internet traag

patrickvan71 · 30 januari 2010

hallo, sinds vandaag internet weeral enorm traag

Heb telenet en mijn verbruik is nog maar voor 24 % opgebruikt

Heb wel een melding gekregen van avg free dat ik 3 trojans had en deze moest verwijderen

Maar sindsdien is hij enorm traag

Alvast bedankt voor de hulp

stegisoft · 30 januari 2010

Download HiJackThis

Dubbelklik op HJTInstall.exe

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

HijackThis zal openen na het installeren.

Klik op "Do a systemscan and save a logfile".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

N.B. : gebruikers van Windows Vista en Windows 7 zullen eerst moeten rechtsklikken op HijackThis.exe en dan kiezen voor "Run as Administrator".

patrickvan71 · 30 januari 2010

Logfile of Trend Micro HijackThis v2.0.3 (BETA)

Scan saved at 20:52:38, on 30/01/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre1.5.0\bin\jusched.exe

C:\windows\system\hpsysdrv.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe

C:\HP\KBD\KBD.EXE

C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\InterVideo\Common\Bin\WinRemote.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\PROGRA~1\AVG\AVG9\avgtray.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\AVG\AVG9\avgemc.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Program Files\iPod\bin\iPodService.exe

c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\internet explorer\iexplore.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\internet explorer\iexplore.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAShCut.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe

O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"

O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1262981069093

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll

O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe

O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE

--

End of file - 9833 bytes

kape · 30 januari 2010

Start Hijackthis op. Ben je gebruiker van Vista kies dan voor “Run as administrator" of "Uitvoeren als administrator". Selecteer “Do a system scan only”. Selecteer alleen de items die hieronder zijn genoemd:

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)

Klik op 'Fix checked' om de items te verwijderen.

Download Combofix naar je Bureaublad.

Lees hier meer over correct gebruik van Combofix.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.

Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

Dubbelklik op Combofix.exe om het te starten.
Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
Volg de instructies, aanvaard de disclaimer door op Ja te klikken.
Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster (enkel voor XP, niet voor VISTA).
Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
Klik na afloop terug op Ja om het scannen op malware te starten.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.

patrickvan71 · 31 januari 2010

ComboFix 10-01-29.09 - HP_Eigenaar 31/01/2010 10:41:08.2.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.554 [GMT 1:00]

Gestart vanuit: c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Bureaublad\ComboFix.exe

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-12-28 to 2010-01-31 ))))))))))))))))))))))))))))))

.

2010-10-17 10:00 . 2010-10-17 10:00 -------- d-----w- C:\9bfe8073ddcad9580456b772

2010-10-17 10:00 . 2010-10-17 10:04 -------- d-----w- C:\963d7796bcda1ddaf65528d43bd98c

2010-01-30 19:51 . 2010-01-30 19:51 388096 ----a-r- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe

2010-01-30 19:51 . 2010-01-30 19:51 -------- d-----w- c:\program files\TrendMicro

2010-01-30 11:47 . 2010-01-30 11:47 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Application Data\Lavasoft

2010-01-30 11:09 . 2003-09-11 21:42 16384 ----a-w- c:\windows\system32\FileOps.exe

2010-01-30 11:06 . 2010-01-30 11:57 -------- d-----w- c:\program files\Diagnose-BK

2010-01-30 10:46 . 2010-01-30 12:10 -------- d-----w- C:\ElsaWin

2010-01-27 12:01 . 2010-01-18 13:49 1260800 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgfrw.exe

2010-01-21 19:53 . 2010-01-21 19:53 -------- d-----w- c:\program files\MSECache

2010-01-18 10:28 . 2010-01-18 10:28 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.010\Application Data\HPQ

2010-01-18 10:04 . 2010-01-18 10:04 -------- d-----w- c:\program files\AVG

2010-01-18 09:52 . 2010-10-17 10:10 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.010\Application Data\HpUpdate

2010-01-18 09:52 . 2010-01-18 09:52 -------- d-----w- c:\windows\Hewlett-Packard

2010-01-14 17:39 . 2010-01-14 17:39 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Application Data\AdobeUM

2010-01-12 18:35 . 2010-01-08 20:02 225280 --sh--r- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Application Data\ufxw.exe

2010-01-12 18:17 . 2010-01-22 14:46 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Local Settings\Application Data\Identities

2010-01-12 17:17 . 2010-01-19 13:22 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Local Settings\Application Data\Adobe

2010-01-09 18:20 . 2010-01-13 13:10 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Application Data\HpUpdate

2010-01-09 12:38 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll

2010-01-09 12:34 . 2010-01-08 16:54 4043032 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgui.exe

2010-01-09 12:34 . 2010-01-18 13:49 3777280 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\setup.exe

2010-01-09 12:34 . 2010-01-08 16:54 916248 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgcfgx.dll

2010-01-09 12:34 . 2010-01-08 16:54 2033432 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtray.exe

2010-01-09 12:34 . 2010-01-09 12:33 3966744 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgcorex.dll

2010-01-09 12:34 . 2010-01-08 16:54 2352920 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgresf.dll

2010-01-08 23:42 . 2010-01-08 23:47 -------- d-----r- c:\documents and settings\Default User\Menu Start

2010-01-08 23:40 . 2010-01-23 05:43 -------- d-sh--r- c:\windows\system32\dllcache

2010-01-08 23:40 . 2010-01-08 23:47 -------- d-----r- c:\windows\system32\config\systemprofile\Menu Start

2010-01-08 20:50 . 2010-01-08 20:50 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google

2010-01-08 20:46 . 2010-01-08 20:46 -------- d-sh--w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\IECompatCache

2010-01-08 20:45 . 2010-01-27 12:40 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Local Settings\Application Data\Google

2010-01-08 20:43 . 2010-01-08 20:43 -------- d-sh--w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\PrivacIE

2010-01-08 20:40 . 2010-01-08 20:40 -------- d-sh--w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\IETldCache

2010-01-08 20:27 . 2009-12-21 19:10 12800 ------w- c:\windows\system32\dllcache\xpshims.dll

2010-01-08 20:27 . 2009-12-21 19:10 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll

2010-01-08 20:27 . 2009-12-21 19:10 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll

2010-01-08 20:27 . 2009-12-21 19:10 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll

2010-01-08 20:27 . 2009-12-21 19:10 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll

2010-01-08 20:27 . 2009-12-21 19:10 11070464 ------w- c:\windows\system32\dllcache\ieframe.dll

2010-01-08 20:27 . 2009-10-02 04:44 92160 ------w- c:\windows\system32\dllcache\iecompat.dll

2010-01-08 20:12 . 2009-11-21 16:03 471552 ------w- c:\windows\system32\dllcache\aclayers.dll

2010-01-08 19:40 . 2010-01-08 19:40 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Bluetooth Software

2010-01-08 18:19 . 2010-01-30 19:14 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Tracing

2010-01-08 17:57 . 2010-01-08 20:40 -------- d-----w- c:\windows\system32\nl-nl

2010-01-08 17:57 . 2010-01-08 17:57 -------- d-----w- c:\windows\system32\nl

2010-01-08 17:57 . 2010-01-08 17:57 -------- d-----w- c:\windows\system32\bits

2010-01-08 17:34 . 2008-06-14 17:36 272640 ------w- c:\windows\system32\dllcache\bthport.sys

2010-01-08 17:33 . 2008-04-14 17:02 136192 ------w- c:\windows\system32\aaclient.dll

2010-01-08 17:31 . 2008-04-14 17:01 6144 ------w- c:\windows\system32\kbdiultn.dll

2010-01-08 17:30 . 2008-04-14 17:02 53248 ------w- c:\windows\system32\tsgqec.dll

2010-01-08 17:20 . 2009-10-15 16:38 81920 ------w- c:\windows\system32\dllcache\fontsub.dll

2010-01-08 17:20 . 2009-10-15 16:38 119808 ------w- c:\windows\system32\dllcache\t2embed.dll

2010-01-08 17:15 . 2009-06-21 21:49 153088 ------w- c:\windows\system32\dllcache\triedit.dll

2010-01-08 17:15 . 2008-12-11 10:57 333952 ------w- c:\windows\system32\dllcache\srv.sys

2010-01-08 17:15 . 2008-05-08 14:02 203136 ------w- c:\windows\system32\dllcache\rmcast.sys

2010-01-08 17:14 . 2009-07-31 04:35 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll

2010-01-08 17:14 . 2009-07-10 13:31 1315328 ------w- c:\windows\system32\dllcache\msoe.dll

2010-01-08 17:13 . 2008-04-21 21:16 218624 ------w- c:\windows\system32\dllcache\wordpad.exe

2010-01-08 17:12 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe

2010-01-08 17:12 . 2009-08-04 21:59 2193536 ------w- c:\windows\system32\dllcache\ntoskrnl.exe

2010-01-08 17:12 . 2009-03-06 14:23 285696 ------w- c:\windows\system32\dllcache\pdh.dll

2010-01-08 17:12 . 2009-02-09 11:27 111104 ------w- c:\windows\system32\dllcache\services.exe

2010-01-08 17:12 . 2009-02-09 10:56 401408 ------w- c:\windows\system32\dllcache\rpcss.dll

2010-01-08 17:12 . 2009-02-09 10:56 684544 ------w- c:\windows\system32\dllcache\advapi32.dll

2010-01-08 17:12 . 2009-02-09 10:56 473600 ------w- c:\windows\system32\dllcache\fastprox.dll

2010-01-08 17:12 . 2009-06-25 08:27 735232 ------w- c:\windows\system32\dllcache\lsasrv.dll

2010-01-08 17:12 . 2009-02-09 10:56 735744 ------w- c:\windows\system32\dllcache\ntdll.dll

2010-01-08 17:12 . 2009-02-09 10:56 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll

2010-01-08 17:12 . 2009-08-04 17:29 2149888 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe

2010-01-08 17:12 . 2009-08-04 17:29 2028544 ------w- c:\windows\system32\dllcache\ntkrpamp.exe

2010-01-08 17:11 . 2008-10-24 11:21 455296 ------w- c:\windows\system32\dllcache\mrxsmb.sys

2010-01-08 17:11 . 2008-05-01 14:37 331776 ------w- c:\windows\system32\dllcache\msadce.dll

2010-01-08 17:11 . 2009-08-25 09:20 354816 ------w- c:\windows\system32\dllcache\winhttp.dll

2010-01-08 17:11 . 2008-10-23 12:43 286720 ------w- c:\windows\system32\dllcache\gdi32.dll

2010-01-08 17:10 . 2009-06-25 08:27 54272 ------w- c:\windows\system32\dllcache\wdigest.dll

2010-01-08 17:10 . 2009-06-25 08:27 301568 ------w- c:\windows\system32\dllcache\kerberos.dll

2010-01-08 17:10 . 2009-09-11 14:20 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll

2010-01-08 17:10 . 2009-06-24 11:18 92928 ------w- c:\windows\system32\dllcache\ksecdd.sys

2010-01-08 17:08 . 2010-01-26 06:17 152576 ----a-w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Application Data\Sun\Java\jre1.6.0_17\lzma.dll

2010-01-08 17:08 . 2010-01-26 06:16 79488 ----a-w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll

2010-01-08 16:54 . 2010-01-08 16:54 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2010-01-08 16:54 . 2010-01-08 16:54 12464 ----a-w- c:\windows\system32\avgrsstx.dll

2010-01-08 16:54 . 2010-01-08 16:54 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2010-01-08 16:54 . 2010-01-08 16:54 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2010-01-08 16:54 . 2010-01-31 09:21 -------- d-----w- c:\windows\system32\drivers\Avg

2010-01-08 16:50 . 2008-04-11 19:06 691712 ------w- c:\windows\system32\dllcache\inetcomm.dll

2010-01-08 16:50 . 2008-10-15 16:37 337408 ------w- c:\windows\system32\dllcache\netapi32.dll

2010-01-08 16:44 . 2010-01-08 16:44 -------- d-sh--w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\UserData

2010-01-08 16:15 . 2010-01-14 18:05 27400 ----a-w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2010-01-08 16:15 . 2010-01-08 16:15 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Application Data\HP

2010-01-08 16:13 . 2010-01-22 19:45 -------- d--h--r- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Onlangs geopend

2010-01-08 16:13 . 2009-05-07 15:34 347136 ------w- c:\windows\system32\dllcache\localspl.dll

2010-01-08 16:12 . 2004-08-04 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll

2010-01-08 16:09 . 2005-10-11 15:37 -------- d-----w- c:\windows\system32\config\systemprofile\WINDOWS

2010-01-08 16:09 . 2010-01-08 23:47 -------- d--h--r- c:\windows\system32\config\systemprofile\Onlangs geopend

2010-01-08 16:08 . 2005-10-11 15:37 -------- d-----w- c:\documents and settings\Default User\WINDOWS

2010-01-08 15:02 . 2001-09-06 18:04 12288 ----a-w- c:\windows\system32\drivers\mouhid.sys

2010-01-08 15:02 . 2008-04-14 17:02 21504 ----a-w- c:\windows\system32\hidserv.dll

2010-01-08 15:02 . 2008-04-14 16:39 14720 ----a-w- c:\windows\system32\drivers\kbdhid.sys

2010-01-08 15:02 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys

2010-01-08 15:02 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

2010-01-08 15:02 . 2008-04-13 18:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys

2010-01-08 15:02 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2010-01-05 14:43 . 2010-01-08 15:20 -------- d--h--r- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.010\Onlangs geopend

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-01-14 17:50 . 2008-10-06 13:01 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS

2010-01-09 12:50 . 2004-12-03 17:15 70546 ----a-w- c:\windows\system32\perfc013.dat

2010-01-09 12:50 . 2004-12-03 17:15 443836 ----a-w- c:\windows\system32\perfh013.dat

2010-01-08 20:45 . 2005-10-11 15:47 -------- d-----w- c:\program files\Google

2010-01-08 20:29 . 2010-01-08 16:10 150 ----a-w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Local Settings\Application Data\fusioncache.dat

2010-01-08 18:00 . 2004-12-03 17:08 81583 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat

2010-01-08 16:52 . 2009-11-13 18:57 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9

2010-01-08 16:46 . 2005-10-11 15:50 -------- d-----w- c:\program files\Common Files\Symantec Shared

2010-01-08 16:46 . 2005-10-11 15:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec

2010-01-08 16:14 . 2005-10-11 15:26 113453 ----a-w- c:\windows\hpoins07.dat

2010-01-08 16:12 . 2010-01-08 16:11 1904 --sha-r- c:\windows\system32\drivers\103C_HP_CPC_EJ218AA-B14 w5240.be_YC_0Pavi_QCZD543_E54NLheBLU1_48_IPuffer2_SASUSTeK Computer INC._V1.xx_B3.26_T050930_WXH2_L413_M1024_J160_7Intel_8Pentium 4_93.2_#060131_N10EC8139_Z_G10DE0162.MRK

2009-12-21 19:10 . 2004-08-04 11:00 916480 ------w- c:\windows\system32\wininet.dll

2009-12-19 17:29 . 2009-08-04 08:37 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.010\Application Data\LimeWire

2009-12-12 19:20 . 2009-08-07 10:48 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.010\Application Data\Ahead

2009-12-12 18:05 . 2009-12-12 18:05 -------- d-----w- c:\program files\CCleaner

2009-12-12 17:57 . 2009-12-10 18:50 -------- d-----w- c:\program files\FindyKill

2009-12-09 16:12 . 2009-11-13 14:25 -------- d-----w- c:\program files\Unlocker

2009-12-09 16:12 . 2009-12-09 14:17 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.010\Application Data\SUPERAntiSpyware.com

2009-12-09 16:12 . 2009-12-09 14:17 -------- d-----w- c:\program files\SUPERAntiSpyware

2009-12-09 16:10 . 2007-12-06 19:18 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2009-12-09 14:17 . 2009-12-09 14:17 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com

2009-12-09 14:15 . 2009-12-09 14:13 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar

2009-12-09 13:27 . 2009-12-09 13:27 -------- d-----w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.010\Application Data\AVG9

2009-12-06 13:26 . 2009-11-01 19:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-12-06 13:25 . 2009-12-06 13:25 4844296 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

2009-11-27 13:54 . 2009-11-27 13:54 152576 ----a-w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.010\Application Data\Sun\Java\jre1.6.0_17\lzma.dll

2009-11-27 13:53 . 2009-11-27 13:53 79488 ----a-w- c:\documents and settings\HP_Eigenaar.UW-4B58D8528225.010\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll

2009-11-21 16:03 . 2006-02-01 04:25 471552 ----a-w- c:\windows\AppPatch\aclayers.dll

2004-08-09 21:30 . 2006-07-05 20:03 40960 ----a-w- c:\program files\Uninstall_CDS.exe

2006-02-01 07:02 . 2006-01-31 23:02 22 -csha-w- c:\windows\SMINST\HPCD.sys

.

((((((((((((((((((((((((((((( SnapShot@2010-01-30_19.06.46 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-01-30 19:51 . 2010-01-30 19:51 1093632 c:\windows\Installer\22bfb3.msi

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]

2009-11-25 12:01 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-04 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0\bin\jusched.exe" [2005-10-11 36972]

"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]

"Snelkoppeling naar eigenschappenvenster voor High Definition Audio"="HDAShCut.exe" [2005-01-07 61952]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656]

"nwiz"="nwiz.exe" [2005-08-02 1519616]

"SoundMan"="SOUNDMAN.EXE" [2005-05-04 90112]

"AlcWzrd"="ALCWZRD.EXE" [2005-05-04 2805248]

"RemoteControl"="c:\program files\ASUS\ASUS Remote\RemoteControlAppl.exe" [2005-06-10 61440]

"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]

"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]

"Home Theater SchSvr"="c:\program files\Common Files\InterVideo\SchSvr\SchSvr.exe" [2005-07-18 106496]

"WINREMOTE"="c:\program files\InterVideo\Common\Bin\WinRemote.exe" [2005-07-18 262144]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2005-05-04 278528]

"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]

"PCDrProfiler"="" [bU]

"PS2"="c:\windows\system32\ps2.exe" [2004-10-25 90112]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-01-09 2033432]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-27 561213]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Taskman"="c:\documents and settings\HP_Eigenaar.UW-4B58D8528225\Application Data\ufxw.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=

"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=

"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [8/01/2010 17:54 333192]

R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [8/01/2010 17:54 360584]

R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [8/01/2010 17:54 906520]

R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [9/12/2009 15:13 285392]

R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [11/10/2005 16:14 2786176]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8/01/2010 21:45 135664]

.

Inhoud van de 'Gedeelde Taken' map

2010-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 20:45]

2010-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 20:45]

2010-01-20 c:\windows\Tasks\Norton Security Scan for HP_Eigenaar.job

- c:\program files\Norton Security Scan\Nss.exe [2009-03-13 03:53]

2010-01-31 c:\windows\Tasks\User_Feed_Synchronization-{4602B838-EAFE-414F-BBB5-BB70560C1395}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.com/

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-01-31 10:47

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'explorer.exe'(3180)

c:\windows\system32\nview.dll

c:\windows\system32\NVWRSNL.DLL

c:\windows\system32\btmmhook.dll

c:\windows\system32\nvwddi.dll

c:\windows\system32\webcheck.dll

.

Voltooingstijd: 2010-01-31 10:48:54

ComboFix-quarantined-files.txt 2010-01-31 09:48

ComboFix2.txt 2010-01-30 19:08

ComboFix3.txt 2010-01-05 15:11

ComboFix4.txt 2009-12-09 14:07

ComboFix5.txt 2010-01-31 09:40

Pre-Run: 107.750.842.368 bytes beschikbaar

Post-Run: 107.731.730.432 bytes beschikbaar

- - End Of File - - 5E85244922DC16BFF6CD149EB624AC90

Logfile of Trend Micro HijackThis v2.0.3 (BETA)

Scan saved at 10:53:24, on 31/01/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Program Files\Java\jre1.5.0\bin\jusched.exe

C:\windows\system\hpsysdrv.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe

C:\HP\KBD\KBD.EXE

C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\InterVideo\Common\Bin\WinRemote.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\PROGRA~1\AVG\AVG9\avgtray.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\AVG\AVG9\avgemc.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Program Files\iPod\bin\iPodService.exe

c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE