Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

een zoveelste slachtoffer van resycled\boot.com

None
24 antwoorden
  • kan iemand mij helpen? ik heb op verschillende fora al rondgezocht maar ik heb de oplossing nog niet gevonden. Als ik via de verkenner op C: dubbelklik krijg ik een foutmelding, als ik in de adresbalk van de verkenner C:\ intyp, kan ik nog wel aan alle bestanden.

    Ik heb ook al ontdekt dat die hijack-logs belangrijk zijn, ziehier de mijne:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 1:40:07, on 31/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18241)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\PrevxCSI\prevxcsi.exe
    C:\Program Files\PrevxCSI\prevxcsi.exe
    C:\WINDOWS\system32\beidservicecrl.exe
    C:\WINDOWS\system32\beidservicepcsc.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Eset
    od32krn.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Belgacom\bin\sprtsvc.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\WINDOWS\system32\UTSCSI.EXE
    C:\WINDOWS\sm56hlpr.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\Wireless Console 2\wcourier.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
    C:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe
    C:\Program Files\Belgium Identity Card\beidsystemtray.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Belgacom\bin\sprtcmd.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gva.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [HControl] "C:\WINDOWS\ATK0100\HControl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] "C:\WINDOWS\system32
    wiz.exe" /install
    O4 - HKLM\..\Run: [SMSERIAL] "C:\WINDOWS\sm56hlpr.exe"
    O4 - HKLM\..\Run: [RTHDCPL] "C:\WINDOWS\RTHDCPL.EXE"
    O4 - HKLM\..\Run: [Alcmtr] "C:\WINDOWS\ALCMTR.EXE"
    O4 - HKLM\..\Run: [ASUS Live Update] "C:\Program Files\ASUS\ASUS Live Update\ALU.exe"
    O4 - HKLM\..\Run: [Power_Gear] "C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" 1
    O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
    O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
    O4 - HKLM\..\Run: [ABLKSR] "C:\WINDOWS\ABLKSR\ABLKSR.exe"
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] "C:\WINDOWS\system32\NeroCheck.exe"
    O4 - HKLM\..\Run: [Ulead AutoDetector] "C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe"
    O4 - HKLM\..\Run: [Ulead Calendar Checker] "C:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe"
    O4 - HKLM\..\Run: [beidsystemtray] "C:\Program Files\Belgium Identity Card\beidsystemtray.exe"
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] "C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE"
    O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdrkx.exe] C:\WINDOWS\system32\kdrkx.exe
    O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdaws.exe] C:\WINDOWS\system32\kdaws.exe
    O4 - HKLM\..\Run: [UserFaultCheck] "C:\WINDOWS\system32\dumprep.exe" 0 -u
    O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdpds.exe] C:\WINDOWS\system32\kdpds.exe
    O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdkil.exe] C:\WINDOWS\system32\kdkil.exe
    O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdkwl.exe] C:\WINDOWS\system32\kdkwl.exe
    O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdpkz.exe] C:\WINDOWS\system32\kdpkz.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [HitmanPro3] "C:\Program Files\Hitman Pro 3\hitmanpro3.exe" -autocheck
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1215380685078
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
    O23 - Service: CSIScanner - Prevx - C:\Program Files\PrevxCSI\prevxcsi.exe
    O23 - Service: eID CRL Service - Zetes - C:\WINDOWS\system32\beidservicecrl.exe
    O23 - Service: eID Privacy Service - Zetes - C:\WINDOWS\system32\beidservicepcsc.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset
    od32krn.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
    O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE


    End of file - 16052 bytes


    Hopelijk kan iemand mij helpen, alvast bedankt!!
  • Start Hijackthis op en kies voor 'Do a system scan only'. Selecteer alleen de items hieronder genoemd:

    [b:01e9e1f19e]O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [Alcmtr] "C:\WINDOWS\ALCMTR.EXE"
    O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdrkx.exe] C:\WINDOWS\system32\kdrkx.exe
    O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdaws.exe] C:\WINDOWS\system32\kdaws.exe
    O4 - HKLM\..\Run: [UserFaultCheck] "C:\WINDOWS\system32\dumprep.exe" 0 –u
    O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdpds.exe] C:\WINDOWS\system32\kdpds.exe
    O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdkil.exe] C:\WINDOWS\system32\kdkil.exe
    O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdkwl.exe] C:\WINDOWS\system32\kdkwl.exe
    O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdpkz.exe] C:\WINDOWS\system32\kdpkz.exe
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe[/b:01e9e1f19e]

    Klik op 'Fix checked' om de items te verwijderen.

    Verwijder volgende vetgedrukte map met Windows Verkenner :

    C:\Program Files\Common Files\[b:01e9e1f19e]BOONTY Shared[/b:01e9e1f19e]

    Download [b:01e9e1f19e]Combofix[/color:01e9e1f19e][/b:01e9e1f19e] naar je Bureaublad.

    OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en [b:01e9e1f19e]download Combofix opnieuw[/b:01e9e1f19e].
    Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen![list:01e9e1f19e]
    Dubbelklik op [b:01e9e1f19e]Combofix.exe[/b:01e9e1f19e] om het te starten.
    Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
    Volg de instructies, aanvaard de disclaimer door op [b:01e9e1f19e]Ja[/b:01e9e1f19e] te klikken.
    Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op [b:01e9e1f19e]JA[/b:01e9e1f19e] te klikken in het "Query - Recovery Console" venster.
    Klik op [b:01e9e1f19e]OK[/b:01e9e1f19e] en [b:01e9e1f19e]Ja[/b:01e9e1f19e] om automatisch de Recovery Console te laten installeren.
    Klik na afloop terug op [b:01e9e1f19e]Ja[/b:01e9e1f19e] om het scannen op malware te starten.
    Tijdens het runnen van de fix, [b:01e9e1f19e]NIET[/b:01e9e1f19e] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:01e9e1f19e]
    Wanneer de fix voltooid is en na herstart, zal de log [b:01e9e1f19e]Combofix.txt[/b:01e9e1f19e] openen.

    Post dit logje in je volgende antwoord, samen met een nieuw HijackThis log.
  • ComboFix 08-10-30.13 - Jeroen 2008-10-31 23:31:09.1 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2207 [GMT 1:00]
    Gestart vanuit: C:\Documents and Settings\Jeroen\Bureaublad\ComboFix.exe
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Autorun.inf
    C:\WINDOWS\system32\_000003_.tmp.dll
    C:\WINDOWS\system32\_000005_.tmp.dll
    C:\WINDOWS\system32\_000006_.tmp.dll
    C:\WINDOWS\system32\_000007_.tmp.dll
    C:\WINDOWS\system32\_000008_.tmp.dll
    C:\WINDOWS\system32\_000009_.tmp.dll
    C:\WINDOWS\system32\_000010_.tmp.dll
    C:\WINDOWS\system32\_000011_.tmp.dll
    C:\WINDOWS\system32\_000012_.tmp.dll
    C:\WINDOWS\system32\lsprst7.dll
    C:\WINDOWS\system32\ssprs.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    ——-\Legacy_BOONTY_GAMES
    ——-\Service_Boonty Games


    (((((((((((((((((((( Bestanden Gemaakt van 2008-09-28 to 2008-10-31 ))))))))))))))))))))))))))))))
    .

    2008-10-31 23:37 . 3,839 C:\WINDOWS\system32\drivers\GETPADD.sys
    2008-10-31 23:16 . 2008-10-31 23:16 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Hitman Pro 3
    2008-10-30 20:11 . 2008-10-30 20:11 <DIR> d——– C:\Program Files\Trend Micro
    2008-10-30 18:58 . 2008-10-30 18:58 <DIR> d——– C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2008-10-30 18:57 . 2008-10-30 18:57 <DIR> d——– C:\Program Files\SUPERAntiSpyware
    2008-10-30 18:57 . 2008-10-30 18:57 <DIR> d——– C:\Program Files\Common Files\Wise Installation Wizard
    2008-10-30 18:57 . 2008-10-30 18:57 <DIR> d——– C:\Documents and Settings\Jeroen\Application Data\SUPERAntiSpyware.com
    2008-10-30 16:43 . 2008-10-15 17:37 337,408 ——— C:\WINDOWS\system32\dllcache
    etapi32.dll
    2008-10-30 00:05 . 2008-10-30 00:05 <DIR> d——– C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-30 00:05 . 2008-10-30 00:05 <DIR> d——– C:\Documents and Settings\Jeroen\Application Data\Malwarebytes
    2008-10-30 00:05 . 2008-10-30 00:05 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-30 00:05 . 2008-10-22 16:10 38,496 –a—— C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-30 00:05 . 2008-10-22 16:10 15,504 –a—— C:\WINDOWS\system32\drivers\mbam.sys
    2008-10-29 19:09 . 2008-10-30 01:52 <DIR> d–h—– C:\$AVG8.VAULT$
    2008-10-29 18:51 . 2008-10-29 18:51 97,928 –a—— C:\WINDOWS\system32\drivers\avgldx86.sys
    2008-10-29 18:51 . 2008-10-29 18:51 76,040 –a—— C:\WINDOWS\system32\drivers\avgtdix.sys
    2008-10-29 18:51 . 2008-10-29 18:51 10,520 –a—— C:\WINDOWS\system32\avgrsstx.dll
    2008-10-29 18:50 . 2008-10-31 23:40 <DIR> d——– C:\WINDOWS\system32\drivers\Avg
    2008-10-29 18:50 . 2008-10-29 18:50 <DIR> d——– C:\Program Files\AVG
    2008-10-26 17:09 . 2008-10-26 17:09 <DIR> d——– C:\Program Files\PrevxCSI
    2008-10-26 17:09 . 2008-10-26 17:09 <DIR> d——– C:\Documents and Settings\All Users\Application Data\PrevxCSI
    2008-10-26 17:09 . 2008-10-26 17:09 25,400 –a—— C:\WINDOWS\system32\drivers\pxark.sys
    2008-10-26 17:05 . 2008-10-31 18:41 <DIR> d——– C:\Program Files\Hitman Pro 3
    2008-10-26 17:05 . 2008-10-26 17:41 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Hitman Pro
    2008-10-22 18:41 . 2008-10-22 18:41 <DIR> d——– C:\Documents and Settings\Jeroen\Application Data\VST3 Presets
    2008-10-22 11:52 . 2008-10-22 11:52 27,904 –a—— C:\WINDOWS\system32\drivers
    disprot.sys
    2008-10-21 21:38 . 2008-10-21 21:38 <DIR> d——– C:\Program Files\Photodex Presenter
    2008-10-21 21:38 . 2008-10-21 21:38 <DIR> d——– C:\Documents and Settings\Jeroen\Application Data\Netscape
    2008-10-21 17:13 . 2008-10-21 17:13 <DIR> d——– C:\Program Files\TeaTimer (Spybot - Search & Destroy)
    2008-10-21 17:13 . 2008-10-21 17:13 <DIR> d——– C:\Program Files\SDHelper (Spybot - Search & Destroy)
    2008-10-19 12:01 . 2008-10-19 12:01 <DIR> d–hs—- C:\Documents and Settings\NetworkService\PrivacIE
    2008-10-19 12:00 . 2008-10-19 12:00 <DIR> dr——- C:\Documents and Settings\NetworkService\Favorieten
    2008-10-19 12:00 . 2008-10-19 12:00 <DIR> d——– C:\Documents and Settings\NetworkService\Application Data\ABIG
    2008-10-18 18:18 . 2008-10-18 18:58 <DIR> d——– C:\Program Files\Collectorz.com
    2008-10-16 11:44 . 2008-09-15 16:28 1,846,528 ——— C:\WINDOWS\system32\dllcache\win32k.sys
    2008-10-16 11:44 . 2008-09-08 11:41 333,824 ——— C:\WINDOWS\system32\dllcache\srv.sys
    2008-10-16 11:43 . 2008-08-14 14:27 2,193,536 ——— C:\WINDOWS\system32\dllcache
    toskrnl.exe
    2008-10-16 11:43 . 2008-08-14 14:27 2,149,888 ——— C:\WINDOWS\system32\dllcache
    tkrnlmp.exe
    2008-10-16 11:43 . 2008-08-14 14:27 2,070,400 ——— C:\WINDOWS\system32\dllcache
    tkrnlpa.exe
    2008-10-16 11:43 . 2008-08-14 14:27 2,028,544 ——— C:\WINDOWS\system32\dllcache
    tkrpamp.exe
    2008-10-15 20:06 . 2008-10-15 20:06 <DIR> d——– C:\Program Files\Common Files\Adobe AIR
    2008-10-14 18:56 . 2008-10-14 18:56 <DIR> d——– C:\Documents and Settings\All Users\Application Data\FLEXnet
    2008-10-14 18:44 . 2008-10-14 18:44 <DIR> d——– C:\Program Files\Common Files\Control Panels
    2008-10-14 18:41 . 2008-10-14 18:41 <DIR> d——– C:\Documents and Settings\All Users\Application Data\ALM
    2008-10-14 17:54 . 2007-02-20 15:04 2,463,976 –a—— C:\WINDOWS\system32\NPSWF32.dll
    2008-10-14 17:54 . 2007-02-20 15:04 190,696 –a—— C:\WINDOWS\system32\NPSWF32_FlashUtil.exe
    2008-10-14 17:15 . 2008-10-14 17:15 <DIR> d——– C:\Program Files\Common Files\Macrovision Shared
    2008-10-12 15:43 . 2008-10-12 15:43 <DIR> d——– C:\Documents and Settings\Jeroen\Application Data\Bullzip
    2008-10-12 15:37 . 1999-05-06 23:00 140,288 –a—— C:\WINDOWS\system32\comdlg32.OCX
    2008-10-06 18:53 . 2008-10-10 20:06 10,593 –a—— C:\WINDOWS\CSTBox.INI
    2008-10-05 17:06 . 2008-10-05 17:07 <DIR> d——– C:\Program Files\iTunes
    2008-10-05 17:06 . 2008-10-05 17:06 <DIR> d——– C:\Program Files\iPod
    2008-10-05 17:06 . 2008-10-05 17:07 <DIR> d——– C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-10-03 21:59 . 2006-10-12 09:40 716,800 –a—— C:\WINDOWS\system32\SysInternalsBluescreen.scr
    2008-10-01 22:49 . 2008-10-01 22:49 <DIR> d——– C:\Program Files\ALCATech
    2008-10-01 19:57 . 2008-10-03 16:31 <DIR> d——– C:\WINDOWS\system32\Adobe
    2008-09-29 00:01 . 2008-09-29 00:01 0 –a—— C:\WINDOWS\NSREX.INI
    2008-09-27 18:34 . 2008-09-27 18:34 <DIR> d——– C:\Documents and Settings\Jeroen\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    2008-09-27 10:28 . 2008-10-29 21:24 <DIR> d——– C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
    2008-09-27 10:27 . 2008-10-29 21:24 <DIR> d——– C:\Documents and Settings\Jeroen\Application Data\NCH Swift Sound
    2008-09-26 16:25 . 2008-10-08 18:09 <DIR> d——– C:\Documents and Settings\Jeroen\Tracing
    2008-09-26 16:18 . 2008-09-26 16:18 <DIR> d——– C:\Program Files\Microsoft
    2008-09-26 16:12 . 2008-09-26 16:12 <DIR> d——– C:\Program Files\Common Files\Windows Live
    2008-09-25 17:34 . 2008-09-25 17:34 <DIR> d——– C:\WINDOWS\Sun
    2008-09-25 17:34 . 2008-09-25 17:33 410,976 –a—— C:\WINDOWS\system32\deploytk.dll
    2008-09-25 16:52 . 2008-09-26 16:00 <DIR> d——– C:\Program Files\NOS
    2008-09-25 16:52 . 2008-09-26 16:00 <DIR> d——– C:\Documents and Settings\All Users\Application Data\NOS
    2008-09-24 19:12 . 2008-09-24 19:12 <DIR> d——– C:\Program Files\Common Files\Supportsoft
    2008-09-24 19:12 . 2008-09-24 19:12 <DIR> d——– C:\Program Files\Belgacom
    2008-09-24 19:12 . 2008-09-24 19:12 <DIR> d——– C:\Documents and Settings\All Users\Application Data\SupportSoft
    2008-09-24 19:10 . 2008-09-24 19:11 <DIR> d——– C:\Belgacom.msi.2.2
    2008-09-14 21:42 . 2008-09-14 21:42 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
    2008-09-14 21:42 . 2008-09-14 21:42 1,025 –a—— C:\WINDOWS\system32\sysprs7.tgz
    2008-09-14 21:42 . 2008-09-14 21:42 1,025 –a—— C:\WINDOWS\system32\sysprs7.dll
    2008-09-14 21:42 . 2008-09-14 21:42 1,025 –a—— C:\WINDOWS\system32\clauth2.dll
    2008-09-14 21:42 . 2008-09-14 21:42 1,025 –a—— C:\WINDOWS\system32\clauth1.dll
    2008-09-14 21:42 . 2008-10-29 17:02 219 –a—— C:\WINDOWS\system32\lsprst7.tgz
    2008-09-14 21:42 . 2008-10-29 17:02 87 –a—— C:\WINDOWS\system32\ssprs.tgz
    2008-09-13 12:33 . 2008-09-13 12:33 <DIR> d——– C:\Program Files\Macromedia
    2008-09-13 11:26 . 2008-09-13 11:26 <DIR> d——– C:\Program Files\Common Files\DirectX
    2008-09-13 11:09 . 2008-09-13 11:09 <DIR> d——– C:\Program Files\Warthog
    2008-09-12 17:38 . 2008-09-12 17:38 <DIR> d——– C:\Program Files\Bonjour
    2008-09-12 17:32 . 2008-09-12 17:32 <DIR> d——– C:\Program Files\Apple Software Update
    2008-09-11 18:29 . 2008-09-22 21:25 1,838 –a—— C:\WINDOWS\SubCreator.INI
    2008-09-11 18:25 . 2008-09-11 18:25 <DIR> d——– C:\Program Files\Subtitles Creator
    2008-09-09 17:21 . 2008-10-29 17:19 <DIR> d——– C:\Documents and Settings\Jeroen\Application Data\FileZilla
    2008-09-09 17:18 . 2008-10-27 22:30 <DIR> d——– C:\Program Files\FileZilla FTP Client
    2008-09-07 13:14 . 2008-09-07 13:14 <DIR> d——– C:\Program Files\MagicDVDRipper
    2008-09-07 13:14 . 2008-09-07 13:15 <DIR> d——– C:\Program Files\MagicDVDCopier
    2008-09-06 18:59 . 2008-09-06 18:59 <DIR> d——– C:\Documents and Settings\Jeroen\Application Data\Sibelius Software
    2008-09-06 14:09 . 2008-09-06 14:09 90,112 –a—— C:\WINDOWS\system32\QuickTimeVR.qtx
    2008-09-06 14:09 . 2008-09-06 14:09 57,344 –a—— C:\WINDOWS\system32\QuickTime.qts
    2008-09-03 17:55 . 2008-09-25 17:33 73,728 –a—— C:\WINDOWS\system32\javacpl.cpl
    2008-09-03 17:53 . 2008-09-25 17:33 <DIR> d——– C:\Program Files\Java
    2008-09-03 17:53 . 2008-09-03 17:53 <DIR> d——– C:\Program Files\Common Files\Java

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-31 18:13 ——— d—–w C:\Documents and Settings\All Users\Application Data\Google Updater
    2008-10-30 17:47 ——— d—–w C:\Program Files\Microsoft Silverlight
    2008-10-29 20:23 ——— d—–w C:\Program Files\NCH Swift Sound
    2008-10-29 17:50 ——— d—–w C:\Documents and Settings\All Users\Application Data\Avg8
    2008-10-27 01:08 ——— d–h–w C:\Program Files\InstallShield Installation Information
    2008-10-27 01:08 ——— d—–w C:\Program Files\Spybot - Search & Destroy
    2008-10-27 01:03 ——— d—–w C:\Program Files\Hitman Pro
    2008-10-27 01:02 ——— d—–w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-10-27 00:58 ——— d—–w C:\Documents and Settings\Jeroen\Application Data\Lavasoft
    2008-10-26 22:40 ——— d—–w C:\Program Files\FLV Player
    2008-10-21 16:22 ——— d—–w C:\Program Files\ESET
    2008-10-14 17:49 ——— d—–w C:\Program Files\Common Files\Adobe
    2008-10-12 20:39 66,568 —-a-w C:\Documents and Settings\Jeroen\Application Data\GDIPFONTCACHEV1.DAT
    2008-10-09 08:18 ——— d—–w C:\Program Files\Windows Live
    2008-10-08 17:34 ——— d—–w C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-09-24 19:14 ——— d—–w C:\Program Files\Windows Live Safety Center
    2008-09-12 22:33 ——— d—–w C:\Documents and Settings\Jeroen\Application Data\Apple Computer
    2008-09-12 17:01 ——— d—–w C:\Program Files\QuickTime
    2008-09-12 17:01 ——— d—–w C:\Program Files\Common Files\Apple
    2008-09-10 22:33 ——— d—–w C:\Program Files\CamStudio
    2008-09-08 10:41 333,824 —-a-w C:\WINDOWS\system32\drivers\srv.sys
    2008-09-01 21:35 ——— d—–w C:\Program Files\Musicnotes
    2008-08-31 22:13 ——— d—–w C:\Program Files\Finale PrintMusic 2007
    2008-07-06 18:27 606,848 —-a-w C:\WINDOWS\flashax.exe
    2008-07-06 18:27 503,808 —-a-w C:\WINDOWS\Asus_A_Series_ScreenSaver.scr
    2008-07-06 18:27 5,516,371 —-a-w C:\WINDOWS\A-series Demo.exe
    2008-07-06 18:27 266,240 —-a-w C:\WINDOWS\ASUS A Series ScreenSaver Uninstaller.exe
    2008-07-06 18:27 12,288 —-a-w C:\WINDOWS\impborl.dll
    2008-07-07 01:25 32,768 –sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008063020080707\index.dat
    2008-07-07 01:25 32,768 –sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008070720080708\index.dat
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlay1EXL600]
    @="{BF9B13E4-FE9B-4121-853F-866F4E9E2830}"
    [HKEY_CLASSES_ROOT\CLSID\{BF9B13E4-FE9B-4121-853F-866F4E9E2830}]
    2007-11-13 03:08 599552 –a—— C:\WINDOWS\system32\FPAP-EXL600\FileptcIconOverlay.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-06 39408]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
    "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-03-20 217544]
    "Google Update"="C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-08-29 133104]
    "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-09-03 1576176]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2005-11-10 102400]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-11-21 7335936]
    "nwiz"="C:\WINDOWS\system32
    wiz.exe" [2005-11-21 1519616]
    "SMSERIAL"="C:\WINDOWS\sm56hlpr.exe" [2005-05-26 544768]
    "RTHDCPL"="C:\WINDOWS\RTHDCPL.EXE" [2005-09-06 14850560]
    "ASUS Live Update"="C:\Program Files\ASUS\ASUS Live Update\ALU.exe" [2005-11-02 180224]
    "Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [2005-10-05 86016]
    "Wireless Console 2"="C:\Program Files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-10-20 761945]
    "ABLKSR"="C:\WINDOWS\ABLKSR\ABLKSR.exe" [2006-01-02 61440]
    "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 667718]
    "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 602182]
    "EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [2005-12-28 569413]
    "RemoteControl"="C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" [2005-01-12 32768]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
    "Ulead AutoDetector"="C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe" [2005-07-28 94208]
    "Ulead Calendar Checker"="C:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe" [2005-08-22 69632]
    "beidsystemtray"="C:\Program Files\Belgium Identity Card\beidsystemtray.exe" [2007-02-19 188416]
    "SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
    "OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2008-09-25 144792]
    "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-09-06 413696]
    "Belgacom"="C:\Program Files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
    "Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 1884160]
    "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-10-29 1234712]
    "HitmanPro3"="C:\Program Files\Hitman Pro 3\hitmanpro3.exe" [2008-10-31 4590200]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]
    "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

    C:\Documents and Settings\Jeroen\Menu Start\Programma's\Opstarten\
    Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
    ASUS ChkMail.lnk - C:\Program Files\Asus\Asus ChkMail\ChkMail.exe [2008-07-06 32768]
    Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2005-06-16 49152]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
    Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\!SASWinLogon]
    2008-07-23 16:28 352256 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=avgrsstx.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Ares\\Ares.exe"=
    "C:\\Program Files\\Foxit Software\\PDF Editor\\PDFEdit.exe"=
    "C:\\Program Files\\Common Files\\PocketSoft\\RTPatch\\AutoRTP\\artpschd.exe"=
    "C:\\Program Files\\BoontyGames\\Insane\\Game.exe"=
    "C:\\Program Files\\Windows Live\\Mail\\wlmail.exe"=
    "C:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\Microsoft Office\\Office10\\NSREX.EXE"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
    "C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
    "C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    "3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
    "3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
    "50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
    "50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server

    R0 pxark;pxark;C:\WINDOWS\system32\drivers\pxark.sys [2008-10-26 25400]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-10-29 97928]
    R2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-10-29 875288]
    R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-29 231704]
    R2 AvgTdiX;AVG Free8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-10-29 76040]
    R2 CSIScanner;CSIScanner;C:\Program Files\PrevxCSI\prevxcsi.exe [2008-10-26 880696]
    R2 eID CRL Service;eID CRL Service;C:\WINDOWS\system32\beidservicecrl.exe [2007-02-19 225280]
    R2 eID Privacy Service;eID Privacy Service;C:\WINDOWS\system32\beidservicepcsc.exe [2007-02-19 331776]
    R2 JavaQuickStarterService;Java Quick Starter;C:\Program Files\Java\jre6\bin\jqs.exe [2008-09-25 147456]
    R2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);C:\Program Files\Belgacom\bin\sprtsvc.exe [2008-05-29 202016]
    R3 SynMini;USB2.0 1.3M Web Cam;C:\WINDOWS\system32\Drivers\SynMini.sys [2005-10-03 720470]
    R3 SynScan;USB2.0 1.3M Web Cam Still Image;C:\WINDOWS\system32\Drivers\SynScan.sys [2005-10-03 8278]
    S3 cxbu0wdm;CardMan 3x21;C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys [2008-01-15 97792]
    S3 hitmanpro3;Hitman Pro 3 Support Driver;C:\WINDOWS\system32\drivers\hitmanpro3.sys [ ]
    S3 krdpdre;krdpdre;C:\DOCUME~1\Jeroen\LOCALS~1\Temp\krdpdre.sys [ ]
    S3 Ndisprot;ArcNet NDIS Protocol Driver;C:\WINDOWS\system32\drivers\Ndisprot.sys [2008-10-22 27904]
    S3 SynasUSB;SynasUSB;C:\WINDOWS\system32\drivers\SynasUSB.sys [2006-11-23 18432]
    S3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver;C:\WINDOWS\system32\Drivers\tascusb2.sys [2007-12-18 360448]
    S3 TASCAM_US122L_MIDI;TASCAM US-122L WDM MIDI Device;C:\WINDOWS\system32\drivers\tscusb2m.sys [2007-12-18 18944]
    S3 TASCAM_US122L_WDM;TASCAM US-122L WDM;C:\WINDOWS\system32\drivers\tscusb2a.sys [2007-12-18 33792]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13967852-4cdd-11dd-94c1-001302dde7c2}]
    \Shell\AutoRun\command - F:\PdtStart.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5a218f69-4f30-11dd-94c9-001302dde7c2}]
    \Shell\AutoRun\command - F:\LaunchU3.exe -a

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5ea3003a-4c29-11dd-94bd-001302dde7c2}]
    \Shell\AutoRun\command - E:\SETUP.EXE -autorun
    .
    Inhoud van de 'Gedeelde Taken' map

    2008-10-09 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

    2008-10-30 C:\WINDOWS\Tasks\At1.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-18 C:\WINDOWS\Tasks\At10.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-18 C:\WINDOWS\Tasks\At11.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-30 C:\WINDOWS\Tasks\At12.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-30 C:\WINDOWS\Tasks\At13.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-28 C:\WINDOWS\Tasks\At14.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-27 C:\WINDOWS\Tasks\At15.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-29 C:\WINDOWS\Tasks\At16.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-29 C:\WINDOWS\Tasks\At17.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-30 C:\WINDOWS\Tasks\At18.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-28 C:\WINDOWS\Tasks\At19.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-31 C:\WINDOWS\Tasks\At2.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-30 C:\WINDOWS\Tasks\At20.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-31 C:\WINDOWS\Tasks\At21.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-31 C:\WINDOWS\Tasks\At22.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-30 C:\WINDOWS\Tasks\At23.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-31 C:\WINDOWS\Tasks\At24.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-30 C:\WINDOWS\Tasks\At3.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-30 C:\WINDOWS\Tasks\At4.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-29 C:\WINDOWS\Tasks\At5.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-29 C:\WINDOWS\Tasks\At6.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-29 C:\WINDOWS\Tasks\At7.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-29 C:\WINDOWS\Tasks\At8.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-24 C:\WINDOWS\Tasks\At9.job
    - C:\WINDOWS\system32\7o64J60F.exe []

    2008-10-31 C:\WINDOWS\Tasks\GoogleUpdateTaskUser.job
    - C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-08-29 08:05]

    2008-10-31 C:\WINDOWS\Tasks\MP Scheduled Scan.job
    - C:\Program Files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

    2008-10-31 C:\WINDOWS\Tasks\User_Feed_Synchronization-{A12A1252-2527-488F-9D98-CD0EE217535E}.job
    - C:\WINDOWS\system32\msfeedssync.exe [2008-08-22 02:05]
    .
    .
    ——- Bijkomende Scan ——-
    .
    FireFox -: Profile - C:\Documents and Settings\Jeroen\Application Data\Mozilla\Firefox\Profiles\am94dh5t.default\
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.gva.be/
    FF -: plugin - C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Update\1.2.131.25
    pGoogleOneClick6.dll
    FF -: plugin - C:\Program Files\Google\Google Updater\2.2.1273.1045
    pCIDetect12.dll
    FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins
    pitunes.dll
    FF -: plugin - C:\Program Files\Java\jre6\bin
    ew_plugin
    pdeploytk.dll
    FF -: plugin - C:\Program Files\Java\jre6\bin
    ew_plugin
    pjp2.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins
    pdeploytk.dll
    FF -: plugin - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-31 23:37:19
    Windows 5.1.2600 Service Pack 3 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …


    **************************************************************************
    .
    ———————— Andere Aktieve Processen ————————
    .
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\scardsvr.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\ESET
    od32krn.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\UTSCSI.EXE
    C:\WINDOWS\system32\searchindexer.exe
    C:\Program Files\AVG\AVG8\avgrsx.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2008-10-31 23:55:48 - machine werd herstart
    ComboFix-quarantined-files.txt 2008-10-31 22:54:40

    Pre-Run: 20.576.937.472 bytes beschikbaar
    Post-Run: 20,672,624,128 bytes beschikbaar

    WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
    [operating systems]
    C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

    392 — E O F — 2008-10-31 17:44:00










    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:57:58, on 31/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18241)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\PrevxCSI\prevxcsi.exe
    C:\WINDOWS\system32\beidservicecrl.exe
    C:\WINDOWS\system32\beidservicepcsc.exe
    C:\Program Files\PrevxCSI\prevxcsi.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Eset
    od32krn.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Belgacom\bin\sprtsvc.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UTSCSI.EXE
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\WINDOWS\sm56hlpr.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\Wireless Console 2\wcourier.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
    C:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe
    C:\Program Files\Belgium Identity Card\beidsystemtray.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\Belgacom\bin\sprtcmd.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32
    otepad.exe
    C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gva.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [HControl] "C:\WINDOWS\ATK0100\HControl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] "C:\WINDOWS\system32
    wiz.exe" /install
    O4 - HKLM\..\Run: [SMSERIAL] "C:\WINDOWS\sm56hlpr.exe"
    O4 - HKLM\..\Run: [RTHDCPL] "C:\WINDOWS\RTHDCPL.EXE"
    O4 - HKLM\..\Run: [ASUS Live Update] "C:\Program Files\ASUS\ASUS Live Update\ALU.exe"
    O4 - HKLM\..\Run: [Power_Gear] "C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" 1
    O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
    O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
    O4 - HKLM\..\Run: [ABLKSR] "C:\WINDOWS\ABLKSR\ABLKSR.exe"
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] "C:\WINDOWS\system32\NeroCheck.exe"
    O4 - HKLM\..\Run: [Ulead AutoDetector] "C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe"
    O4 - HKLM\..\Run: [Ulead Calendar Checker] "C:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe"
    O4 - HKLM\..\Run: [beidsystemtray] "C:\Program Files\Belgium Identity Card\beidsystemtray.exe"
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] "C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE"
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [HitmanPro3] "C:\Program Files\Hitman Pro 3\hitmanpro3.exe" -autocheck
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1215380685078
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CSIScanner - Prevx - C:\Program Files\PrevxCSI\prevxcsi.exe
    O23 - Service: eID CRL Service - Zetes - C:\WINDOWS\system32\beidservicecrl.exe
    O23 - Service: eID Privacy Service - Zetes - C:\WINDOWS\system32\beidservicepcsc.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset
    od32krn.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
    O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE


    End of file - 14767 bytes
  • Maakt het uit of ik mijn externe HDD niet aangesloten had op het moment van de scan? Misschien zit het virus daar ook op.
  • De besmetting waar je mee zit, verspreidt zich inderdaad over alle schijven en partities (dus de kans is erg groot dat ook je externe HD besmet is, zodat je deze ook best kan scannen naar eventuele malware). Het “verborgen” bestand waar het om draait is autorun.inf. Best toch even ook dat eens grondig bekijken.

    Voor je huidige Combofix-log moet je dit nog even uitvoeren :

    Open een kladblokbestand.

    Kopieer en plak daarin de onderstaande vetgedrukte tekst.

    [b:4f7dd562b4]File::
    C:\WINDOWS\Tasks\At1.job
    C:\WINDOWS\Tasks\At10.job
    C:\WINDOWS\Tasks\At11.job
    C:\WINDOWS\Tasks\At12.job
    C:\WINDOWS\Tasks\At13.job
    C:\WINDOWS\Tasks\At14.job
    C:\WINDOWS\Tasks\At15.job
    C:\WINDOWS\Tasks\At16.job
    C:\WINDOWS\Tasks\At17.job
    C:\WINDOWS\Tasks\At18.job
    C:\WINDOWS\Tasks\At19.job
    C:\WINDOWS\Tasks\At2.job
    C:\WINDOWS\Tasks\At20.job
    C:\WINDOWS\Tasks\At21.job
    C:\WINDOWS\Tasks\At22.job
    C:\WINDOWS\Tasks\At23.job
    C:\WINDOWS\Tasks\At24.job
    C:\WINDOWS\Tasks\At3.job
    C:\WINDOWS\Tasks\At4.job
    C:\WINDOWS\Tasks\At5.job
    C:\WINDOWS\Tasks\At6.job
    C:\WINDOWS\Tasks\At7.job
    C:\WINDOWS\Tasks\At8.job
    C:\WINDOWS\Tasks\At9.job
    C:\WINDOWS\Tasks\User_Feed_Synchronization-{A12A1252-2527-488F-9D98-CD0EE217535E}.job[/b:4f7dd562b4]

    Sla dit bestand op je bureaublad op als CFScript.txt.

    Sleep CFScript.txt in ComboFix.exe
    Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.
    Post na herstart de inhoud van de Combofix.txt in je volgende bericht.
  • Ik zal dan nogeens een Hijackthis laten lopen terwijl mijn externe HDD er aan hangt & hier posten.


    ComboFix 08-10-31.02 - Jeroen 2008-11-01 11:11:49.2 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2158 [GMT 1:00]
    Gestart vanuit: C:\Documents and Settings\Jeroen\Bureaublad\ComboFix.exe
    gebruikte Opdracht switches :: C:\Documents and Settings\Jeroen\Bureaublad\CFScript.txt
    * Nieuw herstelpunt werd aangemaakt

    FILE ::
    C:\WINDOWS\Tasks\At1.job
    C:\WINDOWS\Tasks\At10.job
    C:\WINDOWS\Tasks\At11.job
    C:\WINDOWS\Tasks\At12.job
    C:\WINDOWS\Tasks\At13.job
    C:\WINDOWS\Tasks\At14.job
    C:\WINDOWS\Tasks\At15.job
    C:\WINDOWS\Tasks\At16.job
    C:\WINDOWS\Tasks\At17.job
    C:\WINDOWS\Tasks\At18.job
    C:\WINDOWS\Tasks\At19.job
    C:\WINDOWS\Tasks\At2.job
    C:\WINDOWS\Tasks\At20.job
    C:\WINDOWS\Tasks\At21.job
    C:\WINDOWS\Tasks\At22.job
    C:\WINDOWS\Tasks\At23.job
    C:\WINDOWS\Tasks\At24.job
    C:\WINDOWS\Tasks\At3.job
    C:\WINDOWS\Tasks\At4.job
    C:\WINDOWS\Tasks\At5.job
    C:\WINDOWS\Tasks\At6.job
    C:\WINDOWS\Tasks\At7.job
    C:\WINDOWS\Tasks\At8.job
    C:\WINDOWS\Tasks\At9.job
    C:\WINDOWS\Tasks\User_Feed_Synchronization-{A12A1252-2527-488F-9D98-CD0EE217535E}.job
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\Tasks\At1.job
    C:\WINDOWS\Tasks\At10.job
    C:\WINDOWS\Tasks\At11.job
    C:\WINDOWS\Tasks\At12.job
    C:\WINDOWS\Tasks\At13.job
    C:\WINDOWS\Tasks\At14.job
    C:\WINDOWS\Tasks\At15.job
    C:\WINDOWS\Tasks\At16.job
    C:\WINDOWS\Tasks\At17.job
    C:\WINDOWS\Tasks\At18.job
    C:\WINDOWS\Tasks\At19.job
    C:\WINDOWS\Tasks\At2.job
    C:\WINDOWS\Tasks\At20.job
    C:\WINDOWS\Tasks\At21.job
    C:\WINDOWS\Tasks\At22.job
    C:\WINDOWS\Tasks\At23.job
    C:\WINDOWS\Tasks\At24.job
    C:\WINDOWS\Tasks\At3.job
    C:\WINDOWS\Tasks\At4.job
    C:\WINDOWS\Tasks\At5.job
    C:\WINDOWS\Tasks\At6.job
    C:\WINDOWS\Tasks\At7.job
    C:\WINDOWS\Tasks\At8.job
    C:\WINDOWS\Tasks\At9.job
    C:\WINDOWS\Tasks\User_Feed_Synchronization-{A12A1252-2527-488F-9D98-CD0EE217535E}.job

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2008-10-01 to 2008-11-01 ))))))))))))))))))))))))))))))
    .

    2008-10-31 23:16 . 2008-10-31 23:16 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Hitman Pro 3
    2008-10-30 20:11 . 2008-10-30 20:11 <DIR> d——– C:\Program Files\Trend Micro
    2008-10-30 18:58 . 2008-10-30 18:58 <DIR> d——– C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2008-10-30 18:57 . 2008-10-30 18:57 <DIR> d——– C:\Program Files\SUPERAntiSpyware
    2008-10-30 18:57 . 2008-10-30 18:57 <DIR> d——– C:\Program Files\Common Files\Wise Installation Wizard
    2008-10-30 18:57 . 2008-10-30 18:57 <DIR> d——– C:\Documents and Settings\Jeroen\Application Data\SUPERAntiSpyware.com
    2008-10-30 16:43 . 2008-10-15 17:37 337,408 ——— C:\WINDOWS\system32\dllcache
    etapi32.dll
    2008-10-30 00:05 . 2008-10-30 00:05 <DIR> d——– C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-30 00:05 . 2008-10-30 00:05 <DIR> d——– C:\Documents and Settings\Jeroen\Application Data\Malwarebytes
    2008-10-30 00:05 . 2008-10-30 00:05 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-30 00:05 . 2008-10-22 16:10 38,496 –a—— C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-30 00:05 . 2008-10-22 16:10 15,504 –a—— C:\WINDOWS\system32\drivers\mbam.sys
    2008-10-29 19:09 . 2008-10-30 01:52 <DIR> d–h—– C:\$AVG8.VAULT$
    2008-10-29 18:51 . 2008-10-29 18:51 97,928 –a—— C:\WINDOWS\system32\drivers\avgldx86.sys
    2008-10-29 18:51 . 2008-10-29 18:51 76,040 –a—— C:\WINDOWS\system32\drivers\avgtdix.sys
    2008-10-29 18:51 . 2008-10-29 18:51 10,520 –a—— C:\WINDOWS\system32\avgrsstx.dll
    2008-10-29 18:50 . 2008-10-31 23:40 <DIR> d——– C:\WINDOWS\system32\drivers\Avg
    2008-10-29 18:50 . 2008-10-29 18:50 <DIR> d——– C:\Program Files\AVG
    2008-10-26 17:09 . 2008-10-26 17:09 <DIR> d——– C:\Program Files\PrevxCSI
    2008-10-26 17:09 . 2008-10-26 17:09 <DIR> d——– C:\Documents and Settings\All Users\Application Data\PrevxCSI
    2008-10-26 17:09 . 2008-10-26 17:09 25,400 –a—— C:\WINDOWS\system32\drivers\pxark.sys
    2008-10-26 17:05 . 2008-10-31 18:41 <DIR> d——– C:\Program Files\Hitman Pro 3
    2008-10-26 17:05 . 2008-10-26 17:41 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Hitman Pro
    2008-10-22 18:41 . 2008-10-22 18:41 <DIR> d——– C:\Documents and Settings\Jeroen\Application Data\VST3 Presets
    2008-10-22 11:52 . 2008-10-22 11:52 27,904 –a—— C:\WINDOWS\system32\drivers
    disprot.sys
    2008-10-21 21:38 . 2008-10-21 21:38 <DIR> d——– C:\Program Files\Photodex Presenter
    2008-10-21 21:38 . 2008-10-21 21:38 <DIR> d——– C:\Documents and Settings\Jeroen\Application Data\Netscape
    2008-10-21 17:13 . 2008-10-21 17:13 <DIR> d——– C:\Program Files\TeaTimer (Spybot - Search & Destroy)
    2008-10-21 17:13 . 2008-10-21 17:13 <DIR> d——– C:\Program Files\SDHelper (Spybot - Search & Destroy)
    2008-10-19 12:01 . 2008-10-19 12:01 <DIR> d–hs—- C:\Documents and Settings\NetworkService\PrivacIE
    2008-10-19 12:00 . 2008-10-19 12:00 <DIR> dr——- C:\Documents and Settings\NetworkService\Favorieten
    2008-10-19 12:00 . 2008-10-19 12:00 <DIR> d——– C:\Documents and Settings\NetworkService\Application Data\ABIG
    2008-10-18 18:18 . 2008-10-18 18:58 <DIR> d——– C:\Program Files\Collectorz.com
    2008-10-16 11:44 . 2008-09-15 16:28 1,846,528 ——— C:\WINDOWS\system32\dllcache\win32k.sys
    2008-10-16 11:44 . 2008-09-08 11:41 333,824 ——— C:\WINDOWS\system32\dllcache\srv.sys
    2008-10-16 11:43 . 2008-08-14 14:27 2,193,536 ——— C:\WINDOWS\system32\dllcache
    toskrnl.exe
    2008-10-16 11:43 . 2008-08-14 14:27 2,149,888 ——— C:\WINDOWS\system32\dllcache
    tkrnlmp.exe
    2008-10-16 11:43 . 2008-08-14 14:27 2,070,400 ——— C:\WINDOWS\system32\dllcache
    tkrnlpa.exe
    2008-10-16 11:43 . 2008-08-14 14:27 2,028,544 ——— C:\WINDOWS\system32\dllcache
    tkrpamp.exe
    2008-10-15 20:06 . 2008-10-15 20:06 <DIR> d——– C:\Program Files\Common Files\Adobe AIR
    2008-10-14 18:56 . 2008-10-14 18:56 <DIR> d——– C:\Documents and Settings\All Users\Application Data\FLEXnet
    2008-10-14 18:44 . 2008-10-14 18:44 <DIR> d——– C:\Program Files\Common Files\Control Panels
    2008-10-14 18:41 . 2008-10-14 18:41 <DIR> d——– C:\Documents and Settings\All Users\Application Data\ALM
    2008-10-14 17:54 . 2007-02-20 15:04 2,463,976 –a—— C:\WINDOWS\system32\NPSWF32.dll
    2008-10-14 17:54 . 2007-02-20 15:04 190,696 –a—— C:\WINDOWS\system32\NPSWF32_FlashUtil.exe
    2008-10-14 17:15 . 2008-10-14 17:15 <DIR> d——– C:\Program Files\Common Files\Macrovision Shared
    2008-10-12 15:43 . 2008-10-12 15:43 <DIR> d——– C:\Documents and Settings\Jeroen\Application Data\Bullzip
    2008-10-12 15:37 . 1999-05-06 23:00 140,288 –a—— C:\WINDOWS\system32\comdlg32.OCX
    2008-10-06 18:53 . 2008-10-10 20:06 10,593 –a—— C:\WINDOWS\CSTBox.INI
    2008-10-05 17:06 . 2008-10-05 17:07 <DIR> d——– C:\Program Files\iTunes
    2008-10-05 17:06 . 2008-10-05 17:06 <DIR> d——– C:\Program Files\iPod
    2008-10-05 17:06 . 2008-10-05 17:07 <DIR> d——– C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-10-03 21:59 . 2006-10-12 09:40 716,800 –a—— C:\WINDOWS\system32\SysInternalsBluescreen.scr
    2008-10-01 22:49 . 2008-10-01 22:49 <DIR> d——– C:\Program Files\ALCATech
    2008-10-01 19:57 . 2008-10-03 16:31 <DIR> d——– C:\WINDOWS\system32\Adobe

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-31 18:13 ——— d—–w C:\Documents and Settings\All Users\Application Data\Google Updater
    2008-10-30 17:47 ——— d—–w C:\Program Files\Microsoft Silverlight
    2008-10-29 20:24 ——— d—–w C:\Documents and Settings\Jeroen\Application Data\NCH Swift Sound
    2008-10-29 20:24 ——— d—–w C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
    2008-10-29 20:23 ——— d—–w C:\Program Files\NCH Swift Sound
    2008-10-29 17:50 ——— d—–w C:\Documents and Settings\All Users\Application Data\Avg8
    2008-10-29 16:19 ——— d—–w C:\Documents and Settings\Jeroen\Application Data\FileZilla
    2008-10-27 21:30 ——— d—–w C:\Program Files\FileZilla FTP Client
    2008-10-27 01:08 ——— d–h–w C:\Program Files\InstallShield Installation Information
    2008-10-27 01:08 ——— d—–w C:\Program Files\Spybot - Search & Destroy
    2008-10-27 01:03 ——— d—–w C:\Program Files\Hitman Pro
    2008-10-27 01:02 ——— d—–w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-10-27 00:58 ——— d—–w C:\Documents and Settings\Jeroen\Application Data\Lavasoft
    2008-10-26 22:40 ——— d—–w C:\Program Files\FLV Player
    2008-10-21 16:22 ——— d—–w C:\Program Files\ESET
    2008-10-14 17:49 ——— d—–w C:\Program Files\Common Files\Adobe
    2008-10-12 20:39 66,568 —-a-w C:\Documents and Settings\Jeroen\Application Data\GDIPFONTCACHEV1.DAT
    2008-10-09 08:18 ——— d—–w C:\Program Files\Windows Live
    2008-10-08 17:34 ——— d—–w C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-09-27 17:34 ——— d—–w C:\Documents and Settings\Jeroen\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    2008-09-26 15:18 ——— d—–w C:\Program Files\Microsoft
    2008-09-26 15:12 ——— d—–w C:\Program Files\Common Files\Windows Live
    2008-09-26 15:00 ——— d—–w C:\Program Files\NOS
    2008-09-26 15:00 ——— d—–w C:\Documents and Settings\All Users\Application Data\NOS
    2008-09-25 16:33 410,976 —-a-w C:\WINDOWS\system32\deploytk.dll
    2008-09-25 16:33 ——— d—–w C:\Program Files\Java
    2008-09-24 19:14 ——— d—–w C:\Program Files\Windows Live Safety Center
    2008-09-24 18:12 ——— d—–w C:\Program Files\Common Files\Supportsoft
    2008-09-24 18:12 ——— d—–w C:\Program Files\Belgacom
    2008-09-24 18:12 ——— d—–w C:\Documents and Settings\All Users\Application Data\SupportSoft
    2008-09-15 15:28 1,846,528 —-a-w C:\WINDOWS\system32\win32k.sys
    2008-09-14 20:42 ——— d—–w C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
    2008-09-13 11:33 ——— d—–w C:\Program Files\Macromedia
    2008-09-13 10:26 ——— d—–w C:\Program Files\Common Files\DirectX
    2008-09-13 10:09 ——— d—–w C:\Program Files\Warthog
    2008-09-12 22:33 ——— d—–w C:\Documents and Settings\Jeroen\Application Data\Apple Computer
    2008-09-12 17:01 ——— d—–w C:\Program Files\QuickTime
    2008-09-12 17:01 ——— d—–w C:\Program Files\Common Files\Apple
    2008-09-12 16:38 ——— d—–w C:\Program Files\Bonjour
    2008-09-12 16:32 ——— d—–w C:\Program Files\Apple Software Update
    2008-09-11 17:25 ——— d—–w C:\Program Files\Subtitles Creator
    2008-09-10 22:33 ——— d—–w C:\Program Files\CamStudio
    2008-09-08 10:41 333,824 —-a-w C:\WINDOWS\system32\drivers\srv.sys
    2008-09-07 12:15 ——— d—–w C:\Program Files\MagicDVDCopier
    2008-09-07 12:14 ——— d—–w C:\Program Files\MagicDVDRipper
    2008-09-06 17:59 ——— d—–w C:\Documents and Settings\Jeroen\Application Data\Sibelius Software
    2008-09-03 16:53 ——— d—–w C:\Program Files\Common Files\Java
    2008-09-01 21:35 ——— d—–w C:\Program Files\Musicnotes
    2008-08-29 08:18 87,336 —-a-w C:\WINDOWS\system32\dns-sd.exe
    2008-08-29 07:53 61,440 —-a-w C:\WINDOWS\system32\dnssd.dll
    2008-08-27 17:17 4,608 —-a-w C:\WINDOWS\system32\w95inf32.dll
    2008-08-27 17:17 2,272 —-a-w C:\WINDOWS\system32\w95inf16.dll
    2008-08-22 01:16 637,984 —-a-w C:\WINDOWS\system32\dllcache\iexplore.exe
    2008-08-22 01:09 5,699,584 —-a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2008-08-22 01:08 878,592 —-a-w C:\WINDOWS\system32\wininet.dll
    2008-08-22 01:08 878,592 —-a-w C:\WINDOWS\system32\dllcache\wininet.dll
    2008-08-22 01:08 43,008 —-a-w C:\WINDOWS\system32\licmgr10.dll
    2008-08-22 01:08 43,008 —-a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
    2008-08-22 01:08 236,544 —-a-w C:\WINDOWS\system32\dllcache\webcheck.dll
    2008-08-22 01:08 1,206,784 —-a-w C:\WINDOWS\system32\dllcache\urlmon.dll
    2008-08-22 01:07 755,200 —-a-w C:\WINDOWS\system32\dllcache\VGX.dll
    2008-08-22 01:07 193,536 —-a-w C:\WINDOWS\system32\dllcache\msrating.dll
    2008-08-22 01:07 18,944 —-a-w C:\WINDOWS\system32\corpol.dll
    2008-08-22 01:07 18,944 ——w C:\WINDOWS\system32\dllcache\corpol.dll
    2008-08-22 01:07 116,224 —-a-w C:\WINDOWS\system32\dllcache\occache.dll
    2008-08-22 01:07 105,984 —-a-w C:\WINDOWS\system32\dllcache\url.dll
    2008-08-22 01:05 70,656 —-a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
    2008-08-22 01:05 630,272 —-a-w C:\WINDOWS\system32\dllcache\mstime.dll
    2008-08-22 01:05 48,640 ——w C:\WINDOWS\system32\PrivacIE.dll
    2008-08-22 01:05 48,128 —-a-w C:\WINDOWS\system32\mshtmler.dll
    2008-08-22 01:05 48,128 —-a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
    2008-08-22 01:05 45,056 —-a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    2008-08-22 01:05 35,840 —-a-w C:\WINDOWS\system32\imgutil.dll
    2008-08-22 01:05 35,840 —-a-w C:\WINDOWS\system32\dllcache\imgutil.dll
    2008-08-22 01:05 346,624 —-a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    2008-08-22 01:05 217,088 —-a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
    2008-08-22 01:05 186,880 —-a-w C:\WINDOWS\system32\dllcache\iepeers.dll
    2008-08-22 01:04 45,568 —-a-w C:\WINDOWS\system32\mshta.exe
    2008-08-22 01:04 45,568 —-a-w C:\WINDOWS\system32\dllcache\mshta.exe
    2008-08-22 01:00 68,608 —-a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
    2008-08-22 00:57 156,160 —-a-w C:\WINDOWS\system32\msls31.dll
    2008-08-22 00:57 156,160 —-a-w C:\WINDOWS\system32\dllcache\msls31.dll
    2008-08-14 13:27 2,149,888 —-a-w C:\WINDOWS\system32
    toskrnl.exe
    2008-08-14 13:27 2,028,544 —-a-w C:\WINDOWS\system32
    tkrnlpa.exe
    2008-08-14 10:04 138,496 ——w C:\WINDOWS\system32\dllcache\afd.sys
    2008-08-05 15:55 265,720 —-a-w C:\WINDOWS\system32\msdbg2.dll
    2008-07-07 01:25 32,768 –sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008063020080707\index.dat
    2008-07-07 01:25 32,768 –sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008070720080708\index.dat
    .

    ((((((((((((((((((((((((((((( snapshot@2008-10-31_23.53.56.89 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-11-01 09:52:26 16,384 —-atw C:\WINDOWS\Temp\Perflib_Perfdata_74c.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlay1EXL600]
    @="{BF9B13E4-FE9B-4121-853F-866F4E9E2830}"
    [HKEY_CLASSES_ROOT\CLSID\{BF9B13E4-FE9B-4121-853F-866F4E9E2830}]
    2007-11-13 03:08 599552 –a—— C:\WINDOWS\system32\FPAP-EXL600\FileptcIconOverlay.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-06 39408]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
    "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-03-20 217544]
    "Google Update"="C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-08-29 133104]
    "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-09-03 1576176]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2005-11-10 102400]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-11-21 7335936]
    "nwiz"="C:\WINDOWS\system32
    wiz.exe" [2005-11-21 1519616]
    "SMSERIAL"="C:\WINDOWS\sm56hlpr.exe" [2005-05-26 544768]
    "RTHDCPL"="C:\WINDOWS\RTHDCPL.EXE" [2005-09-06 14850560]
    "ASUS Live Update"="C:\Program Files\ASUS\ASUS Live Update\ALU.exe" [2005-11-02 180224]
    "Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [2005-10-05 86016]
    "Wireless Console 2"="C:\Program Files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-10-20 761945]
    "ABLKSR"="C:\WINDOWS\ABLKSR\ABLKSR.exe" [2006-01-02 61440]
    "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 667718]
    "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 602182]
    "EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [2005-12-28 569413]
    "RemoteControl"="C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" [2005-01-12 32768]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
    "Ulead AutoDetector"="C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe" [2005-07-28 94208]
    "Ulead Calendar Checker"="C:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe" [2005-08-22 69632]
    "beidsystemtray"="C:\Program Files\Belgium Identity Card\beidsystemtray.exe" [2007-02-19 188416]
    "SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
    "OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2008-09-25 144792]
    "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-09-06 413696]
    "Belgacom"="C:\Program Files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
    "Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 1884160]
    "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-10-29 1234712]
    "HitmanPro3"="C:\Program Files\Hitman Pro 3\hitmanpro3.exe" [2008-10-31 4590200]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]
    "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

    C:\Documents and Settings\Jeroen\Menu Start\Programma's\Opstarten\
    Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
    ASUS ChkMail.lnk - C:\Program Files\Asus\Asus ChkMail\ChkMail.exe [2008-07-06 32768]
    Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2005-06-16 49152]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
    Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\!SASWinLogon]
    2008-07-23 16:28 352256 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=avgrsstx.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Ares\\Ares.exe"=
    "C:\\Program Files\\Foxit Software\\PDF Editor\\PDFEdit.exe"=
    "C:\\Program Files\\Common Files\\PocketSoft\\RTPatch\\AutoRTP\\artpschd.exe"=
    "C:\\Program Files\\BoontyGames\\Insane\\Game.exe"=
    "C:\\Program Files\\Windows Live\\Mail\\wlmail.exe"=
    "C:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\Microsoft Office\\Office10\\NSREX.EXE"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
    "C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
    "C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    "3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
    "3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
    "50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
    "50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server

    R0 pxark;pxark;C:\WINDOWS\system32\drivers\pxark.sys [2008-10-26 25400]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-10-29 97928]
    R2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-10-29 875288]
    R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-29 231704]
    R2 AvgTdiX;AVG Free8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-10-29 76040]
    R2 CSIScanner;CSIScanner;C:\Program Files\PrevxCSI\prevxcsi.exe [2008-10-26 880696]
    R2 eID CRL Service;eID CRL Service;C:\WINDOWS\system32\beidservicecrl.exe [2007-02-19 225280]
    R2 eID Privacy Service;eID Privacy Service;C:\WINDOWS\system32\beidservicepcsc.exe [2007-02-19 331776]
    R2 JavaQuickStarterService;Java Quick Starter;C:\Program Files\Java\jre6\bin\jqs.exe [2008-09-25 147456]
    R2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);C:\Program Files\Belgacom\bin\sprtsvc.exe [2008-05-29 202016]
    R3 SynMini;USB2.0 1.3M Web Cam;C:\WINDOWS\system32\Drivers\SynMini.sys [2005-10-03 720470]
    R3 SynScan;USB2.0 1.3M Web Cam Still Image;C:\WINDOWS\system32\Drivers\SynScan.sys [2005-10-03 8278]
    S3 cxbu0wdm;CardMan 3x21;C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys [2008-01-15 97792]
    S3 hitmanpro3;Hitman Pro 3 Support Driver;C:\WINDOWS\system32\drivers\hitmanpro3.sys [ ]
    S3 krdpdre;krdpdre;C:\DOCUME~1\Jeroen\LOCALS~1\Temp\krdpdre.sys [ ]
    S3 Ndisprot;ArcNet NDIS Protocol Driver;C:\WINDOWS\system32\drivers\Ndisprot.sys [2008-10-22 27904]
    S3 SynasUSB;SynasUSB;C:\WINDOWS\system32\drivers\SynasUSB.sys [2006-11-23 18432]
    S3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver;C:\WINDOWS\system32\Drivers\tascusb2.sys [2007-12-18 360448]
    S3 TASCAM_US122L_MIDI;TASCAM US-122L WDM MIDI Device;C:\WINDOWS\system32\drivers\tscusb2m.sys [2007-12-18 18944]
    S3 TASCAM_US122L_WDM;TASCAM US-122L WDM;C:\WINDOWS\system32\drivers\tscusb2a.sys [2007-12-18 33792]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13967852-4cdd-11dd-94c1-001302dde7c2}]
    \Shell\AutoRun\command - F:\PdtStart.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5a218f69-4f30-11dd-94c9-001302dde7c2}]
    \Shell\AutoRun\command - F:\LaunchU3.exe -a
    .
    Inhoud van de 'Gedeelde Taken' map

    2008-10-09 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

    2008-10-31 C:\WINDOWS\Tasks\GoogleUpdateTaskUser.job
    - C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-08-29 08:05]

    2008-11-01 C:\WINDOWS\Tasks\MP Scheduled Scan.job
    - C:\Program Files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-01 11:17:00
    Windows 5.1.2600 Service Pack 3 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …


    **************************************************************************
    .
    Voltooingstijd: 2008-11-01 11:26:36
    ComboFix-quarantined-files.txt 2008-11-01 10:25:32
    ComboFix2.txt 2008-10-31 22:55:50

    Pre-Run: 20.646.250.496 bytes beschikbaar
    Post-Run: 20,632,525,312 bytes beschikbaar

    349 — E O F — 2008-10-31 17:44:00
  • [quote:dd36b85ccc="JDO0909"]Ik zal dan nogeens een Hijackthis laten lopen terwijl mijn externe HDD er aan hangt & hier posten[/quote:dd36b85ccc] Prima, laat maar komen.
  • Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:46:35, on 1/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18241)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\PrevxCSI\prevxcsi.exe
    C:\Program Files\PrevxCSI\prevxcsi.exe
    C:\WINDOWS\system32\beidservicecrl.exe
    C:\WINDOWS\system32\beidservicepcsc.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Eset
    od32krn.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Belgacom\bin\sprtsvc.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UTSCSI.EXE
    C:\WINDOWS\ATK0100\HControl.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\sm56hlpr.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
    C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
    C:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe
    C:\Program Files\Belgium Identity Card\beidsystemtray.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Belgacom\bin\sprtcmd.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Windows Live\Mail\wlmail.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gva.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [HControl] "C:\WINDOWS\ATK0100\HControl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] "C:\WINDOWS\system32
    wiz.exe" /install
    O4 - HKLM\..\Run: [SMSERIAL] "C:\WINDOWS\sm56hlpr.exe"
    O4 - HKLM\..\Run: [RTHDCPL] "C:\WINDOWS\RTHDCPL.EXE"
    O4 - HKLM\..\Run: [ASUS Live Update] "C:\Program Files\ASUS\ASUS Live Update\ALU.exe"
    O4 - HKLM\..\Run: [Power_Gear] "C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" 1
    O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
    O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
    O4 - HKLM\..\Run: [ABLKSR] "C:\WINDOWS\ABLKSR\ABLKSR.exe"
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] "C:\WINDOWS\system32\NeroCheck.exe"
    O4 - HKLM\..\Run: [Ulead AutoDetector] "C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe"
    O4 - HKLM\..\Run: [Ulead Calendar Checker] "C:\Program Files\Ulead Systems\Ulead Photo Express 6\CalCheck.exe"
    O4 - HKLM\..\Run: [beidsystemtray] "C:\Program Files\Belgium Identity Card\beidsystemtray.exe"
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] "C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE"
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [HitmanPro3] "C:\Program Files\Hitman Pro 3\hitmanpro3.exe" -autocheck
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1215380685078
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CSIScanner - Prevx - C:\Program Files\PrevxCSI\prevxcsi.exe
    O23 - Service: eID CRL Service - Zetes - C:\WINDOWS\system32\beidservicecrl.exe
    O23 - Service: eID Privacy Service - Zetes - C:\WINDOWS\system32\beidservicepcsc.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset
    od32krn.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
    O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE


    End of file - 14412 bytes
  • Ziet er netjes uit. Hoe staat het ondertussen met de problemen ? Nog steeds last van dezelfde symptomen of zijn deze inmiddels opgelost ?
  • Mijn C-schijf is blijkbaar terug in orde, maar zowel mijn F-schijf als mijn G-schijf krijgen nu dezelfde foutmelding. Bij het openen geeft AVG ook de melding dat resycled/boot.com een mogelijke bedreiging is…
  • Wil je dan even A-Squared hier http://www.emsisoft.com/en/software/antimalware/ downloaden (is een trialversie van 30 dagen) en deze je systeem laten controleren. Zou normaal tot een oplossing op alle schijven moeten leiden. Ben benieuwd of dat in jouw geval ook zo is ?
  • ik ben ook zeer benieuwd! Welke antivirus raad jij eigenlijk aan?
  • [quote:0d09ca1f3a="JDO0909"]Welke antivirus raad jij eigenlijk aan?[/quote:0d09ca1f3a] Ach … hier krijg je evenveel verschillende antwoorden op als er forumgebruikers zijn :D En dat is allemaal gebaseerd op eigen (goede of slechte) ervaringen. Persoonlijk doe ik het al jaren probleemloos met AVG Pro … dus dat is - voor mij - een aanrader.

    Maar er zijn er ongetwijfeld nog een pak "goede", zowel bij de gratis versies als bij de betalende versies. Hangt vaak ook een beetje af van het gebruiksgemak en hoe je daar als gebruiker tegenover staat. En de komst van de volledig geïntegreerde pakketten (met antivirus, antispyware, firewall, antispam, … ) maakt de keuze er niet gemakkelijker op.
  • bij het scannen met a-squared antimalware krijg ik onderstaande fout:

    date/time : 2008-11-01, 17:31:37, 359ms
    computer name : UW-6EA5E1F99BA9
    user name : Jeroen <admin>
    registered owner : Jeroen De Ost
    operating system : Windows XP Service Pack 3 build 2600
    system language : Dutch
    system up time : 25 minutes 21 seconds
    program up time : 20 minutes 2 seconds
    processors : 2x Genuine Intel(R) CPU T2300 @ 1.66GHz
    physical memory : 1674/2943 MB (free/total)
    free disk space : (C:) 18,23 GB
    display mode : 1280x800, 32 bit
    process id : $1310
    allocated memory : 36,21 MB
    command line : "C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2scan.exe" /R="C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2start.exe"
    executable : a2scan.exe
    exec. date/time : 2008-10-19 09:56
    version : 4.0.0.51
    compiled with : Delphi 2006/07
    madExcept version : 3.0h
    contact name : Jeroen De Ost
    contact email : Jeroen_De_Ost@hotmail.com
    callstack crc : $08d9e1ca, $d636a5a7, $d7ca5285
    exception number : 1
    exception class : EOutOfResources
    exception message : Onvoldoende opslagruimte beschikbaar om deze opdracht te verwerken.

    main thread ($131c):
    0047e158 +07c a2scan.exe Graphics 2926 +4 GDIError
    0047e197 +00f a2scan.exe Graphics 2933 +1 GDICheck
    00481fe7 +117 a2scan.exe Graphics 5439 +23 CopyBitmap
    00482a2b +073 a2scan.exe Graphics 5706 +9 TBitmap.CopyImage
    00484a5b +073 a2scan.exe Graphics 6810 +10 TBitmap.SetSize
    0054cc51 +095 a2scan.exe GraphicsEx 244 +10 DrawVGradient
    00585de5 +03d a2scan.exe Main 725 +1 TScannerMainForm.pnlCleanComputerPaintBox2Paint
    00493caf +097 a2scan.exe ExtCtrls 1802 +10 TPaintBox.Paint
    004b517c +05c a2scan.exe Controls 9690 +7 TGraphicControl.WMPaint
    004ab4f5 +335 a2scan.exe Controls 5143 +83 TControl.WndProc
    004ab0a2 +036 a2scan.exe Controls 5018 +5 TControl.Perform
    004b061a +19a a2scan.exe Controls 7369 +26 TWinControl.PaintControls
    004b0411 +175 a2scan.exe Controls 7322 +24 TWinControl.PaintHandler
    004b09bc +04c a2scan.exe Controls 7458 +6 TWinControl.WMPaint
    004b0a65 +0f5 a2scan.exe Controls 7471 +19 TWinControl.WMPaint
    004ab4f5 +335 a2scan.exe Controls 5143 +83 TControl.WndProc
    004b00c1 +49d a2scan.exe Controls 7242 +101 TWinControl.WndProc
    004af7b0 +034 a2scan.exe Controls 7021 +3 TWinControl.MainWndProc
    00477184 +014 a2scan.exe Classes 11572 +8 StdWndProc
    7c90e450 +010 ntdll.dll KiUserCallbackDispatcher
    7e3996c2 +00a USER32.dll DispatchMessageA
    004ce87e +136 a2scan.exe Forms 7651 +23 TApplication.ProcessMessage
    004ce8c3 +00f a2scan.exe Forms 7670 +1 TApplication.HandleMessage
    004ceb5e +0a6 a2scan.exe Forms 7754 +16 TApplication.Run

    thread $1558:
    7c90df3a +00a ntdll.dll NtWaitForSingleObject
    7c8025d5 +085 kernel32.dll WaitForSingleObjectEx
    7c80253d +00d kernel32.dll WaitForSingleObject
    0047573e +112 a2scan.exe Classes 10157 +34 TThread.Synchronize
    004757fc +034 a2scan.exe Classes 10185 +4 TThread.Synchronize
    0058cd1e +0d2 a2scan.exe uTScanThread 293 +16 TScanThread.DoFilesMessageHandler
    005841f4 +020 a2scan.exe Main 327 +2 FilesMessageHandler
    0044fecd +00d a2scan.exe madExcept CallThreadProcSafe
    0044ff37 +037 a2scan.exe madExcept ThreadExceptFrame
    >> created by main thread ($131c) at:
    0229a0e2 +000 a2framework.dll

    thread $16f8:
    7c90d1fa +a ntdll.dll NtDelayExecution

    thread $1048 (TScanThread):
    7c90df3a +00a ntdll.dll NtWaitForSingleObject
    7c8025d5 +085 kernel32.dll WaitForSingleObjectEx
    7c80253d +00d kernel32.dll WaitForSingleObject
    00577bef +00f a2scan.exe EngineInterface 543 +2 ScanDirectory
    0058f108 +048 a2scan.exe uTScanThread 728 +6 TScanThread.DoScanDirectory
    0058c9c6 +10a a2scan.exe uTScanThread 213 +18 TScanThread.Execute
    0044ffeb +02b a2scan.exe madExcept HookedTThreadExecute
    00475226 +036 a2scan.exe Classes 9866 +7 ThreadProc
    00404fbc +028 a2scan.exe System 12127 +33 ThreadWrapper
    0044fecd +00d a2scan.exe madExcept CallThreadProcSafe
    0044ff37 +037 a2scan.exe madExcept ThreadExceptFrame
    >> created by main thread ($131c) at:
    0058c7d4 +10c a2scan.exe uTScanThread 176 +22 TScanThread.Create

    modules:
    00400000 a2scan.exe 4.0.0.51 C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE
    02210000 a2framework.dll 4.0.0.3 C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE
    02fd0000 Normaliz.dll 6.0.5441.0 C:\WINDOWS\system32
    04140000 FileptcIconOverlay.dll 4.6.1.2 C:\WINDOWS\system32\FPAP-EXL600
    10000000 avgrsstx.dll 8.0.0.134 C:\WINDOWS\system32
    129b0000 OpHookSE4.dll 15.0.0.0 C:\Program Files\ScanSoft\OmniPageSE4.0
    1a400000 urlmon.dll 8.0.6001.18241 C:\WINDOWS\system32
    5b190000 uxtheme.dll 6.0.2900.5512 C:\WINDOWS\system32
    5dca0000 iertutil.dll 8.0.6001.18241 C:\WINDOWS\system32
    62980000 sprthook.dll 7.0.940.0 C:\Program Files\Belgacom\bin
    63000000 WININET.dll 8.0.6001.18241 C:\WINDOWS\system32
    6ff20000 NETAPI32.dll 5.1.2600.5694 C:\WINDOWS\system32
    71a20000 WS2HELP.dll 5.1.2600.5512 C:\WINDOWS\system32
    71a30000 WS2_32.dll 5.1.2600.5512 C:\WINDOWS\system32
    71a50000 wsock32.dll 5.1.2600.5512 C:\WINDOWS\system32
    71f10000 security.dll 5.1.2600.5512 C:\WINDOWS\system32
    72f70000 winspool.drv 5.1.2600.5512 C:\WINDOWS\system32
    73250000 RICHED32.DLL 5.1.2600.0 C:\WINDOWS\system32
    746a0000 MSCTF.dll 5.1.2600.5512 C:\WINDOWS\system32
    74c00000 OLEACC.dll 4.2.5406.0 C:\WINDOWS\system32
    74db0000 RICHED20.DLL 5.30.23.1230 C:\WINDOWS\system32
    75250000 msctfime.ime 5.1.2600.5512 C:\WINDOWS\system32
    75f20000 browseui.dll 6.0.2900.5512 C:\WINDOWS\system32
    76020000 MSVCP60.dll 6.2.3104.0 C:\WINDOWS\system32
    76320000 msimg32.dll 5.1.2600.5512 C:\WINDOWS\system32
    76330000 IMM32.DLL 5.1.2600.5512 C:\WINDOWS\system32
    76350000 comdlg32.dll 6.0.2900.5512 C:\WINDOWS\system32
    765a0000 CSCDLL.dll 5.1.2600.5512 C:\WINDOWS\System32
    76880000 CRYPTUI.dll 5.131.2600.5512 C:\WINDOWS\system32
    76930000 LINKINFO.dll 5.1.2600.5512 C:\WINDOWS\system32
    76940000 ntshrui.dll 5.1.2600.5512 C:\WINDOWS\system32
    76970000 USERENV.dll 5.1.2600.5512 C:\WINDOWS\system32
    76ad0000 ATL.DLL 3.5.2284.1 C:\WINDOWS\system32
    76bb0000 PSAPI.dll 5.1.2600.5512 C:\WINDOWS\system32
    76bf0000 WINTRUST.dll 5.131.2600.5512 C:\WINDOWS\system32
    76c50000 IMAGEHLP.dll 5.1.2600.5512 C:\WINDOWS\system32
    76f20000 WLDAP32.dll 5.1.2600.5512 C:\WINDOWS\system32
    76f90000 CLBCATQ.DLL 2001.12.4414.700 C:\WINDOWS\system32
    77010000 COMRes.dll 2001.12.4414.700 C:\WINDOWS\system32
    770e0000 oleaut32.dll 5.1.2600.5512 C:\WINDOWS\system32
    77390000 comctl32.dll 6.0.2900.5512 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83
    774a0000 ole32.dll 5.1.2600.5512 C:\WINDOWS\system32
    778e0000 SETUPAPI.dll 5.1.2600.5512 C:\WINDOWS\system32
    779e0000 cscui.dll 5.1.2600.5512 C:\WINDOWS\System32
    77a40000 CRYPT32.dll 5.131.2600.5512 C:\WINDOWS\system32
    77ae0000 MSASN1.dll 5.1.2600.5512 C:\WINDOWS\system32
    77b00000 apphelp.dll 5.1.2600.5512 C:\WINDOWS\system32
    77bd0000 version.dll 5.1.2600.5512 C:\WINDOWS\system32
    77be0000 msvcrt.dll 7.0.2600.5512 C:\WINDOWS\system32
    77da0000 RPCRT4.dll 5.1.2600.5512 C:\WINDOWS\system32
    77e40000 GDI32.dll 5.1.2600.5512 C:\WINDOWS\system32
    77e90000 SHLWAPI.dll 6.0.2900.5512 C:\WINDOWS\system32
    77f10000 Secur32.dll 5.1.2600.5512 C:\WINDOWS\system32
    77f40000 advapi32.dll 5.1.2600.5512 C:\WINDOWS\system32
    7c800000 kernel32.dll 5.1.2600.5512 C:\WINDOWS\system32
    7c900000 ntdll.dll 5.1.2600.5512 C:\WINDOWS\system32
    7c9c0000 SHELL32.dll 6.0.2900.5512 C:\WINDOWS\system32
    7e210000 shdocvw.dll 6.0.2900.5512 C:\WINDOWS\system32
    7e390000 USER32.dll 5.1.2600.5512 C:\WINDOWS\system32

    processes:
    0000 Idle
    0004 System normal
    0328 smss.exe normal C:\WINDOWS\system32
    03dc csrss.exe normal C:\WINDOWS\system32
    03f8 winlogon.exe high C:\WINDOWS\system32
    0440 services.exe normal C:\WINDOWS\system32
    044c lsass.exe normal C:\WINDOWS\system32
    0520 svchost.exe normal C:\WINDOWS\system32
    05f8 svchost.exe normal C:\WINDOWS\system32
    0620 MsMpEng.exe normal C:\Program Files\Windows Defender
    0660 svchost.exe normal C:\WINDOWS\System32
    06a0 EvtEng.exe normal C:\Program Files\Intel\Wireless\Bin
    06c0 S24EvMon.exe normal C:\Program Files\Intel\Wireless\Bin
    0734 svchost.exe normal C:\WINDOWS\system32
    075c svchost.exe normal C:\WINDOWS\system32
    00c8 spoolsv.exe normal C:\WINDOWS\system32
    0104 SCardSvr.exe normal C:\WINDOWS\System32
    0250 a2service.exe normal C:\Program Files\a-squared Anti-Malware
    0274 AppleMobileDeviceService.exe normal C:\Program Files\Common Files\Apple\Mobile Device Support\bin
    0288 avgwdsvc.exe normal C:\PROGRA~1\AVG\AVG8
    0298 mDNSResponder.exe normal C:\Program Files\Bonjour
    03e0 prevxcsi.exe normal C:\Program Files\PrevxCSI
    0578 beidservicecrl.exe normal C:\WINDOWS\system32
    05b8 beidservicepcsc.exe normal C:\WINDOWS\system32
    063c GoogleUpdaterService.exe normal C:\Program Files\Google\Common\Google Updater
    0690 jqs.exe idle C:\Program Files\Java\jre6\bin
    06f8 LSSrvc.exe normal C:\Program Files\Common Files\LightScribe
    0698 mdm.exe normal C:\Program Files\Common Files\Microsoft Shared\VS7Debug
    0728 nod32krn.exe normal C:\Program Files\Eset
    07a8 avgrsx.exe normal C:\PROGRA~1\AVG\AVG8
    07c4 nvsvc32.exe normal C:\WINDOWS\system32
    016c RegSrvc.exe normal C:\Program Files\Intel\Wireless\Bin
    01dc sprtsvc.exe normal C:\Program Files\Belgacom\bin
    0238 StarWindServiceAE.exe normal C:\Program Files\Alcohol Soft\Alcohol 120\StarWind
    02d4 svchost.exe normal C:\WINDOWS\system32
    05e4 UTSCSI.EXE normal C:\WINDOWS\system32
    0804 avgemc.exe normal C:\PROGRA~1\AVG\AVG8
    08e4 SearchIndexer.exe normal C:\WINDOWS\system32
    0a7c Explorer.EXE normal C:\WINDOWS
    0ab8 prevxcsi.exe normal C:\Program Files\PrevxCSI
    0c18 HControl.exe normal C:\WINDOWS\ATK0100
    0c78 sm56hlpr.exe normal C:\WINDOWS
    0cd0 ATKOSD.exe normal C:\WINDOWS\ATK0100
    0cec RTHDCPL.EXE normal C:\WINDOWS
    0cf8 ALU.exe normal C:\Program Files\ASUS\ASUS Live Update
    0d04 BatteryLife.exe normal C:\Program Files\ASUS\Power4 Gear
    0d34 wcourier.exe normal C:\Program Files\Wireless Console 2
    0d4c SynTPEnh.exe normal C:\Program Files\Synaptics\SynTP
    0de0 ZCfgSvc.exe normal C:\Program Files\Intel\Wireless\bin
    0ea4 ifrmewrk.exe normal C:\Program Files\Intel\Wireless\Bin
    0ed8 EOUWiz.exe normal C:\Program Files\Intel\Wireless\Bin
    0fb8 PDVDServ.exe normal C:\Program Files\ASUSTek\ASUSDVD
    02c0 Monitor.exe normal C:\Program Files\Common Files\Ulead Systems\AutoDetector
    0158 CalCheck.exe normal C:\Program Files\Ulead Systems\Ulead Photo Express 6
    01e4 beidsystemtray.exe normal C:\Program Files\Belgium Identity Card
    09fc alg.exe normal C:\WINDOWS\System32
    0a1c OpwareSE4.exe normal C:\Program Files\ScanSoft\OmniPageSE4.0
    0cbc jusched.exe normal C:\Program Files\Java\jre6\bin
    0ff0 sprtcmd.exe normal C:\Program Files\Belgacom\bin
    00e8 iTunesHelper.exe normal C:\Program Files\iTunes
    0f74 Dot1XCfg.exe normal C:\PROGRA~1\Intel\Wireless\Bin
    0f18 avgtray.exe normal C:\PROGRA~1\AVG\AVG8
    0d2c ctfmon.exe normal C:\WINDOWS\system32
    0f58 GoogleToolbarNotifier.exe normal C:\Program Files\Google\GoogleToolbarNotifier
    0fa0 MsnMsgr.Exe normal C:\Program Files\Windows Live\Messenger
    0c88 iPodService.exe normal C:\Program Files\iPod\bin
    0a60 svchost.exe normal C:\WINDOWS\System32
    0eb8 GoogleUpdate.exe normal C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Update
    0f68 SUPERAntiSpyware.exe normal C:\Program Files\SUPERAntiSpyware
    0488 ChkMail.exe normal C:\Program Files\Asus\Asus ChkMail
    0dac WindowsSearch.exe normal C:\Program Files\Windows Desktop Search
    09ec TosBtMng.exe normal C:\Program Files\Toshiba\Bluetooth Toshiba Stack
    0ec8 TosA2dp.exe normal C:\Program Files\Toshiba\Bluetooth Toshiba Stack
    1218 TosBtHid.exe normal C:\Program Files\Toshiba\Bluetooth Toshiba Stack
    1228 TosBtHsp.exe normal C:\Program Files\Toshiba\Bluetooth Toshiba Stack
    14e8 tosOBEX.exe normal C:\Program Files\Toshiba\Bluetooth Toshiba Stack
    15b4 tosBtProc.exe normal C:\Program Files\Toshiba\Bluetooth Toshiba Stack
    1310 a2scan.exe normal C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE
    14c4 usnsvc.exe normal C:\Program Files\Windows Live\Messenger
    0b8c filezilla.exe normal C:\Program Files\FileZilla FTP Client
    09b0 chrome.exe normal C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Chrome\Application
    1204 chrome.exe normal C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Chrome\Application
    08ac chrome.exe normal C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Chrome\Application
    1188 wuauclt.exe normal C:\WINDOWS\system32
    1578 chrome.exe below normal C:\Documents and Settings\Jeroen\Local Settings\Application Data\Google\Chrome\Application
    13bc MpCmdRun.exe normal C:\Program Files\Windows Defender

    hardware:
    + Accu's
    - Accu die voldoet aan Microsoft ACPI-besturingsmethode
    - Microsoft AC-adapter
    + Beeldapparaten (camera's en scanners)
    - USB2.0 1.3M Web Cam (driver 1.0.0.10)
    + Beeldschermadapters
    - NVIDIA GeForce Go 7300 (driver 8.2.9.3)
    + Besturing voor geluid, video en spelletjes
    - Audiocodecs
    - Legacy-audiostuurprogramma's
    - Legacy-videovastlegapparaten
    - Mediabeheerapparaten
    - Realtek High Definition Audio (driver 5.10.0.5165)
    - TASCAM US-122L (driver 1.11.4.0)
    - TASCAM US-122L MIDI (driver 1.11.4.0)
    - Videocodecs
    + Bluetooth
    - Bluetooth RFBNEP (driver 4.0.920.0)
    - Bluetooth RFBUS (driver 4.0.915.0)
    - Bluetooth RFCOMM (driver 4.0.920.0)
    - Bluetooth RFHID (driver 4.0.903.0)
    + Computer
    - ACPI Multiprocessor-pc
    + Dvd-/cd-rom-stations
    - IX4080S RLC643A SCSI CdRom Device
    - TSSTcorp CD/DVDW TS-L632D
    + Human Interface Devices
    - USB-HID
    + IDE ATA/ATAPI-controllers
    - Intel(R) 82801G (ICH7 Family) Ultra ATA Storage Controllers - 27DF (driver 7.0.0.1020)
    - Primair IDE-kanaal
    - Ricoh Memory Stick Host Controller (driver 1.0.1.12)
    - Ricoh SD Bus Host Adapter (driver 1.0.3.6)
    + IEEE 1394 Bus Host Controllers
    - OHCI Compliant IEEE 1394 Host Controller
    + Modems
    - Motorola SM56 Data Fax Modem (driver 6.10.3.0)
    - Standaardmodem (33600 bps)
    + Monitors
    - Plug en Play-monitor
    - Plug en Play-monitor
    - Standaardbeeldscherm
    - Standaardbeeldscherm
    + Muizen en andere aanwijsapparaten
    - HID-compliant muis
    - Synaptics PS/2 Port TouchPad (driver 8.2.0.0)
    + Netwerkadapters
    - 1394-netwerkkaart
    - Bluetooth Personal Area Network (driver 4.0.920.0)
    - Intel(R) PRO/Wireless 3945ABG Network Connection (driver 10.1.0.13)
    - Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC (driver 5.638.1116.2005)
    + PCMCIA-adapters
    - Ricoh R/RL/5C476(II) of compatibele CardBus Controller
    + Poorten (COM & LPT)
    - BT Port (COM10)
    - BT Port (COM11)
    - BT Port (COM12)
    - BT Port (COM13)
    - BT Port (COM14)
    - BT Port (COM20)
    - BT Port (COM21)
    - BT Port (COM40)
    - BT Port (COM6)
    - BT Port (COM7)
    + Processors
    - Genuine Intel(R) CPU T2300 @ 1.66GHz
    - Genuine Intel(R) CPU T2300 @ 1.66GHz
    + Schijfstations
    - HTS541010G9AT00
    - WD 4000AAJ External USB Device
    - WD 5000AAJ External USB Device
    + SCSI- en RAID-controllers
    - SCSI/RAID Host Controller
    + Systeemapparaten
    - ACPI-aan/uit-knop
    - ACPI-deksel
    - ACPI-slaapstandknop
    - ACPI-thermale zone
    - ACPI-vaste-functieknop
    - ACPI-ventilator
    - ATK0100 ACPI UTILITY (driver 1043.2.15.101)
    - BIOS-stuurprogramma voor Microsoft Systeembeheer
    - Controller voor directe geheugentoegang
    - Ingesloten controller die voldoet aan Microsoft ACPI
    - Intel(R) 82801 PCI Bridge - 2448
    - Intel(R) 82801G (ICH7 Family) PCI Express Root Port - 27D0 (driver 7.0.0.1020)
    - Intel(R) 82801G (ICH7 Family) PCI Express Root Port - 27D6 (driver 7.0.0.1020)
    - Intel(R) 82801GBM (ICH7-M) LPC Interface Controller - 27B9 (driver 7.0.0.1020)
    - ISAPNP Read Data-poort
    - Microcode Update-apparaat
    - Microsoft Composite Battery
    - Microsoft UAA-busstuurprogramma voor High Definition Audio
    - Mobile Intel(R) 955XM/945GM/PM/GMS/940GML Express PCI Express Root Port - 27A1 (driver 7.1.0.1011)
    - Mobile Intel(R) 955XM/945GM/PM/GMS/940GML Express Processor to DRAM Controller – 27A0 (driver 7.1.0.1011)
    - Moederbordbronnen
    - Moederbordbronnen
    - Moederbordbronnen
    - Moederbordbronnen
    - Moederbordbronnen
    - Numerieke-gegevensprocessor
    - PCI-bus
    - Programmeerbare interruptcontroller
    - Stuurprogramma voor muis van Terminal Server
    - Systeem dat voldoet aan Microsoft ACPI
    - Systeem-CMOS/Real-timeklok
    - Systeemkaart
    - Systeemkaart
    - Systeemluidspreker
    - Systeemtimer
    - Teller voor Plug en Play-apparatuur
    - Toestenbordstuurprogramma voor Terminal Server
    - Uitgebreide I/O-bus
    - Volumebeheer
    + Toetsenborden
    - Standaardtoetsenbord (101/102 toetsen) of Microsoft Natural PS/2-toetsenbord
    + USB-controllers
    - BT-183 Bluetooth 2.0 (driver 4.0.1216.0)
    - Generic USB Hub
    - Intel(R) 82801G (ICH7 Family) USB Universal Host Controller - 27C8 (driver 7.0.0.1020)
    - Intel(R) 82801G (ICH7 Family) USB Universal Host Controller - 27C9 (driver 7.0.0.1020)
    - Intel(R) 82801G (ICH7 Family) USB Universal Host Controller - 27CA (driver 7.0.0.1020)
    - Intel(R) 82801G (ICH7 Family) USB Universal Host Controller - 27CB (driver 7.0.0.1020)
    - Intel(R) 82801G (ICH7 Family) USB2 Enhanced Host Controller - 27CC (driver 7.0.0.1020)
    - TASCAM US-122L (driver 1.11.4.0)
    - USB-apparaat voor massaopslag
    - USB-apparaat voor massaopslag
    - USB-hoofdhub
    - USB-hoofdhub
    - USB-hoofdhub
    - USB-hoofdhub
    - USB-hoofdhub
    + VSO devices
    - Patin Couffin engine

    cpu registers:
    eax = 00d31438
    ebx = 0047b454
    ecx = 00d31438
    edx = 0047e15d
    esi = 0013f7e4
    edi = 0013f768
    eip = 0047e15d
    esp = 0013f4d8
    ebp = 0013f61c

    stack dump:
    0013f4d8 5d e1 47 00 de fa ed 0e - 01 00 00 00 07 00 00 00 ].G………….
    0013f4e8 ec f4 13 00 5d e1 47 00 - 38 14 d3 00 54 b4 47 00 ….].G.8…T.G.
    0013f4f8 e4 f7 13 00 68 f7 13 00 - 1c f6 13 00 08 f5 13 00 ….h………..
    0013f508 34 f6 13 00 7c 48 40 00 - 1c f6 13 00 00 00 00 00 4…|H@………
    0013f518 4f 6e 76 6f 6c 64 6f 65 - 6e 64 65 20 6f 70 73 6c Onvoldoende.opsl
    0013f528 61 67 72 75 69 6d 74 65 - 20 62 65 73 63 68 69 6b agruimte.beschik
    0013f538 62 61 61 72 20 6f 6d 20 - 64 65 7a 65 20 6f 70 64 baar.om.deze.opd
    0013f548 72 61 63 68 74 20 74 65 - 20 76 65 72 77 65 72 6b racht.te.verwerk
    0013f558 65 6e 2e 0d 0a 00 e4 77 - ec 0c 01 fa 7c 9f 87 02 en…..w….|…
    0013f568 33 00 00 00 98 f5 13 00 - 01 00 00 00 a8 f5 13 00 3……………
    0013f578 1a b9 3a 7e ec 0c 01 fa - 7c 9f 87 02 33 00 00 00 ..:~….|…3…
    0013f588 98 f5 13 00 00 00 00 00 - 44 f6 13 00 33 00 00 00 ……..D…3…
    0013f598 08 01 00 00 0d 00 00 00 - 00 e0 fd 7f 26 00 00 00 …………&…
    0013f5a8 e0 f5 13 00 6d 45 3a 7e - ec 0c 01 fa 7c 9f 87 02 ….mE:~….|…
    0013f5b8 33 00 00 00 40 00 00 00 - 00 00 00 00 44 f6 13 00 3…@…….D…
    0013f5c8 ff ff ff ff 40 00 00 00 - 00 00 00 00 44 f6 13 00 ….@…….D…
    0013f5d8 e2 9f 87 02 00 00 00 00 - 64 f7 13 00 e0 f7 13 00 ……..d…….
    0013f5e8 54 b4 47 00 e8 f6 13 00 - d8 5f e4 77 10 f6 13 00 T.G……_.w….
    0013f5f8 1d 6e e4 77 0a 6f e4 77 - 19 04 01 8a 1c f6 13 00 .n.w.o.w……..
    0013f608 fd 59 e4 77 ab 20 01 c1 - e0 f7 13 00 54 b4 47 00 .Y.w……..T.G.

    disassembling:
    0047e0dc public Graphics.GDIError: ; function entry point
    0047e0dc 2922 push ebp
    0047e0dd mov ebp, esp
    0047e0df add esp, -$108
    0047e0e5 xor eax, eax
    0047e0e7 mov [ebp-$108], eax
    0047e0ed xor eax, eax
    0047e0ef push ebp
    0047e0f0 push $47e17d ; System.@HandleFinally
    0047e0f5 push dword ptr fs:[eax]
    0047e0f8 mov fs:[eax], esp
    0047e0fb 2923 call -$7625c ($407ea4) ; Windows.GetLastError
    0047e0fb
    0047e100 mov [ebp-4], eax
    0047e103 2924 cmp dword ptr [ebp-4], 0
    0047e107 jz loc_47e15f
    0047e107
    0047e109 push 0
    0047e10b push $100
    0047e110 lea eax, [ebp-$104]
    0047e116 push eax
    0047e117 push $400
    0047e11c mov eax, [ebp-4]
    0047e11f push eax
    0047e120 push 0
    0047e122 push $1000
    0047e127 call -$76380 ($407dac) ; Windows.FormatMessage
    0047e127
    0047e12c test eax, eax
    0047e12e jz loc_47e15f
    0047e12e
    0047e130 2926 lea eax, [ebp-$108]
    0047e136 lea edx, [ebp-$104]
    0047e13c mov ecx, $100
    0047e141 call -$78e8e ($4052b8) ; System.@LStrFromArray
    0047e141
    0047e146 mov ecx, [ebp-$108]
    0047e14c mov dl, 1
    0047e14e mov eax, [$4674a0]
    0047e153 call -$2241c ($45bd3c) ; SysUtils.Exception.Create
    0047e153
    0047e158 > call -$797bd ($4049a0) ; System.@RaiseExcept
    0047e158
    0047e15d jmp loc_47e164
    0047e15d
    0047e15d ; ———————————————————
    0047e15d
    0047e15f loc_47e15f:
    0047e15f 2928 call -$dc ($47e088) ; Graphics.OutOfResources
    0047e15f
    0047e164 loc_47e164:
    0047e164 2929 xor eax, eax
    0047e166 pop edx
    0047e167 pop ecx
    0047e168 pop ecx
    0047e169 mov fs:[eax], edx
    0047e16c push $47e184
    0047e169
    0047e171 loc_47e171:
    0047e171 lea eax, [ebp-$108]
    0047e177 call -$79134 ($405048) ; System.@LStrClr
    0047e177
    0047e17c ret
    0047e17c
    0047e17c ; ———————————————————
    0047e17c
    0047e17d jmp -$79986 ($4047fc) ; System.@HandleFinally
    0047e17d
    0047e182 jmp loc_47e171
    0047e182
    0047e182 ; ———————————————————
    0047e182
    0047e184 mov esp, ebp
    0047e186 pop ebp
    0047e187 ret
  • Heb je enig idee wanneer deze stop van A Square heeft plaatsgevonden ? Was dit op een héél groot bestand ? Of in speciale omstandigheden ? Moeilijke vragen, weet ik … maar het is dan ook een ongewone fout :(
  • Wat is hééél groot? Ik hou mij bezig met film, dus ik heb hier wel bestanden van 10 GB staan…
  • [quote:2a11b0afc1="JDO0909"]Wat is hééél groot? Ik hou mij bezig met film, dus ik heb hier wel bestanden van 10 GB staan…[/quote:2a11b0afc1] Dat is dus (waarschijnlijk) de oorzaak van de foutmelding. A Squared opent alle bestanden ter controle … en bij té grote bestanden zou dit fenomeen zich kunnen voordoen.

    Hoe omzeilen we dat om je probleem toch op te lossen ? Mag ik je een Engelstalige handleiding toesturen in het volgende bericht voor de manuele oplossing van je probleem ?
  • ja, doe maar
  • Best uitvoeren in "veilige modus".

    1) Navigate to the problem drive(s) via the Explore option.

    "Verborgen bestanden" vrijgeven.

    2) Click on TOOLS -> FOLDER OPTIONS
    3) Click the button which says ‘Show hidden files and folders.
    4) UNCHECK the following boxes:
    Hide extensions for known file types
    Hide protected operrating system files

    Bestanden verwijderen.

    5) Find and delete the autorun.ini file and the resycled folder on the root directory of all affected drives.
    6) Check “c:\windows\system32\dllcache” for boot.com file and delete it if present.
    7) Check “c:\windows\prefetch” for boot.com file and delete if present.
    8) Delete all files from c:\windows\temp
    (Some files may not delete, that’s ok, they’re in use by the system and not virus files.)
    9) Delete all files from c:\Documents and Settings\[USER PROFILE]\Local Settings\Temp
    (Again, a couple files may not delete, don’t worry.)

    En dan in het register via "uitvoeren" :

    10) Run Regedit
    11) Make sure you are at the very first entry of the registry hive. (y Computer should be hilighted) then click EDIT -> FIND
    12) Search for “boot.com”. If it finds an entry, delete it. Keep hitting F3 until you’ve deleted all instances of boot.com in the entire registry.
    13) Scroll the left comumn back up to the top and hilight the My Computer again at the top of the registry hive.
    14) Click Edit -> Find again and search for ‘resycled’ and repeat as in step 13, deleting the entries as it finds them. (I found 2 of each)
    15) Close registry editor and try opening the infected drives. They should work now.

    Laat eens horen of dit helemaal verloopt zoals hier aangeduidt … en dat het dan nog een positief resultaat heeft ook ?
  • PRACHTIG!! Het is volledig in orde nu. De externe HDD's waar ik mee werk zijn van Western Digital Elements, dus hier stond standaard een autorun.inf op bestaande uit

    [autorun]
    icon=Elements.ico

    Als er nog mensen zijn die dit voor hebben moeten ze de autorun.inf die ze verwijderen later vervangen door bovenstaande.

    Alles is verlopen zoals hierboven beschreven, alleen heb ik geen resultaten gehad bij stap 14, maar die zullen al verwijderd zijn bij de vorige stappen die je al geadviseerd had.

    Verschrikkelijk hard bedankt voor alle moeite!!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.