Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

hijackthis logje

pvanharen
8 antwoorden
  • start, andere gebruiker werkt niet meer. ik heb een fix geprobeerd, maar toen kon ik nog niet aanmelden bij een andere gebruiker.

    ook heb ik Powertoys for XP geprobeerd, maar dit werkte niet, ik kreeg een melding.

    wie kan me helpen?



    Logfile of HijackThis v1.99.1
    Scan saved at 20:33:04, on 3-7-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Comodo\CBOClean\BOCORE.exe
    C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    C:\Program Files\Comodo\Firewall\cmdagent.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\HP\KBD\KBD.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\ALCWZRD.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
    C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
    C:\Program Files\Comodo\Comodo AntiVirus\Cavaud.exe
    C:\PROGRA~1\Comodo\CBOClean\BOC424.exe
    C:\Program Files\Comodo\Firewall\CPF.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Azureus\Azureus.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
    C:\Program Files\TuneUp Utilities 2007\RegistryCleaner.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q305&bd=presario&pf=desktop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
    O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "c:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
    O4 - HKLM\..\Run: [cnfgCav] "C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe"
    O4 - HKLM\..\Run: [BOC-424] C:\PROGRA~1\Comodo\CBOClean\BOC424.exe
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
    O4 - HKLM\..\RunOnce: [NSIS.Library.RegTool.v2] "C:\WINDOWS\system32\NSIS.Library.RegTool.v2.{9C4F16AF-0D40-4A42-945D-73876320E336}.exe" /S
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Startup: Azureus Vuze.lnk = C:\Program Files\Azureus\Azureus.exe
    O8 - Extra context menu item: Add to AMV Convert Tool… - C:\Program Files\MP3 Player Utilities 3.79\AMVConverter\grab.html
    O8 - Extra context menu item: Converteren naar Adobe PDF - res://c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Converteren naar bestaand PDF-bestand - res://c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - res://c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Koppelingdoel converteren naar Adobe PDF - res://c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Koppelingdoel converteren naar bestaand PDF-bestand - res://c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.79\MediaManager\grab.html
    O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Selectie converteren naar bestaand PDF-bestand - res://c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: monln - C:\WINDOWS\SYSTEM32\monln.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
    O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
    O23 - Service: Comodo Anti-Virus and Anti-Spyware Service - Comodo Inc. - C:\Program Files\Comodo\common\CAVASpy\cavasm.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe




    Wie kan me helpen?

    alvast bedankt
  • Download [b:3e61ecd9e8]VirtumundoBegone[/b:3e61ecd9e8], sla dit op op je bureaublad.
    Dubbelklik op [b:3e61ecd9e8]VirtumundoBeGone.exe[/b:3e61ecd9e8] en volg de aanwijzingen.
    Schrik niet als je een blauw scherm met een foutmelding te zien krijgt - dit is normaal.

    Als de fix klaar is, start je de pc opnieuw op.
    Plaats de inhoud van het logbestand [b:3e61ecd9e8]VBG.TXT[/b:3e61ecd9e8], dat nu op je bureaublad staat, hier in je volgende bericht.

    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:
    [b:3e61ecd9e8]
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O20 - Winlogon Notify: monln - C:\WINDOWS\SYSTEM32\monln.dll
    [/b:3e61ecd9e8]
    Klik op 'Fix checked' om de items te verwijderen.

    Open de verkenner ("Mijn Computer";) en kies [b:3e61ecd9e8]Extra[/b:3e61ecd9e8] -> [b:3e61ecd9e8]Mapopties…[/b:3e61ecd9e8]
    Controleer onder [b:3e61ecd9e8]Weergave[/b:3e61ecd9e8] de volgende instellingen:

    Uitzetten: Beveiligde besturingssysteembestanden verbergen (aanbevolen)
    Uitzetten: Extensies voor bekende bestandstypen verbergen

    Selecteer: De inhoud van systeemmappen weergeven (alleen bij XP)
    Selecteer: Verborgen bestanden en mappen weergeven

    Verwijder de volgende bestanden:
    C:\WINDOWS\SYSTEM32\[b:3e61ecd9e8]monln.dll[/b:3e61ecd9e8]
  • VBG.TXT:



    [07/04/2007, 13:23:30] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Compaq_Eigenaar\Bureaublad\VirtumundoBeGone.exe" )
    [07/04/2007, 13:23:45] - Detected System Information:
    [07/04/2007, 13:23:45] - Windows Version: 5.1.2600, Service Pack 2
    [07/04/2007, 13:23:45] - Current Username: Compaq_Eigenaar (Admin)
    [07/04/2007, 13:23:45] - Windows is in NORMAL mode.
    [07/04/2007, 13:23:45] - Searching for Browser Helper Objects:
    [07/04/2007, 13:23:45] - BHO 1: {00C6482D-C502-44C8-8409-FCE54AD9C208} (SnagIt Toolbar Loader)
    [07/04/2007, 13:23:45] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
    [07/04/2007, 13:23:45] - BHO 3: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Groove GFS Browser Helper)
    [07/04/2007, 13:23:45] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
    [07/04/2007, 13:23:45] - BHO 5: {AE7CD045-E861-484f-8273-0445EE161910} (AcroIEToolbarHelper Class)
    [07/04/2007, 13:23:45] - Finished Searching Browser Helper Objects
    [07/04/2007, 13:23:45] - Finishing up…
    [07/04/2007, 13:23:45] - Nothing found! Exiting…


    [quote:8690538db8="juisterr"]Verwijder de volgende bestanden:
    C:\WINDOWS\SYSTEM32\[b:8690538db8]monln.dll[/b:8690538db8][/quote:8690538db8]

    dit lukte niet, dan krijg ik deze melding:

    kan monln niet verwijderen. de toegang is geweigerd.

    controleer of de schijf volg of tegen schrijven
    is beveiligd of dat het bestand momenteel in gebruik is.
  • Download [b:570d75b682]Combofix[/b:570d75b682] naar je Bureaublad.[list:570d75b682]
    Dubbelklik op [b:570d75b682]Combofix.exe[/b:570d75b682]
    Volg de instructies, aanvaard de disclaimer door [b:570d75b682]1[/b:570d75b682] (continue) te typen.
    Tijdens het runnen van de fix, [b:570d75b682]NIET[/b:570d75b682] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:570d75b682]
    Wanneer de fix voltooid is en na herstart, zal de log [b:570d75b682]combofix.txt[/b:570d75b682] openen.
    [i:570d75b682]Plaats deze log in je volgende post samen met een nieuw HijackThis log.[/i:570d75b682]

    Opmerking: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
  • [b:be68a0e7fe]Ik hoop dat dit de goede is, want er opende geen combofix.txt maar een log.txt, dat is deze:[/b:be68a0e7fe]

    "Compaq_Eigenaar" - 2007-07-04 14:15:04 - ComboFix 07-07-03.9 - Service Pack 2


    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\DOCUME~1\ALLUSE~1\APPLIC~1.\TEMP


    ((((((((((((((((((((((((( Files Created from 2007-06-04 to 2007-07-04 )))))))))))))))))))))))))))))))


    2007-07-04 09:29 <DIR> d——– C:\WINDOWS\.jagex_cache_32
    2007-07-03 22:39 <DIR> d——– C:\Program Files\MSNTools
    2007-07-03 19:09 <DIR> d——– C:\Program Files\GV_Killer
    2007-07-03 17:10 <DIR> d——– C:\WINDOWS\vbSkinner
    2007-07-03 17:07 <DIR> d——– C:\Program Files\PFConfig
    2007-07-03 16:01 <DIR> d——– C:\WINDOWS\system32\Kaspersky Lab
    2007-07-03 15:02 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    2007-07-03 09:06 <DIR> d——– C:\Program Files\MP3 Player Utilities 3.79
    2007-07-02 12:28 <DIR> dr-h—– C:\DOCUME~1\COMPAQ~1\Onlangs geopend
    2007-07-02 10:58 <DIR> d——– C:\Program Files\CCleaner
    2007-07-02 09:39 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\Comodo
    2007-07-02 09:36 241,904 –a—— C:\WINDOWS\UNBOC.EXE
    2007-07-02 09:36 208,896 –a—— C:\WINDOWS\CMDLIC.DLL
    2007-07-02 09:36 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOC424
    2007-07-02 09:32 73,728 –a—— C:\WINDOWS\system32\CavEmLSP.dll
    2007-07-02 09:32 434,252 –a—— C:\WINDOWS\system32\MSVCRTD.DLL
    2007-07-02 09:32 216,576 –a—— C:\WINDOWS\system32\monln.dll
    2007-07-02 09:32 102,400 –a—— C:\WINDOWS\system32\drivers\cavasm.sys
    2007-07-02 09:32 <DIR> d——– C:\Program Files\Comodo
    2007-07-02 09:32 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Comodo
    2007-07-01 10:07 786,432 –ah—– C:\DOCUME~1\ADMINI~1\NTUSER.DAT
    2007-07-01 10:07 <DIR> dr-h—– C:\DOCUME~1\ADMINI~1\Onlangs geopend
    2007-07-01 10:07 <DIR> dr——- C:\DOCUME~1\ADMINI~1\Mijn documenten
    2007-07-01 10:07 <DIR> dr——- C:\DOCUME~1\ADMINI~1\Menu Start
    2007-07-01 10:07 <DIR> dr——- C:\DOCUME~1\ADMINI~1\Favorieten
    2007-07-01 10:07 <DIR> d–h—– C:\DOCUME~1\ADMINI~1\Sjablonen
    2007-07-01 10:07 <DIR> d–h—– C:\DOCUME~1\ADMINI~1\Netwerkprinteromgeving
    2007-07-01 10:07 <DIR> d——– C:\DOCUME~1\ADMINI~1\WINDOWS
    2007-07-01 10:07 <DIR> d——– C:\DOCUME~1\ADMINI~1\Bureaublad
    2007-07-01 10:07 <DIR> d——– C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
    2007-07-01 10:07 <DIR> d——– C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
    2007-07-01 10:07 <DIR> d——– C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
    2007-07-01 09:11 51,200 –a—— C:\WINDOWS
    ircmd.exe
    2007-07-01 08:52 <DIR> d——– C:\Program Files\smitRem
    2007-07-01 08:44 2,284 –a—— C:\WINDOWS\system32\tmp.reg
    2007-06-30 11:05 <DIR> d——– C:\Program Files\a-squared Free
    2007-06-30 09:28 266,360 –a—— C:\WINDOWS\system32\TweakUI.exe
    2007-06-29 18:31 <DIR> d——– C:\WINDOWS\pss
    2007-06-27 09:34 <DIR> dr——- C:\DOCUME~1\NETWOR~1\Favorieten
    2007-06-26 10:53 <DIR> d——– C:\Program Files\Recuva
    2007-06-25 14:31 <DIR> d——– C:\Program Files\Serials 2000 7.1 Plus
    2007-06-25 13:15 <DIR> d——– C:\Program Files\VirtualDJ
    2007-06-24 17:09 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\Image Zone Express
    2007-06-24 13:09 <DIR> d——– C:\DOCUME~1\NETWOR~1\Bureaublad
    2007-06-24 10:19 <DIR> d——– C:\DOCUME~1\LOCALS~1\Bureaublad
    2007-06-24 08:41 <DIR> d——– C:\Program Files\AtomixMP3
    2007-06-23 18:50 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
    2007-06-23 17:03 29,704 –a—— C:\WINDOWS\system32\uxtuneup.dll
    2007-06-23 17:03 <DIR> d——– C:\Program Files\TuneUp Utilities 2007
    2007-06-23 17:03 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\TuneUp Software
    2007-06-23 17:02 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    2007-06-23 16:48 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    2007-06-23 16:40 10,076 –a—— C:\WINDOWS\msvrc20.dll
    2007-06-23 16:40 <DIR> d——– C:\Program Files\IObit
    2007-06-23 09:31 <DIR> d——– C:\Program Files\P2000 Kaart
    2007-06-21 15:05 <DIR> d——– C:\Program Files\Google
    2007-06-14 14:20 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\Opera
    2007-06-13 18:39 <DIR> d——– C:\Program Files\DVD Shrink
    2007-06-13 18:39 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    2007-06-13 18:19 <DIR> d——– C:\Program Files\Alcohol Soft
    2007-06-12 07:23 <DIR> d——– C:\Program Files\Common Files\SONY Digital Images
    2007-06-12 07:20 <DIR> d——– C:\SmartSound Software
    2007-06-12 07:19 <DIR> d–h—– C:\WINDOWS\msdownld.tmp
    2007-06-12 07:19 <DIR> d——– C:\WINDOWS\system32\windows media
    2007-06-12 07:19 <DIR> d——– C:\Program Files\SmartSound Software
    2007-06-12 07:19 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
    2007-06-12 07:17 <DIR> d——– C:\Program Files\Ulead Systems
    2007-06-12 07:17 <DIR> d——– C:\Program Files\Common Files\Ulead Systems
    2007-06-11 16:32 197,120 –a—— C:\WINDOWS\patchw32.dll
    2007-06-11 16:32 <DIR> d——– C:\Program Files\Common Files\PocketSoft
    2007-06-11 16:14 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\Atari
    2007-06-11 16:12 98,304 –a—— C:\WINDOWS\system32\CmdLineExt.dll
    2007-06-11 15:52 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\Leadertech
    2007-06-11 15:40 <DIR> d——– C:\Program Files\Atari
    2007-06-11 07:33 89,360 –a—— C:\WINDOWS\system32\VB5DB.DLL
    2007-06-11 07:33 516,784 -ra—— C:\WINDOWS\system32\XceedCry.dll
    2007-06-11 07:33 44,544 –a—— C:\WINDOWS\system32\Gif89.dll
    2007-06-11 07:33 217,088 –a—— C:\WINDOWS\system32\DartSock.dll
    2007-06-11 07:33 118,784 –a—— C:\WINDOWS\system32\DartWeb.dll
    2007-06-11 07:33 <DIR> d——– C:\Program Files\Convar
    2007-06-10 19:37 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\Ulead Systems
    2007-06-10 19:36 <DIR> d——– C:\Program Files\Common Files\InterVideo
    2007-06-10 19:35 <DIR> d——– C:\Program Files\Windows Media Components
    2007-06-10 19:34 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    2007-06-09 08:55 <DIR> d——– C:\Program Files\Lavasoft
    2007-06-09 08:55 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\Lavasoft
    2007-06-09 08:47 <DIR> d——– C:\DOCUME~1\LOCALS~1\APPLIC~1\Ahead
    2007-06-08 09:31 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\InterVideo
    2007-06-08 09:26 685,816 –a—— C:\WINDOWS\system32\drivers\sptd.sys
    2007-06-06 21:37 <DIR> d——– C:\Program Files\TimeLeft3
    2007-06-06 18:22 <DIR> d——– C:\Program Files\Winamp
    2007-06-05 17:55 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\Help
    2007-06-04 18:36 <DIR> d——– C:\Program Files\Common Files\Adobe Systems Shared
    2007-06-04 15:18 9,344 –a—— C:\WINDOWS\system32\drivers\NSDriver.sys
    2007-06-04 15:17 8,320 –a—— C:\WINDOWS\system32\drivers\AWRTRD.sys
    2007-06-04 15:14 6,272 –a—— C:\WINDOWS\system32\drivers\AWRTPD.sys


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-07-04 12:30:47 ——– d—–w C:\DOCUME~1\COMPAQ~1\APPLIC~1\Azureus
    2007-07-02 07:32:27 499,712 —-a-w C:\WINDOWS\system32\msvcp71.dll
    2007-07-02 07:32:27 348,160 —-a-w C:\WINDOWS\system32\msvcr71.dll
    2007-07-02 07:32:27 1,060,864 —-a-w C:\WINDOWS\system32\MFC71.dll
    2007-07-01 18:11:31 ——– d—–w C:\Program Files\Easy Internet signup
    2007-06-25 19:04:13 ——– d—–w C:\Program Files\YouTube Downloader
    2007-06-24 18:36:03 ——– d—–w C:\Program Files\LimeWire
    2007-06-23 15:02:52 ——– d—–w C:\Program Files\Common Files\Wise Installation Wizard
    2007-06-22 06:42:18 ——– d—–w C:\Program Files\Azureus
    2007-06-21 13:06:05 ——– d–h–w C:\Program Files\InstallShield Installation Information
    2007-06-12 05:19:00 ——– d—–w C:\Program Files\QuickTime
    2007-06-09 06:47:19 ——– d—–w C:\DOCUME~1\COMPAQ~1\APPLIC~1\Ahead
    2007-06-03 18:08:38 ——– d—–w C:\Program Files\ToniArts
    2007-06-03 17:44:19 ——– d—–w C:\Program Files\Common Files\Ahead
    2007-06-03 17:42:56 ——– d—–w C:\Program Files\Nero
    2007-06-03 08:49:35 ——– d—–w C:\Program Files\Finale 2006
    2007-06-03 07:02:58 ——– d—–w C:\Program Files\Blaero Start Orb
    2007-06-03 07:02:57 ——– d—–w C:\DOCUME~1\COMPAQ~1\APPLIC~1\Stardock
    2007-06-03 06:54:27 773,120 —-a-w C:\WINDOWS\system32\bubbles.scr
    2007-06-03 06:53:51 1,263,616 —-a-w C:\WINDOWS\system32\aurora.scr
    2007-06-03 06:53:09 117,248 —-a-w C:\WINDOWS\system32\ribbons.scr
    2007-06-03 06:51:55 ——– d—–w C:\Program Files\TechSmith
    2007-06-03 06:38:21 ——– d—–w C:\Program Files\Any Password
    2007-06-02 17:07:09 70,546 —-a-w C:\WINDOWS\system32\perfc013.dat
    2007-06-02 17:07:09 443,836 —-a-w C:\WINDOWS\system32\perfh013.dat
    2007-06-02 14:23:28 ——– d—–w C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2007-06-02 14:20:36 ——– d—–w C:\Program Files\MSXML 4.0
    2007-06-02 13:04:24 ——– d—–w C:\DOCUME~1\COMPAQ~1\APPLIC~1\Talkback
    2007-06-02 13:03:07 1,156 —-a-w C:\WINDOWS\mozver.dat
    2007-06-02 13:01:03 0 —-a-w C:\WINDOWS
    sreg.dat
    2007-06-02 12:06:24 ——– d—–w C:\Program Files\Easiestutils
    2007-06-02 11:11:54 ——– d—–w C:\DOCUME~1\COMPAQ~1\APPLIC~1\AdobeUM
    2007-06-02 11:02:29 ——– d—–w C:\Program Files\Common Files\SWF Studio
    2007-06-02 11:02:06 ——– d—–w C:\Program Files\Riva
    2007-06-01 21:46:54 ——– d—–w C:\Program Files\Windows NT
    2007-06-01 21:46:52 ——– d—–w C:\Program Files\Movie Maker
    2007-06-01 21:46:52 ——– d—–w C:\Program Files\Messenger
    2007-06-01 17:51:16 ——– d—–w C:\Program Files\MSN Messenger
    2007-06-01 14:59:04 ——– d—–w C:\DOCUME~1\COMPAQ~1\APPLIC~1\HP
    2007-06-01 13:39:35 119,678 —-a-w C:\WINDOWS\hpoins11.dat
    2007-06-01 13:34:12 ——– d—–w C:\Program Files\Common Files\HP
    2007-06-01 13:34:10 ——– d—–w C:\Program Files\HP
    2007-06-01 13:31:37 ——– d—–w C:\Program Files\Hewlett-Packard
    2007-06-01 13:30:49 ——– d—–w C:\Program Files\Common Files\Hewlett-Packard
    2007-06-01 13:17:52 ——– d—–w C:\Program Files\Microsoft Works
    2007-06-01 13:17:41 ——– d—–w C:\Program Files\MSBuild
    2007-06-01 13:16:28 ——– d—–w C:\Program Files\Microsoft.NET
    2007-05-16 15:19:43 683,520 —-a-w C:\WINDOWS\system32\inetcomm.dll
    2007-04-25 14:22:52 144,896 —-a-w C:\WINDOWS\system32\schannel.dll
    2007-04-18 16:15:26 2,854,400 —-a-w C:\WINDOWS\system32\msi.dll
    2007-04-16 20:47:36 33,624 —-a-w C:\WINDOWS\system32\wups.dll
    2007-04-16 20:45:54 1,710,936 —-a-w C:\WINDOWS\system32\wuaueng.dll
    2007-04-16 20:45:48 549,720 —-a-w C:\WINDOWS\system32\wuapi.dll
    2007-04-16 20:45:42 325,976 —-a-w C:\WINDOWS\system32\wucltui.dll
    2007-04-16 20:45:36 203,096 —-a-w C:\WINDOWS\system32\wuweb.dll
    2007-04-16 20:45:28 92,504 —-a-w C:\WINDOWS\system32\cdm.dll
    2007-04-16 20:45:20 53,080 —-a-w C:\WINDOWS\system32\wuauclt.exe
    2007-04-16 20:45:20 43,352 —-a-w C:\WINDOWS\system32\wups2.dll
    2007-04-16 20:44:20 271,224 —-a-w C:\WINDOWS\system32\mucltui.dll
    2007-04-16 20:44:18 208,248 —-a-w C:\WINDOWS\system32\muweb.dll
    2007-04-13 13:19:52 7,680 —-a-w C:\WINDOWS\system32\lsdelete.exe


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
    2007-01-30 13:25 63048 –a—— C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    2004-12-14 01:56 63136 –a—— c:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    2006-10-27 00:48 2210608 –a—— C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    2007-03-14 03:43 501400 –a—— C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
    2004-12-14 02:13 225280 –a—— c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Snelkoppeling naar eigenschappenvenster voor High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 23:10 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
    "KBD"="C:\HP\KBD\KBD.EXE" [2005-02-03 00:44]
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-02-13 04:05]
    "SoundMan"="SOUNDMAN.EXE" [2005-04-07 03:57 C:\WINDOWS\SOUNDMAN.EXE]
    "AlcWzrd"="ALCWZRD.EXE" [2005-04-07 03:53 C:\WINDOWS\ALCWZRD.EXE]
    "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 22:54]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-08-15 19:39]
    "Ad-Watch"="C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe" [2007-06-22 15:53]
    "Acrobat Assistant 7.0"="c:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 02:12]
    "cnfgCav"="C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe" [2007-07-02 09:32]
    "BOC-424"="C:\PROGRA~1\Comodo\CBOClean\BOC424.exe" [2007-06-14 09:28]
    "COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2007-07-02 10:27]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "NoDispAppearancePage"=0 (0x0)
    "NoColorChoice"=0 (0x0)
    "NoSizeChoice"=0 (0x0)
    "NoDispBackgroundPage"=0 (0x0)
    "NoDispScrSavPage"=0 (0x0)
    "NoDispCPL"=0 (0x0)
    "NoVisualStyleChoice"=0 (0x0)
    "NoDispSettingsPage"=0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "LinkResolveIgnoreLinkInfo"=0 (0x0)
    "NoResolveSearch"=1 (0x1)
    "NoActiveDesktopChanges"=0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "LinkResolveIgnoreLinkInfo"=0 (0x0)
    "NoSaveSettings"=0 (0x0)
    "NoThemesTab"=0 (0x0)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [2006-10-27 00:48]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Acrobat Snelle start.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Acrobat Snelle start.lnk
    backup=C:\WINDOWS\pss\Adobe Acrobat Snelle start.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    "Acrobat Assistant 7.0"="c:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - netsvcs
    UxTuneUp


    Contents of the 'Scheduled Tasks' folder
    2007-07-03 18:36:02 C:\WINDOWS\tasks\Easy Onderhoud.job

    **************************************************************************

    catchme 0.3.914 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-07-04 14:29:42
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes …

    scanning hidden autostart entries …

    scanning hidden files …

    scan completed successfully
    hidden files: 0

    **************************************************************************

    Completion time: 2007-07-04 14:33:10
    C:\ComboFix2.txt … 2007-07-01 09:21

    — E O F —




    [b:be68a0e7fe]en hier een nieuw hijackthis logje:[/b:be68a0e7fe]




    Logfile of HijackThis v1.99.1
    Scan saved at 14:54:37, on 4-7-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\ALCWZRD.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
    C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe
    C:\Program Files\Comodo\CBOClean\BOCORE.exe
    C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    C:\PROGRA~1\Comodo\CBOClean\BOC424.exe
    C:\Program Files\Comodo\Firewall\CPF.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Comodo\Firewall\cmdagent.exe
    C:\Program Files\Comodo\common\CAVASpy\cavasm.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Azureus\Azureus.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Comodo\Comodo AntiVirus\Cavaud.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q305&bd=presario&pf=desktop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
    O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "c:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
    O4 - HKLM\..\Run: [cnfgCav] "C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe"
    O4 - HKLM\..\Run: [BOC-424] C:\PROGRA~1\Comodo\CBOClean\BOC424.exe
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Startup: Azureus Vuze.lnk = C:\Program Files\Azureus\Azureus.exe
    O8 - Extra context menu item: Add to AMV Convert Tool… - C:\Program Files\MP3 Player Utilities 3.79\AMVConverter\grab.html
    O8 - Extra context menu item: Converteren naar Adobe PDF - res://c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Converteren naar bestaand PDF-bestand - res://c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - res://c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Koppelingdoel converteren naar Adobe PDF - res://c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Koppelingdoel converteren naar bestaand PDF-bestand - res://c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 3.79\MediaManager\grab.html
    O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Selectie converteren naar bestaand PDF-bestand - res://c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
    O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
    O23 - Service: Comodo Anti-Virus and Anti-Spyware Service - Comodo Inc. - C:\Program Files\Comodo\common\CAVASpy\cavasm.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe




    [b:be68a0e7fe]
    Groetjes Patrick[/b:be68a0e7fe]


  • Open Kladblok, kopiëer en plak het volgende (vetgedrukte, blauwe tekst) in een leeg venster: [list:ed7501ebc4][b:ed7501ebc4]
  • [quote:16e072381c="juisterr"]en post de inhoud van de [b:16e072381c]Combofix.txt[/b:16e072381c] in je volgende antwoord.[/quote:16e072381c]
    Op c:/ staan 3 .txt bestanden:
    combofix.txt, combofix2.txt, combofix3.txt, maar daar staat in wat ik in het vorige bericht (het eerste) had gezet.

    toch heb ik hem gepost, misschien is het nu wel de goede

    ik kan nu wel monlnl.dll verwijderen.


    ComboFix 07-06-18.2 - C:\Documents and Settings\Compaq_Eigenaar\Bureaublad\ComboFix.exe
    "Compaq_Eigenaar" - 2007-07-04 15:48:02 - Service Pack 2 NTFS
    Command switches used :: C:\Documents and Settings\Compaq_Eigenaar\Bureaublad\ComoFix-Do.txt


    ((((((((((((((((((((((((( Files Created from 2007-06-04 to 2007-07-04 )))))))))))))))))))))))))))))))


    2007-07-04 09:29 <DIR> d——– C:\WINDOWS\.jagex_cache_32
    2007-07-03 22:39 <DIR> d——– C:\Program Files\MSNTools
    2007-07-03 19:09 <DIR> d——– C:\Program Files\GV_Killer
    2007-07-03 17:10 <DIR> d——– C:\WINDOWS\vbSkinner
    2007-07-03 17:07 <DIR> d——– C:\Program Files\PFConfig
    2007-07-03 16:01 <DIR> d——– C:\WINDOWS\system32\Kaspersky Lab
    2007-07-03 15:02 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    2007-07-03 09:06 <DIR> d——– C:\Program Files\MP3 Player Utilities 3.79
    2007-07-02 12:28 <DIR> dr-h—– C:\DOCUME~1\COMPAQ~1\Onlangs geopend
    2007-07-02 10:58 <DIR> d——– C:\Program Files\CCleaner
    2007-07-02 09:39 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\Comodo
    2007-07-02 09:36 241,904 –a—— C:\WINDOWS\UNBOC.EXE
    2007-07-02 09:36 208,896 –a—— C:\WINDOWS\CMDLIC.DLL
    2007-07-02 09:36 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOC424
    2007-07-02 09:32 73,728 –a—— C:\WINDOWS\system32\CavEmLSP.dll
    2007-07-02 09:32 434,252 –a—— C:\WINDOWS\system32\MSVCRTD.DLL
    2007-07-02 09:32 216,576 –a—— C:\WINDOWS\system32\monln.dll
    2007-07-02 09:32 102,400 –a—— C:\WINDOWS\system32\drivers\cavasm.sys
    2007-07-02 09:32 <DIR> d——– C:\Program Files\Comodo
    2007-07-02 09:32 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Comodo
    2007-07-01 10:07 786,432 –ah—– C:\DOCUME~1\ADMINI~1\NTUSER.DAT
    2007-07-01 10:07 <DIR> dr-h—– C:\DOCUME~1\ADMINI~1\Onlangs geopend
    2007-07-01 10:07 <DIR> dr——- C:\DOCUME~1\ADMINI~1\Mijn documenten
    2007-07-01 10:07 <DIR> dr——- C:\DOCUME~1\ADMINI~1\Menu Start
    2007-07-01 10:07 <DIR> dr——- C:\DOCUME~1\ADMINI~1\Favorieten
    2007-07-01 10:07 <DIR> d–h—– C:\DOCUME~1\ADMINI~1\Sjablonen
    2007-07-01 10:07 <DIR> d–h—– C:\DOCUME~1\ADMINI~1\Netwerkprinteromgeving
    2007-07-01 10:07 <DIR> d——– C:\DOCUME~1\ADMINI~1\WINDOWS
    2007-07-01 10:07 <DIR> d——– C:\DOCUME~1\ADMINI~1\Bureaublad
    2007-07-01 10:07 <DIR> d——– C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
    2007-07-01 10:07 <DIR> d——– C:\DOCUME~1\ADMINI~1\APPLIC~1\SampleView
    2007-07-01 10:07 <DIR> d——– C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
    2007-07-01 09:11 51,200 –a—— C:\WINDOWS
    ircmd.exe
    2007-07-01 08:52 <DIR> d——– C:\Program Files\smitRem
    2007-07-01 08:44 2,284 –a—— C:\WINDOWS\system32\tmp.reg
    2007-06-30 11:05 <DIR> d——– C:\Program Files\a-squared Free
    2007-06-30 09:28 266,360 –a—— C:\WINDOWS\system32\TweakUI.exe
    2007-06-29 18:31 <DIR> d——– C:\WINDOWS\pss
    2007-06-27 09:34 <DIR> dr——- C:\DOCUME~1\NETWOR~1\Favorieten
    2007-06-26 10:53 <DIR> d——– C:\Program Files\Recuva
    2007-06-25 14:31 <DIR> d——– C:\Program Files\Serials 2000 7.1 Plus
    2007-06-25 13:15 <DIR> d——– C:\Program Files\VirtualDJ
    2007-06-24 17:09 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\Image Zone Express
    2007-06-24 13:09 <DIR> d——– C:\DOCUME~1\NETWOR~1\Bureaublad
    2007-06-24 10:19 <DIR> d——– C:\DOCUME~1\LOCALS~1\Bureaublad
    2007-06-24 08:41 <DIR> d——– C:\Program Files\AtomixMP3
    2007-06-23 18:50 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
    2007-06-23 17:03 29,704 –a—— C:\WINDOWS\system32\uxtuneup.dll
    2007-06-23 17:03 <DIR> d——– C:\Program Files\TuneUp Utilities 2007
    2007-06-23 17:03 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\TuneUp Software
    2007-06-23 17:02 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    2007-06-23 16:48 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    2007-06-23 16:40 10,076 –a—— C:\WINDOWS\msvrc20.dll
    2007-06-23 16:40 <DIR> d——– C:\Program Files\IObit
    2007-06-23 09:31 <DIR> d——– C:\Program Files\P2000 Kaart
    2007-06-21 15:05 <DIR> d——– C:\Program Files\Google
    2007-06-14 14:20 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\Opera
    2007-06-13 18:39 <DIR> d——– C:\Program Files\DVD Shrink
    2007-06-13 18:39 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
    2007-06-13 18:19 <DIR> d——– C:\Program Files\Alcohol Soft
    2007-06-12 07:23 <DIR> d——– C:\Program Files\Common Files\SONY Digital Images
    2007-06-12 07:20 <DIR> d——– C:\SmartSound Software
    2007-06-12 07:19 <DIR> d–h—– C:\WINDOWS\msdownld.tmp
    2007-06-12 07:19 <DIR> d——– C:\WINDOWS\system32\windows media
    2007-06-12 07:19 <DIR> d——– C:\Program Files\SmartSound Software
    2007-06-12 07:19 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
    2007-06-12 07:17 <DIR> d——– C:\Program Files\Ulead Systems
    2007-06-12 07:17 <DIR> d——– C:\Program Files\Common Files\Ulead Systems
    2007-06-11 16:32 197,120 –a—— C:\WINDOWS\patchw32.dll
    2007-06-11 16:32 <DIR> d——– C:\Program Files\Common Files\PocketSoft
    2007-06-11 16:14 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\Atari
    2007-06-11 16:12 98,304 –a—— C:\WINDOWS\system32\CmdLineExt.dll
    2007-06-11 15:52 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\Leadertech
    2007-06-11 15:40 <DIR> d——– C:\Program Files\Atari
    2007-06-11 07:33 89,360 –a—— C:\WINDOWS\system32\VB5DB.DLL
    2007-06-11 07:33 516,784 -ra—— C:\WINDOWS\system32\XceedCry.dll
    2007-06-11 07:33 44,544 –a—— C:\WINDOWS\system32\Gif89.dll
    2007-06-11 07:33 217,088 –a—— C:\WINDOWS\system32\DartSock.dll
    2007-06-11 07:33 118,784 –a—— C:\WINDOWS\system32\DartWeb.dll
    2007-06-11 07:33 <DIR> d——– C:\Program Files\Convar
    2007-06-10 19:37 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\Ulead Systems
    2007-06-10 19:36 <DIR> d——– C:\Program Files\Common Files\InterVideo
    2007-06-10 19:35 <DIR> d——– C:\Program Files\Windows Media Components
    2007-06-10 19:34 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    2007-06-09 08:55 <DIR> d——– C:\Program Files\Lavasoft
    2007-06-09 08:55 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\Lavasoft
    2007-06-09 08:47 <DIR> d——– C:\DOCUME~1\LOCALS~1\APPLIC~1\Ahead
    2007-06-08 09:31 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\InterVideo
    2007-06-08 09:26 685,816 –a—— C:\WINDOWS\system32\drivers\sptd.sys
    2007-06-06 21:37 <DIR> d——– C:\Program Files\TimeLeft3
    2007-06-06 18:22 <DIR> d——– C:\Program Files\Winamp
    2007-06-05 17:55 <DIR> d——– C:\DOCUME~1\COMPAQ~1\APPLIC~1\Help
    2007-06-04 18:36 <DIR> d——– C:\Program Files\Common Files\Adobe Systems Shared
    2007-06-04 15:18 9,344 –a—— C:\WINDOWS\system32\drivers\NSDriver.sys
    2007-06-04 15:17 8,320 –a—— C:\WINDOWS\system32\drivers\AWRTRD.sys
    2007-06-04 15:14 6,272 –a—— C:\WINDOWS\system32\drivers\AWRTPD.sys


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-07-04 13:58:01 ——– d—–w C:\DOCUME~1\COMPAQ~1\APPLIC~1\Azureus
    2007-07-02 07:32:27 499,712 —-a-w C:\WINDOWS\system32\msvcp71.dll
    2007-07-02 07:32:27 348,160 —-a-w C:\WINDOWS\system32\msvcr71.dll
    2007-07-02 07:32:27 1,060,864 —-a-w C:\WINDOWS\system32\MFC71.dll
    2007-07-01 18:11:31 ——– d—–w C:\Program Files\Easy Internet signup
    2007-06-25 19:04:13 ——– d—–w C:\Program Files\YouTube Downloader
    2007-06-24 18:36:03 ——– d—–w C:\Program Files\LimeWire
    2007-06-23 15:02:52 ——– d—–w C:\Program Files\Common Files\Wise Installation Wizard
    2007-06-22 06:42:18 ——– d—–w C:\Program Files\Azureus
    2007-06-21 13:06:05 ——– d–h–w C:\Program Files\InstallShield Installation Information
    2007-06-12 05:19:00 ——– d—–w C:\Program Files\QuickTime
    2007-06-09 06:47:19 ——– d—–w C:\DOCUME~1\COMPAQ~1\APPLIC~1\Ahead
    2007-06-03 18:08:38 ——– d—–w C:\Program Files\ToniArts
    2007-06-03 17:44:19 ——– d—–w C:\Program Files\Common Files\Ahead
    2007-06-03 17:42:56 ——– d—–w C:\Program Files\Nero
    2007-06-03 08:49:35 ——– d—–w C:\Program Files\Finale 2006
    2007-06-03 07:02:58 ——– d—–w C:\Program Files\Blaero Start Orb
    2007-06-03 07:02:57 ——– d—–w C:\DOCUME~1\COMPAQ~1\APPLIC~1\Stardock
    2007-06-03 06:54:27 773,120 —-a-w C:\WINDOWS\system32\bubbles.scr
    2007-06-03 06:53:51 1,263,616 —-a-w C:\WINDOWS\system32\aurora.scr
    2007-06-03 06:53:09 117,248 —-a-w C:\WINDOWS\system32\ribbons.scr
    2007-06-03 06:51:55 ——– d—–w C:\Program Files\TechSmith
    2007-06-03 06:38:21 ——– d—–w C:\Program Files\Any Password
    2007-06-02 17:07:09 70,546 —-a-w C:\WINDOWS\system32\perfc013.dat
    2007-06-02 17:07:09 443,836 —-a-w C:\WINDOWS\system32\perfh013.dat
    2007-06-02 14:23:28 ——– d—–w C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2007-06-02 14:20:36 ——– d—–w C:\Program Files\MSXML 4.0
    2007-06-02 13:04:24 ——– d—–w C:\DOCUME~1\COMPAQ~1\APPLIC~1\Talkback
    2007-06-02 13:03:07 1,156 —-a-w C:\WINDOWS\mozver.dat
    2007-06-02 13:01:03 0 —-a-w C:\WINDOWS
    sreg.dat
    2007-06-02 12:06:24 ——– d—–w C:\Program Files\Easiestutils
    2007-06-02 11:11:54 ——– d—–w C:\DOCUME~1\COMPAQ~1\APPLIC~1\AdobeUM
    2007-06-02 11:02:29 ——– d—–w C:\Program Files\Common Files\SWF Studio
    2007-06-02 11:02:06 ——– d—–w C:\Program Files\Riva
    2007-06-01 21:46:54 ——– d—–w C:\Program Files\Windows NT
    2007-06-01 21:46:52 ——– d—–w C:\Program Files\Movie Maker
    2007-06-01 21:46:52 ——– d—–w C:\Program Files\Messenger
    2007-06-01 17:51:16 ——– d—–w C:\Program Files\MSN Messenger
    2007-06-01 14:59:04 ——– d—–w C:\DOCUME~1\COMPAQ~1\APPLIC~1\HP
    2007-06-01 13:39:35 119,678 —-a-w C:\WINDOWS\hpoins11.dat
    2007-06-01 13:34:12 ——– d—–w C:\Program Files\Common Files\HP
    2007-06-01 13:34:10 ——– d—–w C:\Program Files\HP
    2007-06-01 13:31:37 ——– d—–w C:\Program Files\Hewlett-Packard
    2007-06-01 13:30:49 ——– d—–w C:\Program Files\Common Files\Hewlett-Packard
    2007-06-01 13:17:52 ——– d—–w C:\Program Files\Microsoft Works
    2007-06-01 13:17:41 ——– d—–w C:\Program Files\MSBuild
    2007-06-01 13:16:28 ——– d—–w C:\Program Files\Microsoft.NET
    2007-05-16 15:19:43 683,520 —-a-w C:\WINDOWS\system32\inetcomm.dll
    2007-04-25 14:22:52 144,896 —-a-w C:\WINDOWS\system32\schannel.dll
    2007-04-18 16:15:26 2,854,400 —-a-w C:\WINDOWS\system32\msi.dll
    2007-04-16 20:47:36 33,624 —-a-w C:\WINDOWS\system32\wups.dll
    2007-04-16 20:45:54 1,710,936 —-a-w C:\WINDOWS\system32\wuaueng.dll
    2007-04-16 20:45:48 549,720 —-a-w C:\WINDOWS\system32\wuapi.dll
    2007-04-16 20:45:42 325,976 —-a-w C:\WINDOWS\system32\wucltui.dll
    2007-04-16 20:45:36 203,096 —-a-w C:\WINDOWS\system32\wuweb.dll
    2007-04-16 20:45:28 92,504 —-a-w C:\WINDOWS\system32\cdm.dll
    2007-04-16 20:45:20 53,080 —-a-w C:\WINDOWS\system32\wuauclt.exe
    2007-04-16 20:45:20 43,352 —-a-w C:\WINDOWS\system32\wups2.dll
    2007-04-16 20:44:20 271,224 —-a-w C:\WINDOWS\system32\mucltui.dll
    2007-04-16 20:44:18 208,248 —-a-w C:\WINDOWS\system32\muweb.dll
    2007-04-13 13:19:52 7,680 —-a-w C:\WINDOWS\system32\lsdelete.exe


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
    {00C6482D-C502-44C8-8409-FCE54AD9C208}=C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll [2007-01-30 13:25]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=c:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 01:56]
    {72853161-30C5-4D22-B7F9-0BBC1D38A37E}=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 00:48]
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
    {AE7CD045-E861-484f-8273-0445EE161910}=c:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 02:13]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Snelkoppeling naar eigenschappenvenster voor High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 23:10 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
    "KBD"="C:\HP\KBD\KBD.EXE" [2005-02-03 00:44]
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-02-13 04:05]
    "SoundMan"="SOUNDMAN.EXE" [2005-04-07 03:57 C:\WINDOWS\SOUNDMAN.EXE]
    "AlcWzrd"="ALCWZRD.EXE" [2005-04-07 03:53 C:\WINDOWS\ALCWZRD.EXE]
    "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 22:54]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-08-15 19:39]
    "Ad-Watch"="C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe" [2007-06-22 15:53]
    "Acrobat Assistant 7.0"="c:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 02:12]
    "cnfgCav"="C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe" [2007-07-02 09:32]
    "BOC-424"="C:\PROGRA~1\Comodo\CBOClean\BOC424.exe" [2007-06-14 09:28]
    "COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2007-07-02 10:27]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "NoDispAppearancePage"=0 (0x0)
    "NoColorChoice"=0 (0x0)
    "NoSizeChoice"=0 (0x0)
    "NoDispBackgroundPage"=0 (0x0)
    "NoDispScrSavPage"=0 (0x0)
    "NoDispCPL"=0 (0x0)
    "NoVisualStyleChoice"=0 (0x0)
    "NoDispSettingsPage"=0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "LinkResolveIgnoreLinkInfo"=0 (0x0)
    "NoResolveSearch"=1 (0x1)
    "NoActiveDesktopChanges"=0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "LinkResolveIgnoreLinkInfo"=0 (0x0)
    "NoSaveSettings"=0 (0x0)
    "NoThemesTab"=0 (0x0)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [2006-10-27 00:48]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Acrobat Snelle start.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Acrobat Snelle start.lnk
    backup=C:\WINDOWS\pss\Adobe Acrobat Snelle start.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    "Acrobat Assistant 7.0"="c:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - netsvcs
    UxTuneUp


    Contents of the 'Scheduled Tasks' folder
    2007-07-03 18:36:02 C:\WINDOWS\tasks\Easy Onderhoud.job

    **************************************************************************

    catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-07-04 15:57:22
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes …

    scanning hidden autostart entries …

    scanning hidden files …

    scan completed successfully
    hidden files: 0

    **************************************************************************

    Completion time: 2007-07-04 16:01:09
    C:\ComboFix2.txt … 2007-07-04 15:44
    C:\ComboFix3.txt … 2007-07-04 14:33

    — E O F —





    dat is dus wel combofix.txt

  • In dat geval is alles er wel uit dacht ik zo.

    Om herinfectie via systeemherstel te voorkomen, is het raadzaam de bestaande systeemherstelpunten te verwijderen door systeemherstel tijdelijk uit te schakelen.


    - Ga naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
    - Klik in de linkerhelft van het venster op "Instellingen van systeemherstel".
    - Zet een vinkje voor "Systeemherstel uitschakelen".
    - Klik "Toepassen".
    - Windows vraagt of je dat zeker weet.
    - Klik "Ja".
    - Klik "OK".
    - Start de pc opnieuw op.
    - Ga weer naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
    - Je krijgt de melding: "Systeemherstel is uitgeschakeld. Wilt u systeemherstel nu inschakelen?"
    - Klik "Ja".
    - Verwijder het vinkje voor "Systeemherstel uitschakelen".
    - Klik "Toepassen".
    - Klik "OK".
    - Start de pc opnieuw op
    - Er is nu een nieuw schoon herstel punt aangemaakt

    Hier nog wat tips. tips

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.