThis.exe

    C:\Windows\system32\SearchFilterHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\IPSBHO.DLL

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

    O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\HomeCinema\YouCam" update "Software\CyberLink\YouCam\1.0"

    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    O4 - HKLM\..\Run: [skytel] Skytel.exe

    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe

    O4 - HKLM\..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

    O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"

    O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"

    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe"

    O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

    O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"

    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [DivX Free Codec] C:\Program Files\DivX Free Codec\Divx Free Update.exe

    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

    O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"

    O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\TeaTimer.exe

    O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

    O4 - Global Startup: Registratiesoftware starten.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

    O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -

    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Ad-Aware\aawservice.exe

    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe

    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe

    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

    O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --

    End of file - 11057 bytes

    Hopelijk kan iemand me verder helpen? Thanks

  7. Hieronder het HJT logje:

    Ik heb ook gisterenavond een schijfcontrole uitgevoerd in windows, maar ik weet niet waar ik daarvan het logbestand kan vinden. Weet niet of dit jullie kan helpen...

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 22:47:30, on 1/10/2010

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v8.00 (8.00.6001.18943)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\Dwm.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe

    C:\Windows\system32\conime.exe

    C:\Windows\System32\mobsync.exe

    C:\Windows\Explorer.exe

    C:\Windows\system32\wuauclt.exe

    C:\Windows\system32\notepad.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe

    C:\Program Files\ANTI SPYWARE EN VIRUS\Trend Micro\HiJackThis\HiJackThis.exe

    C:\Windows\system32\SearchFilterHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\IPSBHO.DLL

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

    O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\HomeCinema\YouCam" update "Software\CyberLink\YouCam\1.0"

    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    O4 - HKLM\..\Run: [skytel] Skytel.exe

    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe

    O4 - HKLM\..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

    O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"

    O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"

    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe"

    O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

    O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"

    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [DivX Free Codec] C:\Program Files\DivX Free Codec\Divx Free Update.exe

    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

    O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"

    O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\TeaTimer.exe

    O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

    O4 - Global Startup: Registratiesoftware starten.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

    O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Ad-Aware\aawservice.exe

    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe

    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe

    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

    O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --

    End of file - 11057 bytes

  8. Goedeavond,

    Mijn laptop doet al een paar dagen erg abnormaal. Ik kan firefox niet meer openen, omdat dit steeds een foutmelding geeft en zichzelf afsluit. Ook mijn outlook werkt niet meer.

    Ik dacht dit op te lossen door een systeemherstel te doen, maar dit kan niet omdat ik de volgende foutmelding krijg: kan geen systeemherstel uitvoeren omdat de harde schijf beschadigd is.

    Kan iemand me helpen om mijn laptop terug op de rails te krijgen?

    Alvast hartelijk dank

  9. Het Combofix logje:

    ComboFix 10-09-30.01 - Charlotte 01/10/2010 22:23:38.2.2 - x86

    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3070.1668 [GMT 2:00]

    Gestart vanuit: c:\users\Charlotte\Desktop\ComboFix.exe

    gebruikte Opdracht switches :: c:\users\Charlotte\Desktop\CFscript.txt

    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    -------\Legacy_RECONN

    (((((((((((((((((((( Bestanden Gemaakt van 2010-09-01 to 2010-10-01 ))))))))))))))))))))))))))))))

    .

    2010-10-01 20:32 . 2010-10-01 20:32 -------- d-----w- c:\users\Public\AppData\Local\temp

    2010-10-01 20:32 . 2010-10-01 20:32 -------- d-----w- c:\users\Default\AppData\Local\temp

    2010-10-01 20:32 . 2010-10-01 20:32 -------- d-----w- c:\users\Administrator\AppData\Local\temp

    2010-09-30 20:37 . 2010-10-01 20:36 -------- d-----w- c:\users\Charlotte\AppData\Local\temp

    2010-09-30 17:53 . 2010-09-30 17:53 -------- d-----w- c:\program files\Common Files\Java

    2010-09-30 17:52 . 2010-09-30 17:51 423656 ----a-w- c:\windows\system32\deployJava1.dll

    2010-09-30 16:46 . 2010-09-30 16:47 388096 ----a-r- c:\users\Charlotte\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

    2010-09-30 16:00 . 2010-09-30 16:46 -------- d-----w- c:\program files\ANTI SPYWARE EN VIRUS

    2010-09-30 15:23 . 2010-09-30 15:23 -------- d-----w- C:\found.000

    2010-09-30 10:52 . 2010-09-30 16:14 -------- d-----w- c:\users\Charlotte\AppData\Local\CrashDumps

    2010-09-29 17:59 . 2010-09-29 17:59 -------- d-----w- c:\users\Charlotte\AppData\Roaming\Malwarebytes

    2010-09-29 17:59 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

    2010-09-29 17:59 . 2010-09-29 17:59 -------- d-----w- c:\programdata\Malwarebytes

    2010-09-29 17:59 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

    2010-09-29 17:59 . 2010-09-29 17:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

    2010-09-29 16:51 . 2010-09-29 16:50 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

    2010-09-29 16:50 . 2010-09-29 17:15 -------- d-----w- c:\program files\Common Files\Symantec Shared

    2010-09-29 16:50 . 2010-09-29 16:51 -------- d-----w- c:\program files\Symantec

    2010-09-29 16:49 . 2010-10-01 20:13 -------- d-----w- c:\windows\system32\drivers\NAV

    2010-09-29 16:49 . 2010-09-29 16:49 -------- d-----w- c:\program files\Norton AntiVirus

    2010-09-29 16:48 . 2010-09-29 16:49 -------- d-----w- c:\programdata\Norton

    2010-09-29 16:40 . 2010-09-30 11:00 -------- d-----w- c:\program files\NortonInstaller

    2010-09-29 16:40 . 2010-09-29 16:40 -------- d-----w- c:\programdata\NortonInstaller

    2010-09-29 02:00 . 2010-06-22 13:30 2048 ----a-w- c:\windows\system32\tzres.dll

    2010-09-15 14:16 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll

    2010-09-15 14:16 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe

    2010-09-15 14:15 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL

    2010-09-15 14:15 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll

    2010-09-02 15:25 . 2010-09-02 15:25 -------- d-----w- c:\users\Charlotte\AppData\Roaming\dvdcss

    .

    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2010-10-01 20:33 . 2008-03-03 02:16 12 ----a-w- c:\windows\bthservsdp.dat

    2010-10-01 20:08 . 2008-03-03 07:21 -------- d-----w- c:\programdata\BullGuard

    2010-09-30 17:51 . 2008-03-03 04:36 -------- d-----w- c:\program files\Java

    2010-09-30 16:34 . 2008-07-18 14:46 -------- d-----w- c:\programdata\Spybot - Search & Destroy

    2010-09-30 15:00 . 2010-05-10 16:43 -------- d-----w- c:\users\Charlotte\AppData\Roaming\vlc

    2010-09-30 15:00 . 2009-02-13 19:04 -------- d-----w- c:\users\Charlotte\AppData\Roaming\uTorrent

    2010-09-30 15:00 . 2008-06-05 18:25 -------- d-----w- c:\program files\PC Connectivity Solution

    2010-09-30 15:00 . 2008-03-03 04:53 -------- d-----w- c:\programdata\Microsoft Help

    2010-09-30 15:00 . 2008-03-03 04:51 -------- d-----w- c:\program files\Microsoft Works

    2010-09-30 15:00 . 2009-10-18 12:50 -------- d-----w- c:\program files\Microsoft Silverlight

    2010-09-30 15:00 . 2009-10-28 16:40 -------- d-----w- c:\program files\LG PC Suite II

    2010-09-30 15:00 . 2008-08-11 18:34 -------- d-----w- c:\program files\Grand Theft Auto Vice City

    2010-09-30 15:00 . 2008-03-03 10:41 -------- d-----w- c:\program files\Google

    2010-09-30 10:55 . 2008-07-04 17:12 -------- d-----w- c:\program files\WMR11

    2010-09-29 16:50 . 2010-09-29 16:51 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF

    2010-09-29 16:50 . 2010-09-29 16:51 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT

    2010-09-28 13:51 . 2006-11-02 16:11 670308 ----a-w- c:\windows\system32\perfh013.dat

    2010-09-28 13:51 . 2006-11-02 16:11 127900 ----a-w- c:\windows\system32\perfc013.dat

    2010-09-19 16:48 . 2008-06-05 19:31 28219 ----a-w- c:\users\Charlotte\AppData\Roaming\nvModes.dat

    2010-09-19 16:47 . 2008-06-29 18:11 -------- d-----w- c:\program files\DOSBox-0.72

    2010-09-16 08:46 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

    2010-08-12 14:15 . 2010-08-12 13:16 -------- d-----w- c:\program files\Theme Hospital

    2010-08-20 08:34 . 2008-09-24 05:57 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll

    2008-02-19 08:47 . 2007-09-10 12:03 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT

    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

    "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992]

    [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]

    [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]

    [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]

    [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]

    @="{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}"

    [HKEY_CLASSES_ROOT\CLSID\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]

    2009-03-06 03:17 143160 ----a-w- c:\windows\System32\pfmshx_27B.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "WindowsWelcomeCenter"="oobefldr.dll" [2009-04-10 2153472]

    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]

    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

    "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]

    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-15 202024]

    "SpybotSD TeaTimer"="c:\program files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]

    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]

    "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2007-09-07 86016]

    "UCam_Menu"="c:\program files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504]

    "toolbar_eula_launcher"="c:\program files\GoogleEULA\EULALauncher.exe" [2007-02-09 16896]

    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-07-04 185896]

    "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-31 102400]

    "Skytel"="Skytel.exe" [2007-11-20 1826816]

    "RtHDVCpl"="RtHDVCpl.exe" [2007-12-17 4718592]

    "RemoteControl"="c:\program files\HomeCinema\PowerDVD\PDVDServ.exe" [2007-02-09 71216]

    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]

    "PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]

    "OmniPass"="c:\program files\Softex\OmniPass\scureapp.exe" [2007-11-02 2564096]

    "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]

    "LMgrOSD"="c:\program files\Launch Manager\OSD.exe" [2006-12-26 180224]

    "LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2007-09-01 32768]

    "LanguageShortcut"="c:\program files\HomeCinema\PowerDVD\Language\Language.exe" [2007-01-08 52256]

    "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]

    "HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2007-09-06 188416]

    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-20 30192]

    "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-20 86016]

    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-20 81920]

    "DivX Free Codec"="c:\program files\DivX Free Codec\Divx Free Update.exe" [2007-03-30 274432]

    "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

    c:\users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

    OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

    Registratiesoftware starten.lnk - c:\program files\WiFiConnector\NintendoWFCReg.exe [2009-9-9 1175552]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

    "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    @="Service"

    R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-05 136176]

    R3 FlashUSB;FlashUSB;c:\windows\system32\DRIVERS\FlashUSB.sys [2009-05-12 16896]

    R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-20 30192]

    R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-01-25 42000]

    R3 PhilCap;NXP service;c:\windows\system32\DRIVERS\PhilCap.sys [2007-07-31 908896]

    R3 uxddrv;Dynamically loaded UxdDrv;g:\diagnose\WSTENG32\2PART\uxddrv86.sys [x]

    R3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [2007-09-11 118784]

    R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2008-06-28 717296]

    S0 Si3531;SiI-3531 SATA Controller;c:\windows\system32\DRIVERS\Si3531.sys [2009-02-05 212520]

    S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1108000.005\SYMDS.SYS [2009-08-30 328752]

    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1108000.005\SYMEFA.SYS [2010-04-22 173104]

    S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100901.003\BHDrvx86.sys [2010-09-01 692272]

    S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAV\1108000.005\ccHPx86.sys [2010-02-26 501888]

    S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100929.001\IDSvix86.sys [2010-08-26 344112]

    S1 pfmfs_27B;pfmfs_27B;c:\windows\system32\Drivers\pfmfs_27B.sys [2009-03-06 179896]

    S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1108000.005\Ironx86.SYS [2010-04-29 116784]

    S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NAV\1108000.005\SYMTDIV.SYS [2010-05-06 339504]

    S2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe [2010-02-26 126392]

    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-09-29 102448]

    S3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [2008-09-25 436224]

    S3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys [2006-11-17 13976]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

    bthsvcs REG_MULTI_SZ BthServ

    WindowsMobile REG_MULTI_SZ wcescomm rapimgr

    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

    .

    Inhoud van de 'Gedeelde Taken' map

    2010-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2010-07-05 10:29]

    2010-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2010-07-05 10:29]

    2009-09-05 c:\windows\Tasks\OGADaily.job

    - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

    2010-10-01 c:\windows\Tasks\OGALogon.job

    - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

    2010-09-30 c:\windows\Tasks\User_Feed_Synchronization-{3AEDB200-EC4F-4B56-ABAE-3294E2ECA4EA}.job

    - c:\windows\system32\msfeedssync.exe [2010-08-11 04:24]

    .

    .

    ------- Bijkomende Scan -------

    .

    uStart Page = hxxp://www.aldi.com/

    uInternet Settings,ProxyOverride = *.local

    uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

    IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

    IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

    IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    FF - ProfilePath - c:\users\Charlotte\AppData\Roaming\Mozilla\Firefox\Profiles\t0kfpruh.default\

    FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll

    FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll

    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    .

    **************************************************************************

    scannen van verborgen processen ...

    scannen van verborgen autostart items ...

    scannen van verborgen bestanden ...

    Scan succesvol afgerond

    verborgen bestanden:

    **************************************************************************

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NAV]

    "ImagePath"="\"c:\program files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\17.8.0.5\diMaster.dll\" /prefetch:1"

    .

    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000001

    "MSCurrentCountry"=dword:0000000f

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    .

    --------------------- DLLs Geladen Onder Lopende Processen ---------------------

    - - - - - - - > 'Explorer.exe'(2808)

    c:\windows\system32\btncopy.dll

    .

    ------------------------ Andere Aktieve Processen ------------------------

    .

    c:\program files\Softex\OmniPass\OmniServ.exe

    c:\program files\Ad-Aware\aawservice.exe

    c:\windows\system32\brss01a.exe

    c:\windows\system32\agrsmsvc.exe

    c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

    c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

    c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe

    c:\program files\CyberLink\Shared Files\RichVideo.exe

    c:\progra~1\COMMON~1\X10\Common\x10nets.exe

    c:\windows\system32\WUDFHost.exe

    c:\windows\system32\DllHost.exe

    c:\windows\system32\conime.exe

    c:\program files\Softex\OmniPass\opvapp.exe

    .

    **************************************************************************

    .

    Voltooingstijd: 2010-10-01 22:45:12 - machine werd herstart

    ComboFix-quarantined-files.txt 2010-10-01 20:45

    ComboFix2.txt 2010-09-30 20:37

    Pre-Run: 57.297.555.456 bytes beschikbaar

    Post-Run: 56.902.905.856 bytes beschikbaar

    - - End Of File - - EF22D6DCA77236519D89B6044C436180

    Het HJT logje:

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 22:47:30, on 1/10/2010

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v8.00 (8.00.6001.18943)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\Dwm.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe

    C:\Windows\system32\conime.exe

    C:\Windows\System32\mobsync.exe

    C:\Windows\Explorer.exe

    C:\Windows\system32\wuauclt.exe

    C:\Windows\system32\notepad.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe

    C:\Program Files\ANTI SPYWARE EN VIRUS\Trend Micro\HiJackThis\HiJackThis.exe

    C:\Windows\system32\SearchFilterHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\IPSBHO.DLL

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

    O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\HomeCinema\YouCam" update "Software\CyberLink\YouCam\1.0"

    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    O4 - HKLM\..\Run: [skytel] Skytel.exe

    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe

    O4 - HKLM\..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

    O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"

    O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"

    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe"

    O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

    O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"

    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [DivX Free Codec] C:\Program Files\DivX Free Codec\Divx Free Update.exe

    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

    O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"

    O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\TeaTimer.exe

    O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

    O4 - Global Startup: Registratiesoftware starten.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

    O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Ad-Aware\aawservice.exe

    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe

    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe

    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

    O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --

    End of file - 11057 bytes

    Ben ik er nu bijna vanaf? :-)

    ---------- Post toegevoegd om 20:48 ---------- Vorige post was om 20:47 ----------

    Het Combofix logje:

    ComboFix 10-09-30.01 - Charlotte 01/10/2010 22:23:38.2.2 - x86

    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3070.1668 [GMT 2:00]

    Gestart vanuit: c:\users\Charlotte\Desktop\ComboFix.exe

    gebruikte Opdracht switches :: c:\users\Charlotte\Desktop\CFscript.txt

    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    -------\Legacy_RECONN

    (((((((((((((((((((( Bestanden Gemaakt van 2010-09-01 to 2010-10-01 ))))))))))))))))))))))))))))))

    .

    2010-10-01 20:32 . 2010-10-01 20:32 -------- d-----w- c:\users\Public\AppData\Local\temp

    2010-10-01 20:32 . 2010-10-01 20:32 -------- d-----w- c:\users\Default\AppData\Local\temp

    2010-10-01 20:32 . 2010-10-01 20:32 -------- d-----w- c:\users\Administrator\AppData\Local\temp

    2010-09-30 20:37 . 2010-10-01 20:36 -------- d-----w- c:\users\Charlotte\AppData\Local\temp

    2010-09-30 17:53 . 2010-09-30 17:53 -------- d-----w- c:\program files\Common Files\Java

    2010-09-30 17:52 . 2010-09-30 17:51 423656 ----a-w- c:\windows\system32\deployJava1.dll

    2010-09-30 16:46 . 2010-09-30 16:47 388096 ----a-r- c:\users\Charlotte\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

    2010-09-30 16:00 . 2010-09-30 16:46 -------- d-----w- c:\program files\ANTI SPYWARE EN VIRUS

    2010-09-30 15:23 . 2010-09-30 15:23 -------- d-----w- C:\found.000

    2010-09-30 10:52 . 2010-09-30 16:14 -------- d-----w- c:\users\Charlotte\AppData\Local\CrashDumps

    2010-09-29 17:59 . 2010-09-29 17:59 -------- d-----w- c:\users\Charlotte\AppData\Roaming\Malwarebytes

    2010-09-29 17:59 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

    2010-09-29 17:59 . 2010-09-29 17:59 -------- d-----w- c:\programdata\Malwarebytes

    2010-09-29 17:59 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

    2010-09-29 17:59 . 2010-09-29 17:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

    2010-09-29 16:51 . 2010-09-29 16:50 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

    2010-09-29 16:50 . 2010-09-29 17:15 -------- d-----w- c:\program files\Common Files\Symantec Shared

    2010-09-29 16:50 . 2010-09-29 16:51 -------- d-----w- c:\program files\Symantec

    2010-09-29 16:49 . 2010-10-01 20:13 -------- d-----w- c:\windows\system32\drivers\NAV

    2010-09-29 16:49 . 2010-09-29 16:49 -------- d-----w- c:\program files\Norton AntiVirus

    2010-09-29 16:48 . 2010-09-29 16:49 -------- d-----w- c:\programdata\Norton

    2010-09-29 16:40 . 2010-09-30 11:00 -------- d-----w- c:\program files\NortonInstaller

    2010-09-29 16:40 . 2010-09-29 16:40 -------- d-----w- c:\programdata\NortonInstaller

    2010-09-29 02:00 . 2010-06-22 13:30 2048 ----a-w- c:\windows\system32\tzres.dll

    2010-09-15 14:16 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll

    2010-09-15 14:16 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe

    2010-09-15 14:15 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL

    2010-09-15 14:15 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll

    2010-09-02 15:25 . 2010-09-02 15:25 -------- d-----w- c:\users\Charlotte\AppData\Roaming\dvdcss

    .

    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2010-10-01 20:33 . 2008-03-03 02:16 12 ----a-w- c:\windows\bthservsdp.dat

    2010-10-01 20:08 . 2008-03-03 07:21 -------- d-----w- c:\programdata\BullGuard

    2010-09-30 17:51 . 2008-03-03 04:36 -------- d-----w- c:\program files\Java

    2010-09-30 16:34 . 2008-07-18 14:46 -------- d-----w- c:\programdata\Spybot - Search & Destroy

    2010-09-30 15:00 . 2010-05-10 16:43 -------- d-----w- c:\users\Charlotte\AppData\Roaming\vlc

    2010-09-30 15:00 . 2009-02-13 19:04 -------- d-----w- c:\users\Charlotte\AppData\Roaming\uTorrent

    2010-09-30 15:00 . 2008-06-05 18:25 -------- d-----w- c:\program files\PC Connectivity Solution

    2010-09-30 15:00 . 2008-03-03 04:53 -------- d-----w- c:\programdata\Microsoft Help

    2010-09-30 15:00 . 2008-03-03 04:51 -------- d-----w- c:\program files\Microsoft Works

    2010-09-30 15:00 . 2009-10-18 12:50 -------- d-----w- c:\program files\Microsoft Silverlight

    2010-09-30 15:00 . 2009-10-28 16:40 -------- d-----w- c:\program files\LG PC Suite II

    2010-09-30 15:00 . 2008-08-11 18:34 -------- d-----w- c:\program files\Grand Theft Auto Vice City

    2010-09-30 15:00 . 2008-03-03 10:41 -------- d-----w- c:\program files\Google

    2010-09-30 10:55 . 2008-07-04 17:12 -------- d-----w- c:\program files\WMR11

    2010-09-29 16:50 . 2010-09-29 16:51 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF

    2010-09-29 16:50 . 2010-09-29 16:51 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT

    2010-09-28 13:51 . 2006-11-02 16:11 670308 ----a-w- c:\windows\system32\perfh013.dat

    2010-09-28 13:51 . 2006-11-02 16:11 127900 ----a-w- c:\windows\system32\perfc013.dat

    2010-09-19 16:48 . 2008-06-05 19:31 28219 ----a-w- c:\users\Charlotte\AppData\Roaming\nvModes.dat

    2010-09-19 16:47 . 2008-06-29 18:11 -------- d-----w- c:\program files\DOSBox-0.72

    2010-09-16 08:46 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

    2010-08-12 14:15 . 2010-08-12 13:16 -------- d-----w- c:\program files\Theme Hospital

    2010-08-20 08:34 . 2008-09-24 05:57 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll

    2008-02-19 08:47 . 2007-09-10 12:03 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT

    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

    "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992]

    [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]

    [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]

    [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]

    [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]

    @="{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}"

    [HKEY_CLASSES_ROOT\CLSID\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]

    2009-03-06 03:17 143160 ----a-w- c:\windows\System32\pfmshx_27B.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "WindowsWelcomeCenter"="oobefldr.dll" [2009-04-10 2153472]

    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]

    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

    "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]

    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-15 202024]

    "SpybotSD TeaTimer"="c:\program files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]

    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]

    "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2007-09-07 86016]

    "UCam_Menu"="c:\program files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504]

    "toolbar_eula_launcher"="c:\program files\GoogleEULA\EULALauncher.exe" [2007-02-09 16896]

    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-07-04 185896]

    "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-31 102400]

    "Skytel"="Skytel.exe" [2007-11-20 1826816]

    "RtHDVCpl"="RtHDVCpl.exe" [2007-12-17 4718592]

    "RemoteControl"="c:\program files\HomeCinema\PowerDVD\PDVDServ.exe" [2007-02-09 71216]

    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]

    "PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]

    "OmniPass"="c:\program files\Softex\OmniPass\scureapp.exe" [2007-11-02 2564096]

    "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]

    "LMgrOSD"="c:\program files\Launch Manager\OSD.exe" [2006-12-26 180224]

    "LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2007-09-01 32768]

    "LanguageShortcut"="c:\program files\HomeCinema\PowerDVD\Language\Language.exe" [2007-01-08 52256]

    "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]

    "HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2007-09-06 188416]

    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-20 30192]

    "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-20 86016]

    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-20 81920]

    "DivX Free Codec"="c:\program files\DivX Free Codec\Divx Free Update.exe" [2007-03-30 274432]

    "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

    c:\users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

    OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

    Registratiesoftware starten.lnk - c:\program files\WiFiConnector\NintendoWFCReg.exe [2009-9-9 1175552]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

    "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    @="Service"

    R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-05 136176]

    R3 FlashUSB;FlashUSB;c:\windows\system32\DRIVERS\FlashUSB.sys [2009-05-12 16896]

    R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-20 30192]

    R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-01-25 42000]

    R3 PhilCap;NXP service;c:\windows\system32\DRIVERS\PhilCap.sys [2007-07-31 908896]

    R3 uxddrv;Dynamically loaded UxdDrv;g:\diagnose\WSTENG32\2PART\uxddrv86.sys [x]

    R3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [2007-09-11 118784]

    R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2008-06-28 717296]

    S0 Si3531;SiI-3531 SATA Controller;c:\windows\system32\DRIVERS\Si3531.sys [2009-02-05 212520]

    S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1108000.005\SYMDS.SYS [2009-08-30 328752]

    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1108000.005\SYMEFA.SYS [2010-04-22 173104]

    S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100901.003\BHDrvx86.sys [2010-09-01 692272]

    S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAV\1108000.005\ccHPx86.sys [2010-02-26 501888]

    S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100929.001\IDSvix86.sys [2010-08-26 344112]

    S1 pfmfs_27B;pfmfs_27B;c:\windows\system32\Drivers\pfmfs_27B.sys [2009-03-06 179896]

    S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1108000.005\Ironx86.SYS [2010-04-29 116784]

    S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NAV\1108000.005\SYMTDIV.SYS [2010-05-06 339504]

    S2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe [2010-02-26 126392]

    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-09-29 102448]

    S3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [2008-09-25 436224]

    S3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys [2006-11-17 13976]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

    bthsvcs REG_MULTI_SZ BthServ

    WindowsMobile REG_MULTI_SZ wcescomm rapimgr

    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

    .

    Inhoud van de 'Gedeelde Taken' map

    2010-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2010-07-05 10:29]

    2010-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2010-07-05 10:29]

    2009-09-05 c:\windows\Tasks\OGADaily.job

    - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

    2010-10-01 c:\windows\Tasks\OGALogon.job

    - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

    2010-09-30 c:\windows\Tasks\User_Feed_Synchronization-{3AEDB200-EC4F-4B56-ABAE-3294E2ECA4EA}.job

    - c:\windows\system32\msfeedssync.exe [2010-08-11 04:24]

    .

    .

    ------- Bijkomende Scan -------

    .

    uStart Page = hxxp://www.aldi.com/

    uInternet Settings,ProxyOverride = *.local

    uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

    IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

    IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

    IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    FF - ProfilePath - c:\users\Charlotte\AppData\Roaming\Mozilla\Firefox\Profiles\t0kfpruh.default\

    FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll

    FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll

    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    .

    **************************************************************************

    scannen van verborgen processen ...

    scannen van verborgen autostart items ...

    scannen van verborgen bestanden ...

    Scan succesvol afgerond

    verborgen bestanden:

    **************************************************************************

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NAV]

    "ImagePath"="\"c:\program files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\17.8.0.5\diMaster.dll\" /prefetch:1"

    .

    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000001

    "MSCurrentCountry"=dword:0000000f

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    .

    --------------------- DLLs Geladen Onder Lopende Processen ---------------------

    - - - - - - - > 'Explorer.exe'(2808)

    c:\windows\system32\btncopy.dll

    .

    ------------------------ Andere Aktieve Processen ------------------------

    .

    c:\program files\Softex\OmniPass\OmniServ.exe

    c:\program files\Ad-Aware\aawservice.exe

    c:\windows\system32\brss01a.exe

    c:\windows\system32\agrsmsvc.exe

    c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

    c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

    c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe

    c:\program files\CyberLink\Shared Files\RichVideo.exe

    c:\progra~1\COMMON~1\X10\Common\x10nets.exe

    c:\windows\system32\WUDFHost.exe

    c:\windows\system32\DllHost.exe

    c:\windows\system32\conime.exe

    c:\program files\Softex\OmniPass\opvapp.exe

    .

    **************************************************************************

    .

    Voltooingstijd: 2010-10-01 22:45:12 - machine werd herstart

    ComboFix-quarantined-files.txt 2010-10-01 20:45

    ComboFix2.txt 2010-09-30 20:37

    Pre-Run: 57.297.555.456 bytes beschikbaar

    Post-Run: 56.902.905.856 bytes beschikbaar

    - - End Of File - - EF22D6DCA77236519D89B6044C436180

    Het HJT logje:

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 22:47:30, on 1/10/2010

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v8.00 (8.00.6001.18943)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\Dwm.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe

    C:\Windows\system32\conime.exe

    C:\Windows\System32\mobsync.exe

    C:\Windows\Explorer.exe

    C:\Windows\system32\wuauclt.exe

    C:\Windows\system32\notepad.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe

    C:\Program Files\ANTI SPYWARE EN VIRUS\Trend Micro\HiJackThis\HiJackThis.exe

    C:\Windows\system32\SearchFilterHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\IPSBHO.DLL

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

    O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\HomeCinema\YouCam" update "Software\CyberLink\YouCam\1.0"

    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    O4 - HKLM\..\Run: [skytel] Skytel.exe

    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe

    O4 - HKLM\..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

    O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"

    O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"

    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe"

    O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

    O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"

    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [DivX Free Codec] C:\Program Files\DivX Free Codec\Divx Free Update.exe

    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

    O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"

    O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\TeaTimer.exe

    O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

    O4 - Global Startup: Registratiesoftware starten.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

    O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Ad-Aware\aawservice.exe

    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe

    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe

    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

    O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --

    End of file - 11057 bytes

    Ben ik er nu bijna vanaf? :-)

  10. Dit duurde langer dan verwacht, maar hier is mijn logje dan van de combofix.

    Het einde is nabij, ik voel het :-) Al erg bedankt trouwens voor de hulp.

    ComboFix 10-09-30.01 - Charlotte 30/09/2010 20:59:34.1.2 - x86

    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3070.1944 [GMT 2:00]

    Gestart vanuit: c:\users\Charlotte\Desktop\ComboFix.exe

    AV: BullGuard Antivirus *On-access scanning enabled* (Outdated) {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913}

    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    c:\users\Charlotte\AppData\Roaming\315E1FDEE4BE8154E2FE61C88B909457

    c:\users\Charlotte\AppData\Roaming\315E1FDEE4BE8154E2FE61C88B909457\enemies-names.txt

    c:\users\Charlotte\AppData\Roaming\315E1FDEE4BE8154E2FE61C88B909457\fixcore70700bin.exe

    c:\users\Charlotte\AppData\Roaming\315E1FDEE4BE8154E2FE61C88B909457\local.ini

    c:\users\Charlotte\AppData\Roaming\inst.exe

    c:\users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antimalware Doctor

    c:\users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antimalware Doctor\Antimalware Doctor.lnk

    c:\users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antimalware Doctor\Uninstall.lnk

    Besmet exemplaar van c:\windows\system32\userinit.exe werd aangetroffen en gedesinfecteerd

    Hersteld exemplaar van - c:\combofix\HarddiskVolumeShadowCopy14_!Windows!System32!userinit.exe

    .

    (((((((((((((((((((( Bestanden Gemaakt van 2010-08-28 to 2010-09-30 ))))))))))))))))))))))))))))))

    .

    2010-09-30 16:46 . 2010-09-30 16:47 388096 ----a-r- c:\users\Charlotte\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

    2010-09-30 16:13 . 2010-09-30 16:13 -------- dc----w- c:\programdata\{ECC164E0-3133-4C70-A831-F08DB2940F70}

    2010-09-29 17:59 . 2010-09-29 17:59 -------- d-----w- c:\users\Charlotte\AppData\Roaming\Malwarebytes

    2010-09-29 17:59 . 2010-09-29 17:59 -------- d-----w- c:\programdata\Malwarebytes

    2010-09-29 16:48 . 2010-09-29 16:49 -------- d-----w- c:\programdata\Norton

    2010-09-29 16:40 . 2010-09-29 16:40 -------- d-----w- c:\programdata\NortonInstaller

    2010-09-02 15:25 . 2010-09-02 15:25 -------- d-----w- c:\users\Charlotte\AppData\Roaming\dvdcss

    .

    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2010-08-20 08:34 . 2008-09-24 05:57 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll

    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

    "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992]

    [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]

    [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]

    [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]

    [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]

    @="{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}"

    [HKEY_CLASSES_ROOT\CLSID\{4BBAAAE9-0004-4000-9AA5-1BBD98C86E9B}]

    2009-03-06 03:17 143160 ----a-w- c:\windows\System32\pfmshx_27B.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "WindowsWelcomeCenter"="oobefldr.dll" [2009-04-10 2153472]

    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]

    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

    "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]

    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-15 202024]

    "SpybotSD TeaTimer"="c:\program files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]

    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]

    "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2007-09-07 86016]

    "UCam_Menu"="c:\program files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504]

    "toolbar_eula_launcher"="c:\program files\GoogleEULA\EULALauncher.exe" [2007-02-09 16896]

    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-07-04 185896]

    "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-31 102400]

    "Skytel"="Skytel.exe" [2007-11-20 1826816]

    "RtHDVCpl"="RtHDVCpl.exe" [2007-12-17 4718592]

    "RemoteControl"="c:\program files\HomeCinema\PowerDVD\PDVDServ.exe" [2007-02-09 71216]

    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]

    "PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]

    "OmniPass"="c:\program files\Softex\OmniPass\scureapp.exe" [2007-11-02 2564096]

    "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]

    "LMgrOSD"="c:\program files\Launch Manager\OSD.exe" [2006-12-26 180224]

    "LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2007-09-01 32768]

    "LanguageShortcut"="c:\program files\HomeCinema\PowerDVD\Language\Language.exe" [2007-01-08 52256]

    "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]

    "HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2007-09-06 188416]

    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-20 30192]

    "BullGuard"="c:\program files\BullGuard Software\BullGuard\bullguard.exe" [2008-06-04 308552]

    "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-20 86016]

    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-20 81920]

    "DivX Free Codec"="c:\program files\DivX Free Codec\Divx Free Update.exe" [2007-03-30 274432]

    "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

    c:\users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

    OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

    Registratiesoftware starten.lnk - c:\program files\WiFiConnector\NintendoWFCReg.exe [2009-9-9 1175552]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

    "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    @="Service"

    R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-05 136176]

    R3 FlashUSB;FlashUSB;c:\windows\system32\DRIVERS\FlashUSB.sys [2009-05-12 16896]

    R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-20 30192]

    R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-01-25 42000]

    R3 PhilCap;NXP service;c:\windows\system32\DRIVERS\PhilCap.sys [2007-07-31 908896]

    R3 Reconn;BullGuard Email Monitor;c:\program files\BullGuard Software\BullGuard\reconn.sys [2007-06-28 16984]

    R3 uxddrv;Dynamically loaded UxdDrv;g:\diagnose\WSTENG32\2PART\uxddrv86.sys [x]

    R3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [2007-09-11 118784]

    R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2008-06-28 717296]

    S0 Si3531;SiI-3531 SATA Controller;c:\windows\system32\DRIVERS\Si3531.sys [2009-02-05 212520]

    S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1108000.005\SYMDS.SYS [2009-08-30 328752]

    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1108000.005\SYMEFA.SYS [2010-04-22 173104]

    S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100901.003\BHDrvx86.sys [2010-09-01 692272]

    S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAV\1108000.005\ccHPx86.sys [2010-02-26 501888]

    S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100929.001\IDSvix86.sys [2010-08-26 344112]

    S1 pfmfs_27B;pfmfs_27B;c:\windows\system32\Drivers\pfmfs_27B.sys [2009-03-06 179896]

    S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1108000.005\Ironx86.SYS [2010-04-29 116784]

    S2 BdFileSpy;BullGuard File Monitor Driver;c:\windows\system32\drivers\BdFileSpy.sys [2008-06-04 50896]

    S2 BsFileScan;BullGuard File Scan Service;c:\windows\System32\svchost.exe [2008-01-19 21504]

    S2 BsMailProxy;BullGuard Email Monitoring Service;c:\windows\System32\svchost.exe [2008-01-19 21504]

    S2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe [2010-02-26 126392]

    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-09-29 102448]

    S3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [2008-09-25 436224]

    S3 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NAV\1107000.00C\SYMTDIV.SYS [2010-05-06 339504]

    S3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys [2006-11-17 13976]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

    bthsvcs REG_MULTI_SZ BthServ

    BullGuard REG_MULTI_SZ BgMainSvc BsFileScan BsMailProxy

    WindowsMobile REG_MULTI_SZ wcescomm rapimgr

    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

    .

    Inhoud van de 'Gedeelde Taken' map

    2010-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2010-07-05 10:29]

    2010-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2010-07-05 10:29]

    2009-09-05 c:\windows\Tasks\OGADaily.job

    - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

    2010-09-30 c:\windows\Tasks\OGALogon.job

    - c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

    2010-09-29 c:\windows\Tasks\User_Feed_Synchronization-{3AEDB200-EC4F-4B56-ABAE-3294E2ECA4EA}.job

    - c:\windows\system32\msfeedssync.exe [2010-08-11 04:24]

    .

    .

    ------- Bijkomende Scan -------

    .

    uStart Page = hxxp://www.aldi.com/

    uInternet Settings,ProxyOverride = *.local

    uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

    IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

    IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

    IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    FF - ProfilePath - c:\users\Charlotte\AppData\Roaming\Mozilla\Firefox\Profiles\t0kfpruh.default\

    FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll

    FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll

    FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

    FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll

    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

    FF - plugin: c:\program files\VLC\npvlc.dll

    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    .

    - - - - ORPHANS VERWIJDERD - - - -

    HKLM-Run-snp2uvc - c:\windows\vsnp2uvc.exe

    HKLM-Run-CtrlVol - c:\program files\Launch Manager\CtrlVol.exe

    AddRemove-BearShare - c:\progra~1\BEARSH~1\UNWISE.EXE

    AddRemove-PismoFileMountAuditPackage - c:\program files\Pismo File Mount Audit Package\pfmuninstall.exe

    AddRemove-VobSub - c:\program files\Xvid\VobSub\uninstall.exe

    AddRemove-Winamp Toolbar for Firefox - c:\users\Charlotte\AppData\Roaming\Mozilla\Firefox\Profiles\t0kfpruh.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

    Rootkit scan 2010-09-30 22:20

    Windows 6.0.6002 Service Pack 2 NTFS

    scannen van verborgen processen ...

    scannen van verborgen autostart items ...

    scannen van verborgen bestanden ...

    Scan succesvol afgerond

    verborgen bestanden: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NAV]

    "ImagePath"="\"c:\program files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\17.8.0.5\diMaster.dll\" /prefetch:1"

    .

    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000001

    "MSCurrentCountry"=dword:0000000f

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    .

    --------------------- DLLs Geladen Onder Lopende Processen ---------------------

    - - - - - - - > 'Explorer.exe'(3664)

    c:\windows\system32\btncopy.dll

    .

    ------------------------ Andere Aktieve Processen ------------------------

    .

    c:\program files\Softex\OmniPass\OmniServ.exe

    c:\program files\Ad-Aware\aawservice.exe

    c:\windows\system32\brss01a.exe

    c:\windows\system32\agrsmsvc.exe

    c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    c:\program files\BullGuard Software\BullGuard\BullGuardUpdate.exe

    c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

    c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

    c:\program files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe

    c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe

    c:\program files\CyberLink\Shared Files\RichVideo.exe

    c:\progra~1\COMMON~1\X10\Common\x10nets.exe

    c:\windows\system32\WUDFHost.exe

    c:\windows\system32\DllHost.exe

    c:\program files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe

    c:\program files\Softex\OmniPass\opvapp.exe

    c:\windows\system32\conime.exe

    c:\windows\servicing\TrustedInstaller.exe

    .

    **************************************************************************

    .

    Voltooingstijd: 2010-09-30 22:37:38 - machine werd herstart

    ComboFix-quarantined-files.txt 2010-09-30 20:37

    Pre-Run: 55.849.299.968 bytes beschikbaar

    Post-Run: 57.353.142.272 bytes beschikbaar

    - - End Of File - - EAF56994611A45E0B93C495B802D73E7

  11. Ziezo: het MBAM logje:

    Malwarebytes' Anti-Malware 1.46

    www.malwarebytes.org

    Databaseversie: 4722

    Windows 6.0.6002 Service Pack 2

    Internet Explorer 8.0.6001.18943

    30/09/2010 20:17:44

    mbam-log-2010-09-30 (20-17-44).txt

    Scantype: Snelle scan

    Objecten gescand: 159605

    Verstreken tijd: 22 minuut/minuten, 26 seconde(n)

    Geheugenprocessen geïnfecteerd: 0

    Geheugenmodulen geïnfecteerd: 0

    Registersleutels geïnfecteerd: 2

    Registerwaarden geïnfecteerd: 0

    Registerdata geïnfecteerd: 0

    Mappen geïnfecteerd: 0

    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:

    HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

    Registerwaarden geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    En het HJT logje:

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 20:20:55, on 30/09/2010

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v8.00 (8.00.6001.18943)

    Boot mode: Normal

    Running processes:

    C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\system32\taskeng.exe

    C:\Program Files\Launch Manager\WButton.exe

    C:\Program Files\Common Files\Real\Update_OB\realsched.exe

    C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    C:\Windows\RtHDVCpl.exe

    C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe

    C:\Program Files\Softex\OmniPass\scureapp.exe

    C:\Program Files\Launch Manager\OSD.exe

    C:\Program Files\Launch Manager\LaunchAp.exe

    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

    C:\Program Files\Launch Manager\HotkeyApp.exe

    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    C:\Windows\System32\rundll32.exe

    C:\Program Files\Windows Sidebar\sidebar.exe

    C:\Windows\ehome\ehtray.exe

    C:\Program Files\DAEMON Tools Lite\daemon.exe

    C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe

    C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\TeaTimer.exe

    C:\Program Files\WiFiConnector\NintendoWFCReg.exe

    C:\Windows\ehome\ehmsas.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\Windows Sidebar\sidebar.exe

    C:\Windows\System32\rundll32.exe

    C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

    C:\Windows\System32\mobsync.exe

    C:\Windows\system32\wuauclt.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe

    C:\Windows\system32\SearchProtocolHost.exe

    C:\Windows\system32\SearchFilterHost.exe

    C:\Program Files\ANTI SPYWARE EN VIRUS\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O1 - Hosts: ::1 localhost

    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

    O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\HomeCinema\YouCam" update "Software\CyberLink\YouCam\1.0"

    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe

    O4 - HKLM\..\Run: [skytel] Skytel.exe

    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe

    O4 - HKLM\..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

    O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"

    O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"

    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe"

    O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

    O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"

    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

    O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"

    O4 - HKLM\..\Run: [bullGuard] "C:\Program Files\BullGuard Software\BullGuard\bullguard.exe" -boot

    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [DivX Free Codec] C:\Program Files\DivX Free Codec\Divx Free Update.exe

    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

    O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"

    O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\TeaTimer.exe

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

    O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

    O4 - Global Startup: Registratiesoftware starten.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

    O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Ad-Aware\aawservice.exe

    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    O23 - Service: BullGuard LiveUpdate (BGLiveSvc) - BullGuard Software - C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe

    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe

    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

    O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --

    End of file - 13148 bytes

  12. Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 18:54:24, on 30/09/2010

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v8.00 (8.00.6001.18943)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\system32\taskeng.exe

    C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe

    C:\Windows\system32\conime.exe

    C:\Program Files\Launch Manager\WButton.exe

    C:\Program Files\Common Files\Real\Update_OB\realsched.exe

    C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    C:\Windows\RtHDVCpl.exe

    C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe

    C:\Program Files\Softex\OmniPass\scureapp.exe

    C:\Program Files\Launch Manager\OSD.exe

    C:\Program Files\Launch Manager\LaunchAp.exe

    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

    C:\Program Files\Launch Manager\HotkeyApp.exe

    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    C:\Windows\System32\rundll32.exe

    C:\Program Files\Windows Sidebar\sidebar.exe

    C:\Windows\ehome\ehtray.exe

    C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe

    C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\TeaTimer.exe

    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

    C:\Program Files\WiFiConnector\NintendoWFCReg.exe

    C:\Windows\System32\rundll32.exe

    C:\Windows\ehome\ehmsas.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\Windows Sidebar\sidebar.exe

    C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

    C:\Windows\System32\mobsync.exe

    C:\Program Files\Windows Media Player\wmplayer.exe

    C:\Windows\system32\wuauclt.exe

    C:\Windows\system32\SearchFilterHost.exe

    C:\Program Files\ANTI SPYWARE EN VIRUS\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O1 - Hosts: ::1 localhost

    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll

    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

    O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\HomeCinema\YouCam" update "Software\CyberLink\YouCam\1.0"

    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

    O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe

    O4 - HKLM\..\Run: [skytel] Skytel.exe

    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe

    O4 - HKLM\..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

    O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"

    O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"

    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe"

    O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

    O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"

    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

    O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"

    O4 - HKLM\..\Run: [bullGuard] "C:\Program Files\BullGuard Software\BullGuard\bullguard.exe" -boot

    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [DivX Free Codec] C:\Program Files\DivX Free Codec\Divx Free Update.exe

    O4 - HKLM\..\Run: [b2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe"

    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

    O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"

    O4 - HKCU\..\Run: [fixcore70700bin.exe] C:\Users\Charlotte\AppData\Roaming\315E1FDEE4BE8154E2FE61C88B909457\fixcore70700bin.exe

    O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\TeaTimer.exe

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

    O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

    O4 - Global Startup: BTTray.lnk = ?

    O4 - Global Startup: Registratiesoftware starten.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe

    O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll

    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\ANTI SPYWARE EN VIRUS\Spybot - Search & Destroy\SDHelper.dll

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Ad-Aware\aawservice.exe

    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    O23 - Service: BullGuard LiveUpdate (BGLiveSvc) - BullGuard Software - C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe

    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe

    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

    O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --

    End of file - 13583 bytes

  13. Zoals ik hier al zeer veel gelezen heb, moet ook ik afrekenen met dit verschrikkelijke virus...Momenteel ben ik spybot search & destroy aan het laten lopen in veilige modus. Heb al malwarebytes anti malware laten lopen en die vond wel corrupte files, maar bij het heropstarten was de antimalware doctor weer aanwezig.Als ik zo meteen een logfiletje maak met HJT, zou iemand met dan willen helpen met het schoonmaken van mijn laptop?Alvast hartelijk bedankt,Charlotte

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.