Kan niets openen zonder recame

**Juisterr** · 18-04-08, 20:27

Schakel Spybot's TeaTimer even uit, omdat deze de fix in de weg kan zitten:
- Start Spybot
- Ga naar Mode > selecteer Advanced Mode
- Ga naar Tools en klik op het Resident-icoon in de lijst
- Haal het vinkje weg bij Resident TeaTimer en klik OK
- Herstart de computer

Download vervolgens ResetTeaTimer.bat naar je Bureaublad.
Dubbelklik op ResetTeaTimer.bat om alle entries in TeaTimer te verwijderen.
Als de computer schoon is, kun je TeaTimer weer aan zetten

1 )
Download Malwarebytes' Anti-Malware op je bureaublad.
Dubbelklik mbam-setup.exe en kies voor "Next" om de tool te installeren.
Als de installatie voltooid is zet je vinkjes bij "Update MalwareBytes' Anti-Malware" en bij "Launch MalwareBytes' Anti-Malware".
Druk daarna op "Finish".
Kies in het hoofdscherm voor de tab "Scanner" en selecteer het keuzerondje "Perform full scan".
Druk op de knop "Scan" en zorg dat al je harde schijven/partities aangevinkt staan.
Druk dan op de knop "Start Scan".
Wanneer de scan voltooid is klik je op OK, daarna op "Show Results" om de resultaten te zien.
Zorg ervoor dat alles aangevinkt is, klik daarna op "Remove Selected".
Als het programma je computer wil laten herstarten, sta je dit toe.
Daarna opent een logje(mbam-log-XX-XX-XXXX(xx-xx-xx).txt)
Post deze log in je volgende bericht.

2 )
Volg de instructies zoals beschreven op de volgende pagina: hoe-dient-combofix-gebruikt-te-worden

Gebruik je Vista, dan hoeft de Recovery Console niet te worden geinstalleerd.
Is er iets niet duidelijk, dan vraag je het.
Als het tooltje klaar is, opent er een logfile (C:\combofix.txt).
Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.

**Lennaert** · 18-04-08, 21:11

Heey alvast bedankt, ik gaat eens aan de slag en vermaakme wel ff.
Je hoort snel van me.

Gr Lennaert.

**Lennaert** · 19-04-08, 05:50

Hierbij mijn mbam-log:

Malwarebytes' Anti-Malware 1.11
Database versie: 651

Scan type: Volledige Scan (C:\|E:\|F:\|)
Objecten gescand: 106137
Verstreken tijd: 2 hour(s), 20 minute(s), 37 second(s)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 4
Registersleutels geïnfecteerd: 18
Registerwaarden geïnfecteerd: 2
Registerdata bestanden geïnfecteerd: 2
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 14

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:
C:\WINDOWS\system32\bscrhjqq.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\iifefEVP.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\mlJArolJ.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\lxkoxdtg.dll (Trojan.Vundo) -> Unloaded module successfully.

Registersleutels geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed5823c-10f9-42fe-b88f-07814c97d18c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fed5823c-10f9-42fe-b88f-07814c97d18c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c14e6230-757d-4246-81ce-b34e2940c722} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c14e6230-757d-4246-81ce-b34e2940c722} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mljarolj (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{22bf1662-b3d1-4a68-a055-7ce67fca1098} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22bf1662-b3d1-4a68-a055-7ce67fca1098} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\aldd (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\64000f09 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{c14e6230-757d-4246-81ce-b34e2940c722} (Trojan.Vundo) -> Quarantined and deleted successfully.

Registerdata bestanden geïnfecteerd:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\iifefevp -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\iifefevp -> Quarantined and deleted successfully.

Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Bestanden geïnfecteerd:
C:\WINDOWS\system32\bscrhjqq.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\qqjhrcsb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iifefEVP.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\PVEfefii.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\PVEfefii.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlJArolJ.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\Lennaert\Local Settings\Temporary Internet Files\Content.IE5\TO2XB3XF\kriv[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lennaert\Local Settings\Temporary Internet Files\Content.IE5\WTSL0AMN\glas[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20FAC129-88C0-4C12-94EB-F64B3EDD285C}\RP276\A0049813.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20FAC129-88C0-4C12-94EB-F64B3EDD285C}\RP276\A0049814.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20FAC129-88C0-4C12-94EB-F64B3EDD285C}\RP277\A0050907.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20FAC129-88C0-4C12-94EB-F64B3EDD285C}\RP278\A0050947.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20FAC129-88C0-4C12-94EB-F64B3EDD285C}\RP278\A0050948.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lxkoxdtg.dll (Trojan.Vundo) -> Delete on reboot.

**Lennaert** · 19-04-08, 06:04

Hierbij mijn andere 2 logjes:

ComboFix 08-04-17.1 - Lennaert 2008-04-19 6:52:40.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.476 [GMT 2:00]
Gestart vanuit: C:\Documents and Settings\Lennaert\Bureaublad\ComboFix.exe
Command switches used :: C:\Documents and Settings\Lennaert\Bureaublad\WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
* Nieuw herstelpunt werd aangemaakt
* Resident AV is active

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\aghwqwns.dll
C:\WINDOWS\system32\gaxggesp.ini
C:\WINDOWS\system32\iifefEVP.dll
C:\WINDOWS\system32\lxkoxdtg.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mlJArolJ.dll
C:\WINDOWS\system32\OpopAccf.ini
C:\WINDOWS\system32\OpopAccf.ini2
C:\WINDOWS\system32\pseggxag.dll
C:\WINDOWS\system32\PVEfefii.ini
C:\WINDOWS\system32\PVEfefii.ini2

.
(((((((((((((((((((( Bestanden Gemaakt van 2008-03-19 to 2008-04-19 ))))))))))))))))))))))))))))))
.

2008-04-19 06:51 . 2008-04-19 06:51 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
2008-04-19 06:42 . 2008-04-19 06:42 109,734 --a------ C:\WINDOWS\BM67333c95.xml
2008-04-18 21:55 . 2008-04-18 21:55 <DIR> d-------- C:\Documents and Settings\Lennaert\Application Data\Malwarebytes
2008-04-18 21:54 . 2008-04-18 21:54 0 --a------ C:\Debug.QC6
2008-04-18 21:50 . 2008-04-18 21:54 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-18 21:50 . 2008-04-18 21:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-18 21:45 . 2008-04-18 21:45 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2008-04-18 06:33 . 2008-04-19 06:44 1,541,089 ---hs---- C:\WINDOWS\system32\qqjhrcsb.ini
2008-04-17 22:58 . 2008-04-17 23:01 211 --a------ C:\WINDOWS\wininit.ini
2008-04-17 22:42 . 2008-04-17 22:42 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-17 22:42 . 2008-04-17 23:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-17 22:41 . 2008-04-17 22:41 <DIR> d-------- C:\Program Files\Lavasoft
2008-04-17 22:41 . 2008-04-17 22:41 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-17 20:53 . 2008-04-17 21:28 <DIR> d-------- C:\Program Files\EsetOnlineScanner
2008-04-17 20:45 . 2008-04-17 20:45 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-17 18:43 . 2008-04-17 23:07 1,529,654 ---hs---- C:\WINDOWS\system32\wwhechun.ini
2008-04-16 19:10 . 2008-04-17 22:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-04-05 11:48 . 2006-06-08 04:49 344,064 -ra------ C:\WINDOWS\system32\drivers\rt73.sys
2008-04-05 11:48 . 2005-10-17 19:50 245,376 --a------ C:\WINDOWS\system32\drivers\rt2500usb.sys
2008-04-05 11:48 . 2002-09-09 21:01 61,440 --a------ C:\WINDOWS\system32\ASUSW32N50.dll
2008-04-05 11:48 . 2002-09-09 19:54 16,269 --a------ C:\WINDOWS\system32\ASNDIS5.sys
2008-04-05 11:48 . 2001-04-16 05:48 15,577 --a------ C:\WINDOWS\system32\ASNDIS3.vxd
2008-03-24 22:46 . 2008-03-24 22:46 268 --ah----- C:\sqmdata03.sqm
2008-03-24 22:46 . 2008-03-24 22:46 244 --ah----- C:\sqmnoopt03.sqm

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-19 04:48 --------- d-----w C:\Program Files\SPAMfighter
2008-04-18 21:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-17 21:11 --------- d-----w C:\Documents and Settings\Lennaert\Application Data\LimeWire
2008-04-17 16:57 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-16 17:55 --------- d-----w C:\Documents and Settings\Lennaert\Application Data\Azureus
2008-04-12 04:36 --------- d-----w C:\Documents and Settings\Lennaert\Application Data\Vso
2008-04-05 09:48 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-05 09:48 --------- d-----w C:\Program Files\ASUS
2008-04-05 09:45 --------- d-----w C:\Program Files\RALINK
2008-03-31 19:00 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-03-19 17:39 --------- d-----w C:\Documents and Settings\Lennaert\Application Data\AdobeUM
2008-03-14 17:48 --------- d-----w C:\Program Files\Azureus
2008-02-28 20:33 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-28 20:33 --------- d-----w C:\Program Files\Windows Live
2008-02-28 20:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-09-17 17:26 87,608 -c--a-w C:\Documents and Settings\Lennaert\Application Data\inst.exe
2007-09-17 17:26 47,360 -c--a-w C:\Documents and Settings\Lennaert\Application Data\pcouffin.sys
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{355559FC-9D02-4D79-84C2-AEDB94223A24}]
C:\WINDOWS\system32\fccApopO.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5C80CC19-B5C2-4C62-B3D3-6800B3B9C69A}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C14E6230-757D-4246-81CE-B34E2940C722}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FED5823C-10F9-42FE-B88F-07814C97D18C}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:03 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [ ]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-16 21:35 68856]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 13:24 167368]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 17:21 1449984]
"WindowsModule"="C:\Windows\System32\winner32.exe" [ ]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45 313472]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShStatEXE"="C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.exe" [2007-02-22 20:50 112216]
"McAfeeUpdaterUI"="C:\Program Files\McAfee\Common Framework\UdaterUI.exe" [2006-12-19 11:27 136768]
"SoundMan"="SOUNDMAN.EXE" [2006-11-16 23:42 577536 C:\WINDOWS\soundman.exe]
"AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe" [2006-11-14 08:25 363008]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 15:40 155648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-11-21 17:08 813912]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-02-25 16:15 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-25 17:15 454656]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-25 17:06 212992]
"NSLauncher"="C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2006-11-28 02:12 2658304]
"WindowsModule"="C:\Windows\System32\winner32.exe" [ ]
"SPAMfighter Agent"="C:\Program Files\SPAMfighter\SFAgent.exe" [2008-01-02 18:03 308880]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 01:03 15360]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-09-16 21:35:35 126136]
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-09-24 06:46:51 114688]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE"=
"C:\\Program Files\\Microsoft Office\\OFFICE11\\POWERPNT.EXE"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 PStrip;PStrip;C:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 03:37]
R2 SPAMfighter Update Service;SPAMfighter Update Service;"C:\Program Files\SPAMfighter\sfus.exe" [2008-01-02 18:03]
S1 SysTool;SysTool Overclocking Utility;C:\WINDOWS\system32\DRIVERS\SysTool.sys [2006-11-10 15:08]
S3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\system32\ASNDIS5.SYS [2002-09-09 19:54]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{26A8E9B1-F6A4-59B8-0503-060005050503}]
C:\WINDOWS\system32\iexplorere.exe
.
Inhoud van de 'Gedeelde Taken' map
"2007-09-17 05:22:10 C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IType_exe.job"
- C:\Program Files\Microsoft IntelliType Pro\itype.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-19 06:56:28
Windows 5.1.2600 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 13

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\Program Files\RealVNC\VNC4\winvnc4.exe
C:\Program Files\McAfee\Common Framework\Mctray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
.
**************************************************************************
.
Voltooingstijd: 2008-04-19 6:58:40 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-19 04:58:37

Pre-Run: 81,739,030,528 bytes beschikbaar
Post-Run: 82,045,272,064 bytes beschikbaar

WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn /usepmtimer
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
.
2008-04-09 21:08:02 --- E O F ---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:01:38, on 19-4-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {355559FC-9D02-4D79-84C2-AEDB94223A24} - C:\WINDOWS\system32\fccApopO.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [WindowsModule] "C:\Windows\System32\winner32.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [WindowsModule] "C:\Windows\System32\winner32.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1190392974656
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 9954 bytes

Mvg Lennaert.

**Juisterr** · 19-04-08, 13:57

Open Kladblok, kopieer en plak het volgende (vetgedrukte, blauwe tekst) in een leeg venster:

File::
C:\WINDOWS\system32\qqjhrcsb.ini
C:\WINDOWS\wininit.ini
C:\WINDOWS\system32\wwhechun.ini
C:\WINDOWS\system32\fccApopO.dll
C:\Windows\System32\winner32.exe

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{355559FC-9D02-4D79-84C2-AEDB94223A24}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5C80CC19-B5C2-4C62-B3D3-6800B3B9C69A}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C14E6230-757D-4246-81CE-B34E2940C722}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FED5823C-10F9-42FE-B88F-07814C97D18C}]

Sla dit op op je Bureaublad als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld :

Dit zal ComboFix doen herstarten.

Na het herstarten van je computer, (indien het vraagt om te herstarten), kopieer en plak de inhoud van Combofix.txt in je volgende antwoord.
Plaats ook een nieuw hjt logje en vertel even hoe het nu gaat aub.

**Lennaert** · 19-04-08, 16:59

ComboFix 08-04-17.1 - Lennaert 2008-04-19 17:03:08.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.501 [GMT 2:00]
Gestart vanuit: C:\Documents and Settings\Lennaert\Bureaublad\ComboFix.exe
Command switches used :: C:\Documents and Settings\Lennaert\Bureaublad\CFScript.txt
* Nieuw herstelpunt werd aangemaakt
* Resident AV is active

FILE ::
C:\WINDOWS\system32\fccApopO.dll
C:\WINDOWS\system32\qqjhrcsb.ini
C:\Windows\System32\winner32.exe
C:\WINDOWS\system32\wwhechun.ini
C:\WINDOWS\wininit.ini
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\qqjhrcsb.ini
C:\WINDOWS\system32\wwhechun.ini
C:\WINDOWS\wininit.ini

.
(((((((((((((((((((( Bestanden Gemaakt van 2008-03-19 to 2008-04-19 ))))))))))))))))))))))))))))))
.

2008-04-19 06:51 . 2008-04-19 06:51 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
2008-04-19 06:42 . 2008-04-19 06:42 109,734 --a------ C:\WINDOWS\BM67333c95.xml
2008-04-18 21:55 . 2008-04-18 21:55 <DIR> d-------- C:\Documents and Settings\Lennaert\Application Data\Malwarebytes
2008-04-18 21:54 . 2008-04-18 21:54 0 --a------ C:\Debug.QC6
2008-04-18 21:50 . 2008-04-18 21:54 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-18 21:50 . 2008-04-18 21:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-18 21:45 . 2008-04-18 21:45 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2008-04-17 22:42 . 2008-04-17 22:42 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-17 22:42 . 2008-04-17 23:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-17 22:41 . 2008-04-17 22:41 <DIR> d-------- C:\Program Files\Lavasoft
2008-04-17 22:41 . 2008-04-17 22:41 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-17 20:53 . 2008-04-17 21:28 <DIR> d-------- C:\Program Files\EsetOnlineScanner
2008-04-17 20:45 . 2008-04-17 20:45 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-16 19:10 . 2008-04-17 22:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-04-05 11:48 . 2006-06-08 04:49 344,064 -ra------ C:\WINDOWS\system32\drivers\rt73.sys
2008-04-05 11:48 . 2005-10-17 19:50 245,376 --a------ C:\WINDOWS\system32\drivers\rt2500usb.sys
2008-04-05 11:48 . 2002-09-09 21:01 61,440 --a------ C:\WINDOWS\system32\ASUSW32N50.dll
2008-04-05 11:48 . 2002-09-09 19:54 16,269 --a------ C:\WINDOWS\system32\ASNDIS5.sys
2008-04-05 11:48 . 2001-04-16 05:48 15,577 --a------ C:\WINDOWS\system32\ASNDIS3.vxd
2008-03-24 22:46 . 2008-03-24 22:46 268 --ah----- C:\sqmdata03.sqm
2008-03-24 22:46 . 2008-03-24 22:46 244 --ah----- C:\sqmnoopt03.sqm

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-19 04:57 --------- d-----w C:\Program Files\SPAMfighter
2008-04-18 21:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-17 21:11 --------- d-----w C:\Documents and Settings\Lennaert\Application Data\LimeWire
2008-04-17 16:57 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-16 17:55 --------- d-----w C:\Documents and Settings\Lennaert\Application Data\Azureus
2008-04-12 04:36 --------- d-----w C:\Documents and Settings\Lennaert\Application Data\Vso
2008-04-05 09:48 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-05 09:48 --------- d-----w C:\Program Files\ASUS
2008-04-05 09:45 --------- d-----w C:\Program Files\RALINK
2008-03-31 19:00 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-03-20 08:10 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 17:39 --------- d-----w C:\Documents and Settings\Lennaert\Application Data\AdobeUM
2008-03-14 17:48 --------- d-----w C:\Program Files\Azureus
2008-03-01 13:05 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-28 20:33 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-28 20:33 --------- d-----w C:\Program Files\Windows Live
2008-02-28 20:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:39 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-11 07:39 253,952 ----a-w C:\WINDOWS\system32\OnlineScannerDLLA.dll
2008-02-11 07:39 237,568 ----a-w C:\WINDOWS\system32\OnlineScannerDLLW.dll
2008-02-08 11:53 110,592 ----a-w C:\WINDOWS\system32\OnlineScannerLang.dll
2008-02-05 06:48 77,824 ----a-w C:\WINDOWS\system32\OnlineScannerUninstaller.exe
2007-09-17 17:26 87,608 -c--a-w C:\Documents and Settings\Lennaert\Application Data\inst.exe
2007-09-17 17:26 47,360 -c--a-w C:\Documents and Settings\Lennaert\Application Data\pcouffin.sys
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:03 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [ ]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-16 21:35 68856]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 13:24 167368]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 17:21 1449984]
"WindowsModule"="C:\Windows\System32\winner32.exe" [ ]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45 313472]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShStatEXE"="C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.exe" [2007-02-22 20:50 112216]
"McAfeeUpdaterUI"="C:\Program Files\McAfee\Common Framework\UdaterUI.exe" [2006-12-19 11:27 136768]
"SoundMan"="SOUNDMAN.EXE" [2006-11-16 23:42 577536 C:\WINDOWS\soundman.exe]
"AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe" [2006-11-14 08:25 363008]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 15:40 155648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-11-21 17:08 813912]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-02-25 16:15 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-25 17:15 454656]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-25 17:06 212992]
"NSLauncher"="C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2006-11-28 02:12 2658304]
"WindowsModule"="C:\Windows\System32\winner32.exe" [ ]
"SPAMfighter Agent"="C:\Program Files\SPAMfighter\SFAgent.exe" [2008-01-02 18:03 308880]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 01:03 15360]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-09-16 21:35:35 126136]
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-09-24 06:46:51 114688]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE"=
"C:\\Program Files\\Microsoft Office\\OFFICE11\\POWERPNT.EXE"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 PStrip;PStrip;C:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 03:37]
R2 SPAMfighter Update Service;SPAMfighter Update Service;"C:\Program Files\SPAMfighter\sfus.exe" [2008-01-02 18:03]
S1 SysTool;SysTool Overclocking Utility;C:\WINDOWS\system32\DRIVERS\SysTool.sys [2006-11-10 15:08]
S3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\system32\ASNDIS5.SYS [2002-09-09 19:54]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{26A8E9B1-F6A4-59B8-0503-060005050503}]
C:\WINDOWS\system32\iexplorere.exe
.
Inhoud van de 'Gedeelde Taken' map
"2007-09-17 05:22:10 C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IType_exe.job"
- C:\Program Files\Microsoft IntelliType Pro\itype.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-19 17:04:23
Windows 5.1.2600 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
Voltooingstijd: 2008-04-19 17:04:56
ComboFix-quarantined-files.txt 2008-04-19 15:04:50
ComboFix2.txt 2008-04-19 04:58:41

Pre-Run: 82,050,322,432 bytes beschikbaar
Post-Run: 82,039,234,560 bytes beschikbaar
.
2008-04-09 21:08:02 --- E O F ---

**Juisterr** · 19-04-08, 17:02

Mag ik ook een nieuw HJT logje aub.

**Lennaert** · 19-04-08, 17:59

Hierbij mijn hjt logje:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:58:43, on 19-4-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {355559FC-9D02-4D79-84C2-AEDB94223A24} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [WindowsModule] "C:\Windows\System32\winner32.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [WindowsModule] "C:\Windows\System32\winner32.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1190392974656
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 10063 bytes

**Lennaert** · 19-04-08, 18:07

Mijn pc draait voor me gevoel weer lekker, start weer snel op en geen rommel als ik een internet pagina open.
Is het hier mee gedaan?

Gr Lennaert.

**Juisterr** · 19-04-08, 18:09

Hallo ,

Schakel Spybot's TeaTimer even uit, omdat deze de fix in de weg kan zitten:
- Start Spybot
- Ga naar Mode > selecteer Advanced Mode
- Ga naar Tools en klik op het Resident-icoon in de lijst
- Haal het vinkje weg bij Resident TeaTimer en klik OK
- Herstart de computer

Download vervolgens ResetTeaTimer.bat naar je Bureaublad.
Dubbelklik op ResetTeaTimer.bat om alle entries in TeaTimer te verwijderen.
Als de computer schoon is, kun je TeaTimer weer aan zetten

Start Hijackthis op en kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:

O2 - BHO: (no name) - {355559FC-9D02-4D79-84C2-AEDB94223A24} - (no file)
O4 - HKLM\..\Run: [WindowsModule] "C:\Windows\System32\winner32.exe"
O4 - HKCU\..\Run: [WindowsModule] "C:\Windows\System32\winner32.exe"

Sluit alle vensters behalve Hijackthis
Klik op 'Fix checked' om de items te verwijderen.

Download Java Runtime Environment (JRE) 6u6.

Scroll omlaag naar : "Java Runtime Environment (JRE) 6 Update 6".
Klik op de "Download" knop aan de rechterkant.
Vink aan: "Accept License Agreement", en klik op Continue.
De pagina zal herladen.
Klik op de Windows Offline Installation, Multi-language link ONDER Windows Platform - Java SE Runtime Environment 6 Update 6 en bewaar het op je Bureaublad.
Sluit alle programma's die eventueel open zijn - Zeker je web browser!
Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst. (met Java Runtime Environment (JRE of J2SE) in de naam.
Herhaal dit tot alle oudere versies verdwenen zijn.
Na het verwijderen van alle oudere versies, herstart je pc.
Dubbelklik vervolgens op jre-6u6-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.

Plaats even een nieuw HJT logje aub

**Lennaert** · 20-04-08, 07:29

Hierbij mijn nieuw hjt logje:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:28:43, on 20-4-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1190392974656
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 9745 bytes

**Juisterr** · 20-04-08, 07:59

Logje is schoon, was java update niet gelukt ??

**Lennaert** · 20-04-08, 09:01

ik heb java geinstald en geen problemen ermee gehad.
is het niet te zien dan?

**Juisterr** · 20-04-08, 12:42

Java\jre1.6.0_03 staat in het logje, nieuwste versie is 6.6

Kan niets openen zonder recame

Kan niets openen zonder recame

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment