Ga naar inhoud

programma 's starten niet meer op


Orbie

Aanbevolen berichten

Ik heb al een tijdje last van een vreemd fenomeen op mijn laptop met windows XP Pro.

Bepaalde toepassingen blijkten niet op te starten. Wel is het proces zichtbaar in Windows taakbeheer. het proces gebruikt 50% van de CPU terwijl het geheugen gebruik blijft hangen op 84kb.

Ik kan het proces niet beëindigen via taakbeheer en ben verplicht om mijn laptop te herstarten om het probleem op te lossen.

Volgende programma's hadden er al last van: mijn boekhoudprogramma, winzip, winrar en nu ook cmd.exe. Het boekhoudprogramma heb ik na volledge herinstallatie weer aan de praat gekregen. Winzip en winrar heb ik eraf gegooid.

Kan iemand mij helpen om dit probleem op te lossen?

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:23:28, on 4/11/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Program Files\ATKGFNEX\GFNEXSrv.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\ISP Monitor\ISPMonitorSrv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Microsoft SQL Server\MSSQL$KLUWER\Binn\sqlservr.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\ATKOSD2\ATKOSD2.exe

C:\Program Files\Autoroute SMTP\AutoSmtp.exe

C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe

C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

C:\Program Files\ATK Hotkey\Hcontrol.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

C:\PROGRA~1\AVG\AVG9\avgtray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Iconoid\iconoid.exe

C:\Program Files\ATK Hotkey\ATKOSD.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Registry Clean Expert\RCHelper.exe

C:\Program Files\ATK Hotkey\WDC.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\Program Files\MRU-Blaster\scheduler.exe

C:\Program Files\UltraMon\UltraMon.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\UltraMon\UltraMonTaskbar.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\PROGRAM FILES\WINDOWS DESKTOP SEARCH\WINDOWSSEARCH.EXE

C:\PROGRAM FILES\ALLNETIC WORKING TIME TRACKER\WORKINGTIMETRACKER.EXE

C:\WINDOWS\system32\taskmgr.exe

C:\PROGRAM FILES\CLIPBOARD SWISS-KNIFE\CLIPSWISSKNIFE.EXE

C:\PROGRAM FILES\ISP MONITOR\ISP.EXE

C:\PROGRAM FILES\EAST-TEC BACKUP\ETBACKUP.EXE

C:\PROGRAM FILES\TELEMETER 3.0\TELEMETER3.EXE

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: HopSurf toolbar - {E9FAB13D-4600-49E1-90D1-EE961C859D39} - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"

O4 - HKLM\..\Run: [Autoroute SMTP] C:\Program Files\Autoroute SMTP\AutoSmtp.exe

O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1

O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe"

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [iconoid] "C:\Program Files\Iconoid\iconoid.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [RegClean Expert Scheduler] "C:\Program Files\Registry Clean Expert\RCHelper.exe" /startup

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: MRU-Blaster Scheduler.lnk = C:\Program Files\MRU-Blaster\scheduler.exe

O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe

O4 - Startup: UltraMon.lnk = C:\Program Files\UltraMon\UltraMon.exe

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: SCARABAY - {A28A0545-4B15-4AC0-B4A4-118ACA2A7317} - C:\PROGRA~1\SCARABAY\scielib.dll

O9 - Extra 'Tools' menuitem: To fill a login and the password - {A28A0545-4B15-4AC0-B4A4-118ACA2A7317} - C:\PROGRA~1\SCARABAY\scielib.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: HopSurf - {ED98F8D1-09AC-4107-B2FF-91DBE011B0C5} - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: *.minfin.fgov.be

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab

O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_ind.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1207148463109

O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll

O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - https://ccff02.minfin.fgov.be/CCFF_Authentication/views/login/signature/capicom.cab

O16 - DPF: {B7C49732-4761-4A66-9945-BAF55E98E0E4} (COCKPIT Client) - http://194.78.229.132/cockpit/webclient//JDsAx.cab

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab

O16 - DPF: {E62A8B6B-D91C-457C-B1FB-20CC2D96B4EC} (Comodo AV Scanner ActiveX) - http://eu1.download.comodo.com/avs/ComodoAVScanner.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll

O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe

O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ISP Monitor (ISPMonitorSrv) - How2 Studios - C:\Program Files\ISP Monitor\ISPMonitorSrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--

End of file - 12740 bytes

Link naar reactie
Delen op andere sites

Download Combofix naar je Bureaublad.

Lees hier meer over correct gebruik van Combofix.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.

Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!


 • Dubbelklik op Combofix.exe om het te starten.
  Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
  Volg de instructies, aanvaard de disclaimer door op Ja te klikken.
  Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster (enkel voor XP, niet voor VISTA).
  Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
  Klik na afloop terug op Ja om het scannen op malware te starten.
  Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Post dit logje in je volgende antwoord.

Link naar reactie
Delen op andere sites

Combofix log bestand

ComboFix 09-11-04.02 - noot 04/11/2009 23:00:52.1.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.3063.2417 [GMT 1:00]

Gestart vanuit: C:\Documents and Settings\noot\Bureaublad\ComboFix.exe

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\noot\Application Data\.#

C:\Documents and Settings\noot\Application Data\EurekaLog

C:\Documents and Settings\noot\Application Data\inst.exe

C:\WINDOWS\system32\zip32.dll

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-10-04 to 2009-11-04 ))))))))))))))))))))))))))))))

.

2009-11-04 09:22:58 . 2009-11-04 09:22:58 0 d-----w- C:\Program Files\Trend Micro

2009-10-31 10:55:03 . 2009-11-04 21:48:47 0 d--h--r- C:\Documents and Settings\noot\Onlangs geopend

2009-10-31 09:43:05 . 2009-10-31 09:43:05 0 d-----w- C:\Documents and Settings\noot\Application Data\LEGO Media

2009-10-29 15:46:23 . 2009-10-29 15:44:48 93360 ----a-w- C:\WINDOWS\system32\drivers\SBREDrv.sys

2009-10-22 14:44:35 . 2009-10-29 15:43:59 1638104 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe

2009-10-22 14:44:34 . 2009-10-29 15:43:57 788368 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe

2009-10-22 14:44:32 . 2009-10-29 15:43:55 1179232 ----a-w- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe

2009-10-21 06:56:37 . 2009-08-06 17:23:46 274288 ----a-w- C:\WINDOWS\system32\mucltui.dll

2009-10-20 10:46:53 . 2009-03-26 23:16:28 12672 ----a-w- C:\WINDOWS\system32\drivers\cpuz132_x32.sys

2009-10-20 10:46:51 . 2009-10-20 10:46:51 0 d-----w- C:\Program Files\CPUID

2009-10-20 09:23:01 . 2009-10-20 09:23:01 117760 ----a-w- C:\Documents and Settings\noot\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

2009-10-20 09:20:30 . 2009-10-20 09:20:30 0 d-----w- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

2009-10-20 09:18:51 . 2009-10-20 09:18:51 65024 ----a-r- C:\Documents and Settings\noot\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe

2009-10-20 09:18:51 . 2009-10-20 09:18:51 5120 ----a-r- C:\Documents and Settings\noot\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe

2009-10-20 09:18:51 . 2009-10-20 09:18:51 18944 ----a-r- C:\Documents and Settings\noot\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe

2009-10-20 09:18:19 . 2009-10-20 09:18:46 0 d-----w- C:\Program Files\SUPERAntiSpyware

2009-10-20 09:18:19 . 2009-10-20 09:18:19 0 d-----w- C:\Documents and Settings\noot\Application Data\SUPERAntiSpyware.com

2009-10-19 17:00:09 . 2009-10-19 17:00:09 12464 ----a-w- C:\WINDOWS\system32\avgrsstx.dll

2009-10-19 17:00:04 . 2009-10-24 07:31:36 360584 ----a-w- C:\WINDOWS\system32\drivers\avgtdix.sys

2009-10-19 16:59:56 . 2009-10-19 16:59:57 333192 ----a-w- C:\WINDOWS\system32\drivers\avgldx86.sys

2009-10-19 16:59:53 . 2009-10-19 16:59:53 28424 ----a-w- C:\WINDOWS\system32\drivers\avgmfx86.sys

2009-10-19 16:59:22 . 2009-11-04 21:45:59 0 d-----w- C:\WINDOWS\system32\drivers\Avg

2009-10-19 16:57:24 . 2009-11-04 21:36:12 0 d-----w- C:\Documents and Settings\All Users\Application Data\avg9

2009-10-19 15:17:44 . 2009-09-03 09:17:47 15688 ----a-w- C:\WINDOWS\system32\lsdelete.exe

2009-10-19 14:43:29 . 2009-09-23 12:55:23 64288 ----a-w- C:\WINDOWS\system32\drivers\Lbd.sys

2009-10-19 14:37:43 . 2009-10-19 14:37:44 0 dc-h--w- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}

2009-10-19 14:37:43 . 2009-10-03 08:15:32 2924848 -c--a-w- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe

2009-10-19 14:36:20 . 2009-10-19 14:43:11 0 d-----w- C:\Documents and Settings\All Users\Application Data\Lavasoft

2009-10-19 14:36:20 . 2009-10-19 14:36:20 0 d-----w- C:\Program Files\Lavasoft

2009-10-19 07:11:06 . 2009-11-04 10:52:36 0 d-----w- C:\Program Files\FreeRapid-0.83

2009-10-12 12:30:50 . 2009-10-12 12:41:56 0 d-----w- C:\Documents and Settings\noot\Application Data\OPTIsend Print

2009-10-12 12:24:45 . 2009-10-12 12:24:45 0 d-----w- C:\Program Files\Redemption

2009-10-12 12:24:42 . 2009-10-12 12:32:57 0 d-----w- C:\Program Files\OPTIsend Print

2009-10-12 12:23:19 . 2009-10-12 12:19:36 86016 ----a-w- C:\WINDOWS\system32\OPPDPortMonitor.dll

2009-10-10 13:06:22 . 2009-10-10 13:06:24 0 d-----w- C:\Program Files\7-Zip

2009-10-10 12:59:27 . 2009-10-10 12:59:27 0 d-----w- C:\WINDOWS\vbSkinner

2009-10-10 12:48:18 . 2009-10-10 12:46:40 720896 ----a-w- C:\WINDOWS\iun6002ev.exe

2009-10-10 12:47:57 . 2009-10-20 07:20:12 0 d-----w- C:\Program Files\Factuur Bright

2009-10-06 19:34:29 . 2009-10-06 19:34:29 0 d-----w- C:\Program Files\SyncToy 2.0

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-11-04 21:56:42 . 2008-12-09 08:50:16 0 d---a-w- C:\Documents and Settings\All Users\Application Data\TEMP

2009-11-04 21:51:21 . 2009-07-01 09:00:02 0 d-----w- C:\Program Files\Clipboard Swiss-Knife

2009-11-04 20:33:27 . 2009-07-08 12:29:47 0 d-----w- C:\Documents and Settings\noot\Application Data\vlc

2009-11-04 20:05:13 . 2009-02-03 10:48:42 0 d-----w- C:\Documents and Settings\All Users\Application Data\Google Updater

2009-11-04 10:47:28 . 2009-01-24 09:19:19 0 d-----w- C:\Program Files\East-Tec Backup

2009-11-04 08:01:25 . 2009-10-27 11:34:19 0 d-----w- C:\Program Files\Registry Clean Expert

2009-10-28 08:28:08 . 2009-10-28 08:28:08 0 d-----w- C:\Program Files\HowTo-Outlook

2009-10-25 08:21:42 . 2007-10-29 12:00:00 580950 ----a-w- C:\WINDOWS\system32\perfh013.dat

2009-10-25 08:21:40 . 2007-10-29 12:00:00 119282 ----a-w- C:\WINDOWS\system32\perfc013.dat

2009-10-20 10:48:30 . 2009-04-21 10:20:19 0 d-----w- C:\Program Files\FRD

2009-10-20 09:16:26 . 2009-06-05 15:36:39 0 d-----w- C:\Program Files\Common Files\Wise Installation Wizard

2009-10-20 09:15:56 . 2009-09-24 14:52:24 0 d-----w- C:\Program Files\Malwarebytes' Anti-Malware

2009-10-19 14:28:57 . 2008-09-06 08:34:47 0 d-----w- C:\Documents and Settings\noot\Application Data\Comodo

2009-10-19 14:28:46 . 2009-09-29 10:59:59 0 d-----w- C:\Documents and Settings\All Users\Application Data\Comodo

2009-10-19 14:28:44 . 2008-09-06 08:34:46 0 d-----w- C:\Program Files\COMODO

2009-10-19 08:44:24 . 2008-04-03 07:30:15 0 d-----w- C:\Program Files\Common Files\Adobe

2009-10-14 07:31:04 . 2008-04-02 03:29:39 0 d-----w- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2009-10-10 10:25:17 . 2008-04-02 18:40:38 0 d-----w- C:\Documents and Settings\All Users\Application Data\WinZip

2009-10-08 11:22:49 . 2008-12-30 10:43:14 0 d-----w- C:\Program Files\DYMO Label

2009-10-05 07:57:02 . 2009-10-05 07:57:02 0 d-----w- C:\Program Files\Kluwer Uitgevers

2009-10-02 07:13:21 . 2009-03-23 12:26:05 0 d-----w- C:\Documents and Settings\noot\Application Data\ISP Monitor

2009-10-02 07:11:42 . 2009-10-02 07:08:53 0 d-----w- C:\Program Files\ISP Monitor

2009-10-02 07:08:31 . 2009-03-23 12:25:32 737280 ----a-w- C:\WINDOWS\iun6002.exe

2009-10-02 07:06:24 . 2009-10-02 07:05:44 0 d-----w- C:\Program Files\Telemeter 3.0

2009-09-29 10:59:12 . 2009-09-29 10:59:32 87104 ----a-w- C:\WINDOWS\system32\drivers\inspect.sys

2009-09-29 10:59:12 . 2009-09-29 10:59:32 25160 ----a-w- C:\WINDOWS\system32\drivers\cmdhlp.sys

2009-09-29 10:59:12 . 2009-09-29 10:59:32 179792 ----a-w- C:\WINDOWS\system32\guard32.dll

2009-09-29 10:59:12 . 2009-09-29 10:59:32 132296 ----a-w- C:\WINDOWS\system32\drivers\cmdguard.sys

2009-09-29 09:34:44 . 2009-09-29 09:34:44 1398936 ----a-w- C:\Documents and Settings\noot\Application Data\ISL Online Cache\ISL Light Client\1\ISLLightClient.exe

2009-09-28 20:00:16 . 2009-09-28 20:00:16 0 d-----w- C:\Program Files\Kluwer

2009-09-28 19:56:31 . 2009-09-28 10:37:16 0 d-----w- C:\Program Files\Microsoft SQL Server

2009-09-28 19:22:52 . 2008-04-02 18:40:12 0 d-----w- C:\Program Files\Google

2009-09-28 18:30:18 . 2009-09-28 18:30:18 0 d-----w- C:\Documents and Settings\noot\Application Data\VSRevoGroup

2009-09-28 14:31:00 . 2008-08-29 20:51:03 69232 ----a-w- C:\Documents and Settings\Linda\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-09-28 14:28:17 . 2009-09-28 14:28:17 0 d-----w- C:\Documents and Settings\Linda\Application Data\Realtime Soft

2009-09-28 10:37:16 . 2008-04-02 02:31:53 0 d--h--w- C:\Program Files\InstallShield Installation Information

2009-09-28 10:11:58 . 2009-09-28 10:11:58 0 d-----w- C:\Program Files\Kluwer software

2009-09-25 21:11:22 . 2009-09-17 11:28:48 0 d-----w- C:\Program Files\Siemens

2009-09-25 20:54:02 . 2009-09-25 20:54:02 0 d-----w- C:\Documents and Settings\noot\Application Data\Uniblue

2009-09-25 08:34:22 . 2008-04-02 11:29:31 69232 ----a-w- C:\Documents and Settings\noot\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-09-25 08:13:02 . 2008-04-02 03:33:27 0 d-----w- C:\Program Files\Microsoft Works

2009-09-24 14:02:06 . 2009-01-24 19:59:34 0 d-----w- C:\Program Files\a-squared Free

2009-09-24 08:11:12 . 2008-11-17 21:10:12 0 d-----w- C:\Documents and Settings\All Users\Application Data\ExtraFilm

2009-09-23 13:04:17 . 2009-09-23 13:03:40 0 d-----w- C:\Documents and Settings\noot\Application Data\ISL Online Cache

2009-09-21 09:51:08 . 2009-09-21 09:51:08 0 d-----w- C:\Documents and Settings\noot\Application Data\Siemens

2009-09-21 07:54:23 . 2009-09-21 07:54:18 0 d-----w- C:\Program Files\Key Labelling Tool

2009-09-19 07:13:09 . 2009-09-19 07:13:09 0 d-----w- C:\Documents and Settings\noot\Application Data\Office Genuine Advantage

2009-09-16 06:39:06 . 2009-05-27 08:31:26 0 d-----w- C:\Program Files\JaBack8

2009-09-15 07:15:08 . 2009-09-15 07:15:08 0 d-----w- C:\Documents and Settings\noot\Application Data\Add-in Express

2009-09-15 07:14:41 . 2009-09-15 07:14:41 0 d-----w- C:\Program Files\Add-in Express

2009-09-11 14:20:53 . 2007-10-29 12:00:00 136192 ----a-w- C:\WINDOWS\system32\msv1_0.dll

2009-09-11 09:03:50 . 2009-09-11 09:03:50 1028368 ----a-w- C:\Documents and Settings\All Users\Application Data\Comodo\AVWebScanner\DB\mach32.dll

2009-09-11 09:03:48 . 2009-09-11 09:03:48 295184 ----a-w- C:\Documents and Settings\All Users\Application Data\Comodo\AVWebScanner\DB\pkann.dll

2009-09-10 12:54:06 . 2009-01-24 15:27:53 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

2009-09-10 12:53:50 . 2009-01-24 15:28:23 19160 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys

2009-09-09 17:28:23 . 2009-09-09 17:28:03 0 d-----w- C:\Program Files\PowerMenu

2009-09-07 19:25:55 . 2008-12-23 14:11:58 0 d-----w- C:\Documents and Settings\noot\Application Data\dvdcss

2009-09-04 21:05:37 . 2007-10-29 12:00:00 58880 ----a-w- C:\WINDOWS\system32\msasn1.dll

2009-08-29 08:00:55 . 2007-10-29 12:00:00 916480 ----a-w- C:\WINDOWS\system32\wininet.dll

2009-08-26 08:02:17 . 2007-10-29 12:00:00 247326 ----a-w- C:\WINDOWS\system32\strmdll.dll

2009-08-17 21:33:52 . 2009-08-17 21:33:52 1193832 ----a-w- C:\WINDOWS\system32\FM20.DLL

2007-06-21 17:38:52 . 2007-06-21 17:38:52 30280 ----a-w- C:\Program Files\mozilla firefox\plugins\cgpcfg.dll

2007-06-21 17:38:54 . 2007-06-21 17:38:54 79432 ----a-w- C:\Program Files\mozilla firefox\plugins\CgpCore.dll

2007-06-21 17:38:56 . 2007-06-21 17:38:56 71240 ----a-w- C:\Program Files\mozilla firefox\plugins\confmgr.dll

2007-06-21 17:38:58 . 2007-06-21 17:38:58 140872 ----a-w- C:\Program Files\mozilla firefox\plugins\ctxmui.dll

2007-06-21 17:39:14 . 2007-06-21 17:39:14 38472 ----a-w- C:\Program Files\mozilla firefox\plugins\icafile.dll

2007-06-21 17:39:16 . 2007-06-21 17:39:16 46664 ----a-w- C:\Program Files\mozilla firefox\plugins\icalogon.dll

2007-06-21 17:39:18 . 2007-06-21 17:39:18 34376 ----a-w- C:\Program Files\mozilla firefox\plugins\logging.dll

2007-06-21 17:39:58 . 2007-06-21 17:39:58 685640 ----a-w- C:\Program Files\mozilla firefox\plugins\sslsdk_b.dll

2007-06-21 17:40:02 . 2007-06-21 17:40:02 30280 ----a-w- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll

2009-01-31 15:03:44 . 2009-01-31 15:03:44 0 --sha-w- C:\WINDOWS\system32\sys_drv.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Iconoid"="C:\Program Files\Iconoid\iconoid.exe" [2007-02-03 16:38:24 274432]

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-10-12 19:24:50 2000112]

"RegClean Expert Scheduler"="C:\Program Files\Registry Clean Expert\RCHelper.exe" [2009-07-28 03:33:46 606968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-08-10 11:38:48 166424]

"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-08-10 11:38:58 137752]

"ATKOSD2"="C:\Program Files\ATKOSD2\ATKOSD2.exe" [2007-10-17 17:04:00 7737344]

"Autoroute SMTP"="C:\Program Files\Autoroute SMTP\AutoSmtp.exe" [2001-05-16 12:41:18 159744]

"WinPatrol"="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" [2008-01-27 05:38:16 316728]

"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-08-10 11:39:02 141848]

"Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 16:01:06 90112]

"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 15:31:26 630784]

"ATKHOTKEY"="C:\Program Files\ATK Hotkey\Hcontrol.exe" [2007-07-12 08:25:28 225280]

"COMODO Internet Security"="C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" [2009-09-29 10:58:42 1799952]

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 09:08:30 935288]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-10-03 09:45:05 39792]

"SkyTel"="SkyTel.EXE" - C:\WINDOWS\SkyTel.exe [2007-10-11 09:04:04 1826816]

"RTHDCPL"="RTHDCPL.EXE" - C:\WINDOWS\RTHDCPL.exe [2007-10-25 09:57:56 16855552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 17:02:53 15360]

C:\Documents and Settings\noot\Menu Start\Programma's\Opstarten\

MRU-Blaster Scheduler.lnk - C:\Program Files\MRU-Blaster\scheduler.exe [2003-7-19 118784]

MRU-Blaster Silent Clean.lnk - C:\Program Files\MRU-Blaster\mrublaster.exe [2004-3-28 1216512]

UltraMon.lnk - C:\Program Files\UltraMon\UltraMon.exe [2008-1-15 694040]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\

Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-8-2 2760704]

Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 13:39:22 294400]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 08:13:36 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-09-03 13:21:42 548352 ----a-w- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-10-19 17:00:09 12464 ----a-w- C:\WINDOWS\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=C:\WINDOWS\system32\guard32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xlkfs.sys]

@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"C:\\Program Files\\Toshiba\\Bluetooth Toshiba Stack\\TosBtPSS.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Program Files\\AllNetic Working Time Tracker\\WorkingTimeTracker.exe"=

"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"=

"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"C:\\Program Files\\iTunes\\iTunes.exe"=

"C:\\Documents and Settings\\noot\\Application Data\\Jetro\\JDsClient\\3.63.0.114\\JDsClient.exe"=

"C:\\Program Files\\JaBack8\\jre\\bin\\javaw.exe"=

"C:\\Program Files\\Autoroute SMTP\\AutoSmtp.exe"=

"C:\\Program Files\\UltraVNC\\vncviewer.exe"=

"C:\\Program Files\\UltraVNC\\vncviewer_tab.exe"=

"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5900:TCP"= 5900:TCP:vnc5900

"5800:TCP"= 5800:TCP:vnc5800

R0 Lbd;Lbd;C:\WINDOWS\system32\drivers\Lbd.sys [19/10/2009 15:43:29 64288]

R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\drivers\avgldx86.sys [19/10/2009 17:59:56 333192]

R1 AvgTdiX;AVG Free Network Redirector;C:\WINDOWS\system32\drivers\avgtdix.sys [19/10/2009 18:00:04 360584]

R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\WINDOWS\system32\drivers\cmdguard.sys [29/09/2009 11:59:32 132296]

R1 cmdHlp;COMODO Internet Security Helper Driver;C:\WINDOWS\system32\drivers\cmdhlp.sys [29/09/2009 11:59:32 25160]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv.sys [12/10/2009 20:24:54 9968]

R1 SAS***IL;SAS***IL;C:\Program Files\SUPERAntiSpyware\SAS***IL.SYS [12/10/2009 20:24:52 74480]

R1 xlkfs;xlkfs;C:\WINDOWS\system32\drivers\xlkfs.sys [18/06/2009 8:58:00 18432]

R2 ISPMonitorSrv;ISP Monitor;C:\Program Files\ISP Monitor\ISPMonitorSrv.exe [22/08/2007 23:55:16 36864]

R2 MSSQL$KLUWER;MSSQL$KLUWER;C:\Program Files\Microsoft SQL Server\MSSQL$KLUWER\Binn\sqlservr.exe -sKLUWER --> C:\Program Files\Microsoft SQL Server\MSSQL$KLUWER\Binn\sqlservr.exe -sKLUWER [?]

R2 UltraMonUtility;UltraMon Utility Driver;C:\Program Files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys [24/09/2006 19:22:52 11776]

R3 SASENUM;SASENUM;C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [12/10/2009 20:24:56 7408]

R3 teamviewervpn;TeamViewer VPN Adapter;C:\WINDOWS\system32\drivers\teamviewervpn.sys [25/01/2008 10:12:34 25088]

R3 UltraMonMirror;UltraMonMirror;C:\WINDOWS\system32\drivers\UltraMonMirror.sys [24/09/2006 19:23:14 3584]

S1 vcdc;VCDC;C:\WINDOWS\system32\DRIVERS\vcdc.sys --> C:\WINDOWS\system32\DRIVERS\vcdc.sys [?]

S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 12:17:32 1179232]

S3 ACSSCR;ACR38 Smart Card Reader;C:\WINDOWS\system32\drivers\a38usb.sys [19/03/2009 12:26:36 33536]

S3 cpuz132;cpuz132;C:\WINDOWS\system32\drivers\cpuz132_x32.sys [20/10/2009 11:46:53 12672]

S3 EMVSCARD;EMVSCARD;C:\WINDOWS\system32\drivers\EMVSCARD.sys [18/09/2006 15:12:36 20269]

S3 isdnusb;ISDN USB Driver;C:\WINDOWS\system32\DRIVERS\isdnusb.sys --> C:\WINDOWS\system32\DRIVERS\isdnusb.sys [?]

S3 SQLAgent$KLUWER;SQLAgent$KLUWER;C:\Program Files\Microsoft SQL Server\MSSQL$KLUWER\Binn\sqlagent.EXE -i KLUWER --> C:\Program Files\Microsoft SQL Server\MSSQL$KLUWER\Binn\sqlagent.EXE -i KLUWER [?]

S3 usbcdc;Serial USB CDC Driver;C:\WINDOWS\system32\DRIVERS\usbcdc.sys --> C:\WINDOWS\system32\DRIVERS\usbcdc.sys [?]

S4 TeamViewer4;TeamViewer 4;C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe [27/05/2009 13:38:28 185640]

S4 VMCService;Vodafone Mobile Connect Service;C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [4/07/2008 12:52:18 14336]

--- Andere Services/Drivers In Geheugen ---

*NewlyCreated* - PROCEXP113

*Deregistered* - PROCEXP113

.

Inhoud van de 'Gedeelde Taken' map

2009-11-04 C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 13:06:13 . 2009-10-29 15:44:01]

2009-11-04 C:\WINDOWS\Tasks\Controleren op updates voor Windows Live Toolbar.job

- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 13:54:46 . 2007-02-12 13:54:46]

2009-11-04 C:\WINDOWS\Tasks\Google Software Updater.job

- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-02 18:40:15 . 2009-03-22 14:43:37]

2009-11-03 C:\WINDOWS\Tasks\SyncBack backups Kluwerdata van Server naar Asus.job

- C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe [2009-06-05 22:45:07 . 2008-08-12 10:00:06]

2009-11-03 C:\WINDOWS\Tasks\SyncBack Emails van Asus naar Server.job

- C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe [2009-06-05 22:45:07 . 2008-08-12 10:00:06]

2009-11-03 C:\WINDOWS\Tasks\SyncBack Kluwer van Asus naar Server.job

- C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe [2009-06-05 22:45:07 . 2008-08-12 10:00:06]

2009-11-04 C:\WINDOWS\Tasks\User_Feed_Synchronization-{90FA1E13-C16D-49E0-BA21-894840B76FE2}.job

- C:\WINDOWS\system32\msfeedssync.exe [2007-08-13 16:36:40 . 2009-03-08 02:31:54]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

IE: Add to Windows &Live Favorites - Sign In

IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: {{A28A0545-4B15-4AC0-B4A4-118ACA2A7317} - {546403CE-6D0C-4357-BA75-F0169B3AB539} - C:\PROGRA~1\SCARABAY\scielib.dll

Trusted Zone: fgov.be\*.minfin

DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll

DPF: {B7C49732-4761-4A66-9945-BAF55E98E0E4} - hxxp://194.78.229.132/cockpit/webclient//JDsAx.cab

DPF: {E62A8B6B-D91C-457C-B1FB-20CC2D96B4EC} - hxxp://eu1.download.comodo.com/avs/ComodoAVScanner.cab

FF - ProfilePath - C:\Documents and Settings\noot\Application Data\Mozilla\Firefox\Profiles\h1tq6l90.default\

FF - component: C:\Program Files\Comodo\HopSurfToolbar\hopsurfext_ff3\components\hopsurf.dll

FF - plugin: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll

FF - plugin: C:\Program Files\Microsoft\Office Live\npOLW.dll

FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npicaN.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

.

**************************************************************************

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden:

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(1456)

C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

.

Voltooingstijd: 2009-11-04 23:18:44

ComboFix-quarantined-files.txt 2009-11-04 22:17:40

Link naar reactie
Delen op andere sites

Bij het opstarten van Firefox wordt ook het proces jqsnotify.exe opgestart. Deze neemt 50% van de CPU in beslag, terwijl het geheugengebruik niet hoger gaat da 84 kb. Het proces beëindigen lukt niet.

Hetzelfde gebeurt ook nog steeds bij het programma cmd.exe

Link naar reactie
Delen op andere sites

×
×
 • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.