Toon posts:

Windows laat .exe bestanden meer openen

Pagina: 1
Acties:

Onderwerpen

Microsoft Windows 7

donderdag 2 juli 2009 21:24

Acties:
  • 0 Henk 'm!
  • Anton2211
  • Registratie: Juli 2009
  • Laatst online: 05-08 12:31

Anton2211

Topicstarter
Wat precies het probleem is weet ik niet, maar eerst werden de snelkoppelingen onbruiikbaar en de .exe programma's waren nog te gebruiken. Maar nu kan ik ook de bestanden niet meer openen, overigens werken de programma's wel gewoon binnen de veilige modus. En als ik taakbeheer oproep zouden de opstartprogramma's gewoon opgestart moeten zijn...

Wat heb ik geprobeerd;
- Allereerst de netwerk/internetkabel eruit getrokken.
- Alle partities op fouten laten controleren bij opnieuw opstarten van Windows.
- Avira gedownload (Avast wilde niet meer opstarten) en laten scannen voordat andere programma's openen in windows, onder normale opstart. Volledige scan gedaan, 3 viri oid zijn verwijderd.
-Hielp niet
-Advanced Windowscare laten scannen op alle mogelijke besmettingen en beschadigde directories.
-Opgeschoond, maar nog steeds niet opgelost

Printscreen kon ik niet meer opslaan in paint of kladblok dus zal een screenshot proberen te laden hier.
Foto kan ik natuurlijk opsturen.
Afbeeldingslocatie: http://i987.photobucket.com/albums/ae354/ontzettende_zeilfreak/PICT1092.jpg
Afbeeldingslocatie: http://i987.photobucket.com/albums/ae354/ontzettende_zeilfreak/PICT1089.jpg
Alvast van haaarte bedankt voor de gouden tip!

Grtz Anton

[ Voor 13% gewijzigd door Anton2211 op 13-07-2009 20:08 ]

donderdag 2 juli 2009 21:30

Acties:
  • 0 Henk 'm!
  • MrHarry
  • Registratie: Oktober 2006
  • Laatst online: 11-09 16:11

MrHarry

denk dat je gewoon beter kan gaan formatten.
en die link die je post die gaat nooit werken want jou s schijf kennen wij niet op internet.

donderdag 2 juli 2009 21:39

Acties:
  • 0 Henk 'm!
  • McKaamos
  • Registratie: Maart 2002
  • Niet online

McKaamos

Master of the Edit-button

Lol, een link naar C:\ etc etc :P
Dat gaat niet werken ;)

Pleur het plaatje eens online, b.v. op imageshack oid ;)

Draai ook eens Hijack This en post de log eens.

Iemand een Tina2 in de aanbieding?

donderdag 2 juli 2009 23:13

Acties:
  • 0 Henk 'm!
  • alt-92
  • Registratie: Maart 2000
  • Niet online

alt-92

ye olde farte

Anton2211 schreef op donderdag 02 juli 2009 @ 21:24:
Wat precies het probleem is weet ik niet

[....]
- Avira gedownload (Avast wilde niet meer opstarten) en laten scannen voordat andere programma's openen in windows, onder normale opstart. Volledige scan gedaan, 3 viri oid zijn verwijderd.
Tel uit je winst? :)

Als je nog weet welk virus dat was kun je misschien vinden of en hoe je de schade kan herstellen.
Als je een Virut- variant hebt opgelopen kan het nog wel eens knap lastig worden alleen..

ik heb een 864 GB floppydrive! - certified prutser - the social skills of a thermonuclear device

vrijdag 3 juli 2009 00:00

Acties:
  • 0 Henk 'm!
  • Anton2211
  • Registratie: Juli 2009
  • Laatst online: 05-08 12:31

Anton2211

Topicstarter
hm, ja thnx voor de tips, ga er morgen mee verder...
helaas te snel op ok gedrukt, weet niet meer welke virii het waren :p
en zoals jullie wel zullen begrijpen zie ik formatteren als allerlaatste mogelijkheid (netbook aansluiten op 22" scherm en toestenbord/muis van desktop voldoet opt moment wel even)

vrijdag 3 juli 2009 07:17

Acties:
  • 0 Henk 'm!
  • Rupie
  • Registratie: Augustus 2006
  • Laatst online: 18-09 13:19

Rupie

formatteren kan je laatst mogelijkheid zijn, maar persoonlijk zou ik nooit meer internetbankieren o.i.d. als ik weet dat er een virus op mijn pc heeft gestaan, helemaal als het een virus is geweest met dusdanige gevolgen. Dan kost het maar een paar uurtjes om alles weer helemaal ingesteld te krijgen zoals ik wil, maar het voelt een stuk prettiger ;)

Als ik jou was zou ik opnieuw gaan installeren en een paar image's maken van je schijf (1 met alleen windows geinstalleerd en 1 met alles geinstalleerd ofzo). Mocht het dan nog een keer gebeuren (een virus komt daar niet vanzelf meestal), kan je gewoon je image terugzetten en is je probleem opgelost

Desktop | Server | Laptop

maandag 13 juli 2009 22:54

Acties:
  • 0 Henk 'm!
  • Anton2211
  • Registratie: Juli 2009
  • Laatst online: 05-08 12:31

Anton2211

Topicstarter
heb net een log laten draaien;
in de hoop dat iemand er wat interessants uit kan vissen, helaas wel in veilige modus moeten draaien, normale modus werkt te bagger daarvoor....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:31:38, on 13-7-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.23.0\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [FinePrint Dispatcher v5] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 cmicnfg3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [USBPhone4Skype] C:\Program Files\Shiro SKYPE DECT\USBPhone4Skype.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HitmanPro35] "C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe" /scan:boot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [Setup] "C:\WINDOWS\Installer\{D6BF6477-8369-489F-8DE6-3731F4B88560}\Setup.exe" /startup /restart_rejected
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.23.0\gears.dll
O9 - Extra 'Tools' menuitem: &Instellingen voor Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.23.0\gears.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobiele favorieten maken... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{059BA6F2-A379-496E-88FB-ECD0FA6032A5}: NameServer = 192.168.1.6
O17 - HKLM\System\CS2\Services\Tcpip\..\{059BA6F2-A379-496E-88FB-ECD0FA6032A5}: NameServer = 192.168.1.6
O17 - HKLM\System\CS4\Services\Tcpip\..\{059BA6F2-A379-496E-88FB-ECD0FA6032A5}: NameServer = 192.168.1.6
O17 - HKLM\System\CS5\Services\Tcpip\..\{059BA6F2-A379-496E-88FB-ECD0FA6032A5}: NameServer = 192.168.1.6
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: DefWatch - Unknown owner - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe (file missing)
O23 - Service: Google Update Service (gupdate1c90d1e718ada38) (gupdate1c90d1e718ada38) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Unknown owner - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 10688 bytes

dinsdag 14 juli 2009 13:29

Acties:
  • 0 Henk 'm!
  • Rupie
  • Registratie: Augustus 2006
  • Laatst online: 18-09 13:19

Rupie

het eerste wat mij opvalt is dat er meerdere virusscans actief zijn (Symantec, Avira en Avast!), daar zou ik in ieder geval iets aan gaan doen.
heb je trouwens al een virusscan gedaan vanuit veilige modus?

Hoe dan ook, ik blijf bij mijn eerdere standpunt dat opnieuw installeren een betere optie is dan proberen dusdanige problemen recht te zetten. En waarschijnlijk ben je dan nog sneller klaar ook ;)

Desktop | Server | Laptop

dinsdag 14 juli 2009 13:50

Acties:
  • 0 Henk 'm!
  • F_J_K
  • Registratie: Juni 2001
  • Niet online

F_J_K

Moderator CSA/PB

Front verplichte underscores

Anton2211 schreef op maandag 13 juli 2009 @ 22:54:
heb net een log laten draaien;
in de hoop dat iemand er wat interessants uit kan vissen
Wat zie je er zelf als verdachte bestanden? Upload die even naar een dienst als virustotal of Jotti's scanner. En check dan de diverse antivirussites om te zien wat de kenmerken zijn van de malware die je tegenkomt, en hoe het op te lossen :)

Maar los daarvan, blijkbaar loop je achter qua backups (anders was formatteren geen punt geweest), doe dat dus eerst even. Natuurlijk naar een nieuw backup-medium, je oude wil je nog even bewaren voor het geval er bestanden gesloopt zijn.

'Multiple exclamation marks,' he went on, shaking his head, 'are a sure sign of a diseased mind' (Terry Pratchett, Eric)

dinsdag 14 juli 2009 18:47

Acties:
  • 0 Henk 'm!
  • Anton2211
  • Registratie: Juli 2009
  • Laatst online: 05-08 12:31

Anton2211

Topicstarter
helaas... ik zie zelf geen vreemde programma's draaien en ook de virus programmi zien niks.
ik heb nu ook weer één virusprogramma draaien, maar n tweede was even nodig en heeft wat fouten voor me hersteld.
ik had nog n kleine hoop, maar ik zal idd mn files even backuppen.... dat ben ik al een hele tijd van plan, goed geraden ;)
en vandaag of morgen ga ik maar eens formatteren... dan zijn de fouten die inmiddels in het systeem zijn geslopen ook maar meteen goed verholpen...

dinsdag 14 juli 2009 20:04

Acties:
  • 0 Henk 'm!
  • Anton2211
  • Registratie: Juli 2009
  • Laatst online: 05-08 12:31

Anton2211

Topicstarter
ok, nieuwe hijackthislog;

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:12:21, on 14-7-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.23.0\gears.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [FinePrint Dispatcher v5] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 cmicnfg3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [USBPhone4Skype] C:\Program Files\Shiro SKYPE DECT\USBPhone4Skype.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [Setup] "C:\WINDOWS\Installer\{D6BF6477-8369-489F-8DE6-3731F4B88560}\Setup.exe" /startup /restart_rejected
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.23.0\gears.dll
O9 - Extra 'Tools' menuitem: &Instellingen voor Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.23.0\gears.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobiele favorieten maken... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{059BA6F2-A379-496E-88FB-ECD0FA6032A5}: NameServer = 192.168.1.6
O17 - HKLM\System\CS2\Services\Tcpip\..\{059BA6F2-A379-496E-88FB-ECD0FA6032A5}: NameServer = 192.168.1.6
O17 - HKLM\System\CS4\Services\Tcpip\..\{059BA6F2-A379-496E-88FB-ECD0FA6032A5}: NameServer = 192.168.1.6
O17 - HKLM\System\CS5\Services\Tcpip\..\{059BA6F2-A379-496E-88FB-ECD0FA6032A5}: NameServer = 192.168.1.6
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Update Service (gupdate1c90d1e718ada38) (gupdate1c90d1e718ada38) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Unknown owner - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 9456 bytes


[color=#FFFF00]ok, en de combofix:[/color]
ComboFix 09-07-13.01 - Administrator 14-07-2009 19:14.2.2 - NTFSx86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1023.664 [GMT 2:00]
Gestart vanuit: S:\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090621-0] *On-access scanning enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Voorgaande Run -------
.
c:\windows\Installer\1068f64.msp
c:\windows\Installer\1095228.msi
c:\windows\Installer\1225c0.msp
c:\windows\Installer\1a4519.msi
c:\windows\Installer\1a451a.msp
c:\windows\Installer\1a451b.msp
c:\windows\Installer\1a451c.msp
c:\windows\Installer\1a451d.msp
c:\windows\Installer\1a451e.msp
c:\windows\Installer\1a451f.msp
c:\windows\Installer\1a4520.msp
c:\windows\Installer\1a4521.msp
c:\windows\Installer\1a4522.msp
c:\windows\Installer\1a4523.msp
c:\windows\Installer\1dfdfcea.msp
c:\windows\Installer\1dfdfcff.msp
c:\windows\Installer\1f9fa4.msp
c:\windows\Installer\1f9fae.msp
c:\windows\Installer\1f9faf.msp
c:\windows\Installer\1f9fb0.msp
c:\windows\Installer\1f9fb1.msp
c:\windows\Installer\1f9fbb.msp
c:\windows\Installer\1f9fc5.msp
c:\windows\Installer\1f9fcf.msp
c:\windows\Installer\1f9fd9.msp
c:\windows\Installer\1f9fe3.msp
c:\windows\Installer\1f9fed.msp
c:\windows\Installer\1f9ff7.msp
c:\windows\Installer\1fa001.msp
c:\windows\Installer\1fa00a.msp
c:\windows\Installer\1fa013.msp
c:\windows\Installer\1fa01c.msp
c:\windows\Installer\2b4606.msp
c:\windows\Installer\2de14c.msp
c:\windows\Installer\4f5b038.msi
c:\windows\Installer\4f5b039.msp
c:\windows\Installer\4f5b03a.msp
c:\windows\Installer\4f5b03b.msp
c:\windows\Installer\4f5b03c.msp
c:\windows\Installer\4f5b03d.msp
c:\windows\Installer\4f5b03e.msp
c:\windows\Installer\4f5b03f.msp
c:\windows\Installer\4f5b040.msp
c:\windows\Installer\4f5b041.msp
c:\windows\Installer\505f23.msp
c:\windows\Installer\505f24.msp
c:\windows\Installer\505f25.msp
c:\windows\Installer\505f26.msp
c:\windows\Installer\505f27.msp
c:\windows\Installer\505f28.msp
c:\windows\Installer\505f29.msp
c:\windows\Installer\505f2a.msp
c:\windows\Installer\505f2b.msp
c:\windows\Installer\6569802.msp
c:\windows\Installer\94b36.msp
c:\windows\Installer\9ab96.msp
c:\windows\Installer\b30539.msp
c:\windows\Installer\dd85f.msp
c:\windows\Installer\dd868.msp
c:\windows\Installer\f141b.msp
c:\windows\Installer\f1424.msp
c:\windows\Installer\f56e0.msp
c:\windows\Installer\fd807c.msp
c:\windows\Installer\fd8085.msp
c:\windows\Installer\ff14c.msp
c:\windows\msvrc20.dll

.
(((((((((((((((((((( Bestanden Gemaakt van 2009-06-14 to 2009-07-14 ))))))))))))))))))))))))))))))
.

2009-07-14 16:34 . 2009-07-14 16:34 -------- d-----w- c:\documents and settings\Administrator\Application Data\Teleca
2009-07-14 16:34 . 2009-07-14 16:34 -------- d-----w- c:\documents and settings\Administrator\Application Data\Sony Ericsson
2009-07-14 16:12 . 2009-07-14 16:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-07-14 16:11 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-14 16:11 . 2009-07-14 16:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-14 16:11 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-13 19:00 . 2009-07-13 18:56 3121979 ----a-r- C:\ComboFix.exe
2009-07-13 19:00 . 2009-07-13 18:48 16410008 ----a-w- C:\jre-6u14-windows-i586-s.exe
2009-07-13 18:31 . 2009-07-13 18:31 -------- d-----w- c:\program files\Trend Micro
2009-07-02 16:16 . 2009-07-02 16:16 -------- d-----w- c:\documents and settings\Administrator\Application Data\IObit
2009-07-01 21:57 . 2009-03-24 14:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-07-01 21:38 . 2008-04-14 17:03 153088 ----a-w- c:\windows\regedit Kopie.exe
2009-07-01 17:29 . 2009-07-01 17:29 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Deployment
2009-07-01 17:18 . 2009-07-01 17:18 105016 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-01 15:59 . 2009-07-01 15:59 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google
2009-06-22 20:37 . 2009-06-22 20:37 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2009-06-22 19:07 . 2009-06-22 19:07 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Opera
2009-06-22 19:04 . 2009-06-22 19:04 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-06-22 16:09 . 2001-09-07 12:00 5120 ----a-w- c:\windows\system32\Kopie van shell.dll
2009-06-18 16:30 . 2009-06-18 16:30 -------- d-----w- c:\program files\TomTom International B.V

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-14 16:59 . 2007-07-23 21:15 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2009-07-13 22:12 . 2008-09-03 20:00 -------- d-----w- c:\program files\LogMeIn
2009-07-13 18:07 . 2007-07-14 16:15 -------- d-----w- c:\program files\Common Files\Real
2009-07-13 18:07 . 2007-07-14 16:15 -------- d-----w- c:\program files\Real
2009-07-13 18:04 . 2009-05-27 18:30 -------- d-----w- c:\program files\Sony Ericsson
2009-07-13 18:04 . 2009-05-27 18:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony Ericsson
2009-07-01 17:29 . 2009-01-19 20:03 -------- d-----w- c:\program files\AutoCAD 2006
2009-07-01 17:29 . 2007-07-10 21:21 -------- d-----w- c:\program files\Google
2009-06-26 06:20 . 2007-08-27 20:21 -------- d-----w- c:\program files\Secured eMule
2009-06-17 19:06 . 2009-02-12 22:25 -------- d-----w- c:\program files\Free Download Manager
2009-06-15 21:44 . 2008-12-20 09:57 -------- d-----w- c:\documents and settings\All Users\Application Data\PrevxCSI
2009-06-15 21:44 . 2007-11-07 20:10 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller
2009-06-15 21:44 . 2007-09-26 19:11 -------- d-----w- c:\documents and settings\All Users\Application Data\WholeSecurity
2009-06-15 21:44 . 2008-12-11 21:56 -------- d-----w- c:\program files\Vsk5Online
2009-06-15 21:44 . 2007-11-21 22:31 -------- d-----w- c:\program files\PokerStars.NET
2009-06-15 21:44 . 2007-08-17 17:49 -------- d-----w- c:\program files\X10 Hardware
2009-06-15 21:44 . 2007-07-12 18:36 -------- d-----w- c:\program files\phonostar
2009-06-15 21:44 . 2009-01-31 01:16 -------- d-----w- c:\program files\MagicISO
2009-06-15 19:57 . 2009-06-09 17:28 11904 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2009-06-15 19:56 . 2007-10-01 17:04 163712 ----a-w- c:\windows\system32\drivers\vidstub.sys
2009-06-15 19:28 . 2009-03-11 22:26 -------- d-----w- c:\program files\VRTool
2009-06-15 19:19 . 2009-01-19 20:16 -------- d-----w- c:\program files\Hitman Pro
2009-06-12 06:48 . 2009-01-09 20:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-06-09 17:46 . 2009-02-12 22:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro
2009-06-09 17:27 . 2009-06-09 17:27 -------- d-----w- c:\program files\Hitman Pro 3.5
2009-06-09 17:27 . 2009-06-09 17:26 6330616 ----a-w- c:\documents and settings\All Users\Application Data\Hitman Pro 3\HitmanPro35.exe
2009-06-09 17:27 . 2009-06-09 17:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro 3
2009-06-09 17:26 . 2009-06-09 17:26 4334409 ----a-w- c:\documents and settings\All Users\Application Data\Hitman Pro 3\hitmanpro3.exe
2009-06-09 16:41 . 2009-06-09 16:40 -------- d-----w- c:\program files\AGEIA Technologies
2009-06-09 16:39 . 2009-06-09 16:39 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-05-27 19:02 . 2007-07-10 21:26 -------- d-----w- c:\program files\Common Files\Teleca Shared
2009-05-27 19:00 . 2009-05-27 18:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Teleca
2009-05-27 19:00 . 2009-05-27 18:59 -------- d-----w- c:\program files\Common Files\Sony Ericsson Shared
2009-05-27 18:32 . 2009-05-27 18:32 -------- d-----w- c:\documents and settings\All Users\Application Data\BVRP Software
2009-05-27 18:30 . 2007-07-09 16:36 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-27 18:17 . 2009-05-27 18:17 8609 ----a-w- c:\windows\extend.dat
2009-05-27 18:11 . 2009-05-27 18:11 -------- d-----w- c:\program files\Outlook97
2009-05-27 18:11 . 2009-05-27 18:11 -------- d-----w- c:\program files\Windows Messaging
2009-05-27 17:40 . 2009-05-27 17:40 3584 ----a-w- c:\windows\VIEWS.DAT
2009-05-26 18:08 . 2001-09-07 12:00 91632 ----a-w- c:\windows\system32\perfc013.dat
2009-05-26 18:08 . 2001-09-07 12:00 511866 ----a-w- c:\windows\system32\perfh013.dat
2009-05-26 17:03 . 2007-12-28 22:33 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-05-19 17:44 . 2009-05-19 17:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-19 16:55 . 2009-05-19 16:54 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-05-07 15:34 . 2004-08-03 23:03 347136 ----a-w- c:\windows\system32\localspl.dll
2009-04-30 22:31 . 2009-04-30 22:31 1657376 ----a-w- c:\windows\system32\nwiz.exe
2009-04-30 22:31 . 2009-04-30 22:31 449056 ----a-w- c:\windows\system32\nvappbar.exe
2009-04-30 22:31 . 2009-04-30 22:31 436768 ----a-w- c:\windows\system32\keystone.exe
2009-04-30 22:31 . 2009-04-30 22:31 466944 ----a-w- c:\windows\system32\nvshell.dll
2009-04-30 22:31 . 2009-04-30 22:31 1724416 ----a-w- c:\windows\system32\nvwdmcpl.dll
2009-04-30 22:31 . 2009-04-30 22:31 1507328 ----a-w- c:\windows\system32\nview.dll
2009-04-30 22:31 . 2009-04-30 22:31 1101824 ----a-w- c:\windows\system32\nvwimg.dll
2009-04-30 20:02 . 2009-04-30 20:02 663552 ----a-w- c:\windows\system32\nvcuvid.dll
2009-04-30 20:02 . 2009-04-30 20:02 1579630 ----a-w- c:\windows\system32\nvdata.bin
2009-04-30 20:02 . 2009-04-30 20:02 1314816 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-04-30 20:02 . 2009-01-11 13:22 457248 -c--a-w- c:\windows\system32\nvudisp.exe
2009-04-30 20:02 . 2008-05-14 22:23 8055584 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-04-30 20:02 . 2008-05-09 03:23 9994240 ----a-w- c:\windows\system32\nvoglnt.dll
2009-04-30 20:02 . 2008-05-02 21:46 806912 ----a-w- c:\windows\system32\nvapi.dll
2009-04-30 20:02 . 2008-05-02 21:46 1720320 ----a-w- c:\windows\system32\nvcuda.dll
2009-04-30 20:02 . 2008-05-02 21:46 143360 ----a-w- c:\windows\system32\nvcodins.dll
2009-04-30 20:02 . 2008-05-02 21:46 143360 ----a-w- c:\windows\system32\nvcod.dll
2009-04-30 20:02 . 2008-04-14 17:02 5896320 ----a-w- c:\windows\system32\nv4_disp.dll
2009-04-26 22:42 . 2009-01-11 13:20 457248 -c--a-w- c:\windows\system32\NVUNINST.EXE
2009-04-19 19:51 . 2004-08-03 22:56 1847296 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 20:31 . 2007-07-10 01:44 10747904 ----a-w- c:\windows\NTSWITCH31123.oldsystem.dat
2009-06-13 23:43 . 2009-02-15 22:54 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-16 39408]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-01-08 4363504]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Setup"="c:\windows\Installer\{D6BF6477-8369-489F-8DE6-3731F4B88560}\Setup.exe" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"FinePrint Dispatcher v5"="c:\windows\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" [2007-06-30 499712]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2005-12-10 133016]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536]
"BootSkin Startup Jobs"="c:\program files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 270336]
"USBPhone4Skype"="c:\program files\Shiro SKYPE DECT\USBPhone4Skype.exe" [2007-01-10 208896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13750272]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-04-30 86016]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2005-03-07 53248]
"VTTrayp"="VTtrayp.exe" - c:\windows\system32\VTTrayp.exe [2006-07-10 176128]
"Dit"="Dit.exe" - c:\windows\Dit.exe [2002-08-28 73728]
"Cmaudio"="cmicnfg.cpl" [BU]
"C-Media Mixer"="Mixer.exe" - c:\windows\mixer.exe [2002-10-15 1818624]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2008-10-10 69632]
"CmPCIaudio"="cmicnfg3.cpl" [BU]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-04-30 1657376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-2-13 809488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-11-07 15:41 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2008-09-17 06:05 210168 ----a-w- c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-01-30 23:21 87352 ----a-w- c:\windows\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\O:\0autocheck autochk *

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^BTTray.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Gebruiker^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk]
path=c:\documents and settings\Gebruiker\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk
backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\NETGEAR\\WG111v2 Configuration Utility\\RtWLan.exe"=
"c:\\Program Files\\Vsk5Online\\Vsk5Online.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 BootScreen;BootScreen;\SystemRoot\\SystemRoot\System32\drivers\vidstub.sys --> \SystemRoot\\SystemRoot\System32\drivers\vidstub.sys [?]
R0 VOBID;VOBID;c:\windows\system32\drivers\vobid.sys [1-8-2003 14:47 29239]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 18:19 13592]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [9-7-2007 18:35 11264]
S1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [31-3-2008 19:01 114768]
S1 ctredrv.sys;ctredrv.sys;\??\c:\windows\system32\drivers\ctredrv.sys --> c:\windows\system32\drivers\ctredrv.sys [?]
S1 mchInjDrv;madCodeHook DLL injection driver;c:\windows\system32\drivers\mchInjDrv.sys [29-9-2007 16:16 2560]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [31-3-2008 19:01 20560]
S2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [10-7-2007 4:53 66048]
S2 gupdate1c90d1e718ada38;Google Update Service (gupdate1c90d1e718ada38);c:\program files\Google\Update\GoogleUpdate.exe [2-9-2008 19:07 133104]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [28-2-2008 15:31 12856]
S2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [3-9-2008 22:01 47640]
S3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\drivers\BTCamDrv.sys [18-7-2008 20:36 219264]
S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys --> c:\windows\system32\drivers\hitmanpro3.sys [?]
S3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.sys [24-2-2005 12:29 162176]
S3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [9-7-2007 19:25 24704]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [30-1-2009 21:33 112384]
S3 S6U12BScanner;MUSTEK 1200 UB Still Image Device Service;c:\windows\system32\drivers\usbscan.sys [10-7-2007 4:08 15104]
S3 viafilter;VIA USB Filter;c:\windows\system32\drivers\viausb1.sys [19-1-2009 22:44 9728]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
.
Inhoud van de 'Gedeelde Taken' map

2009-06-22 c:\windows\Tasks\Dagelijkse Backup Even.job
- c:\windows\system32\ntbackup.exe [2004-08-03 17:03]

2009-07-13 c:\windows\Tasks\Dagelijkse Backup Oneven.job
- c:\windows\system32\ntbackup.exe [2004-08-03 17:03]

2009-07-13 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-09-02 17:07]

2009-07-14 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 16:20]

2009-07-13 c:\windows\Tasks\User_Feed_Synchronization-{368517CF-1C83-4C96-933D-D6862ACBAEB2}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:58]

2009-07-13 c:\windows\Tasks\User_Feed_Synchronization-{4C3C4F5E-208A-4389-A878-0BC33FDCAB8F}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:58]
.
.
------- Bijkomende Scan -------
.
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
TCP: {059BA6F2-A379-496E-88FB-ECD0FA6032A5} = 192.168.1.6
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\burilhr0.default\
FF - component: c:\program files\Google\Google Gears\Firefox\components\gears.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-14 19:25
Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(328)
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\windows\system32\LMIinit.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll
c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll

- - - - - - - > 'explorer.exe'(1856)
c:\windows\system32\LMIRfsClientNP.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.NLD
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Malwarebytes' Anti-Malware\mbamext.dll
c:\progra~1\WINZIP\WZSHLSTB.DLL
c:\program files\WinRAR\rarext.dll
c:\program files\Rhinoceros 4.0\System\RhinoShExt.dll
c:\program files\MagicISO\misosh.dll
.
Voltooingstijd: 2009-07-14 19:30
ComboFix-quarantined-files.txt 2009-07-14 17:30

Pre-Run: 5.927.424.000 bytes beschikbaar
Post-Run: 5.878.222.848 bytes beschikbaar

Current=4 Default=4 Failed=2 LastKnownGood=5 Sets=1,2,3,4,5
325 --- E O F --- 2009-06-18 15:56
Pagina: 1
Reageer

Apple iPhone 16e LG OLED evo G5 Google Pixel 10 Samsung Galaxy S25 Star Wars: Outlaws Nintendo Switch 2 Apple AirPods Pro (2e generatie) Sony PlayStation 5 Pro

Tweakers is onderdeel van DPG Media B.V.
Alle rechten voorbehouden - Auteursrecht © 1998 - 2025 Hosting door TrueFullstaq