Download Combofix naar je bureaublad

Dubbelklik op combofix.exe
Kies voor "Continue" door 1 te typen gevolgd door ENTER.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen. Bewaar dit logje.

NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.

Plaats in je volgende antwoord het logje van combofix (combofix.txt) tesamen met een vers Hijackthis log.

Nu is er nog een bij gekomen een Generic9.AXXL

ComboFix 08-02-11.2 - Sjoerd 02/12/2008 19:11:51.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.31.1043.18.1158 [GMT 1:00]
Gestart vanuit: C:\Users\Sjoerd\Desktop\ComboFix.exe
.

(((((((((((((((((((( Bestanden Gemaakt van 2008-01-12 to 2008-02-12 ))))))))))))))))))))))))))))))
.

Geen nieuwe bestanden aangemaakt in deze periode

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-12 18:01 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\AVG7
2008-02-12 13:12 --------- d-----w C:\Program Files\Hitman Pro
2008-02-12 10:00 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-02-12 08:25 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\Xfire
2008-02-12 08:20 --------- d-----w C:\Program Files\SpywareBlaster
2008-02-11 21:56 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-02-11 21:56 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe
2008-02-11 21:33 --------- d-----w C:\ProgramData\Google Updater
2008-02-11 21:29 --------- d-----w C:\ProgramData\SurfRight
2008-02-11 21:29 --------- d-----w C:\Program Files\SurfRight
2008-02-11 21:10 --------- d-----w C:\Program Files\Google
2008-02-11 20:56 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\Lavasoft
2008-02-11 20:55 --------- d---a-w C:\ProgramData\TEMP
2008-02-11 20:52 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-02-11 20:50 --------- d-----w C:\Program Files\Lavasoft
2008-02-11 20:48 --------- d-----w C:\ProgramData\Prevx
2008-02-11 20:34 --------- d-----w C:\Program Files\Spyware Doctor
2008-02-11 20:33 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\PC Tools
2008-02-11 20:06 52 ----a-w C:\tmp.bat
2008-02-11 20:06 232,448 ----a-w C:\Windows\AcroIEHelper.dll
2008-02-11 11:55 102,664 ----a-w C:\Windows\system32\drivers\tmcomm.sys
2008-02-11 11:52 --------- d-----w C:\Program Files\Trend Micro
2008-02-11 11:26 --------- d-----w C:\ProgramData\avg7
2008-02-11 11:22 9,216 ----a-w C:\Windows\System32\avgwlntf.dll
2008-02-11 11:22 --------- d-----w C:\ProgramData\Grisoft
2008-02-11 11:14 127,214 ----a-w C:\Users\Sjoerd\AppData\Roaming\nvModes.dat
2008-02-10 22:34 54,764 ----a-w C:\Windows\System32\4fdw.dll
2008-02-10 22:34 38,400 --sh--r C:\Windows\System32\apirclx.exe
2008-02-10 22:34 28,160 ----a-w C:\xfgdg.exe
2008-02-07 23:51 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\HP
2008-02-07 01:12 --------- d-----w C:\ProgramData\Xfire
2008-02-05 20:49 --------- d-----w C:\Program Files\Xfire
2008-02-03 01:47 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-02 23:18 --------- d-----w C:\Program Files\Picasa2
2008-02-01 17:04 --------- d-----w C:\ProgramData\WEBREG
2008-02-01 17:04 --------- d-----w C:\ProgramData\HP
2008-02-01 17:02 --------- d-----w C:\ProgramData\Hewlett-Packard
2008-02-01 16:59 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\HPAppData
2008-02-01 16:59 --------- d-----w C:\ProgramData\HPSSUPPLY
2008-02-01 16:59 --------- d-----w C:\Program Files\HP
2008-02-01 16:57 --------- d-----w C:\ProgramData\HP Product Assistant
2008-02-01 16:57 --------- d-----w C:\Program Files\Common Files\HP
2008-02-01 16:56 --------- d-----w C:\Program Files\Hewlett-Packard
2008-02-01 16:56 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard
2008-01-31 15:36 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\Sony Corporation
2008-01-31 02:02 54,608 ----a-w C:\Windows\System32\xfcodec.dll
2008-01-24 22:08 16,640 --s-a-w C:\Windows\system32\drivers\ctredrv.sys
2008-01-23 22:59 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\U3
2008-01-09 02:09 --------- d-----w C:\Program Files\Windows Mail
2008-01-09 02:02 802,816 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-01-09 02:02 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-01-09 02:02 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-01-09 02:02 216,760 ----a-w C:\Windows\system32\drivers\netio.sys
2008-01-09 02:02 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-01-09 02:01 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-01-09 02:01 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-01-09 02:01 449,024 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-01-09 02:01 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-01-09 02:01 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-01-09 02:01 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-01-09 02:01 2,143,744 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-01-09 02:01 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-01-09 02:01 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-01-09 02:01 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-01-09 02:01 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-01-09 02:01 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-01-09 02:01 1,686,016 ----a-w C:\Windows\System32\gameux.dll
2008-01-09 02:01 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-01-09 02:01 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-05 19:52 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\UseNeXT
2007-12-24 20:57 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\teamspeak2
2007-12-24 20:57 --------- d-----w C:\Program Files\Teamspeak2_RC2
2007-12-21 18:49 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\Ahead
2007-12-21 18:47 --------- d-----w C:\ProgramData\Ahead
2007-12-21 18:45 --------- d-----w C:\Program Files\Common Files\Ahead
2007-12-21 18:37 --------- d-----w C:\ProgramData\Nero
2007-12-21 18:37 --------- d-----w C:\Program Files\Nero
2007-12-21 18:13 --------- d-----w C:\Program Files\Smart Projects
2007-12-19 22:05 --------- d-----w C:\Program Files\UseNeXT
2007-12-19 16:22 --------- d-----w C:\ProgramData\InterVideo
2007-12-19 16:19 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\InterVideo
2007-12-19 15:46 --------- d-----w C:\ProgramData\Sony Corporation
2007-12-18 20:27 --------- d-----w C:\Program Files\Eraser
2007-12-18 19:11 --------- d-----w C:\Program Files\Common Files\Sony Shared
2007-12-18 19:05 --------- d-----w C:\Program Files\Sony
2007-12-18 19:02 --------- d-----w C:\Program Files\Sony Corporation
2007-12-18 18:51 --------- d-----w C:\Program Files\Java
2007-12-18 18:29 --------- d-----w C:\Program Files\Windows Live
2007-12-18 18:28 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2007-12-18 18:24 --------- d-----w C:\ProgramData\WLInstaller
2007-12-17 19:59 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-12-17 19:58 --------- d-----w C:\ProgramData\Microsoft Help
2007-12-17 19:53 --------- d-----w C:\Program Files\MSXML 4.0
2007-12-17 19:40 --------- d-----w C:\Program Files\MSBuild
2007-12-17 19:40 --------- d-----w C:\Program Files\Microsoft Works
2007-12-17 19:39 --------- d-----w C:\Program Files\Microsoft.NET
2007-12-17 19:37 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2007-12-17 19:30 --------- d-----w C:\ProgramData\Roxio
2007-12-17 19:23 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\Roxio
2007-12-17 19:17 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\DivX
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
03/02/2007 04:52 PM 177768 -ra------ C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54A98DD5-0357-4EF1-A698-BB08E73CF725}]
02/11/2008 09:06 PM 232448 --a------ C:\Windows\AcroIEHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [01/09/2008 03:01 AM 1232896]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [10/18/2007 11:34 AM 5724184]
"Eraser"="C:\Program Files\Eraser\Eraser.exe" [12/08/2007 01:42 AM 376832]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [05/16/2007 09:27 AM 153136]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [11/02/2006 01:36 PM 201728]
"Win32Update"="C:\Windows\system32\apirclx.exe" [02/10/2008 11:34 PM 38400]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [02/11/2008 09:33 PM 68856]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Win32Update"="C:\Windows\system32\apirclx.exe" [02/10/2008 11:34 PM 38400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [08/23/2007 12:40 PM 1006264]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [08/01/2007 01:18 AM 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [08/01/2007 01:17 AM 8429568]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [08/01/2007 01:17 AM 81920]
"RtHDVCpl"="RtHDVCpl.exe" [06/26/2007 01:39 AM 4489216 C:\Windows\RtHDVCpl.exe]
"Skytel"="Skytel.exe" [06/26/2007 01:39 AM 1826816 C:\Windows\SkyTel.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [03/10/2007 02:58 AM 835584]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 07:51 PM 39792]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [06/11/2007 05:27 PM 317560]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [02/12/2007 12:37 PM 174872]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11 AM 132496]
"AppMon Utility"="C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" [07/12/2007 03:39 PM 534392]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [08/24/2007 07:00 AM 33648]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [03/01/2007 03:57 PM 153136]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [03/11/2007 09:34 PM 49152]
"Windows Console"="wkssvc.exe"
"Win32Update"="C:\Windows\system32\apirclx.exe" [02/10/2008 11:34 PM 38400]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [02/11/2008 12:24 PM 579072]
"CaretakerNotifier"="C:\Program Files\SurfRight\Caretaker\Notifier.exe" [02/11/2008 10:14 AM 589560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Win32Update"="C:\Windows\system32\apirclx.exe" [02/10/2008 11:34 PM 38400]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [10/23/2007 10:18 PM 443968]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [02/11/2008 12:22 PM 219136]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [7/3/2007 9:31:46 AM 739880]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2/11/2008 9:33:16 PM 125624]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [3/11/2007 9:26:24 PM 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 02/11/2008 12:22 PM 9216 C:\Windows\System32\avgwlntf.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 07/24/2007 06:26 PM 98304 C:\Windows\System32\VESWinlogon.dll

R1 ctredrv.sys;ctredrv.sys;C:\Windows\system32\drivers\ctredrv.sys [01/24/2008 11:08 PM]
R2 CaretakerAntispam;Caretaker Antispam Service;"C:\Program Files\SurfRight\Caretaker\AntispamService.exe" [02/11/2008 12:16 PM]
R2 CaretakerProxy;Caretaker Proxy;"C:\Program Files\SurfRight\Caretaker\CaretakerProxy.exe" [02/11/2008 12:16 PM]
R2 CaretakerSvc;Caretaker Service;"C:\Program Files\SurfRight\Caretaker\CaretakerService.exe" [02/11/2008 10:17 AM]
R2 CaretakerUpdate;Caretaker Updater;"C:\Program Files\SurfRight\Caretaker\CaretakerUpdater.exe" [02/11/2008 10:17 AM]
R2 HPSLPSVC;HP Network Devices Support;C:\Windows\system32\svchost.exe [11/02/2006 10:45 AM]
R2 regi;regi;C:\Windows\system32\drivers\regi.sys [04/17/2007 08:09 PM]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [07/13/2007 07:14 AM]
R3 NETw4v32;Stuurprogramma voor Intel(R) Wireless WiFi Link Adapter onder Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw4v32.sys [09/26/2007 01:12 PM]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [04/20/2007 01:00 AM]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [04/20/2007 01:00 AM]
R3 ti21sony;ti21sony;C:\Windows\system32\drivers\ti21sony.sys [06/06/2007 01:00 AM]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [07/13/2007 07:15 AM]
S2 AvgCoreSvcVAIOMediaPlatform-IntegratedServer-AppServer;AVG7 Resident Shield Service AvgCoreSvcVAIOMediaPlatform-IntegratedServer-AppServer;C:\Windows\System32\apirclx.exe srv
S2 EMDMgmtPNRPAutoReg;ReadyBoost EMDMgmtPNRPAutoReg;C:\Windows\System32\apirclx.exe srv
S2 plaRasAuto;Performance Logs & Alerts plaRasAuto;C:\Windows\System32\apirclx.exe srv
S3 btwaudio;Bluetooth-audioapparaat;C:\Windows\system32\drivers\btwaudio.sys [07/24/2007 01:56 AM]
S3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [07/24/2007 01:56 AM]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys [07/24/2007 01:55 AM]
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [07/24/2007 01:56 AM]
S3 MRV6X32P;Met Vista geleverd 32-bits-stuurprogramma;C:\Windows\system32\DRIVERS\MRVW13B.sys [11/02/2006 08:30 AM]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [01/10/2007 04:51 PM]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0"
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [06/20/2007 03:34 PM]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe" [07/05/2007 07:12 PM]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;"C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe" [09/20/2007 06:52 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aac1a65c-c915-11dc-ac62-001a801d03f4}]
\shell\AutoRun\command - H:\LaunchU3.exe -a

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-12 19:15:43
Windows 6.0.6000 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
Voltooingstijd: 02/12/2008 19:16:35
ComboFix-quarantined-files.txt 2008-02-12 18:16:31
ComboFix2.txt 2008-02-11 13:07:16
.
2008-02-07 23:33:30 --- E O F ---



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:09:39 PM, on 2/12/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\SurfRight\Caretaker\Notifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Grisoft\AVG7\avgw.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symbaloo.com/nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.tworkassociates.com
O1 - Hosts: 12tworkassociates.com
O1 - Hosts: 127.0.0.tworkassociates.com
O1 - Hosts: 127.0.0.tworkassociates.com
O1 - Hosts: 127tworkassociates.com
O1 - Hosts: tworkassociates.ctworkassociate
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {54A98DD5-0357-4EF1-A698-BB08E73CF725} - C:\Windows\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AppMon Utility] "C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" @@@Start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Windows Console] wkssvc.exe
O4 - HKLM\..\Run: [Win32Update] C:\Windows\system32\apirclx.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CaretakerNotifier] C:\Program Files\SurfRight\Caretaker\Notifier.exe
O4 - HKLM\..\RunServices: [Win32Update] C:\Windows\system32\apirclx.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Win32Update] C:\Windows\system32\apirclx.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunServices: [Win32Update] C:\Windows\system32\apirclx.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: HP Clipboek - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Slim selecteren - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG7 Resident Shield Service AvgCoreSvcVAIOMediaPlatform-IntegratedServer-AppServer (AvgCoreSvcVAIOMediaPlatform-IntegratedServer-AppServer) - Unknown owner - C:\Windows\System32\apirclx.exe
O23 - Service: Caretaker Antispam Service (CaretakerAntispam) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\AntispamService.exe
O23 - Service: Caretaker Proxy (CaretakerProxy) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerProxy.exe
O23 - Service: Caretaker Service (CaretakerSvc) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerService.exe
O23 - Service: Caretaker Updater (CaretakerUpdate) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerUpdater.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: ReadyBoost EMDMgmtPNRPAutoReg (EMDMgmtPNRPAutoReg) - Unknown owner - C:\Windows\System32\apirclx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Performance Logs & Alerts plaRasAuto (plaRasAuto) - Unknown owner - C:\Windows\System32\apirclx.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 14760 bytes

Open Kladblok, kopiëer en plak het volgende (vetgedrukte tekst) in een leeg venster:

Collect::[27]
C:\Windows\system32\apirclx.exe

File::
C:\Windows\System32\4fdw.dll
C:\xfgdg.exe

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Win32Update"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Console"=-
"Win32Update"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Win32Update"=-

Sla dit op op je Bureaublad als CFScript.txt

Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld :



Dit zal ComboFix doen herstarten.
Start opnieuw op als daarom gevraagd wordt,
en post de inhoud van de Combofix.txt in je volgende antwoord samen met een nieuw HijackThislogje.

ComboFix zal een gezipt bestand op je Bureaublad plaatsen, met de naam [4]-Submit_Date_Time.zip
Na afloop van de scan wordt een venstertje met de titel "Submit files for further analysis" geopend.
Klik op OK om de upload-pagina te openen.
Kopieer de vetgedrukte padbeschrijving op deze pagina, en plak het in het invulvenster.
Klik vervolgens op Send File.

ComboFix 08-02-11.2 - Sjoerd 02/12/2008 21:09:26.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.31.1043.18.1044 [GMT 1:00]
Gestart vanuit: C:\Users\Sjoerd\Desktop\ComboFix.exe
Command switches used :: C:\Users\Sjoerd\Desktop\CFScript.txt
* Nieuw herstelpunt werd aangemaakt

FILE
C:\Windows\System32\4fdw.dll
C:\xfgdg.exe
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\apirclx.exe
C:\xfgdg.exe

.
(((((((((((((((((((( Bestanden Gemaakt van 2008-01-12 to 2008-02-12 ))))))))))))))))))))))))))))))
.

Geen nieuwe bestanden aangemaakt in deze periode

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-12 18:01 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\AVG7
2008-02-12 13:12 --------- d-----w C:\Program Files\Hitman Pro
2008-02-12 10:00 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-02-12 08:25 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\Xfire
2008-02-12 08:20 --------- d-----w C:\Program Files\SpywareBlaster
2008-02-11 21:56 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-02-11 21:56 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe
2008-02-11 21:33 --------- d-----w C:\ProgramData\Google Updater
2008-02-11 21:29 --------- d-----w C:\ProgramData\SurfRight
2008-02-11 21:29 --------- d-----w C:\Program Files\SurfRight
2008-02-11 21:10 --------- d-----w C:\Program Files\Google
2008-02-11 20:56 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\Lavasoft
2008-02-11 20:55 --------- d---a-w C:\ProgramData\TEMP
2008-02-11 20:52 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-02-11 20:50 --------- d-----w C:\Program Files\Lavasoft
2008-02-11 20:48 --------- d-----w C:\ProgramData\Prevx
2008-02-11 20:34 --------- d-----w C:\Program Files\Spyware Doctor
2008-02-11 20:33 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\PC Tools
2008-02-11 20:06 52 ----a-w C:\tmp.bat
2008-02-11 11:55 102,664 ----a-w C:\Windows\system32\drivers\tmcomm.sys
2008-02-11 11:52 --------- d-----w C:\Program Files\Trend Micro
2008-02-11 11:26 --------- d-----w C:\ProgramData\avg7
2008-02-11 11:22 9,216 ----a-w C:\Windows\System32\avgwlntf.dll
2008-02-11 11:22 --------- d-----w C:\ProgramData\Grisoft
2008-02-11 11:14 127,214 ----a-w C:\Users\Sjoerd\AppData\Roaming\nvModes.dat
2008-02-07 23:51 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\HP
2008-02-07 01:12 --------- d-----w C:\ProgramData\Xfire
2008-02-05 20:49 --------- d-----w C:\Program Files\Xfire
2008-02-03 01:47 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-02 23:18 --------- d-----w C:\Program Files\Picasa2
2008-02-01 17:04 --------- d-----w C:\ProgramData\WEBREG
2008-02-01 17:04 --------- d-----w C:\ProgramData\HP
2008-02-01 17:02 --------- d-----w C:\ProgramData\Hewlett-Packard
2008-02-01 16:59 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\HPAppData
2008-02-01 16:59 --------- d-----w C:\ProgramData\HPSSUPPLY
2008-02-01 16:59 --------- d-----w C:\Program Files\HP
2008-02-01 16:57 --------- d-----w C:\ProgramData\HP Product Assistant
2008-02-01 16:57 --------- d-----w C:\Program Files\Common Files\HP
2008-02-01 16:56 --------- d-----w C:\Program Files\Hewlett-Packard
2008-02-01 16:56 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard
2008-01-31 15:36 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\Sony Corporation
2008-01-31 02:02 54,608 ----a-w C:\Windows\System32\xfcodec.dll
2008-01-24 22:08 16,640 --s-a-w C:\Windows\system32\drivers\ctredrv.sys
2008-01-23 22:59 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\U3
2008-01-09 02:09 --------- d-----w C:\Program Files\Windows Mail
2008-01-09 02:02 802,816 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-01-09 02:02 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-01-09 02:02 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-01-09 02:02 216,760 ----a-w C:\Windows\system32\drivers\netio.sys
2008-01-09 02:02 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-01-09 02:01 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-01-09 02:01 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-01-09 02:01 449,024 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-01-09 02:01 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-01-09 02:01 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-01-09 02:01 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-01-09 02:01 2,143,744 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-01-09 02:01 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-01-09 02:01 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-01-09 02:01 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-01-09 02:01 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-01-09 02:01 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-01-09 02:01 1,686,016 ----a-w C:\Windows\System32\gameux.dll
2008-01-09 02:01 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-01-09 02:01 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-05 19:52 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\UseNeXT
2007-12-24 20:57 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\teamspeak2
2007-12-24 20:57 --------- d-----w C:\Program Files\Teamspeak2_RC2
2007-12-21 18:49 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\Ahead
2007-12-21 18:47 --------- d-----w C:\ProgramData\Ahead
2007-12-21 18:45 --------- d-----w C:\Program Files\Common Files\Ahead
2007-12-21 18:37 --------- d-----w C:\ProgramData\Nero
2007-12-21 18:37 --------- d-----w C:\Program Files\Nero
2007-12-21 18:13 --------- d-----w C:\Program Files\Smart Projects
2007-12-19 22:05 --------- d-----w C:\Program Files\UseNeXT
2007-12-19 16:22 --------- d-----w C:\ProgramData\InterVideo
2007-12-19 16:19 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\InterVideo
2007-12-19 15:46 --------- d-----w C:\ProgramData\Sony Corporation
2007-12-18 20:27 --------- d-----w C:\Program Files\Eraser
2007-12-18 19:11 --------- d-----w C:\Program Files\Common Files\Sony Shared
2007-12-18 19:05 --------- d-----w C:\Program Files\Sony
2007-12-18 19:02 --------- d-----w C:\Program Files\Sony Corporation
2007-12-18 18:51 --------- d-----w C:\Program Files\Java
2007-12-18 18:29 --------- d-----w C:\Program Files\Windows Live
2007-12-18 18:28 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2007-12-18 18:24 --------- d-----w C:\ProgramData\WLInstaller
2007-12-17 19:59 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-12-17 19:58 --------- d-----w C:\ProgramData\Microsoft Help
2007-12-17 19:53 --------- d-----w C:\Program Files\MSXML 4.0
2007-12-17 19:40 --------- d-----w C:\Program Files\MSBuild
2007-12-17 19:40 --------- d-----w C:\Program Files\Microsoft Works
2007-12-17 19:39 --------- d-----w C:\Program Files\Microsoft.NET
2007-12-17 19:37 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2007-12-17 19:30 --------- d-----w C:\ProgramData\Roxio
2007-12-17 19:23 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\Roxio
2007-12-17 19:17 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\DivX
2007-12-17 19:15 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\GetRightToGo
2007-12-17 19:12 66,872 ----a-w C:\Windows\System32\PnkBstrA.exe
2007-12-17 19:08 22,328 ----a-w C:\Users\Sjoerd\AppData\Roaming\PnkBstrK.sys
2007-12-17 18:50 --------- d-----w C:\Program Files\Activision
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
03/02/2007 04:52 PM 177768 -ra------ C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54A98DD5-0357-4EF1-A698-BB08E73CF725}]
C:\Windows\AcroIEHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [01/09/2008 03:01 AM 1232896]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [10/18/2007 11:34 AM 5724184]
"Eraser"="C:\Program Files\Eraser\Eraser.exe" [12/08/2007 01:42 AM 376832]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [05/16/2007 09:27 AM 153136]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [11/02/2006 01:36 PM 201728]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [02/11/2008 09:33 PM 68856]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Win32Update"="C:\Windows\system32\apirclx.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [08/23/2007 12:40 PM 1006264]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [08/01/2007 01:18 AM 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [08/01/2007 01:17 AM 8429568]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [08/01/2007 01:17 AM 81920]
"RtHDVCpl"="RtHDVCpl.exe" [06/26/2007 01:39 AM 4489216 C:\Windows\RtHDVCpl.exe]
"Skytel"="Skytel.exe" [06/26/2007 01:39 AM 1826816 C:\Windows\SkyTel.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [03/10/2007 02:58 AM 835584]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 07:51 PM 39792]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [06/11/2007 05:27 PM 317560]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [02/12/2007 12:37 PM 174872]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11 AM 132496]
"AppMon Utility"="C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" [07/12/2007 03:39 PM 534392]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [08/24/2007 07:00 AM 33648]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [03/01/2007 03:57 PM 153136]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [03/11/2007 09:34 PM 49152]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [02/11/2008 12:24 PM 579072]
"CaretakerNotifier"="C:\Program Files\SurfRight\Caretaker\Notifier.exe" [02/11/2008 10:14 AM 589560]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [10/23/2007 10:18 PM 443968]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [02/11/2008 12:22 PM 219136]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [7/3/2007 9:31:46 AM 739880]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2/11/2008 9:33:16 PM 125624]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [3/11/2007 9:26:24 PM 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 02/11/2008 12:22 PM 9216 C:\Windows\System32\avgwlntf.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 07/24/2007 06:26 PM 98304 C:\Windows\System32\VESWinlogon.dll

R1 ctredrv.sys;ctredrv.sys;C:\Windows\system32\drivers\ctredrv.sys [01/24/2008 11:08 PM]
R2 regi;regi;C:\Windows\system32\drivers\regi.sys [04/17/2007 08:09 PM]
R3 NETw4v32;Stuurprogramma voor Intel(R) Wireless WiFi Link Adapter onder Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw4v32.sys [09/26/2007 01:12 PM]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [04/20/2007 01:00 AM]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [04/20/2007 01:00 AM]
S3 btwaudio;Bluetooth-audioapparaat;C:\Windows\system32\drivers\btwaudio.sys [07/24/2007 01:56 AM]
S3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [07/24/2007 01:56 AM]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys [07/24/2007 01:55 AM]
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [07/24/2007 01:56 AM]
S3 MRV6X32P;Met Vista geleverd 32-bits-stuurprogramma;C:\Windows\system32\DRIVERS\MRVW13B.sys [11/02/2006 08:30 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aac1a65c-c915-11dc-ac62-001a801d03f4}]
\shell\AutoRun\command - H:\LaunchU3.exe -a

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-12 21:14:29
Windows 6.0.6000 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\SurfRight\Caretaker\CaretakerService.exe
C:\Program Files\SurfRight\Caretaker\AntispamService.exe
C:\Program Files\SurfRight\Caretaker\CaretakerProxy.exe
C:\Program Files\SurfRight\Caretaker\CaretakerUpdater.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\stacsv.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Media Player\setup_wm.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\conime.exe
.
**************************************************************************
.
Voltooingstijd: 02/12/2008 21:17:09 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-12 20:17:05
ComboFix2.txt 2008-02-12 18:16:36
ComboFix3.txt 2008-02-11 13:07:16
.
2008-02-07 23:33:30 --- E O F ---




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:18:44 PM, on 2/12/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\SurfRight\Caretaker\Notifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\Explorer.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symbaloo.com/nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {54A98DD5-0357-4EF1-A698-BB08E73CF725} - C:\Windows\AcroIEHelper.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AppMon Utility] "C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" @@@Start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CaretakerNotifier] C:\Program Files\SurfRight\Caretaker\Notifier.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunServices: [Win32Update] C:\Windows\system32\apirclx.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: HP Clipboek - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Slim selecteren - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG7 Resident Shield Service AvgCoreSvcVAIOMediaPlatform-IntegratedServer-AppServer (AvgCoreSvcVAIOMediaPlatform-IntegratedServer-AppServer) - Unknown owner - C:\Windows\System32\apirclx.exe (file missing)
O23 - Service: Caretaker Antispam Service (CaretakerAntispam) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\AntispamService.exe
O23 - Service: Caretaker Proxy (CaretakerProxy) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerProxy.exe
O23 - Service: Caretaker Service (CaretakerSvc) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerService.exe
O23 - Service: Caretaker Updater (CaretakerUpdate) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerUpdater.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: ReadyBoost EMDMgmtPNRPAutoReg (EMDMgmtPNRPAutoReg) - Unknown owner - C:\Windows\System32\apirclx.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Performance Logs & Alerts plaRasAuto (plaRasAuto) - Unknown owner - C:\Windows\System32\apirclx.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 14448 bytes

Open Kladblok, kopiëer en plak het volgende (vetgedrukte tekst) in een leeg venster:

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Win32Update"=

Sla dit op op je Bureaublad als CFScript.txt

Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld :



Dit zal ComboFix doen herstarten.
Start opnieuw op als daarom gevraagd wordt,
en post de inhoud van de Combofix.txt in je volgende antwoord.

Hoe is het inmiddels met je problemen?

Het lijkt of het iets beter wordt, alleen met je laatste opdracht krijg ik de melding "U can not rename Combofix as Combofix, please use another name"

Hij doet het nu wel, moest een blokkering van vista opheffen, ik post straks nieuwe log files

De resultaten van combofix zijn ook doorgestuurd

ComboFix 08-02-11.2 - Sjoerd 02/12/2008 22:02:28.4 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.31.1043.18.1012 [GMT 1:00]
Gestart vanuit: C:\Users\Sjoerd\Desktop\ComboFix.exe
Command switches used :: C:\Users\Sjoerd\Desktop\CFScript.txt
* Nieuw herstelpunt werd aangemaakt
.

(((((((((((((((((((( Bestanden Gemaakt van 2008-01-12 to 2008-02-12 ))))))))))))))))))))))))))))))
.

Geen nieuwe bestanden aangemaakt in deze periode

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-12 20:55 --------- d-----w C:\Program Files\Google
2008-02-12 20:51 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\Xfire
2008-02-12 20:50 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\AVG7
2008-02-12 20:17 6,736 ----a-w C:\Windows\system32\drivers\PROCEXP90.SYS
2008-02-12 13:12 --------- d-----w C:\Program Files\Hitman Pro
2008-02-12 10:00 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-02-12 08:20 --------- d-----w C:\Program Files\SpywareBlaster
2008-02-11 21:56 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-02-11 21:56 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe
2008-02-11 21:29 --------- d-----w C:\ProgramData\SurfRight
2008-02-11 21:29 --------- d-----w C:\Program Files\SurfRight
2008-02-11 20:56 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\Lavasoft
2008-02-11 20:55 --------- d---a-w C:\ProgramData\TEMP
2008-02-11 20:52 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-02-11 20:50 --------- d-----w C:\Program Files\Lavasoft
2008-02-11 20:48 --------- d-----w C:\ProgramData\Prevx
2008-02-11 20:34 --------- d-----w C:\Program Files\Spyware Doctor
2008-02-11 20:33 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\PC Tools
2008-02-11 20:06 52 ----a-w C:\tmp.bat
2008-02-11 11:55 102,664 ----a-w C:\Windows\system32\drivers\tmcomm.sys
2008-02-11 11:52 --------- d-----w C:\Program Files\Trend Micro
2008-02-11 11:26 --------- d-----w C:\ProgramData\avg7
2008-02-11 11:22 9,216 ----a-w C:\Windows\System32\avgwlntf.dll
2008-02-11 11:22 --------- d-----w C:\ProgramData\Grisoft
2008-02-11 11:14 127,214 ----a-w C:\Users\Sjoerd\AppData\Roaming\nvModes.dat
2008-02-07 23:51 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\HP
2008-02-07 01:12 --------- d-----w C:\ProgramData\Xfire
2008-02-05 20:49 --------- d-----w C:\Program Files\Xfire
2008-02-03 01:47 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-02 23:18 --------- d-----w C:\Program Files\Picasa2
2008-02-01 17:04 --------- d-----w C:\ProgramData\WEBREG
2008-02-01 17:04 --------- d-----w C:\ProgramData\HP
2008-02-01 17:02 --------- d-----w C:\ProgramData\Hewlett-Packard
2008-02-01 16:59 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\HPAppData
2008-02-01 16:59 --------- d-----w C:\ProgramData\HPSSUPPLY
2008-02-01 16:59 --------- d-----w C:\Program Files\HP
2008-02-01 16:57 --------- d-----w C:\ProgramData\HP Product Assistant
2008-02-01 16:57 --------- d-----w C:\Program Files\Common Files\HP
2008-02-01 16:56 --------- d-----w C:\Program Files\Hewlett-Packard
2008-02-01 16:56 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard
2008-01-31 15:36 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\Sony Corporation
2008-01-31 02:02 54,608 ----a-w C:\Windows\System32\xfcodec.dll
2008-01-24 22:08 16,640 --s-a-w C:\Windows\system32\drivers\ctredrv.sys
2008-01-23 22:59 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\U3
2008-01-09 02:09 --------- d-----w C:\Program Files\Windows Mail
2008-01-09 02:02 802,816 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-01-09 02:02 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-01-09 02:02 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-01-09 02:02 216,760 ----a-w C:\Windows\system32\drivers\netio.sys
2008-01-09 02:02 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-01-09 02:01 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-01-09 02:01 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-01-09 02:01 449,024 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-01-09 02:01 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-01-09 02:01 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-01-09 02:01 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-01-09 02:01 2,143,744 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-01-09 02:01 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-01-09 02:01 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-01-09 02:01 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-01-09 02:01 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-01-09 02:01 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-01-09 02:01 1,686,016 ----a-w C:\Windows\System32\gameux.dll
2008-01-09 02:01 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-01-09 02:01 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-05 19:52 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\UseNeXT
2007-12-24 20:57 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\teamspeak2
2007-12-24 20:57 --------- d-----w C:\Program Files\Teamspeak2_RC2
2007-12-21 18:49 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\Ahead
2007-12-21 18:47 --------- d-----w C:\ProgramData\Ahead
2007-12-21 18:45 --------- d-----w C:\Program Files\Common Files\Ahead
2007-12-21 18:37 --------- d-----w C:\ProgramData\Nero
2007-12-21 18:37 --------- d-----w C:\Program Files\Nero
2007-12-21 18:13 --------- d-----w C:\Program Files\Smart Projects
2007-12-19 22:05 --------- d-----w C:\Program Files\UseNeXT
2007-12-19 16:22 --------- d-----w C:\ProgramData\InterVideo
2007-12-19 16:19 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\InterVideo
2007-12-19 15:46 --------- d-----w C:\ProgramData\Sony Corporation
2007-12-18 20:27 --------- d-----w C:\Program Files\Eraser
2007-12-18 19:11 --------- d-----w C:\Program Files\Common Files\Sony Shared
2007-12-18 19:05 --------- d-----w C:\Program Files\Sony
2007-12-18 19:02 --------- d-----w C:\Program Files\Sony Corporation
2007-12-18 18:51 --------- d-----w C:\Program Files\Java
2007-12-18 18:29 --------- d-----w C:\Program Files\Windows Live
2007-12-18 18:28 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2007-12-18 18:24 --------- d-----w C:\ProgramData\WLInstaller
2007-12-17 19:59 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-12-17 19:58 --------- d-----w C:\ProgramData\Microsoft Help
2007-12-17 19:53 --------- d-----w C:\Program Files\MSXML 4.0
2007-12-17 19:40 --------- d-----w C:\Program Files\MSBuild
2007-12-17 19:40 --------- d-----w C:\Program Files\Microsoft Works
2007-12-17 19:39 --------- d-----w C:\Program Files\Microsoft.NET
2007-12-17 19:37 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2007-12-17 19:30 --------- d-----w C:\ProgramData\Roxio
2007-12-17 19:23 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\Roxio
2007-12-17 19:17 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\DivX
2007-12-17 19:15 --------- d-----w C:\Users\Sjoerd\AppData\Roaming\GetRightToGo
2007-12-17 19:12 66,872 ----a-w C:\Windows\System32\PnkBstrA.exe
2007-12-17 19:08 22,328 ----a-w C:\Users\Sjoerd\AppData\Roaming\PnkBstrK.sys
2007-12-17 18:50 --------- d-----w C:\Program Files\Activision
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
03/02/2007 04:52 PM 177768 -ra------ C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54A98DD5-0357-4EF1-A698-BB08E73CF725}]
C:\Windows\AcroIEHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [01/09/2008 03:01 AM 1232896]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [10/18/2007 11:34 AM 5724184]
"Eraser"="C:\Program Files\Eraser\Eraser.exe" [12/08/2007 01:42 AM 376832]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [05/16/2007 09:27 AM 153136]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [11/02/2006 01:36 PM 201728]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Win32Update"="C:\Windows\system32\apirclx.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [08/23/2007 12:40 PM 1006264]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [08/01/2007 01:18 AM 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [08/01/2007 01:17 AM 8429568]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [08/01/2007 01:17 AM 81920]
"RtHDVCpl"="RtHDVCpl.exe" [06/26/2007 01:39 AM 4489216 C:\Windows\RtHDVCpl.exe]
"Skytel"="Skytel.exe" [06/26/2007 01:39 AM 1826816 C:\Windows\SkyTel.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [03/10/2007 02:58 AM 835584]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 07:51 PM 39792]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [06/11/2007 05:27 PM 317560]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [02/12/2007 12:37 PM 174872]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11 AM 132496]
"AppMon Utility"="C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" [07/12/2007 03:39 PM 534392]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [08/24/2007 07:00 AM 33648]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [03/01/2007 03:57 PM 153136]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [03/11/2007 09:34 PM 49152]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [02/11/2008 12:24 PM 579072]
"CaretakerNotifier"="C:\Program Files\SurfRight\Caretaker\Notifier.exe" [02/11/2008 10:14 AM 589560]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [10/23/2007 10:18 PM 443968]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [02/11/2008 12:22 PM 219136]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [7/3/2007 9:31:46 AM 739880]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [3/11/2007 9:26:24 PM 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 02/11/2008 12:22 PM 9216 C:\Windows\System32\avgwlntf.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 07/24/2007 06:26 PM 98304 C:\Windows\System32\VESWinlogon.dll

R1 ctredrv.sys;ctredrv.sys;C:\Windows\system32\drivers\ctredrv.sys [01/24/2008 11:08 PM]
R2 CaretakerAntispam;Caretaker Antispam Service;"C:\Program Files\SurfRight\Caretaker\AntispamService.exe" [02/11/2008 12:16 PM]
R2 CaretakerProxy;Caretaker Proxy;"C:\Program Files\SurfRight\Caretaker\CaretakerProxy.exe" [02/11/2008 12:16 PM]
R2 CaretakerSvc;Caretaker Service;"C:\Program Files\SurfRight\Caretaker\CaretakerService.exe" [02/11/2008 10:17 AM]
R2 CaretakerUpdate;Caretaker Updater;"C:\Program Files\SurfRight\Caretaker\CaretakerUpdater.exe" [02/11/2008 10:17 AM]
R2 HPSLPSVC;HP Network Devices Support;C:\Windows\system32\svchost.exe [11/02/2006 10:45 AM]
R2 regi;regi;C:\Windows\system32\drivers\regi.sys [04/17/2007 08:09 PM]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [07/13/2007 07:14 AM]
R3 NETw4v32;Stuurprogramma voor Intel(R) Wireless WiFi Link Adapter onder Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw4v32.sys [09/26/2007 01:12 PM]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [04/20/2007 01:00 AM]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [04/20/2007 01:00 AM]
R3 ti21sony;ti21sony;C:\Windows\system32\drivers\ti21sony.sys [06/06/2007 01:00 AM]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [07/13/2007 07:15 AM]
S2 AvgCoreSvcVAIOMediaPlatform-IntegratedServer-AppServer;AVG7 Resident Shield Service AvgCoreSvcVAIOMediaPlatform-IntegratedServer-AppServer;C:\Windows\System32\apirclx.exe srv
S2 EMDMgmtPNRPAutoReg;ReadyBoost EMDMgmtPNRPAutoReg;C:\Windows\System32\apirclx.exe srv
S2 plaRasAuto;Performance Logs & Alerts plaRasAuto;C:\Windows\System32\apirclx.exe srv
S3 btwaudio;Bluetooth-audioapparaat;C:\Windows\system32\drivers\btwaudio.sys [07/24/2007 01:56 AM]
S3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [07/24/2007 01:56 AM]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys [07/24/2007 01:55 AM]
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [07/24/2007 01:56 AM]
S3 MRV6X32P;Met Vista geleverd 32-bits-stuurprogramma;C:\Windows\system32\DRIVERS\MRVW13B.sys [11/02/2006 08:30 AM]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [01/10/2007 04:51 PM]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0"
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [06/20/2007 03:34 PM]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe" [07/05/2007 07:12 PM]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;"C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe" [09/20/2007 06:52 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aac1a65c-c915-11dc-ac62-001a801d03f4}]
\shell\AutoRun\command - H:\LaunchU3.exe -a

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-12 22:05:29
Windows 6.0.6000 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
Voltooingstijd: 02/12/2008 22:06:20
ComboFix-quarantined-files.txt 2008-02-12 21:06:16
ComboFix2.txt 2008-02-12 20:17:10
ComboFix3.txt 2008-02-12 18:16:36
ComboFix4.txt 2008-02-11 13:07:16
.
2008-02-07 23:33:30 --- E O F ---



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:08:50 PM, on 2/12/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\SurfRight\Caretaker\Notifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Grisoft\AVG7\avgwb.dat
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symbaloo.com/nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {54A98DD5-0357-4EF1-A698-BB08E73CF725} - C:\Windows\AcroIEHelper.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AppMon Utility] "C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" @@@Start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CaretakerNotifier] C:\Program Files\SurfRight\Caretaker\Notifier.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunServices: [Win32Update] C:\Windows\system32\apirclx.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: HP Clipboek - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Slim selecteren - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG7 Resident Shield Service AvgCoreSvcVAIOMediaPlatform-IntegratedServer-AppServer (AvgCoreSvcVAIOMediaPlatform-IntegratedServer-AppServer) - Unknown owner - C:\Windows\System32\apirclx.exe (file missing)
O23 - Service: Caretaker Antispam Service (CaretakerAntispam) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\AntispamService.exe
O23 - Service: Caretaker Proxy (CaretakerProxy) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerProxy.exe
O23 - Service: Caretaker Service (CaretakerSvc) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerService.exe
O23 - Service: Caretaker Updater (CaretakerUpdate) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerUpdater.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: ReadyBoost EMDMgmtPNRPAutoReg (EMDMgmtPNRPAutoReg) - Unknown owner - C:\Windows\System32\apirclx.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Performance Logs & Alerts plaRasAuto (plaRasAuto) - Unknown owner - C:\Windows\System32\apirclx.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 13857 bytes