Hi,

Je gebruikt nog een oude versie van HijackThis. Verwijder deze aub en download de nieuwste versie zoals beschreven staat in de onderstaande link, ga daarna verder met de onderstaande stappen.

http://www.nucia.eu/forum/showthread.php?t=28820

1.

Ik zie dat je TeaTimer van Spybot op de achtergrond hebt draaien, deze kan in de weg zitten met het fixen van HijackThis-regels. Zet daarom de TeaTimer eventjes uit, dit doe je op de volgende manier:

1. Start Spybot Search and Destroy.
2. Ga naar 'Mode' > selecteer Advanced Mode
3. Ga naar 'Tools' en klik op het Resident-icoon in de lijst
4. Haal het vinkje weg bij Resident TeaTimer en klik OK

5. Download nu [url=http://downloads.subratam.org/ResetTeaTimer.bat]ResetTeaTimer.bat naar je bureaublad. (rechtsklikken -> opslaan als..)
6. Open nu ResetTeaTimer.bat vanaf je bureaublad.

TeaTimer is nu uitgezet en gereset.


2.

* Leeg de Cache and Cookies in IE:

• Sluit Internet Explorer.
• Ga naar Configuratiescherm > Internet Opties > tab Algemeen
• Klik de Cookies verwijderen knop
• Klik op de Bestanden verwijderen knop ernaast
• Vink aan: Ook alle off line items verwijderen, klik OK

* Leeg de Cache and Cookies in Firefox (In geval Firefox geïnstalleerd is):

• Ga naar Extra > Opties.
• Klik Privacy in het menu.
• Klik op de knop Wissen (Geschiedenis, Cookies, Cache).
• Klik OK om het venster opnieuw te sluiten.

* Leeg andere Temporary files + Prullenbak

• Ga naar Start > Uitvoeren en typ: cleanmgr en klik ok.
• Laat het je systeem scannen op bestanden die moeten verwijderd worden
• Zorg er wel voor dat je daar enkel maar 'tijdelijke bestanden', 'tijdelijke internetbestanden'en 'prullenbak'staan aangevinkt.
• Klik daarna op OK.

3.

Ga naar Start -> Uitvoeren
Typ hier het volgende commando in: sc stop hpdj00
Herhaal dit met dit commando: sc delete hpdj00

4.

Download [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe]Combofix en sla het op je bureaublad op.

Open Combofix.exe en volg de instructies, aanvaard de disclaimer door "1"te typen.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

Het is mogelijk dat de PC zichzelf automatisch opnieuw opstart. Wanneer de fix is gedaan en na mogelijk herstart zal een log (combofix.txt) openen. Plaats de inhoud van dit bericht in je volgende reactie samen met een nieuw logje van HijackThis.

- Daniël

Hallo Daniel,

Hierbij de nieuwe logjes. Alvast heel hartelijk dank en fijne feestdagen!
Ciao,
Joep

Combofix:

ComboFix 07-12-21.4 - HP_Eigenaar 2007-12-24 11:20:13.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.168 [GMT 1:00]
Gestart vanuit: C:\Documents and Settings\HP_Eigenaar\Bureaublad\ComboFix(2).exe
.

(((((((((((((((((((( Bestanden Gemaakt van 2007-11-24 to 2007-12-24 ))))))))))))))))))))))))))))))
.

2007-12-24 11:06 . 2007-12-24 11:06 <DIR> d-------- C:\Program Files\Trend Micro
2007-12-24 11:00 . 2007-12-24 11:00 <DIR> d--h----- C:\Documents and Settings\LocalService\Sjablonen
2007-12-24 11:00 . 2007-12-24 11:00 <DIR> d--h----- C:\Documents and Settings\LocalService\Netwerkprinteromgeving
2007-12-24 11:00 . 2007-12-24 11:00 <DIR> dr------- C:\Documents and Settings\LocalService\Mijn documenten
2007-12-24 11:00 . 2007-12-24 11:00 <DIR> d-------- C:\Documents and Settings\LocalService\Menu Start
2007-12-24 11:00 . 2007-12-24 11:00 <DIR> d-------- C:\Documents and Settings\LocalService\Bureaublad
2007-12-23 19:06 . 2007-12-24 11:18 <DIR> dr-h----- C:\Documents and Settings\HP_Eigenaar\Onlangs geopend
2007-12-22 16:24 . 2007-12-22 16:24 <DIR> d-------- C:\Program Files\SystemGuards.com
2007-12-22 16:24 . 2007-12-22 16:24 <DIR> d-------- C:\Program Files\SoftwareClub.ws
2007-12-22 16:24 . 2002-03-04 12:27 1,140,472 --a------ C:\WINDOWS\system32\IGUltraGrid20.ocx
2007-12-22 16:24 . 2007-12-22 16:24 675,328 --a------ C:\WINDOWS\isRS-000.tmp
2007-12-22 16:24 . 2003-11-19 13:59 512,688 --a------ C:\WINDOWS\system32\XceedCry.dll
2007-12-22 16:24 . 2001-07-28 12:50 265,753 --a------ C:\WINDOWS\system32\AS-Exp2.ocx
2007-12-22 16:24 . 2004-03-08 23:00 131,856 --a------ C:\WINDOWS\system32\MSADODC.ocx
2007-12-22 16:24 . 2000-07-15 05:00 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL
2007-12-22 16:24 . 2001-04-20 01:28 28,672 --a------ C:\WINDOWS\system32\systray.ocx
2007-12-22 16:24 . 1999-01-26 19:36 11,012 --a------ C:\WINDOWS\system32\threadapi.tlb
2007-12-22 16:24 . 2006-05-31 15:38 10,752 --a------ C:\WINDOWS\system32\md5.dll
2007-12-21 16:18 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2007-12-14 21:57 . 2007-12-14 21:57 268 --ah----- C:\sqmdata07.sqm
2007-12-14 21:57 . 2007-12-14 21:57 244 --ah----- C:\sqmnoopt07.sqm
2007-11-25 11:26 . 2007-11-25 11:26 <DIR> d-------- C:\Program Files\FotoTagger
2007-11-25 11:26 . 2007-11-25 11:30 <DIR> d-------- C:\Documents and Settings\HP_Eigenaar\Application Data\FotoTagger

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-24 10:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-24 09:52 --------- d-----w C:\Documents and Settings\HP_Eigenaar\Application Data\Skype
2007-12-24 07:35 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs
2007-12-24 07:34 0 ----a-w C:\WINDOWS\system32\drivers\logiflt.iad
2007-12-23 07:00 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7
2007-12-21 15:18 --------- d-----w C:\Program Files\Java
2007-12-14 20:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
2007-11-28 16:46 --------- d-----w C:\Documents and Settings\Peter\Application Data\Nokia
2007-11-28 16:44 --------- d-----w C:\Documents and Settings\Peter\Application Data\Nokia Multimedia Player
2007-11-25 10:40 --------- d-----w C:\Program Files\Picasa2
2007-11-25 10:40 --------- d-----w C:\Program Files\Google
2007-11-18 23:52 --------- d-----w C:\Program Files\Common Files\LogiShrd
2007-11-18 23:48 --------- d-----w C:\Program Files\Common Files\Logitech
2007-11-18 23:45 --------- d-----w C:\Program Files\Logitech
2007-11-18 23:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logishrd
2007-11-16 07:50 --------- d-----w C:\Documents and Settings\HP_Eigenaar\Application Data\AVG7
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-07 15:42 --------- d-----w C:\Program Files\Common Files\Adobe
2007-11-04 14:04 --------- d-----w C:\Program Files\PowerArchiver
2007-11-03 14:00 --------- d-----w C:\Program Files\RogueRemover FREE
2007-10-29 22:45 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-24 07:09 --------- d-----w C:\Documents and Settings\Peter\Application Data\PC Suite
2007-10-12 02:00 490,008 ----a-w C:\WINDOWS\system32\LVUI2.dll
2007-10-12 02:00 465,432 ----a-w C:\WINDOWS\system32\LVUI2RC.dll
2007-10-12 01:57 416,280 ----a-w C:\WINDOWS\system32\lvcodec2.dll
2007-10-12 01:57 195,096 ----a-w C:\WINDOWS\system32\lvci1150.dll
2007-10-12 01:18 21,138 ----a-w C:\WINDOWS\system32\Repository.reg
2007-09-21 10:15 9,558 ----a-w C:\Program Files\hijackthis.log
2006-07-04 12:34 23,112 ----a-w C:\Documents and Settings\Peter\Application Data\GDIPFONTCACHEV1.DAT
2006-03-03 07:01 5,582,608 ----a-w C:\Program Files\all2mp3.exe
2006-03-02 18:41 1,665,325 ----a-w C:\Program Files\agsetup.exe
2006-03-02 18:33 318,136 ----a-w C:\Program Files\ripsetup.exe
2006-02-27 11:34 23,112 ----a-w C:\Documents and Settings\HP_Eigenaar\Application Data\GDIPFONTCACHEV1.DAT
2006-02-25 10:02 1,308,503 ----a-w C:\Program Files\ccsetup127.exe
2006-02-20 17:28 58,671 ----a-w C:\Program Files\StartupCPL.zip
2006-02-17 10:18 948,936 ----a-w C:\Program Files\install_flash_player.exe
2006-02-17 10:18 948,936 ----a-w C:\Program Files\install_flash_player-1.exe
2006-02-16 22:21 161,302 ----a-w C:\Program Files\mp3dc201.exe
2006-02-16 18:34 218,112 ----a-w C:\Program Files\hijackthis.exe
2006-02-16 13:45 6,701 ----a-w C:\Program Files\MessengerDisable.zip
2006-02-16 13:37 652,066 ----a-w C:\Program Files\mp3gain-win-1_2_5.zip
2006-02-16 09:26 318,775 ----a-w C:\Program Files\CleanUp40.exe
2006-02-16 04:30 8,288,692 ----a-w C:\Program Files\J2Sygate Personal Firewall Pro v5.5 Build 2710 Incl Keygen-Ror.rar
2006-02-15 19:47 6,650,536 ----a-w C:\Program Files\JSygate.Personal.Firewall.Pro.5.5.2364.rar
2006-02-15 18:09 5,037,072 ----a-w C:\Program Files\spybotsd14.exe
2006-02-15 16:10 553,687 ----a-w C:\Program Files\regcleaner.exe
2006-02-15 15:32 16,817,176 ----a-w C:\Program Files\avg71free_375a703.exe
2005-11-27 11:07 212,601 ----a-w C:\Program Files\hoster.zip
2005-09-21 13:16 5,080,296 ----a-w C:\Program Files\Firefox Setup 1.0.7.exe
2005-07-29 13:21 388,659 ----a-w C:\Program Files\doublekiller.zip
2005-06-04 08:26 1,072,262 ----a-w C:\Program Files\wrar35b4nl.exe
2005-05-31 14:11 2,855,080 ----a-w C:\Program Files\aawsepersonal.exe
2005-05-28 13:52 3,322,920 ----a-w C:\Program Files\picasa2-setup-1884.exe
2005-05-27 07:15 446,398 ----a-w C:\Program Files\ccsetup119.exe
2005-05-18 16:03 2,560,240 ----a-w C:\Program Files\spywareblastersetup34.exe
2005-05-16 09:09 5,921,024 ----a-w C:\Program Files\spamfighter.exe
2005-05-15 13:43 13,772,528 ----a-w C:\Program Files\Avi2Dvd_Setup.exe
2005-05-14 13:06 1,379,921 ----a-w C:\Program Files\videofixerSetup.exe
2005-05-13 15:48 2,481,850 ----a-w C:\Program Files\burn4free_setup.exe
2005-05-13 15:41 2,692,272 ----a-w C:\Program Files\DeepBurner1.exe
2005-05-13 14:33 11,284,970 ----a-w C:\Program Files\cdbxp_setup_3.0.116.zip
2005-05-13 14:26 3,894,249 ----a-w C:\Program Files\Alcohol120_trial_1_9_5_2802.exe
2005-05-13 12:26 4,406,144 ----a-w C:\Program Files\WinXP_NL_HOM_BF.exe
2005-05-13 11:46 5,077,936 ----a-w C:\Program Files\Firefox Setup 1.0.4.exe
2005-05-03 17:23 990,720 ----a-w C:\Program Files\bootvis.msi
2005-05-03 17:08 1,341,732 ----a-w C:\Program Files\installspeedfan423.exe
2005-05-03 16:56 3,142,859 ----a-w C:\Program Files\everesthome151.exe
2005-05-02 17:59 2,417,824 ----a-w C:\Program Files\winzip90.exe
2005-04-29 09:14 1,094,021 ----a-w C:\Program Files\dvdshrink32setup.zip
2005-04-24 09:46 2,513,056 ----a-w C:\Program Files\spywareblaster.exe
2005-04-24 09:44 22 ----a-w C:\Program Files\hosts.zip
2005-04-22 07:22 645,509 ----a-w C:\Program Files\mp3gain-win-1_2_3.exe
2005-04-22 06:05 1,225,644 ----a-w C:\Program Files\freeripmp3.exe
2005-04-20 16:53 3,533,819 ----a-w C:\Program Files\KLR007.exe
2005-04-20 14:11 6,331,904 ----a-w C:\Program Files\avwinsfx.exe
2005-04-19 17:17 77,824 ----a-w C:\Program Files\xp-AntiSpy3DT.exe
2005-04-19 16:20 2,513,056 ----a-w C:\Program Files\spywareblastersetup33.exe
2005-04-19 15:00 10,511,904 ----a-w C:\Program Files\RealPlayer10-5GOLD.exe
2005-04-19 13:10 2,519,558 ----a-w C:\Program Files\powarc920.exe
2005-04-19 13:01 4,354,084 ----a-w C:\Program Files\spybotsd13.exe
2005-04-19 12:00 1,478,437 ----a-w C:\Program Files\MailWasherFree.exe
2005-04-19 11:57 418,948 ----a-w C:\Program Files\ccsetup118.exe
2007-03-17 00:23 39,992 --sha-w C:\WINDOWS\Samples\SThumbs.dat
2007-05-27 12:48 541,944 --sha-w C:\WINDOWS\Samples\G\SThumbs.dat
2007-06-02 14:26 1,334,808 --sha-w C:\WINDOWS\Samples\Str\SThumbs.dat
2005-05-15 21:58 0 -csha-w C:\WINDOWS\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\An notatedJpgOverlay]
@={846F1C20-3769-4659-BFDC-088B51FBFBD8}

[HKEY_CLASSES_ROOT\CLSID\{846F1C20-3769-4659-BFDC-088B51FBFBD8}]
2007-03-20 22:46 356352 --a------ C:\Program Files\FotoTagger\FotoTaggerToolbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:00]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-05-28 13:52]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-01-19 12:49]
"ares"="C:\Program Files\Ares\Ares.exe" [2007-07-16 22:54]
"PowerArchiver Tray"="C:\Program Files\PowerArchiver\PASTARTER.EXE" [2007-03-20 21:39]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 18:53]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 13:03]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 13:03]
"nwiz"="nwiz.exe" [2004-09-29 20:23 C:\WINDOWS\system32\nwiz.exe]
"VTTimer"="VTTimer.exe"
"SiSPower"="Rundll32.exe" [2004-08-04 04:00 C:\WINDOWS\system32\rundll32.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 17:06 C:\WINDOWS\AGRSMMSG.exe]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 21:54]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-12-21 13:24]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-02-15 18:30]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11]
"AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-07-31 23:14]
"hcenter"="C:\Program Files\Support.com\bin\tgcmd.exe" [2005-05-20 11:22]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 18:40]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 15:44]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 01:03 C:\WINDOWS\system32\bthprops.cpl]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"System Guards"="C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe" [2007-11-08 16:07]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-04 04:00 C:\WINDOWS\system32\rundll32.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe" [2007-10-25 09:25]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 09:17]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="C:\Program Files\Common Files\logishrd\WUApp32.exe" [2007-10-12 03:03]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-06-21 11:29:20]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-29 05:31:38]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Eigenaar^Menu Start^Programma's^Opstarten^Internet Explorer.lnk]
path=C:\Documents and Settings\HP_Eigenaar\Menu Start\Programma's\Opstarten\Internet Explorer.lnk
backup=C:\WINDOWS\pss\Internet Explorer.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
2002-07-31 23:14 684032 --a------ C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2004-06-09 22:09 286720 --a------ C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE -quiet

R2 sgSchedulerService;sgSchedulerService;C:\Program Files\SystemGuards.com\SystemGuards\sgScheduleService.exe [2007-09-04 11:44]
S3 MEMSWEEP2;MEMSWEEP2;C:\WINDOWS\system32\B0.tmp

*Newly Created Service* - SGSCHEDULERSERVICE
.
Inhoud van de 'Gedeelde Taken' map
"2005-01-01 18:33:09 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
"2007-12-24 08:00:00 C:\WINDOWS\Tasks\SyncBack Overigen Peter 01-09-2007.job"
- C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-24 11:23:08
Windows 5.1.2600 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
Voltooingstijd: 2007-12-24 11:24:15
C:\ComboFix-quarantined-files.txt ... 2007-12-21 16:07
C:\ComboFix2.txt ... 2007-12-24 11:17
C:\ComboFix3.txt ... 2007-12-21 16:08
.
2007-12-14 20:47:35 --- E O F ---

Hijack:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:36:28, on 24/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SystemGuards.com\SystemGuards\sgScheduleService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\PowerArchiver\PASTARTER.EXE
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\HP_Eigenaar\Bureaublad\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [hcenter] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [System Guards] C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08ce -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08ce -f video -m logitech -d 11.0.0.1217 (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1152364260331
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: sgSchedulerService - Unknown owner - C:\Program Files\SystemGuards.com\SystemGuards\sgScheduleService.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)

--
End of file - 11678 bytes

Oeps...........had volgens mij weer de oude versie van Hijackthis.....hierbij de laatste met log.
Ciao!!
Joep

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:46:29, on 24/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SystemGuards.com\SystemGuards\sgScheduleService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\PowerArchiver\PASTARTER.EXE
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Eigenaar\Bureaublad\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [hcenter] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [System Guards] C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08ce -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08ce -f video -m logitech -d 11.0.0.1217 (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1152364260331
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: sgSchedulerService - Unknown owner - C:\Program Files\SystemGuards.com\SystemGuards\sgScheduleService.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)

--
End of file - 11332 bytes

Je gebruikt nog steeds de oude versie van HijackThis
Maak aub een logje met de nieuwste versie...

Hoi!

Ik snap het even niet.......Trend Micro HijackThis v2.0.2 is toch de nieuwste versie? Heb hem gedownd via dit forum Of mis ik iets?
Groetjes,
Joep

Sorry, mijn fout...

Ik had het tweede log niet gezien, keek alleen naar het eerste log dat je gepost had samen met je ComboFix log.


Open een nieuw kladblok bestand.

Kopieer en plak daarin de onderstaande dik gedrukte blauwe tekst.
Ga naar 'Bestand' -> 'Opslaan als..' en sla het vervolgens op je bureaublad op als CFScript.txt.
Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld:



Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.
Post na herstart de inhoud van de Combofix.txt in je volgende antwoord samen met een nieuw logje van HijackThis.

Hoi,

Sorry dat mijn reply zo lang op zich heeft laten wachten......hierbij de nieuwe logjes.
Thx en greetz,
Joep

ComboFix 08-01-03.4 - HP_Eigenaar 2008-01-03 10:56:34.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.181 [GMT 1:00]Gestart vanuit: C:\Documents and Settings\HP_Eigenaar\Bureaublad\ComboFix(2).exe
Command switches used :: C:\Documents and Settings\HP_Eigenaar\Bureaublad\CFScript.txt
* Nieuw herstelpunt werd aangemaakt
.

(((((((((((((((((((( Bestanden Gemaakt van 2007-12-03 to 2008-01-03 ))))))))))))))))))))))))))))))
.

2007-12-27 16:50 . 2008-01-03 10:48 <DIR> dr-h----- C:\Documents and Settings\HP_Eigenaar\Onlangs geopend
2007-12-24 11:06 . 2007-12-24 11:06 <DIR> d-------- C:\Program Files\Trend Micro
2007-12-24 11:00 . 2007-12-24 11:00 <DIR> d--h----- C:\Documents and Settings\LocalService\Sjablonen
2007-12-24 11:00 . 2007-12-24 11:00 <DIR> d--h----- C:\Documents and Settings\LocalService\Netwerkprinteromgeving
2007-12-24 11:00 . 2007-12-24 11:00 <DIR> dr------- C:\Documents and Settings\LocalService\Mijn documenten
2007-12-24 11:00 . 2007-12-24 11:00 <DIR> d-------- C:\Documents and Settings\LocalService\Menu Start
2007-12-24 11:00 . 2007-12-24 11:00 <DIR> d-------- C:\Documents and Settings\LocalService\Bureaublad
2007-12-22 16:24 . 2007-12-22 16:24 <DIR> d-------- C:\Program Files\SoftwareClub.ws

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-03 10:04 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs
2008-01-03 10:04 0 ----a-w C:\WINDOWS\system32\drivers\logiflt.iad
2008-01-03 09:49 --------- d-----w C:\Documents and Settings\HP_Eigenaar\Application Data\Skype
2008-01-01 18:14 --------- d-----w C:\Program Files\PowerArchiver
2008-01-01 08:03 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7
2007-12-27 15:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-21 15:18 --------- d-----w C:\Program Files\Java
2007-12-14 20:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
2007-11-28 16:46 --------- d-----w C:\Documents and Settings\Peter\Application Data\Nokia
2007-11-28 16:44 --------- d-----w C:\Documents and Settings\Peter\Application Data\Nokia Multimedia Player
2007-11-25 10:40 --------- d-----w C:\Program Files\Picasa2
2007-11-25 10:40 --------- d-----w C:\Program Files\Google
2007-11-25 10:30 --------- d-----w C:\Documents and Settings\HP_Eigenaar\Application Data\FotoTagger
2007-11-25 10:26 --------- d-----w C:\Program Files\FotoTagger
2007-11-18 23:52 --------- d-----w C:\Program Files\Common Files\LogiShrd
2007-11-18 23:48 --------- d-----w C:\Program Files\Common Files\Logitech
2007-11-18 23:45 --------- d-----w C:\Program Files\Logitech
2007-11-18 23:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logishrd
2007-11-16 07:50 --------- d-----w C:\Documents and Settings\HP_Eigenaar\Application Data\AVG7
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-07 15:42 --------- d-----w C:\Program Files\Common Files\Adobe
2007-11-03 14:00 --------- d-----w C:\Program Files\RogueRemover FREE
2007-09-21 10:15 9,558 ----a-w C:\Program Files\hijackthis.log
2006-07-04 12:34 23,112 ----a-w C:\Documents and Settings\Peter\Application Data\GDIPFONTCACHEV1.DAT
2006-03-03 07:01 5,582,608 ----a-w C:\Program Files\all2mp3.exe
2006-03-02 18:41 1,665,325 ----a-w C:\Program Files\agsetup.exe
2006-03-02 18:33 318,136 ----a-w C:\Program Files\ripsetup.exe
2006-02-27 11:34 23,112 ----a-w C:\Documents and Settings\HP_Eigenaar\Application Data\GDIPFONTCACHEV1.DAT
2006-02-25 10:02 1,308,503 ----a-w C:\Program Files\ccsetup127.exe
2006-02-20 17:28 58,671 ----a-w C:\Program Files\StartupCPL.zip
2006-02-17 10:18 948,936 ----a-w C:\Program Files\install_flash_player.exe
2006-02-17 10:18 948,936 ----a-w C:\Program Files\install_flash_player-1.exe
2006-02-16 22:21 161,302 ----a-w C:\Program Files\mp3dc201.exe
2006-02-16 18:34 218,112 ----a-w C:\Program Files\hijackthis.exe
2006-02-16 13:45 6,701 ----a-w C:\Program Files\MessengerDisable.zip
2006-02-16 13:37 652,066 ----a-w C:\Program Files\mp3gain-win-1_2_5.zip
2006-02-16 09:26 318,775 ----a-w C:\Program Files\CleanUp40.exe
2006-02-16 04:30 8,288,692 ----a-w C:\Program Files\J2Sygate Personal Firewall Pro v5.5 Build 2710 Incl Keygen-Ror.rar
2006-02-15 19:47 6,650,536 ----a-w C:\Program Files\JSygate.Personal.Firewall.Pro.5.5.2364.rar
2006-02-15 18:09 5,037,072 ----a-w C:\Program Files\spybotsd14.exe
2006-02-15 16:10 553,687 ----a-w C:\Program Files\regcleaner.exe
2006-02-15 15:32 16,817,176 ----a-w C:\Program Files\avg71free_375a703.exe
2005-11-27 11:07 212,601 ----a-w C:\Program Files\hoster.zip
2005-09-21 13:16 5,080,296 ----a-w C:\Program Files\Firefox Setup 1.0.7.exe
2005-07-29 13:21 388,659 ----a-w C:\Program Files\doublekiller.zip
2005-06-04 08:26 1,072,262 ----a-w C:\Program Files\wrar35b4nl.exe
2005-05-31 14:11 2,855,080 ----a-w C:\Program Files\aawsepersonal.exe
2005-05-28 13:52 3,322,920 ----a-w C:\Program Files\picasa2-setup-1884.exe
2005-05-27 07:15 446,398 ----a-w C:\Program Files\ccsetup119.exe
2005-05-18 16:03 2,560,240 ----a-w C:\Program Files\spywareblastersetup34.exe
2005-05-16 09:09 5,921,024 ----a-w C:\Program Files\spamfighter.exe
2005-05-15 13:43 13,772,528 ----a-w C:\Program Files\Avi2Dvd_Setup.exe
2005-05-14 13:06 1,379,921 ----a-w C:\Program Files\videofixerSetup.exe
2005-05-13 15:48 2,481,850 ----a-w C:\Program Files\burn4free_setup.exe
2005-05-13 15:41 2,692,272 ----a-w C:\Program Files\DeepBurner1.exe
2005-05-13 14:33 11,284,970 ----a-w C:\Program Files\cdbxp_setup_3.0.116.zip
2005-05-13 14:26 3,894,249 ----a-w C:\Program Files\Alcohol120_trial_1_9_5_2802.exe
2005-05-13 12:26 4,406,144 ----a-w C:\Program Files\WinXP_NL_HOM_BF.exe
2005-05-13 11:46 5,077,936 ----a-w C:\Program Files\Firefox Setup 1.0.4.exe
2005-05-03 17:23 990,720 ----a-w C:\Program Files\bootvis.msi
2005-05-03 17:08 1,341,732 ----a-w C:\Program Files\installspeedfan423.exe
2005-05-03 16:56 3,142,859 ----a-w C:\Program Files\everesthome151.exe
2005-05-02 17:59 2,417,824 ----a-w C:\Program Files\winzip90.exe
2005-04-29 09:14 1,094,021 ----a-w C:\Program Files\dvdshrink32setup.zip
2005-04-24 09:46 2,513,056 ----a-w C:\Program Files\spywareblaster.exe
2005-04-24 09:44 22 ----a-w C:\Program Files\hosts.zip
2005-04-22 07:22 645,509 ----a-w C:\Program Files\mp3gain-win-1_2_3.exe
2005-04-22 06:05 1,225,644 ----a-w C:\Program Files\freeripmp3.exe
2005-04-20 16:53 3,533,819 ----a-w C:\Program Files\KLR007.exe
2005-04-20 14:11 6,331,904 ----a-w C:\Program Files\avwinsfx.exe
2005-04-19 17:17 77,824 ----a-w C:\Program Files\xp-AntiSpy3DT.exe
2005-04-19 16:20 2,513,056 ----a-w C:\Program Files\spywareblastersetup33.exe
2005-04-19 15:00 10,511,904 ----a-w C:\Program Files\RealPlayer10-5GOLD.exe
2005-04-19 13:10 2,519,558 ----a-w C:\Program Files\powarc920.exe
2005-04-19 13:01 4,354,084 ----a-w C:\Program Files\spybotsd13.exe
2005-04-19 12:00 1,478,437 ----a-w C:\Program Files\MailWasherFree.exe
2005-04-19 11:57 418,948 ----a-w C:\Program Files\ccsetup118.exe
2007-03-17 00:23 39,992 --sha-w C:\WINDOWS\Samples\SThumbs.dat
2007-05-27 12:48 541,944 --sha-w C:\WINDOWS\Samples\G\SThumbs.dat
2007-06-02 14:26 1,334,808 --sha-w C:\WINDOWS\Samples\Str\SThumbs.dat
2005-05-15 21:58 0 -csha-w C:\WINDOWS\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\An notatedJpgOverlay]
@={846F1C20-3769-4659-BFDC-088B51FBFBD8}

[HKEY_CLASSES_ROOT\CLSID\{846F1C20-3769-4659-BFDC-088B51FBFBD8}]
2007-03-20 22:46 356352 --a------ C:\Program Files\FotoTagger\FotoTaggerToolbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:00 15360]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-05-28 13:52 23458344]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-01-19 12:49 4670968]
"ares"="C:\Program Files\Ares\Ares.exe" [2007-07-16 22:54 961536]
"PowerArchiver Tray"="C:\Program Files\PowerArchiver\PASTARTER.EXE" [2007-03-20 21:39 141352]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 18:53 49152]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 13:03 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 13:03 81920]
"nwiz"="nwiz.exe" [2004-09-29 20:23 921600 C:\WINDOWS\system32\nwiz.exe]
"VTTimer"="VTTimer.exe"
"SiSPower"="SiSPower.dll" [2004-09-24 09:49 49152 C:\WINDOWS\system32\SiSPower.dll]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 17:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 21:54 253952]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-12-21 13:24 579072]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-02-15 18:30 180269]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-07-31 23:14 684032]
"hcenter"="C:\Program Files\Support.com\bin\tgcmd.exe" [2005-05-20 11:22 1757184]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 18:40 2577632]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 15:44 61440]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 01:03 110592 C:\WINDOWS\system32\bthprops.cpl]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10 271360]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-09-29 20:23 4603904]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe" [2007-10-25 09:25 219136]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 09:17 1241088]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="C:\Program Files\Common Files\logishrd\WUApp32.exe" [2007-10-12 03:03 439568]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-06-21 11:29:20]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-29 05:31:38]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Eigenaar^Menu Start^Programma's^Opstarten^Internet Explorer.lnk]
path=C:\Documents and Settings\HP_Eigenaar\Menu Start\Programma's\Opstarten\Internet Explorer.lnk
backup=C:\WINDOWS\pss\Internet Explorer.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
2002-07-31 23:14 684032 --a------ C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2004-06-09 22:09 286720 --a------ C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE -quiet


.
Inhoud van de 'Gedeelde Taken' map
"2005-01-01 18:33:09 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
"2008-01-01 08:00:00 C:\WINDOWS\Tasks\SyncBack Overigen Peter 01-09-2007.job"
- C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-03 11:05:56
Windows 5.1.2600 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
Voltooingstijd: 2008-01-03 11:10:58 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-03 10:10:54
ComboFix2.txt 2007-12-24 10:24:18
ComboFix3.txt 2007-12-24 10:17:49
ComboFix4.txt 2007-12-21 15:08:19
.
2007-12-14 20:47:35 --- E O F ---


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:13:38, on 03/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\PowerArchiver\PASTARTER.EXE
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Eigenaar\Bureaublad\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [hcenter] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08ce -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08ce -f video -m logitech -d 11.0.0.1217 (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1152364260331
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)

--
End of file - 11026 bytes

Hallo,

Kreeg een mailtje dat er 7 dagen niet meer op dit topic is gereageerd.....ben erg benieuwd of mijn logjes er nu goed uitzien (zie hierboven)!
Greetz,
Joep

Hallo Joep,

Het ziet er goed uit hoor, heb je nog problemen?
Zo niet mag je dit eventjes doen:

Ga naar Start -> Uitvoeren
Typ in: ComboFix /U en druk op OK.

- Daniël

Hallo Daniel,

Nee, ik heb geen problemen meer, dus ik zet deze vraag op ' opgelost'. Heel hartelijk dank!
Greetzzz,
Joep