Mededeling

Collapse
No announcement yet.

Cpu zeer traag na aanklikken foute link

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Cpu zeer traag na aanklikken foute link

    Hallo,

    Na vanochtend een ' foute link' aangeklikt te hebben (dacht dat het een kerstkaart van een kennis was, maar bleek een portugese site waarna een bestand zich wilde laten uitvoeren) is mijn cpu supertraag. Daarnaast kan ik geen sites meer openen waarvoor JAVA nodig is. Heb JAVA al opnieuw geinstalleerd, maar lost niets op. Verder spybot en adaware laten draaien maar die vinden niets.......Zou iemand naar dit log willen kijken om te zien of er wat verdachts op te vinden is? Alvast heel hartelijk dank!
    Greetz,
    Joep

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 13:45, on 2007-12-21
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\Support.com\bin\tgcmd.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Ares\Ares.exe
    C:\Program Files\PowerArchiver\PASTARTER.EXE
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
    C:\Program Files\Skype\Plugin Manager\SkypePM.exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\HP_Eigenaar\Bureaublad\HiJackThis_v2.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
    O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [hcenter] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08ce -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08ce -f video -m logitech -d 11.0.0.1217 (User 'Default user')
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1152364260331
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpdj00 - Unknown owner - C:\DOCUME~1\HP_EIG~1\LOCALS~1\Temp\hpdj00.exe (file missing)
    O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)

    --
    End of file - 11591 bytes

  • #2
    Hi,

    Je gebruikt nog een oude versie van HijackThis. Verwijder deze aub en download de nieuwste versie zoals beschreven staat in de onderstaande link, ga daarna verder met de onderstaande stappen.

    http://www.nucia.eu/forum/showthread.php?t=28820

    1.

    Ik zie dat je TeaTimer van Spybot op de achtergrond hebt draaien, deze kan in de weg zitten met het fixen van HijackThis-regels. Zet daarom de TeaTimer eventjes uit, dit doe je op de volgende manier:

    1. Start Spybot Search and Destroy.
    2. Ga naar 'Mode' > selecteer Advanced Mode
    3. Ga naar 'Tools' en klik op het Resident-icoon in de lijst
    4. Haal het vinkje weg bij Resident TeaTimer en klik OK

    5. Download nu [url=http://downloads.subratam.org/ResetTeaTimer.bat]ResetTeaTimer.bat naar je bureaublad. (rechtsklikken -> opslaan als..)
    6. Open nu ResetTeaTimer.bat vanaf je bureaublad.

    TeaTimer is nu uitgezet en gereset.


    2.

    * Leeg de Cache and Cookies in IE:
    • Sluit Internet Explorer.
    • Ga naar Configuratiescherm > Internet Opties > tab Algemeen
    • Klik de Cookies verwijderen knop
    • Klik op de Bestanden verwijderen knop ernaast
    • Vink aan: Ook alle off line items verwijderen, klik OK
    * Leeg de Cache and Cookies in Firefox (In geval Firefox geïnstalleerd is):
    • Ga naar Extra > Opties.
    • Klik Privacy in het menu.
    • Klik op de knop Wissen (Geschiedenis, Cookies, Cache).
    • Klik OK om het venster opnieuw te sluiten.
    * Leeg andere Temporary files + Prullenbak
    • Ga naar Start > Uitvoeren en typ: cleanmgr en klik ok.
    • Laat het je systeem scannen op bestanden die moeten verwijderd worden
    • Zorg er wel voor dat je daar enkel maar 'tijdelijke bestanden', 'tijdelijke internetbestanden'en 'prullenbak'staan aangevinkt.
    • Klik daarna op OK.

    3.

    Ga naar Start -> Uitvoeren
    Typ hier het volgende commando in: sc stop hpdj00
    Herhaal dit met dit commando: sc delete hpdj00

    4.

    Download [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe]Combofix en sla het op je bureaublad op.

    Open Combofix.exe en volg de instructies, aanvaard de disclaimer door "1"te typen.
    Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

    Het is mogelijk dat de PC zichzelf automatisch opnieuw opstart. Wanneer de fix is gedaan en na mogelijk herstart zal een log (combofix.txt) openen. Plaats de inhoud van dit bericht in je volgende reactie samen met een nieuw logje van HijackThis.

    - Daniël
    Last edited by BendeBoy; 24-12-07, 00:28.

    Comment


    • #3
      Hallo Daniel,

      Hierbij de nieuwe logjes. Alvast heel hartelijk dank en fijne feestdagen!
      Ciao,
      Joep

      Combofix:

      ComboFix 07-12-21.4 - HP_Eigenaar 2007-12-24 11:20:13.2 - NTFSx86
      Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.168 [GMT 1:00]
      Gestart vanuit: C:\Documents and Settings\HP_Eigenaar\Bureaublad\ComboFix(2).exe
      .

      (((((((((((((((((((( Bestanden Gemaakt van 2007-11-24 to 2007-12-24 ))))))))))))))))))))))))))))))
      .

      2007-12-24 11:06 . 2007-12-24 11:06 <DIR> d-------- C:\Program Files\Trend Micro
      2007-12-24 11:00 . 2007-12-24 11:00 <DIR> d--h----- C:\Documents and Settings\LocalService\Sjablonen
      2007-12-24 11:00 . 2007-12-24 11:00 <DIR> d--h----- C:\Documents and Settings\LocalService\Netwerkprinteromgeving
      2007-12-24 11:00 . 2007-12-24 11:00 <DIR> dr------- C:\Documents and Settings\LocalService\Mijn documenten
      2007-12-24 11:00 . 2007-12-24 11:00 <DIR> d-------- C:\Documents and Settings\LocalService\Menu Start
      2007-12-24 11:00 . 2007-12-24 11:00 <DIR> d-------- C:\Documents and Settings\LocalService\Bureaublad
      2007-12-23 19:06 . 2007-12-24 11:18 <DIR> dr-h----- C:\Documents and Settings\HP_Eigenaar\Onlangs geopend
      2007-12-22 16:24 . 2007-12-22 16:24 <DIR> d-------- C:\Program Files\SystemGuards.com
      2007-12-22 16:24 . 2007-12-22 16:24 <DIR> d-------- C:\Program Files\SoftwareClub.ws
      2007-12-22 16:24 . 2002-03-04 12:27 1,140,472 --a------ C:\WINDOWS\system32\IGUltraGrid20.ocx
      2007-12-22 16:24 . 2007-12-22 16:24 675,328 --a------ C:\WINDOWS\isRS-000.tmp
      2007-12-22 16:24 . 2003-11-19 13:59 512,688 --a------ C:\WINDOWS\system32\XceedCry.dll
      2007-12-22 16:24 . 2001-07-28 12:50 265,753 --a------ C:\WINDOWS\system32\AS-Exp2.ocx
      2007-12-22 16:24 . 2004-03-08 23:00 131,856 --a------ C:\WINDOWS\system32\MSADODC.ocx
      2007-12-22 16:24 . 2000-07-15 05:00 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL
      2007-12-22 16:24 . 2001-04-20 01:28 28,672 --a------ C:\WINDOWS\system32\systray.ocx
      2007-12-22 16:24 . 1999-01-26 19:36 11,012 --a------ C:\WINDOWS\system32\threadapi.tlb
      2007-12-22 16:24 . 2006-05-31 15:38 10,752 --a------ C:\WINDOWS\system32\md5.dll
      2007-12-21 16:18 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
      2007-12-14 21:57 . 2007-12-14 21:57 268 --ah----- C:\sqmdata07.sqm
      2007-12-14 21:57 . 2007-12-14 21:57 244 --ah----- C:\sqmnoopt07.sqm
      2007-11-25 11:26 . 2007-11-25 11:26 <DIR> d-------- C:\Program Files\FotoTagger
      2007-11-25 11:26 . 2007-11-25 11:30 <DIR> d-------- C:\Documents and Settings\HP_Eigenaar\Application Data\FotoTagger

      .
      ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2007-12-24 10:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      2007-12-24 09:52 --------- d-----w C:\Documents and Settings\HP_Eigenaar\Application Data\Skype
      2007-12-24 07:35 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs
      2007-12-24 07:34 0 ----a-w C:\WINDOWS\system32\drivers\logiflt.iad
      2007-12-23 07:00 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7
      2007-12-21 15:18 --------- d-----w C:\Program Files\Java
      2007-12-14 20:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
      2007-11-28 16:46 --------- d-----w C:\Documents and Settings\Peter\Application Data\Nokia
      2007-11-28 16:44 --------- d-----w C:\Documents and Settings\Peter\Application Data\Nokia Multimedia Player
      2007-11-25 10:40 --------- d-----w C:\Program Files\Picasa2
      2007-11-25 10:40 --------- d-----w C:\Program Files\Google
      2007-11-18 23:52 --------- d-----w C:\Program Files\Common Files\LogiShrd
      2007-11-18 23:48 --------- d-----w C:\Program Files\Common Files\Logitech
      2007-11-18 23:45 --------- d-----w C:\Program Files\Logitech
      2007-11-18 23:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logishrd
      2007-11-16 07:50 --------- d-----w C:\Documents and Settings\HP_Eigenaar\Application Data\AVG7
      2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
      2007-11-07 15:42 --------- d-----w C:\Program Files\Common Files\Adobe
      2007-11-04 14:04 --------- d-----w C:\Program Files\PowerArchiver
      2007-11-03 14:00 --------- d-----w C:\Program Files\RogueRemover FREE
      2007-10-29 22:45 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll
      2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
      2007-10-24 07:09 --------- d-----w C:\Documents and Settings\Peter\Application Data\PC Suite
      2007-10-12 02:00 490,008 ----a-w C:\WINDOWS\system32\LVUI2.dll
      2007-10-12 02:00 465,432 ----a-w C:\WINDOWS\system32\LVUI2RC.dll
      2007-10-12 01:57 416,280 ----a-w C:\WINDOWS\system32\lvcodec2.dll
      2007-10-12 01:57 195,096 ----a-w C:\WINDOWS\system32\lvci1150.dll
      2007-10-12 01:18 21,138 ----a-w C:\WINDOWS\system32\Repository.reg
      2007-09-21 10:15 9,558 ----a-w C:\Program Files\hijackthis.log
      2006-07-04 12:34 23,112 ----a-w C:\Documents and Settings\Peter\Application Data\GDIPFONTCACHEV1.DAT
      2006-03-03 07:01 5,582,608 ----a-w C:\Program Files\all2mp3.exe
      2006-03-02 18:41 1,665,325 ----a-w C:\Program Files\agsetup.exe
      2006-03-02 18:33 318,136 ----a-w C:\Program Files\ripsetup.exe
      2006-02-27 11:34 23,112 ----a-w C:\Documents and Settings\HP_Eigenaar\Application Data\GDIPFONTCACHEV1.DAT
      2006-02-25 10:02 1,308,503 ----a-w C:\Program Files\ccsetup127.exe
      2006-02-20 17:28 58,671 ----a-w C:\Program Files\StartupCPL.zip
      2006-02-17 10:18 948,936 ----a-w C:\Program Files\install_flash_player.exe
      2006-02-17 10:18 948,936 ----a-w C:\Program Files\install_flash_player-1.exe
      2006-02-16 22:21 161,302 ----a-w C:\Program Files\mp3dc201.exe
      2006-02-16 18:34 218,112 ----a-w C:\Program Files\hijackthis.exe
      2006-02-16 13:45 6,701 ----a-w C:\Program Files\MessengerDisable.zip
      2006-02-16 13:37 652,066 ----a-w C:\Program Files\mp3gain-win-1_2_5.zip
      2006-02-16 09:26 318,775 ----a-w C:\Program Files\CleanUp40.exe
      2006-02-16 04:30 8,288,692 ----a-w C:\Program Files\J2Sygate Personal Firewall Pro v5.5 Build 2710 Incl Keygen-Ror.rar
      2006-02-15 19:47 6,650,536 ----a-w C:\Program Files\JSygate.Personal.Firewall.Pro.5.5.2364.rar
      2006-02-15 18:09 5,037,072 ----a-w C:\Program Files\spybotsd14.exe
      2006-02-15 16:10 553,687 ----a-w C:\Program Files\regcleaner.exe
      2006-02-15 15:32 16,817,176 ----a-w C:\Program Files\avg71free_375a703.exe
      2005-11-27 11:07 212,601 ----a-w C:\Program Files\hoster.zip
      2005-09-21 13:16 5,080,296 ----a-w C:\Program Files\Firefox Setup 1.0.7.exe
      2005-07-29 13:21 388,659 ----a-w C:\Program Files\doublekiller.zip
      2005-06-04 08:26 1,072,262 ----a-w C:\Program Files\wrar35b4nl.exe
      2005-05-31 14:11 2,855,080 ----a-w C:\Program Files\aawsepersonal.exe
      2005-05-28 13:52 3,322,920 ----a-w C:\Program Files\picasa2-setup-1884.exe
      2005-05-27 07:15 446,398 ----a-w C:\Program Files\ccsetup119.exe
      2005-05-18 16:03 2,560,240 ----a-w C:\Program Files\spywareblastersetup34.exe
      2005-05-16 09:09 5,921,024 ----a-w C:\Program Files\spamfighter.exe
      2005-05-15 13:43 13,772,528 ----a-w C:\Program Files\Avi2Dvd_Setup.exe
      2005-05-14 13:06 1,379,921 ----a-w C:\Program Files\videofixerSetup.exe
      2005-05-13 15:48 2,481,850 ----a-w C:\Program Files\burn4free_setup.exe
      2005-05-13 15:41 2,692,272 ----a-w C:\Program Files\DeepBurner1.exe
      2005-05-13 14:33 11,284,970 ----a-w C:\Program Files\cdbxp_setup_3.0.116.zip
      2005-05-13 14:26 3,894,249 ----a-w C:\Program Files\Alcohol120_trial_1_9_5_2802.exe
      2005-05-13 12:26 4,406,144 ----a-w C:\Program Files\WinXP_NL_HOM_BF.exe
      2005-05-13 11:46 5,077,936 ----a-w C:\Program Files\Firefox Setup 1.0.4.exe
      2005-05-03 17:23 990,720 ----a-w C:\Program Files\bootvis.msi
      2005-05-03 17:08 1,341,732 ----a-w C:\Program Files\installspeedfan423.exe
      2005-05-03 16:56 3,142,859 ----a-w C:\Program Files\everesthome151.exe
      2005-05-02 17:59 2,417,824 ----a-w C:\Program Files\winzip90.exe
      2005-04-29 09:14 1,094,021 ----a-w C:\Program Files\dvdshrink32setup.zip
      2005-04-24 09:46 2,513,056 ----a-w C:\Program Files\spywareblaster.exe
      2005-04-24 09:44 22 ----a-w C:\Program Files\hosts.zip
      2005-04-22 07:22 645,509 ----a-w C:\Program Files\mp3gain-win-1_2_3.exe
      2005-04-22 06:05 1,225,644 ----a-w C:\Program Files\freeripmp3.exe
      2005-04-20 16:53 3,533,819 ----a-w C:\Program Files\KLR007.exe
      2005-04-20 14:11 6,331,904 ----a-w C:\Program Files\avwinsfx.exe
      2005-04-19 17:17 77,824 ----a-w C:\Program Files\xp-AntiSpy3DT.exe
      2005-04-19 16:20 2,513,056 ----a-w C:\Program Files\spywareblastersetup33.exe
      2005-04-19 15:00 10,511,904 ----a-w C:\Program Files\RealPlayer10-5GOLD.exe
      2005-04-19 13:10 2,519,558 ----a-w C:\Program Files\powarc920.exe
      2005-04-19 13:01 4,354,084 ----a-w C:\Program Files\spybotsd13.exe
      2005-04-19 12:00 1,478,437 ----a-w C:\Program Files\MailWasherFree.exe
      2005-04-19 11:57 418,948 ----a-w C:\Program Files\ccsetup118.exe
      2007-03-17 00:23 39,992 --sha-w C:\WINDOWS\Samples\SThumbs.dat
      2007-05-27 12:48 541,944 --sha-w C:\WINDOWS\Samples\G\SThumbs.dat
      2007-06-02 14:26 1,334,808 --sha-w C:\WINDOWS\Samples\Str\SThumbs.dat
      2005-05-15 21:58 0 -csha-w C:\WINDOWS\SMINST\HPCD.sys
      .

      ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\An notatedJpgOverlay]
      @={846F1C20-3769-4659-BFDC-088B51FBFBD8}

      [HKEY_CLASSES_ROOT\CLSID\{846F1C20-3769-4659-BFDC-088B51FBFBD8}]
      2007-03-20 22:46 356352 --a------ C:\Program Files\FotoTagger\FotoTaggerToolbar.dll

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:00]
      "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-05-28 13:52]
      "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54]
      "Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-01-19 12:49]
      "ares"="C:\Program Files\Ares\Ares.exe" [2007-07-16 22:54]
      "PowerArchiver Tray"="C:\Program Files\PowerArchiver\PASTARTER.EXE" [2007-03-20 21:39]
      "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 18:53]
      "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 13:03]
      "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 13:03]
      "nwiz"="nwiz.exe" [2004-09-29 20:23 C:\WINDOWS\system32\nwiz.exe]
      "VTTimer"="VTTimer.exe"
      "SiSPower"="Rundll32.exe" [2004-08-04 04:00 C:\WINDOWS\system32\rundll32.exe]
      "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 17:06 C:\WINDOWS\AGRSMMSG.exe]
      "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 21:54]
      "AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-12-21 13:24]
      "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-02-15 18:30]
      "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11]
      "AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-07-31 23:14]
      "hcenter"="C:\Program Files\Support.com\bin\tgcmd.exe" [2005-05-20 11:22]
      "SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 18:40]
      "KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 15:44]
      "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 01:03 C:\WINDOWS\system32\bthprops.cpl]
      "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10]
      "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
      "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33]
      "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
      "System Guards"="C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe" [2007-11-08 16:07]
      "NvCplDaemon"="RUNDLL32.exe" [2004-08-04 04:00 C:\WINDOWS\system32\rundll32.exe]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "AVG7_Run"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe" [2007-10-25 09:25]
      "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 09:17]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
      "WUAppSetup"="C:\Program Files\Common Files\logishrd\WUApp32.exe" [2007-10-12 03:03]

      C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
      BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-06-21 11:29:20]
      HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-29 05:31:38]
      Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Eigenaar^Menu Start^Programma's^Opstarten^Internet Explorer.lnk]
      path=C:\Documents and Settings\HP_Eigenaar\Menu Start\Programma's\Opstarten\Internet Explorer.lnk
      backup=C:\WINDOWS\pss\Internet Explorer.lnkStartup

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
      2002-07-31 23:14 684032 --a------ C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
      2004-06-09 22:09 286720 --a------ C:\Program Files\iTunes\iTunesHelper.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
      C:\Program Files\MSN Messenger\MsnMsgr.Exe /background

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
      C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE -quiet

      R2 sgSchedulerService;sgSchedulerService;C:\Program Files\SystemGuards.com\SystemGuards\sgScheduleService.exe [2007-09-04 11:44]
      S3 MEMSWEEP2;MEMSWEEP2;C:\WINDOWS\system32\B0.tmp

      *Newly Created Service* - SGSCHEDULERSERVICE
      .
      Inhoud van de 'Gedeelde Taken' map
      "2005-01-01 18:33:09 C:\WINDOWS\Tasks\Symantec NetDetect.job"
      - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
      "2007-12-24 08:00:00 C:\WINDOWS\Tasks\SyncBack Overigen Peter 01-09-2007.job"
      - C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe
      .
      **************************************************************************

      catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2007-12-24 11:23:08
      Windows 5.1.2600 Service Pack 2 NTFS

      scannen van verborgen processen ...

      scannen van verborgen autostart items ...

      scannen van verborgen bestanden ...

      Scan succesvol afgerond
      verborgen bestanden: 0

      **************************************************************************
      .
      Voltooingstijd: 2007-12-24 11:24:15
      C:\ComboFix-quarantined-files.txt ... 2007-12-21 16:07
      C:\ComboFix2.txt ... 2007-12-24 11:17
      C:\ComboFix3.txt ... 2007-12-21 16:08
      .
      2007-12-14 20:47:35 --- E O F ---

      Hijack:

      Logfile of Trend Micro HijackThis v2.0.0 (BETA)
      Scan saved at 11:36:28, on 24/12/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Sygate\SPF\smc.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
      C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
      C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\SystemGuards.com\SystemGuards\sgScheduleService.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
      C:\WINDOWS\AGRSMMSG.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
      C:\Program Files\Common Files\Real\Update_OB\realsched.exe
      C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
      C:\Program Files\Support.com\bin\tgcmd.exe
      C:\HP\KBD\KBD.EXE
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
      C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
      C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
      C:\Program Files\Logitech\QuickCam\Quickcam.exe
      C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
      C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Skype\Phone\Skype.exe
      C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
      C:\Program Files\MSN Messenger\msnmsgr.exe
      C:\Program Files\Ares\Ares.exe
      C:\Program Files\PowerArchiver\PASTARTER.EXE
      C:\Program Files\Picasa2\PicasaMediaDetector.exe
      C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
      C:\Program Files\Skype\Plugin Manager\SkypePM.exe
      C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
      C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\WINDOWS\system32\NOTEPAD.EXE
      C:\Documents and Settings\HP_Eigenaar\Bureaublad\HiJackThis_v2.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
      O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
      O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
      O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
      O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
      O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
      O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
      O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
      O4 - HKLM\..\Run: [hcenter] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
      O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
      O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
      O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
      O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
      O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
      O4 - HKLM\..\Run: [System Guards] C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
      O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
      O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE
      O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
      O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Lokale service')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
      O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08ce -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
      O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08ce -f video -m logitech -d 11.0.0.1217 (User 'Default user')
      O4 - Global Startup: BTTray.lnk = ?
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
      O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
      O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1152364260331
      O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
      O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
      O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
      O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
      O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
      O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
      O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
      O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
      O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
      O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
      O23 - Service: sgSchedulerService - Unknown owner - C:\Program Files\SystemGuards.com\SystemGuards\sgScheduleService.exe
      O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)

      --
      End of file - 11678 bytes

      Comment


      • #4
        Oeps...........had volgens mij weer de oude versie van Hijackthis.....hierbij de laatste met log.
        Ciao!!
        Joep

        Logfile of Trend Micro HijackThis v2.0.2
        Scan saved at 12:46:29, on 24/12/2007
        Platform: Windows XP SP2 (WinNT 5.01.2600)
        MSIE: Internet Explorer v7.00 (7.00.6000.16574)
        Boot mode: Normal

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\svchost.exe
        C:\Program Files\Sygate\SPF\smc.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
        C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
        C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
        C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
        C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
        C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
        C:\WINDOWS\system32\nvsvc32.exe
        C:\Program Files\SystemGuards.com\SystemGuards\sgScheduleService.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\Explorer.EXE
        C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
        C:\WINDOWS\AGRSMMSG.exe
        C:\WINDOWS\system32\rundll32.exe
        C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
        C:\Program Files\Common Files\Real\Update_OB\realsched.exe
        C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
        C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
        C:\Program Files\Support.com\bin\tgcmd.exe
        C:\HP\KBD\KBD.EXE
        C:\WINDOWS\system32\rundll32.exe
        C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
        C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
        C:\Program Files\Logitech\QuickCam\Quickcam.exe
        C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
        C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\Skype\Phone\Skype.exe
        C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
        C:\Program Files\MSN Messenger\msnmsgr.exe
        C:\Program Files\Ares\Ares.exe
        C:\Program Files\PowerArchiver\PASTARTER.EXE
        C:\Program Files\Picasa2\PicasaMediaDetector.exe
        C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
        C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
        C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
        C:\Program Files\Skype\Plugin Manager\SkypePM.exe
        C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
        C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
        C:\Program Files\Mozilla Firefox\firefox.exe
        C:\Documents and Settings\HP_Eigenaar\Bureaublad\HiJackThis.exe

        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop
        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
        R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
        O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
        O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
        O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
        O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
        O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
        O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
        O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
        O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
        O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
        O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
        O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
        O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
        O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
        O4 - HKLM\..\Run: [hcenter] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
        O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
        O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
        O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
        O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
        O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
        O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
        O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
        O4 - HKLM\..\Run: [System Guards] C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
        O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
        O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
        O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
        O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
        O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
        O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE
        O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
        O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
        O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Lokale service')
        O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
        O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
        O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08ce -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM')
        O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
        O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08ce -f video -m logitech -d 11.0.0.1217 (User 'Default user')
        O4 - Global Startup: BTTray.lnk = ?
        O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
        O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
        O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
        O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
        O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
        O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
        O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1152364260331
        O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
        O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
        O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
        O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
        O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
        O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
        O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
        O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
        O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
        O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
        O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
        O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
        O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
        O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
        O23 - Service: sgSchedulerService - Unknown owner - C:\Program Files\SystemGuards.com\SystemGuards\sgScheduleService.exe
        O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
        O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)

        --
        End of file - 11332 bytes

        Comment


        • #5
          Je gebruikt nog steeds de oude versie van HijackThis
          Maak aub een logje met de nieuwste versie...

          Comment


          • #6
            Hoi!

            Ik snap het even niet.......Trend Micro HijackThis v2.0.2 is toch de nieuwste versie? Heb hem gedownd via dit forum Of mis ik iets?
            Groetjes,
            Joep

            Comment


            • #7
              Sorry, mijn fout...

              Ik had het tweede log niet gezien, keek alleen naar het eerste log dat je gepost had samen met je ComboFix log.


              Open een nieuw kladblok bestand.

              Kopieer en plak daarin de onderstaande dik gedrukte blauwe tekst.
              Ga naar 'Bestand' -> 'Opslaan als..' en sla het vervolgens op je bureaublad op als CFScript.txt.
              Driver::
              MEMSWEEP2
              Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld:



              Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.
              Post na herstart de inhoud van de Combofix.txt in je volgende antwoord samen met een nieuw logje van HijackThis.

              Comment


              • #8
                Hoi,

                Sorry dat mijn reply zo lang op zich heeft laten wachten......hierbij de nieuwe logjes.
                Thx en greetz,
                Joep

                ComboFix 08-01-03.4 - HP_Eigenaar 2008-01-03 10:56:34.3 - NTFSx86
                Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.181 [GMT 1:00]Gestart vanuit: C:\Documents and Settings\HP_Eigenaar\Bureaublad\ComboFix(2).exe
                Command switches used :: C:\Documents and Settings\HP_Eigenaar\Bureaublad\CFScript.txt
                * Nieuw herstelpunt werd aangemaakt
                .

                (((((((((((((((((((( Bestanden Gemaakt van 2007-12-03 to 2008-01-03 ))))))))))))))))))))))))))))))
                .

                2007-12-27 16:50 . 2008-01-03 10:48 <DIR> dr-h----- C:\Documents and Settings\HP_Eigenaar\Onlangs geopend
                2007-12-24 11:06 . 2007-12-24 11:06 <DIR> d-------- C:\Program Files\Trend Micro
                2007-12-24 11:00 . 2007-12-24 11:00 <DIR> d--h----- C:\Documents and Settings\LocalService\Sjablonen
                2007-12-24 11:00 . 2007-12-24 11:00 <DIR> d--h----- C:\Documents and Settings\LocalService\Netwerkprinteromgeving
                2007-12-24 11:00 . 2007-12-24 11:00 <DIR> dr------- C:\Documents and Settings\LocalService\Mijn documenten
                2007-12-24 11:00 . 2007-12-24 11:00 <DIR> d-------- C:\Documents and Settings\LocalService\Menu Start
                2007-12-24 11:00 . 2007-12-24 11:00 <DIR> d-------- C:\Documents and Settings\LocalService\Bureaublad
                2007-12-22 16:24 . 2007-12-22 16:24 <DIR> d-------- C:\Program Files\SoftwareClub.ws

                .
                ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                .
                2008-01-03 10:04 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs
                2008-01-03 10:04 0 ----a-w C:\WINDOWS\system32\drivers\logiflt.iad
                2008-01-03 09:49 --------- d-----w C:\Documents and Settings\HP_Eigenaar\Application Data\Skype
                2008-01-01 18:14 --------- d-----w C:\Program Files\PowerArchiver
                2008-01-01 08:03 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7
                2007-12-27 15:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
                2007-12-21 15:18 --------- d-----w C:\Program Files\Java
                2007-12-14 20:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
                2007-11-28 16:46 --------- d-----w C:\Documents and Settings\Peter\Application Data\Nokia
                2007-11-28 16:44 --------- d-----w C:\Documents and Settings\Peter\Application Data\Nokia Multimedia Player
                2007-11-25 10:40 --------- d-----w C:\Program Files\Picasa2
                2007-11-25 10:40 --------- d-----w C:\Program Files\Google
                2007-11-25 10:30 --------- d-----w C:\Documents and Settings\HP_Eigenaar\Application Data\FotoTagger
                2007-11-25 10:26 --------- d-----w C:\Program Files\FotoTagger
                2007-11-18 23:52 --------- d-----w C:\Program Files\Common Files\LogiShrd
                2007-11-18 23:48 --------- d-----w C:\Program Files\Common Files\Logitech
                2007-11-18 23:45 --------- d-----w C:\Program Files\Logitech
                2007-11-18 23:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logishrd
                2007-11-16 07:50 --------- d-----w C:\Documents and Settings\HP_Eigenaar\Application Data\AVG7
                2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
                2007-11-07 15:42 --------- d-----w C:\Program Files\Common Files\Adobe
                2007-11-03 14:00 --------- d-----w C:\Program Files\RogueRemover FREE
                2007-09-21 10:15 9,558 ----a-w C:\Program Files\hijackthis.log
                2006-07-04 12:34 23,112 ----a-w C:\Documents and Settings\Peter\Application Data\GDIPFONTCACHEV1.DAT
                2006-03-03 07:01 5,582,608 ----a-w C:\Program Files\all2mp3.exe
                2006-03-02 18:41 1,665,325 ----a-w C:\Program Files\agsetup.exe
                2006-03-02 18:33 318,136 ----a-w C:\Program Files\ripsetup.exe
                2006-02-27 11:34 23,112 ----a-w C:\Documents and Settings\HP_Eigenaar\Application Data\GDIPFONTCACHEV1.DAT
                2006-02-25 10:02 1,308,503 ----a-w C:\Program Files\ccsetup127.exe
                2006-02-20 17:28 58,671 ----a-w C:\Program Files\StartupCPL.zip
                2006-02-17 10:18 948,936 ----a-w C:\Program Files\install_flash_player.exe
                2006-02-17 10:18 948,936 ----a-w C:\Program Files\install_flash_player-1.exe
                2006-02-16 22:21 161,302 ----a-w C:\Program Files\mp3dc201.exe
                2006-02-16 18:34 218,112 ----a-w C:\Program Files\hijackthis.exe
                2006-02-16 13:45 6,701 ----a-w C:\Program Files\MessengerDisable.zip
                2006-02-16 13:37 652,066 ----a-w C:\Program Files\mp3gain-win-1_2_5.zip
                2006-02-16 09:26 318,775 ----a-w C:\Program Files\CleanUp40.exe
                2006-02-16 04:30 8,288,692 ----a-w C:\Program Files\J2Sygate Personal Firewall Pro v5.5 Build 2710 Incl Keygen-Ror.rar
                2006-02-15 19:47 6,650,536 ----a-w C:\Program Files\JSygate.Personal.Firewall.Pro.5.5.2364.rar
                2006-02-15 18:09 5,037,072 ----a-w C:\Program Files\spybotsd14.exe
                2006-02-15 16:10 553,687 ----a-w C:\Program Files\regcleaner.exe
                2006-02-15 15:32 16,817,176 ----a-w C:\Program Files\avg71free_375a703.exe
                2005-11-27 11:07 212,601 ----a-w C:\Program Files\hoster.zip
                2005-09-21 13:16 5,080,296 ----a-w C:\Program Files\Firefox Setup 1.0.7.exe
                2005-07-29 13:21 388,659 ----a-w C:\Program Files\doublekiller.zip
                2005-06-04 08:26 1,072,262 ----a-w C:\Program Files\wrar35b4nl.exe
                2005-05-31 14:11 2,855,080 ----a-w C:\Program Files\aawsepersonal.exe
                2005-05-28 13:52 3,322,920 ----a-w C:\Program Files\picasa2-setup-1884.exe
                2005-05-27 07:15 446,398 ----a-w C:\Program Files\ccsetup119.exe
                2005-05-18 16:03 2,560,240 ----a-w C:\Program Files\spywareblastersetup34.exe
                2005-05-16 09:09 5,921,024 ----a-w C:\Program Files\spamfighter.exe
                2005-05-15 13:43 13,772,528 ----a-w C:\Program Files\Avi2Dvd_Setup.exe
                2005-05-14 13:06 1,379,921 ----a-w C:\Program Files\videofixerSetup.exe
                2005-05-13 15:48 2,481,850 ----a-w C:\Program Files\burn4free_setup.exe
                2005-05-13 15:41 2,692,272 ----a-w C:\Program Files\DeepBurner1.exe
                2005-05-13 14:33 11,284,970 ----a-w C:\Program Files\cdbxp_setup_3.0.116.zip
                2005-05-13 14:26 3,894,249 ----a-w C:\Program Files\Alcohol120_trial_1_9_5_2802.exe
                2005-05-13 12:26 4,406,144 ----a-w C:\Program Files\WinXP_NL_HOM_BF.exe
                2005-05-13 11:46 5,077,936 ----a-w C:\Program Files\Firefox Setup 1.0.4.exe
                2005-05-03 17:23 990,720 ----a-w C:\Program Files\bootvis.msi
                2005-05-03 17:08 1,341,732 ----a-w C:\Program Files\installspeedfan423.exe
                2005-05-03 16:56 3,142,859 ----a-w C:\Program Files\everesthome151.exe
                2005-05-02 17:59 2,417,824 ----a-w C:\Program Files\winzip90.exe
                2005-04-29 09:14 1,094,021 ----a-w C:\Program Files\dvdshrink32setup.zip
                2005-04-24 09:46 2,513,056 ----a-w C:\Program Files\spywareblaster.exe
                2005-04-24 09:44 22 ----a-w C:\Program Files\hosts.zip
                2005-04-22 07:22 645,509 ----a-w C:\Program Files\mp3gain-win-1_2_3.exe
                2005-04-22 06:05 1,225,644 ----a-w C:\Program Files\freeripmp3.exe
                2005-04-20 16:53 3,533,819 ----a-w C:\Program Files\KLR007.exe
                2005-04-20 14:11 6,331,904 ----a-w C:\Program Files\avwinsfx.exe
                2005-04-19 17:17 77,824 ----a-w C:\Program Files\xp-AntiSpy3DT.exe
                2005-04-19 16:20 2,513,056 ----a-w C:\Program Files\spywareblastersetup33.exe
                2005-04-19 15:00 10,511,904 ----a-w C:\Program Files\RealPlayer10-5GOLD.exe
                2005-04-19 13:10 2,519,558 ----a-w C:\Program Files\powarc920.exe
                2005-04-19 13:01 4,354,084 ----a-w C:\Program Files\spybotsd13.exe
                2005-04-19 12:00 1,478,437 ----a-w C:\Program Files\MailWasherFree.exe
                2005-04-19 11:57 418,948 ----a-w C:\Program Files\ccsetup118.exe
                2007-03-17 00:23 39,992 --sha-w C:\WINDOWS\Samples\SThumbs.dat
                2007-05-27 12:48 541,944 --sha-w C:\WINDOWS\Samples\G\SThumbs.dat
                2007-06-02 14:26 1,334,808 --sha-w C:\WINDOWS\Samples\Str\SThumbs.dat
                2005-05-15 21:58 0 -csha-w C:\WINDOWS\SMINST\HPCD.sys
                .

                ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                .
                .
                REGEDIT4
                *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

                [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\An notatedJpgOverlay]
                @={846F1C20-3769-4659-BFDC-088B51FBFBD8}

                [HKEY_CLASSES_ROOT\CLSID\{846F1C20-3769-4659-BFDC-088B51FBFBD8}]
                2007-03-20 22:46 356352 --a------ C:\Program Files\FotoTagger\FotoTaggerToolbar.dll

                [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:00 15360]
                "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-05-28 13:52 23458344]
                "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]
                "Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-01-19 12:49 4670968]
                "ares"="C:\Program Files\Ares\Ares.exe" [2007-07-16 22:54 961536]
                "PowerArchiver Tray"="C:\Program Files\PowerArchiver\PASTARTER.EXE" [2007-03-20 21:39 141352]
                "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968]

                [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                "HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 18:53 49152]
                "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 13:03 221184]
                "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 13:03 81920]
                "nwiz"="nwiz.exe" [2004-09-29 20:23 921600 C:\WINDOWS\system32\nwiz.exe]
                "VTTimer"="VTTimer.exe"
                "SiSPower"="SiSPower.dll" [2004-09-24 09:49 49152 C:\WINDOWS\system32\SiSPower.dll]
                "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 17:06 88363 C:\WINDOWS\AGRSMMSG.exe]
                "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 21:54 253952]
                "AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-12-21 13:24 579072]
                "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-02-15 18:30 180269]
                "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
                "AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-07-31 23:14 684032]
                "hcenter"="C:\Program Files\Support.com\bin\tgcmd.exe" [2005-05-20 11:22 1757184]
                "SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 18:40 2577632]
                "KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 15:44 61440]
                "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 01:03 110592 C:\WINDOWS\system32\bthprops.cpl]
                "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10 271360]
                "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
                "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]
                "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832]
                "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
                "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-09-29 20:23 4603904]

                [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
                "AVG7_Run"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe" [2007-10-25 09:25 219136]
                "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 09:17 1241088]

                [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
                "WUAppSetup"="C:\Program Files\Common Files\logishrd\WUApp32.exe" [2007-10-12 03:03 439568]

                C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
                BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-06-21 11:29:20]
                HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-29 05:31:38]
                Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04]

                [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Eigenaar^Menu Start^Programma's^Opstarten^Internet Explorer.lnk]
                path=C:\Documents and Settings\HP_Eigenaar\Menu Start\Programma's\Opstarten\Internet Explorer.lnk
                backup=C:\WINDOWS\pss\Internet Explorer.lnkStartup

                [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
                2002-07-31 23:14 684032 --a------ C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

                [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
                2004-06-09 22:09 286720 --a------ C:\Program Files\iTunes\iTunesHelper.exe

                [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
                C:\Program Files\MSN Messenger\MsnMsgr.Exe /background

                [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
                C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE -quiet


                .
                Inhoud van de 'Gedeelde Taken' map
                "2005-01-01 18:33:09 C:\WINDOWS\Tasks\Symantec NetDetect.job"
                - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
                "2008-01-01 08:00:00 C:\WINDOWS\Tasks\SyncBack Overigen Peter 01-09-2007.job"
                - C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe
                .
                **************************************************************************

                catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
                Rootkit scan 2008-01-03 11:05:56
                Windows 5.1.2600 Service Pack 2 NTFS

                scannen van verborgen processen ...

                scannen van verborgen autostart items ...

                scannen van verborgen bestanden ...

                Scan succesvol afgerond
                verborgen bestanden: 0

                **************************************************************************
                .
                Voltooingstijd: 2008-01-03 11:10:58 - machine was rebooted
                ComboFix-quarantined-files.txt 2008-01-03 10:10:54
                ComboFix2.txt 2007-12-24 10:24:18
                ComboFix3.txt 2007-12-24 10:17:49
                ComboFix4.txt 2007-12-21 15:08:19
                .
                2007-12-14 20:47:35 --- E O F ---


                Logfile of Trend Micro HijackThis v2.0.2
                Scan saved at 11:13:38, on 03/01/2008
                Platform: Windows XP SP2 (WinNT 5.01.2600)
                MSIE: Internet Explorer v7.00 (7.00.6000.16574)
                Boot mode: Normal

                Running processes:
                C:\WINDOWS\System32\smss.exe
                C:\WINDOWS\system32\winlogon.exe
                C:\WINDOWS\system32\services.exe
                C:\WINDOWS\system32\lsass.exe
                C:\WINDOWS\system32\svchost.exe
                C:\WINDOWS\System32\svchost.exe
                C:\WINDOWS\system32\svchost.exe
                C:\Program Files\Sygate\SPF\smc.exe
                C:\WINDOWS\system32\spoolsv.exe
                C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
                C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
                C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
                C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
                C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
                C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
                C:\WINDOWS\system32\nvsvc32.exe
                C:\WINDOWS\system32\svchost.exe
                C:\WINDOWS\Explorer.EXE
                C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
                C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
                C:\WINDOWS\AGRSMMSG.exe
                C:\WINDOWS\system32\rundll32.exe
                C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
                C:\Program Files\Common Files\Real\Update_OB\realsched.exe
                C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
                C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
                C:\Program Files\Support.com\bin\tgcmd.exe
                C:\HP\KBD\KBD.EXE
                C:\WINDOWS\system32\rundll32.exe
                C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
                C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
                C:\Program Files\Logitech\QuickCam\Quickcam.exe
                C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
                C:\WINDOWS\system32\ctfmon.exe
                C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
                C:\Program Files\Skype\Phone\Skype.exe
                C:\Program Files\MSN Messenger\msnmsgr.exe
                C:\Program Files\Ares\Ares.exe
                C:\Program Files\PowerArchiver\PASTARTER.EXE
                C:\Program Files\Picasa2\PicasaMediaDetector.exe
                C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
                C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
                C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
                C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
                C:\Program Files\Skype\Plugin Manager\SkypePM.exe
                C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
                C:\Program Files\Mozilla Firefox\firefox.exe
                C:\Documents and Settings\HP_Eigenaar\Bureaublad\HiJackThis.exe

                R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop
                R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pavilion&pf=desktop
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
                R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
                O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
                O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
                O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
                O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
                O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
                O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
                O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
                O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
                O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
                O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
                O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
                O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
                O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
                O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
                O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
                O4 - HKLM\..\Run: [hcenter] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
                O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
                O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
                O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
                O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
                O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
                O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
                O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
                O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
                O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
                O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
                O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
                O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
                O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
                O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
                O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE
                O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
                O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
                O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Lokale service')
                O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
                O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
                O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08ce -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM')
                O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
                O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08ce -f video -m logitech -d 11.0.0.1217 (User 'Default user')
                O4 - Global Startup: BTTray.lnk = ?
                O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
                O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
                O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
                O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
                O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
                O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
                O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
                O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1152364260331
                O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
                O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
                O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
                O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
                O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
                O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
                O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
                O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
                O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
                O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
                O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
                O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
                O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
                O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
                O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
                O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)

                --
                End of file - 11026 bytes

                Comment


                • #9
                  Hallo,

                  Kreeg een mailtje dat er 7 dagen niet meer op dit topic is gereageerd.....ben erg benieuwd of mijn logjes er nu goed uitzien (zie hierboven)!
                  Greetz,
                  Joep

                  Comment


                  • #10
                    Hallo Joep,

                    Het ziet er goed uit hoor, heb je nog problemen?
                    Zo niet mag je dit eventjes doen:

                    Ga naar Start -> Uitvoeren
                    Typ in: ComboFix /U en druk op OK.

                    - Daniël

                    Comment


                    • #11
                      Hallo Daniel,

                      Nee, ik heb geen problemen meer, dus ik zet deze vraag op ' opgelost'. Heel hartelijk dank!
                      Greetzzz,
                      Joep

                      Comment

                      Sorry, you are not authorized to view this page
                      Working...
                      X