Hallo,

Heb iedere keer dat ik Windows opstart een error:

"Er is een fout opgetreden tijdens het laden van C:\WINDOWS\system32\trovbgsl.dll

Toegang gewijgerd."

Heb hier een hijackthis log bestand.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:23:22, on 29-2-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\HotKey_Driver\HotKeyDriver.exe
C:\Program Files\YUAN\Hybrid DTV\RC.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\StkCSrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {70ACEE07-B315-4323-910B-2CA17E885BCE} - C:\WINDOWS\system32\gebyx.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {4fa7783d-4633-a309-dc14-d2e57b277eec} - {cee772b7-5e2d-41cd-903a-3364d3877af4} - C:\WINDOWS\system32\mhbjdmjl.dll (file missing)
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Hook] C:\Program Files\VideoView\StkHK.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [30445a29] rundll32.exe "C:\WINDOWS\system32\trovbgsl.dll",b
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RC.lnk = C:\Program Files\YUAN\Hybrid DTV\RC.exe
O4 - Global Startup: HotKeyDriver.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkCSrv.exe

--
End of file - 5832 bytes

Combofix en Vundofix hebben ook niet echt geholpen. Hier log van combofix:

ComboFix 08-02-25.3 - Ramon Leenders 2008-02-29 17:05:11.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.2550 [GMT 1:00]
Gestart vanuit: C:\Documents and Settings\Ramon Leenders\Bureaublad\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt

WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Documenten\_desktop.ini
C:\Documents and Settings\All Users\Documenten\MCE Logs\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Mijn afbeeldingen\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Mijn afbeeldingen\Voorbeelden van afbeeldingen\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Mijn muziek\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Mijn muziek\My Playlists\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Mijn muziek\Sample Playlists\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Mijn muziek\Sample Playlists\000C1226\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Mijn muziek\Sync Playlists\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Mijn muziek\Sync Playlists\000C1235\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Mijn muziek\Voorbeelden van muziek\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Mijn video's\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Monolith Productions\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Monolith Productions\FEAR\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Monolith Productions\FEAR\Profiles\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Monolith Productions\FEAR\Save\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Monolith Productions\FEAR\Save\Profile000\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Monolith Productions\FEAR\Save\Profile000\SinglePlayer\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Monolith Productions\FEAR\Save\Profile000\SinglePlayer\Checkpoint\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Monolith Productions\FEAR\Save\Profile000\SinglePlayer\Checkpoint\Working\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Monolith Productions\FEAR\Save\Profile000\SinglePlayer\QuickSave\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Monolith Productions\FEAR\Save\Profile000\SinglePlayer\Reload\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Monolith Productions\FEAR\Save\Profile000\SinglePlayer\Reload\Working\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Monolith Productions\FEAR\Save\Profile000\SinglePlayer\Working\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Monolith Productions\FEAR\ServerOptions\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Tv-opnamen\_desktop.ini
C:\Documents and Settings\All Users\Documenten\Tv-opnamen\TempRec\_desktop.ini
C:\WINDOWS\system32\lsgbvort.ini

.
(((((((((((((((((((( Bestanden Gemaakt van 2008-01-28 to 2008-02-29 ))))))))))))))))))))))))))))))
.

2008-02-29 12:16 . 2008-02-29 12:16 <DIR> d-------- C:\WINDOWS\system32\AGEIA
2008-02-29 12:16 . 2008-02-29 12:16 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-29 12:16 . 2008-02-29 12:17 <DIR> d-------- C:\Program Files\AGEIA Technologies
2008-02-29 12:16 . 2007-10-12 15:14 3,734,536 --a------ C:\WINDOWS\system32\d3dx9_36.dll
2008-02-29 12:16 . 2007-10-12 15:14 1,374,232 --a------ C:\WINDOWS\system32\D3DCompiler_36.dll
2008-02-29 12:16 . 2007-10-02 09:56 444,776 --a------ C:\WINDOWS\system32\d3dx10_36.dll
2008-02-29 12:16 . 2007-10-22 03:39 267,272 --a------ C:\WINDOWS\system32\xactengine2_10.dll
2008-02-29 12:16 . 2007-07-20 00:57 267,112 --a------ C:\WINDOWS\system32\xactengine2_9.dll
2008-02-29 11:07 . 2008-02-29 11:36 <DIR> d-------- C:\VundoFix Backups
2008-02-28 22:50 . 2008-02-29 16:23 <DIR> d-------- C:\Documents and Settings\Ramon Leenders\Application Data\Lavasoft
2008-02-28 22:45 . 2008-02-28 23:10 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-02-28 22:45 . 2008-02-28 22:45 <DIR> d-------- C:\Documents and Settings\Ramon Leenders\Application Data\PC Tools
2008-02-28 22:45 . 2008-02-29 17:09 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-28 22:45 . 2007-12-10 14:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-02-28 22:45 . 2007-12-10 14:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-02-28 22:45 . 2008-02-01 12:55 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-02-28 22:45 . 2007-12-10 14:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-02-28 22:43 . 2008-02-28 22:43 164 --a------ C:\install.dat
2008-02-28 22:42 . 2008-02-29 16:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-28 22:41 . 2008-02-29 16:24 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-02-28 22:41 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-02-28 22:39 . 2008-02-28 22:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Prevx
2008-02-28 22:38 . 2008-02-28 22:40 <DIR> d-------- C:\Temp
2008-02-28 18:51 . 2008-02-29 17:01 <DIR> d-------- C:\Documents and Settings\Ramon Leenders\Application Data\AVG7
2008-02-28 18:51 . 2008-02-28 18:51 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-02-28 18:51 . 2008-02-28 18:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-28 18:44 . 2008-02-28 18:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-02-28 13:44 . 2004-08-04 01:03 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-02-28 13:44 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-02-28 13:44 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-02-28 13:44 . 2001-09-06 21:27 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-02-28 10:42 . 2008-02-28 18:53 21 --a------ C:\WINDOWS\pskt.ini
2008-02-28 09:42 . 2008-02-29 10:59 17,480 --a------ C:\Documents and Settings\Ramon Leenders\Application Data\GDIPFONTCACHEV1.DAT
2008-02-27 13:37 . 2008-02-27 13:37 <DIR> d-------- C:\Documents and Settings\Ramon Leenders\Application Data\dvdcss
2008-02-27 10:16 . 2008-02-27 10:16 <DIR> d-------- C:\Tools
2008-02-26 09:35 . 2008-02-26 09:35 <DIR> d-------- C:\Talstelsel tools
2008-02-26 09:22 . 2008-02-26 09:22 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\DivX
2008-02-25 22:08 . 2008-02-26 11:05 <DIR> d-------- C:\Documents and Settings\Ramon Leenders\Application Data\DivX
2008-02-25 22:07 . 2008-02-25 22:08 <DIR> d-------- C:\Program Files\DivX
2008-02-25 22:02 . 2008-02-25 22:02 <DIR> d-------- C:\Documents and Settings\Ramon Leenders\Application Data\vlc
2008-02-25 22:00 . 2008-02-25 22:00 <DIR> d-------- C:\Program Files\VideoLAN
2008-02-25 21:57 . 2008-02-25 21:57 <DIR> d-------- C:\Program Files\iPod
2008-02-25 21:57 . 2008-02-25 21:58 <DIR> d-------- C:\Documents and Settings\Ramon Leenders\Application Data\Apple Computer
2008-02-25 21:57 . 2008-02-29 17:09 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-25 21:57 . 2008-02-25 21:57 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-25 21:56 . 2008-02-25 21:56 <DIR> d-------- C:\Program Files\QuickTime
2008-02-25 21:56 . 2008-02-25 21:57 <DIR> d-------- C:\Program Files\iTunes
2008-02-25 21:56 . 2008-02-25 21:56 <DIR> d-------- C:\Program Files\Apple Software Update
2008-02-25 21:56 . 2008-02-25 21:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-25 21:55 . 2008-02-25 21:55 <DIR> d-------- C:\Program Files\Common Files\Apple
2008-02-25 21:55 . 2008-02-25 21:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-02-25 16:01 . 2008-02-25 16:01 300 --a------ C:\WINDOWS\game.ini
2008-02-25 15:51 . 2008-02-25 15:51 <DIR> d--hs---- C:\WINDOWS\ftpcache
2008-02-25 12:30 . 2008-02-25 12:33 <DIR> d-------- C:\Documents and Settings\Ramon Leenders\Backups of Alice E3
2008-02-25 12:22 . 2008-02-25 12:22 <DIR> d-------- C:\Documents and Settings\Ramon Leenders\Backups of Alice E2
2008-02-25 12:08 . 2008-02-25 12:08 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2008-02-25 12:08 . 2008-02-25 12:08 <DIR> dr-h----- C:\Documents and Settings\Ramon Leenders\Application Data\SecuROM
2008-02-25 12:08 . 2008-02-25 12:08 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-02-25 12:07 . 2008-02-25 12:07 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-02-25 12:07 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
2008-02-25 12:07 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
2008-02-25 12:07 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll
2008-02-25 12:07 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
2008-02-25 12:07 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll
2008-02-25 12:07 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
2008-02-25 12:07 . 2007-04-04 18:53 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
2008-02-25 12:07 . 2008-02-25 16:02 22,328 --a------ C:\Documents and Settings\Ramon Leenders\Application Data\PnkBstrK.sys
2008-02-25 10:49 . 2008-02-27 14:02 <DIR> d-------- C:\Documents and Settings\Ramon Leenders\.alice
2008-02-25 09:52 . 2008-02-28 22:03 <DIR> d-------- C:\Program Files\PokerStars.NET
2008-02-22 13:43 . 2008-02-22 13:43 <DIR> d-------- C:\Program Files\QuickPar
2008-02-21 20:24 . 2008-02-21 20:24 <DIR> d-------- C:\Program Files\Ipswitch
2008-02-21 20:24 . 2008-02-21 20:24 <DIR> d-------- C:\Documents and Settings\Ramon Leenders\Application Data\Ipswitch
2008-02-21 20:24 . 2008-02-21 20:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ipswitch
2008-02-21 20:24 . 2004-09-17 11:09 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2008-02-21 20:24 . 2005-02-28 12:37 606,293 --a------ C:\WINDOWS\system32\wbocx.ocx
2008-02-21 20:24 . 2004-02-12 17:16 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-02-21 20:24 . 2004-12-06 14:26 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-02-21 20:24 . 2005-02-28 12:37 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll
2008-02-21 15:07 . 2008-02-21 15:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\UIB
2008-02-21 14:59 . 2008-02-21 15:00 <DIR> d-------- C:\Program Files\VideoView
2008-02-21 14:59 . 2008-02-21 14:59 <DIR> d-------- C:\Documents and Settings\Ramon Leenders\Application Data\InstallShield
2008-02-21 14:59 . 2007-01-11 17:04 12,367,616 --a------ C:\WINDOWS\system32\drivers\StkCPipe.sys
2008-02-21 14:59 . 2007-06-27 15:44 1,262,720 --a------ C:\WINDOWS\system32\drivers\StkCMini.sys
2008-02-21 14:59 . 2007-06-20 10:22 249,856 --a------ C:\WINDOWS\VideoView.exe
2008-02-21 14:59 . 2007-04-19 14:38 106,496 --a------ C:\WINDOWS\StkC112X.exe
2008-02-21 14:59 . 2007-04-26 22:03 81,920 --a------ C:\WINDOWS\system32\StkCProp.ax
2008-02-21 14:59 . 2007-04-19 14:43 69,632 --a------ C:\WINDOWS\system32\StkCWIA.dll
2008-02-21 14:59 . 2007-04-19 14:42 49,152 --a------ C:\WINDOWS\system32\StkSSrv.dll
2008-02-21 14:59 . 2007-04-19 14:42 24,576 --a------ C:\WINDOWS\system32\StkCSrv.exe
2008-02-21 14:59 . 2004-08-04 01:03 20,992 --a------ C:\WINDOWS\system32\dshowext.ax
2008-02-21 14:59 . 2004-08-04 01:03 20,992 --a--c--- C:\WINDOWS\system32\dllcache\dshowext.ax
2008-02-21 14:55 . 2008-02-21 14:58 <DIR> d-------- C:\WINDOWS\BisonCam
2008-02-21 14:55 . 2007-06-11 10:29 93 -r------- C:\WINDOWS\OEM.ini
2008-02-21 03:05 . 2008-02-21 03:05 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-02-21 03:05 . 2008-02-21 03:05 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-02-21 03:05 . 2008-02-21 03:05 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2008-02-21 03:05 . 2008-02-21 03:05 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2008-02-21 03:05 . 2008-02-21 03:05 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
2008-02-21 03:03 . 2008-02-21 03:03 630,784 --a------ C:\WINDOWS\system32\divxdec.ax
2008-02-21 03:03 . 2008-02-21 03:03 352,401 --a------ C:\WINDOWS\system32\DivXMedia.ax

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-29 11:11 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-21 02:05 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-02-21 02:05 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-02-21 02:05 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2008-02-20 17:20 --------- d-----w C:\Program Files\Realtek
2008-02-19 23:10 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-02-19 23:09 --------- d-----w C:\Program Files\Intel
2008-02-19 22:56 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-19 22:50 --------- d-----w C:\Program Files\Windows Plus
2008-02-19 16:09 --------- d-----w C:\Program Files\Common Files\InstallShield
.

------- Sigcheck -------

459612338a74dd083969d5c5e8bdaa4d C:\WINDOWS\system32\winlogon.exe
----a-w 504,832 2004-10-20 23:28:20 C:\WINDOWS\system32\winlogon.exe
-c--a-w 504,832 2004-10-20 23:28:20 C:\WINDOWS\system32\dllcache\winlogon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{70ACEE07-B315-4323-910B-2CA17E885BCE}]
C:\WINDOWS\system32\gebyx.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cee772b7-5e2d-41cd-903a-3364d3877af4}]
C:\WINDOWS\system32\mhbjdmjl.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-02 13:00 15360]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-02-14 00:09 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-09-02 13:00 110592 C:\WINDOWS\system32\bthprops.cpl]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2004-08-10 04:04 59392]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-13 02:55 815104]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-25 00:03 8527872]
"nwiz"="nwiz.exe" [2007-10-25 00:03 1626112 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 07:49 16377344 C:\WINDOWS\RTHDCPL.EXE]
"Hook"="C:\Program Files\VideoView\StkHK.exe" [2007-06-07 18:37 40960]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-31 23:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]
"30445a29"="C:\WINDOWS\system32\trovbgsl.dll" [2008-02-29 17:04 84544]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-02-28 18:51 579072]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2008-02-01 12:55 1103240]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-09-02 13:00 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-28 18:51 219136]

C:\Documents and Settings\Ramon Leenders\Menu Start\Programma's\Opstarten\
RC.lnk - C:\Program Files\YUAN\Hybrid DTV\RC.exe [2007-05-23 02:53:38 61440]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
HotKeyDriver.lnk - C:\Program Files\HotKey_Driver\HotKeyDriver.exe [2008-02-19 17:10:01 3506176]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
C:\Program Files\GameSpy\Comrade\Comrade.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Games\\Counter-Strike Source\\hl2.exe"=
"C:\\Games\\rFactor\\rFactor.exe"=
"C:\\Games\\FEAR\\FEAR.exe"=
"C:\\Games\\Crysis\\Bin32\\Crysis.exe"=
"C:\\Games\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"C:\\Games\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"C:\\Games\\Lost Via Domus\\Yeti_Final_Win32.exe"=
"C:\\Games\\Lost Via Domus\\gu.exe"=
"C:\\Games\\Lost Via Domus\\detection\\Launcher.exe"=

R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;C:\WINDOWS\System32\StkCSrv.exe [2007-04-19 14:42]
R3 mod7700;DiBcom DIB7700 based TV tuner device;C:\WINDOWS\system32\Drivers\dvb7700all.sys [2007-07-30 15:20]
R3 StkCMini;Syntek AVStream USB2.0 2M WebCam;C:\WINDOWS\system32\Drivers\StkCMini.sys [2007-06-27 15:44]

.
Inhoud van de 'Gedeelde Taken' map
"2008-02-25 20:56:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-29 17:10:02
Windows 5.1.2600 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Voltooingstijd: 2008-02-29 17:12:55 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-29 16:12:53
.
2008-02-19 18:00:24 --- E O F ---

Weet iemand wat ik moet doen?
Alvast bedankt!