Hallo iedereen,ik zou graag men pc eens een onderhoudje willen geven,het is namelijk 6 maanden gelede dat ik nog een hijackthis heb geplaatst.

Merci
Welsey
Logfile of HijackThis v1.99.1
Scan saved at 23:20:20, on 15/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\TELENE~1\SMARTB~1\MotiveSB.exe
C:\Telemeter 3.0\telemeter3.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIA GE.EXE
C:\NOKIAP~1\NOKIAP~1\LAUNCH~1.EXE
C:\Advanced WindowsCare V2\Awc.exe
C:\Adobe Photoshop Elements 3.0 NL\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Comodo Firewall\Comodo\Firewall\CPF.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Winamp\winampa.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Creative\News\NewsUpd.EXE
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Comodo Firewall\Comodo\Firewall\cmdagent.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Nokia Pc Suite\Nokia PC Suite 6\PcSync2.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Adobe Photoshop Elements 3.0 NL\PhotoshopElementsDeviceConnect.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\AnyDVD\AnyDVD.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Bluetooth\BlueSoleil.exe
C:\Coreldraw8\Programs\MFIndexer.exe
C:\Logitech\SetPoint\SetPoint.exe
C:\SpywareGuard\sgmain.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\SpywareGuard\sgbhp.exe
C:\Telenet EasyCare\bin\mpbtn.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\locator.exe
C:\WINDOWS\System32\alg.exe
C:\DVDREG~1\DVDRegionFree.exe
C:\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Abeloos Wesley\Bureaublad\hjt.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Snag it\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {849B9523-785F-4014-9CAF-079FB4A74C61} - C:\WINDOWS\system32\bnuynwut.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: (no name) - {FFC72CDD-2C7D-4501-B228-E5C052653D17} - C:\WINDOWS\system32\pmkhf.dll (file missing)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Snag it\SnagItIEAddin.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Motive SmartBridge] C:\TELENE~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 4.exe
O4 - HKLM\..\Run: [Telemeter 3.0] "C:\Telemeter 3.0\telemeter3.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX520 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIA GE.EXE /P31 "EPSON Stylus Photo RX520 Series" /O6 "USB002" /M "Stylus Photo RX520"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\NOKIAP~1\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Advanced WindowsCare] "C:\Advanced WindowsCare V2\Awc.exe" /startup
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Comodo Firewall] "C:\Comodo Firewall\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [WinampAgent] C:\Winamp\winampa.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [Creative Launcher] c:\surround set 5.1\sound blaster live\Launcher\CTLauncher.exe
O4 - HKLM\..\Run: [AudioHQ] c:\surround set 5.1\sound blaster live\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [NewsUpd] C:\Program Files\Creative\News\NewsUpd.EXE /q
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PcSync] C:\Nokia Pc Suite\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [EPSON Stylus Photo RX520 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIA GE.EXE /P31 "EPSON Stylus Photo RX520 Series" /M "Stylus Photo RX520" /EF "HKCU"
O4 - HKCU\..\Run: [AnyDVD] C:\AnyDVD\AnyDVD.exe
O4 - Startup: SpywareGuard.lnk = C:\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Coreldraw8\Programs\MFIndexer.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Telenet EasyCare.lnk = C:\Telenet EasyCare\bin\matcli.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\OFFICE~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155326341765
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winbfi32 - winbfi32.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Adobe Photoshop Elements 3.0 NL\PhotoshopElementsFileAgent.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Comodo Firewall\Comodo\Firewall\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\ewido anti-malware\ewidoctrl.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Adobe Photoshop Elements 3.0 NL\PhotoshopElementsDeviceConnect.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

Vergeten jullie mij niet ??? ;-)

Excuseer welsey, je logje is tamelijk laat gepost en er zijn niet constant mensen van de groep defensie hier aanwezig. Je wordt zo snel mogelijk geholpen!

momentje ik kijk even./

Download Combofix (http://download.bleepingcomputer.com/sUBs/combofix.exe) naar je Bureaublad.
Dubbelklik Combofix.exe
Volg de instructies, aanvaard de disclaimer door "y" of "Y" te typen.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
Plaats dit log in je volgende post samen met een nieuw HijackThis log.

NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.

Start Hijackthis op en kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {849B9523-785F-4014-9CAF-079FB4A74C61} - C:\WINDOWS\system32\bnuynwut.dll (file missing)
O2 - BHO: (no name) - {FFC72CDD-2C7D-4501-B228-E5C052653D17} - C:\WINDOWS\system32\pmkhf.dll (file missing)
O20 - Winlogon Notify: winbfi32 - winbfi32.dll (file missing)

Sluit alle vensters behalve Hijackthis
Klik op 'Fix checked' om de items te verwijderen.

Je Java software is verouderd. oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.
Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren:

Download de nieuwste versie hier: Java Runtime Environment (JRE) 6 (http://java.sun.com/javase/downloads/index.jsp).
Scroll naar beneden tot waar er staat: "Java Runtime Environment (JRE) 6
The J2SE Runtime Environment (JRE) allows end-users to run Java applications.".
Klik dan rechts op de ">>Download" knop.
Vink het volgende aan waar er staat: "Accept License Agreement".
De pagina zal herladen.
Klik op de link: Windows Offline Installation, Multi-language. De download zal starten, sla deze op je bureaublad op.
Sluit alle programma's die eventueel open zijn - Zeker je web browser!
Ga dan naar Start > Configuratiescherm en dubbelklik op software en verwijder alle oudere versies van Java.
Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
Klik dan op Verwijderen of Wijzig/Verwijder knop.
Herhaal dit tot alle oudere versies verdwenen zijn.
Na het verwijderen van alle oudere versies, herstart dan je pc.
Dubbelklik dan op jre-6-windows-i586.exe op je bureaublad om de nieuwste versie van Java te installeren.



plaats het combofix logje en een nieuw HJT logje aub.

succes
Juisterr

ik begrijp jullie druk werkschema maar ik wou gewoon eventjes late wete of jullie mij niet zouden vergeten :-)

dank u voor de snelle reactie en al wat je gevraagd hebt heb ik gedaan!

Hier is de combofix logje :
"Abeloos Wesley" - 07-01-18 9:03:43 Service Pack 2
ComboFix 07-01-16.2 - Running from: "C:\Documents and Settings\Abeloos Wesley\Mijn documenten"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\Common Files\{3C718~1
C:\WINDOWS\system32\components


((((((((((((((((((((((((((((((( Files Created from 2006-12-18 to 2007-01-18 ))))))))))))))))))))))))))))))))))


2007-01-17 12:02 <DIR> d----c--- C:\DVDFab Decrypter 3
2007-01-17 09:59 <DIR> d----c--- C:\DOCUME~1\ABELOO~1\Application Data\Sony
2007-01-17 09:43 <DIR> d----c--- C:\Amazon DVD Shrinker
2007-01-11 00:19 <DIR> d----c--- C:\WINDOWS\ie7updates
2007-01-11 00:09 <DIR> d----c--- C:\MailWasher Pro
2007-01-11 00:09 <DIR> d----c--- C:\DOCUME~1\ABELOO~1\Application Data\MailWasherPro
2007-01-10 09:49 3,968 --a--c--- C:\WINDOWS\system32\drivers\avgclean.sys
2007-01-10 09:47 816,672 --a--c--- C:\WINDOWS\system32\drivers\avg7core.sys
2007-01-10 09:47 28,416 --a--c--- C:\WINDOWS\system32\drivers\avg7rsxp.sys
2007-01-10 09:45 4,960 --a--c--- C:\WINDOWS\system32\drivers\avgtdi.sys
2007-01-10 09:45 4,224 --a--c--- C:\WINDOWS\system32\drivers\avg7rsw.sys
2007-01-10 09:45 <DIR> d----c--- C:\DOCUME~1\LOCALS~1\Application Data\AVG7
2007-01-10 09:45 <DIR> d----c--- C:\DOCUME~1\ABELOO~1\Application Data\AVG7
2007-01-10 09:44 <DIR> d----c--- C:\DOCUME~1\ALLUSE~1\Application Data\Grisoft
2007-01-10 09:44 <DIR> d----c--- C:\DOCUME~1\ALLUSE~1\Application Data\avg7
2007-01-04 19:59 <DIR> d----c--- C:\WINDOWS\WBEM
2007-01-04 19:59 <DIR> d----c--- C:\WINDOWS\system32\nl-nl
2007-01-04 19:58 <DIR> d--h-c--- C:\WINDOWS\ie7
2007-01-04 19:56 121,856 -----c--- C:\WINDOWS\system32\xmllite.dll
2007-01-04 19:55 <DIR> d----c--- C:\WINDOWS\network diagnostic
2007-01-02 09:12 <DIR> d----c--- C:\Program Files\Windows Defender
2007-01-01 21:12 44,032 --a--c--- C:\WINDOWS\system32\CTSVCCDA.EXE
2007-01-01 21:12 3,584 -----c--- C:\WINDOWS\system32\AHQCpRes.dll
2007-01-01 21:12 25,088 --a--c--- C:\WINDOWS\system32\CTSVCCTL.EXE
2007-01-01 21:12 <DIR> d----c--- C:\Media
2007-01-01 21:11 98,304 -----c--- C:\WINDOWS\system32\CTDrmUI.dll
2007-01-01 21:11 75,264 -----c--- C:\WINDOWS\system32\CTDetRes.dll
2007-01-01 21:11 32,768 -----c--- C:\WINDOWS\system32\CTIntRes.dll
2007-01-01 21:11 258,048 -----c--- C:\WINDOWS\system32\CTMedEng.dll
2007-01-01 21:11 24,576 -----c--- C:\WINDOWS\system32\CTMERes.DLL
2007-01-01 21:11 12,288 -----c--- C:\WINDOWS\system32\CTDrmRes.dll
2007-01-01 21:09 6,752 -----c--- C:\WINDOWS\system32\PfModNT.sys
2007-01-01 21:04 60,416 -----c--- C:\WINDOWS\system32\tzchange.exe
2006-12-31 10:26 <DIR> dr-h-c--- C:\DOCUME~1\ABELOO~1\Onlangs geopend
2006-12-29 11:47 90,112 --a--c--- C:\WINDOWS\Updreg.exe
2006-12-29 11:47 7,001 --a--c--- C:\WINDOWS\system32\drivers\ctlface.sys
2006-12-29 11:47 404,335 --a--c--- C:\WINDOWS\system32\drivers\emu10k1f.sys
2006-12-29 11:47 37,260 --a--c--- C:\WINDOWS\system32\drivers\sfman.sys
2006-12-29 11:46 84,992 -----c--- C:\WINDOWS\system32\sfcvrt32.dll
2006-12-29 11:46 82,432 -----c--- C:\WINDOWS\system32\ctwflt32.dll
2006-12-29 11:46 53,552 -----c--- C:\WINDOWS\ctccw.dll
2006-12-29 11:46 34,816 -----c--- C:\WINDOWS\Ctres32.dll
2006-12-29 11:46 26,768 -----c--- C:\WINDOWS\system32\ctl3d.dll
2006-12-29 11:46 24,976 -----c--- C:\WINDOWS\Ctres.dll
2006-12-29 11:46 149,504 -----c--- C:\WINDOWS\system32\mfcans32.dll
2006-12-29 11:46 108,032 -----c--- C:\WINDOWS\system32\mfcuia32.dll
2006-12-29 11:43 290,816 -----c--- C:\WINDOWS\system32\CtMp3Lib.dll
2006-12-29 11:43 27,734 --a--c--- C:\WINDOWS\system32\drivers\oasisusb.sys
2006-12-29 11:43 24,265 --a--c--- C:\WINDOWS\system32\drivers\nmusb.sys
2006-12-29 11:43 120,320 -----c--- C:\WINDOWS\system32\ctmp3io2.dll
2006-12-29 11:39 41,984 --a--c--- C:\WINDOWS\CTREGRUN.EXE
2006-12-29 11:39 308,224 --a--c--- C:\WINDOWS\IsUn0413.exe
2006-12-29 11:39 <DIR> d----c--- C:\Program Files\Creative
2006-12-29 11:04 6,912 --a--c--- C:\WINDOWS\system32\drivers\ctlfacem.sys
2006-12-29 11:04 496,128 --a--c--- C:\WINDOWS\system32\sblfx.dll
2006-12-29 11:04 38,912 --a--c--- C:\WINDOWS\system32\devldr32.exe
2006-12-29 11:04 36,480 --a--c--- C:\WINDOWS\system32\drivers\sfmanm.sys
2006-12-29 11:04 339,968 --a--c--- C:\WINDOWS\system32\devcon32.dll
2006-12-29 11:04 3,944 --a--c--- C:\WINDOWS\system32\ctwdm32.dll
2006-12-29 11:04 3,712 --a--c--- C:\WINDOWS\system32\drivers\ctljystk.sys
2006-12-29 11:04 283,904 --a--c--- C:\WINDOWS\system32\drivers\emu10k1m.sys
2006-12-29 11:04 111,104 --a--c--- C:\WINDOWS\system32\sfman32.dll
2006-12-29 11:04 10,624 --a--c--- C:\WINDOWS\system32\drivers\gameenum.sys


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )))


2007-01-17 11:57 81920 --a--c--- C:\DOCUME~1\ABELOO~1\Application Data\ezpinst.exe
2007-01-17 11:57 7176 --a--c--- C:\DOCUME~1\ABELOO~1\Application Data\pcouffin.cat
2007-01-17 11:57 55 --a--c--- C:\DOCUME~1\ABELOO~1\Application Data\pcouffin.log
2007-01-17 11:57 47360 --a--c--- C:\DOCUME~1\ABELOO~1\Application Data\pcouffin.sys
2007-01-17 11:57 1144 --a--c--- C:\DOCUME~1\ABELOO~1\Application Data\pcouffin.inf
2007-01-17 11:57 -------- d----c--- C:\DOCUME~1\ABELOO~1\Application Data\vso
2007-01-15 10:09 -------- d----c--- C:\Program Files\mozilla firefox
2007-01-11 19:34 125 ---hsc--- C:\DOCUME~1\ABELOO~1\Application Data\.zreglib
2007-01-10 11:58 -------- d----c--- C:\DOCUME~1\ABELOO~1\Application Data\adobeum
2007-01-02 10:53 -------- d----c--- C:\DOCUME~1\ABELOO~1\Application Data\ahead
2006-12-28 20:49 2979 --a--c--- C:\DOCUME~1\ABELOO~1\Application Data\nmm-metadata.db
2006-12-05 15:39 -------- d----c--- C:\Program Files\windows media connect 2
2006-12-05 12:04 -------- d----c--- C:\DOCUME~1\ABELOO~1\Application Data\slysoft
2006-12-05 11:32 -------- d----c--- C:\Program Files\dvdfab platinum 3.0.4.0
2006-11-29 00:43 18688 --a--c--- C:\WINDOWS\system32\drivers\AnyDVD.sys
2006-11-21 11:27 33280 --a--c--- C:\WINDOWS\system32\snmp.exe
2006-11-08 06:07 679424 --a--c--- C:\WINDOWS\system32\inetcomm.dll
2006-11-07 21:03 6049280 -----c--- C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50688 -----c--- C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458752 -----c--- C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 413696 --a--c--- C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 --a--c--- C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 180736 -----c--- C:\WINDOWS\system32\ieui.dll
2006-11-07 21:03 156160 --a--c--- C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 --a--c--- C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 --a--c--- C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 --a--c--- C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 --a--c--- C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 --a--c--- C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 --a--c--- C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 --a--c--- C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 13312 --a--c--- C:\WINDOWS\system32\ieudinit.exe
2006-11-07 03:26 123904 --a--c--- C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 --a--c--- C:\WINDOWS\system32\ieakui.dll
2006-11-06 11:35 531568 --a--c--- C:\WINDOWS\system32\rmactivate_isv.exe
2006-11-06 11:35 523376 --a--c--- C:\WINDOWS\system32\rmactivate.exe
2006-11-06 11:35 519280 --a--c--- C:\WINDOWS\system32\secproc_isv.dll
2006-11-06 11:35 518768 --a--c--- C:\WINDOWS\system32\secproc.dll
2006-11-06 11:35 358000 --a--c--- C:\WINDOWS\system32\rmactivate_ssp.exe
2006-11-06 11:35 354416 --a--c--- C:\WINDOWS\system32\rmactivate_ssp_isv.exe
2006-11-06 11:35 323696 --a--c--- C:\WINDOWS\system32\msdrm.dll
2006-11-06 11:35 192624 --a--c--- C:\WINDOWS\system32\secproc_ssp_isv.dll
2006-11-06 11:35 192624 --a--c--- C:\WINDOWS\system32\secproc_ssp.dll
2006-11-04 14:14 1245696 --a--c--- C:\WINDOWS\system32\msxml4.dll
2006-11-04 13:40 81920 --a--c--- C:\WINDOWS\system32\elbycdio.dll
2006-11-02 23:35 8271872 --a--c--- C:\WINDOWS\system32\wmploc.dll
2006-11-02 22:53 99840 --a--c--- C:\WINDOWS\system32\wmpshell.dll
2006-11-02 22:52 257536 --a--c--- C:\WINDOWS\system32\wmerror.dll
2006-11-02 22:50 7680 --a--c--- C:\WINDOWS\system32\asferror.dll
2006-11-02 11:52 42496 -----c--- C:\WINDOWS\system32\wpdshextres.dll
2006-10-23 17:58 233472 --a--c--- C:\WINDOWS\system32\rex shared library.dll
2006-10-23 17:58 225280 --a--c--- C:\WINDOWS\system32\rewire.dll
2006-10-20 02:39 714752 --a--c--- C:\WINDOWS\system32\sxs.dll
2006-10-18 21:58 8704 --a--c--- C:\WINDOWS\system32\wdfmgr.exe
2006-10-18 21:58 8704 --a--c--- C:\WINDOWS\system32\uwdf.exe
2006-10-18 21:47 991744 --a--c--- C:\WINDOWS\system32\drmv2clt.dll
2006-10-18 21:47 937984 --a--c--- C:\WINDOWS\system32\wmnetmgr.dll
2006-10-18 21:47 767488 -----c--- C:\WINDOWS\system32\wmvsencd.dll
2006-10-18 21:47 757248 --a--c--- C:\WINDOWS\system32\wmadmod.dll
2006-10-18 21:47 656896 -----c--- C:\WINDOWS\system32\wmvxencd.dll
2006-10-18 21:47 63488 --a--c--- C:\WINDOWS\system32\wpdmtpus.dll
2006-10-18 21:47 629760 --a--c--- C:\WINDOWS\system32\wpd_ci.dll
2006-10-18 21:47 613376 -----c--- C:\WINDOWS\system32\wmpmde.dll
2006-10-18 21:47 603648 --a--c--- C:\WINDOWS\system32\wmspdmod.dll
2006-10-18 21:47 542720 --a--c--- C:\WINDOWS\system32\blackbox.dll
2006-10-18 21:47 535040 -----c--- C:\WINDOWS\system32\wmdrmsdk.dll
2006-10-18 21:47 429056 --a--c--- C:\WINDOWS\system32\wmdrmdev.dll
2006-10-18 21:47 414208 --a--c--- C:\WINDOWS\system32\msscp.dll
2006-10-18 21:47 4096 --a--c--- C:\WINDOWS\system32\wmvdmoe2.dll
2006-10-18 21:47 4096 --a--c--- C:\WINDOWS\system32\wmvdmod.dll
2006-10-18 21:47 4096 --a--c--- C:\WINDOWS\system32\wmvadve.dll
2006-10-18 21:47 4096 --a--c--- C:\WINDOWS\system32\wmvadvd.dll
2006-10-18 21:47 4096 --a--c--- C:\WINDOWS\system32\wmsdmoe2.dll
2006-10-18 21:47 4096 --a--c--- C:\WINDOWS\system32\wmsdmod.dll
2006-10-18 21:47 4096 --a--c--- C:\WINDOWS\system32\wdfapi.dll
2006-10-18 21:47 4096 --a--c--- C:\WINDOWS\system32\mpg4dmod.dll
2006-10-18 21:47 4096 -----c--- C:\WINDOWS\system32\mp4sdmod.dll
2006-10-18 21:47 4096 -----c--- C:\WINDOWS\system32\mp43dmod.dll
2006-10-18 21:47 37376 --a--c--- C:\WINDOWS\system32\wmdmps.dll
2006-10-18 21:47 35840 --a--c--- C:\WINDOWS\system32\wpdconns.dll
2006-10-18 21:47 356352 --a--c--- C:\WINDOWS\system32\wpdsp.dll
2006-10-18 21:47 348672 --a--c--- C:\WINDOWS\system32\wmdrmnet.dll
2006-10-18 21:47 33792 --a--c--- C:\WINDOWS\system32\wmdmlog.dll
2006-10-18 21:47 321536 --a--c--- C:\WINDOWS\system32\mswmdm.dll
2006-10-18 21:47 317440 -----c--- C:\WINDOWS\system32\mp4sdecd.dll
2006-10-18 21:47 314880 --a--c--- C:\WINDOWS\system32\wmpdxm.dll
2006-10-18 21:47 295936 -----c--- C:\WINDOWS\system32\wmpeffects.dll
2006-10-18 21:47 284160 -----c--- C:\WINDOWS\system32\portabledeviceapi.dll
2006-10-18 21:47 276992 --a--c--- C:\WINDOWS\system32\audiodev.dll
2006-10-18 21:47 27136 --a--c--- C:\WINDOWS\system32\mspmsnsv.dll
2006-10-18 21:47 2603008 -----c--- C:\WINDOWS\system32\wpdshext.dll
2006-10-18 21:47 259072 -----c--- C:\WINDOWS\system32\mpg4decd.dll
2006-10-18 21:47 259072 -----c--- C:\WINDOWS\system32\mp43decd.dll
2006-10-18 21:47 2450944 --a--c--- C:\WINDOWS\system32\wmvcore.dll
2006-10-18 21:47 242688 --a--c--- C:\WINDOWS\system32\wmpasf.dll
2006-10-18 21:47 229376 --a--c--- C:\WINDOWS\system32\cewmdm.dll
2006-10-18 21:47 222208 --a--c--- C:\WINDOWS\system32\wmasf.dll
2006-10-18 21:47 212992 -----c--- C:\WINDOWS\system32\mfplat.dll
2006-10-18 21:47 211456 --a--c--- C:\WINDOWS\system32\qasf.dll
2006-10-18 21:47 204288 --a--c--- C:\WINDOWS\system32\wmpsrcwp.dll
2006-10-18 21:47 199168 -----c--- C:\WINDOWS\system32\portabledevicewmdrm.dll
2006-10-18 21:47 179712 --a--c--- C:\WINDOWS\system32\msnetobj.dll
2006-10-18 21:47 175616 --a--c--- C:\WINDOWS\system32\mspmsp.dll
2006-10-18 21:47 166912 -----c--- C:\WINDOWS\system32\portabledevicetypes.dll
2006-10-18 21:47 1661440 --a--c--- C:\WINDOWS\system32\wmpencen.dll
2006-10-18 21:47 1574912 -----c--- C:\WINDOWS\system32\wmvencod.dll
2006-10-18 21:47 157184 --a--c--- C:\WINDOWS\system32\wmidx.dll
2006-10-18 21:47 154624 --a--c--- C:\WINDOWS\system32\wpdmtp.dll
2006-10-18 21:47 1543680 -----c--- C:\WINDOWS\system32\wmvdecod.dll
2006-10-18 21:47 1382912 -----c--- C:\WINDOWS\system32\wmvsdecd.dll
2006-10-18 21:47 133632 -----c--- C:\WINDOWS\system32\wpdshserviceobj.dll
2006-10-18 21:47 1329152 --a--c--- C:\WINDOWS\system32\wmspdmoe.dll
2006-10-18 21:47 132096 -----c--- C:\WINDOWS\system32\portabledevicewiacompat.dll
2006-10-18 21:47 130048 -----c--- C:\WINDOWS\system32\wmpps.dll
2006-10-18 21:47 11264 --a--c--- C:\WINDOWS\system32\laprxy.dll
2006-10-18 21:47 1117696 --a--c--- C:\WINDOWS\system32\wmadmoe.dll
2006-10-18 21:47 101888 -----c--- C:\WINDOWS\system32\portabledeviceclassextension.d ll
2006-10-18 20:03 100864 --a--c--- C:\WINDOWS\system32\logagent.exe
2006-10-18 20:00 249856 -----c--- C:\WINDOWS\system32\drmupgds.exe
2006-10-18 20:00 17408 -----c--- C:\WINDOWS\system32\wpdshextautoplay.exe


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\lib\\NMBgMonitor.exe\""
"PcSync"="C:\\Nokia Pc Suite\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"
"EPSON Stylus Photo RX520 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\ E_FATIAGE.EXE /P31 \"EPSON Stylus Photo RX520 Series\" /M \"Stylus Photo RX520\" /EF \"HKCU\""
"AnyDVD"="C:\\AnyDVD\\AnyDVD.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"PRONoMgr.exe"="C:\\Program Files\\Intel\\NCS\\PROSet\\PRONoMgr.exe"
"SoundMan"="SOUNDMAN.EXE"
"NWEReboot"=""
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"Motive SmartBridge"="C:\\TELENE~1\\SMARTB~1\\MotiveSB.exe"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\ hpztsb04.exe"
"Telemeter 3.0"="\"C:\\Telemeter 3.0\\telemeter3.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"EPSON Stylus Photo RX520 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\ E_FATIAGE.EXE /P31 \"EPSON Stylus Photo RX520 Series\" /O6 \"USB002\" /M \"Stylus Photo RX520\""
"PCSuiteTrayApplication"="C:\\NOKIAP~1\\NOKIAP~1\\LAUNCH~1.EXE -startup"
"Advanced WindowsCare"="\"C:\\Advanced WindowsCare V2\\Awc.exe\" /startup"
"CmUsbSound"="RunDll32 cmcnfgu.cpl,CMICtrlWnd"
"Comodo Firewall"="\"C:\\Comodo Firewall\\Comodo\\Firewall\\CPF.exe\" /background"
"WinampAgent"="C:\\Winamp\\winampa.exe"
"Disc Detector"="C:\\Program Files\\Creative\\ShareDLL\\CtNotify.exe"
"UpdReg"="C:\\WINDOWS\\Updreg.exe"
"Creative Launcher"="c:\\surround set 5.1\\sound blaster live\\Launcher\\CTLauncher.exe"
"AudioHQ"="c:\\surround set 5.1\\sound blaster live\\AudioHQ\\AHQTB.EXE"
"NewsUpd"="C:\\Program Files\\Creative\\News\\NewsUpd.EXE /q"
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{81559C35-8464-49F7-BB0E-07A383BEF910}"=""
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\shellserviceobjectdelayload]
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=dword:00000000
"NoResolveSearch"=dword:00000001
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer\Run]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=dword:00000000
@=""

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer\Run]

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winbfi32

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnph ost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
bthsvcs REG_MULTI_SZ BthServ\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Advanced WindowsCare.job
C:\WINDOWS\tasks\AwcUpdate.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

Completion time: 07-01-18 9:06:22


En hier is dan HJTlogje :
Logfile of HijackThis v1.99.1
Scan saved at 9:34:24, on 18/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Adobe Photoshop Elements 3.0 NL\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Comodo Firewall\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\TELENE~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Telemeter 3.0\telemeter3.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIA GE.EXE
C:\NOKIAP~1\NOKIAP~1\LAUNCH~1.EXE
C:\Advanced WindowsCare V2\Awc.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Comodo Firewall\Comodo\Firewall\CPF.exe
C:\Winamp\winampa.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Adobe Photoshop Elements 3.0 NL\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Nokia Pc Suite\Nokia PC Suite 6\PcSync2.exe
C:\WINDOWS\System32\snmp.exe
C:\AnyDVD\AnyDVD.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\System32\svchost.exe
C:\Bluetooth\BlueSoleil.exe
C:\Coreldraw8\Programs\MFIndexer.exe
C:\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\SpywareGuard\sgmain.exe
C:\Telenet EasyCare\bin\mpbtn.exe
C:\SpywareGuard\sgbhp.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\locator.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\msiexec.exe
C:\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Abeloos Wesley\Bureaublad\hjt.exe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Snag it\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Snag it\SnagItIEAddin.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Motive SmartBridge] C:\TELENE~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 4.exe
O4 - HKLM\..\Run: [Telemeter 3.0] "C:\Telemeter 3.0\telemeter3.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX520 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIA GE.EXE /P31 "EPSON Stylus Photo RX520 Series" /O6 "USB002" /M "Stylus Photo RX520"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\NOKIAP~1\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Advanced WindowsCare] "C:\Advanced WindowsCare V2\Awc.exe" /startup
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Comodo Firewall] "C:\Comodo Firewall\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [WinampAgent] C:\Winamp\winampa.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [Creative Launcher] c:\surround set 5.1\sound blaster live\Launcher\CTLauncher.exe
O4 - HKLM\..\Run: [AudioHQ] c:\surround set 5.1\sound blaster live\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [NewsUpd] C:\Program Files\Creative\News\NewsUpd.EXE /q
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PcSync] C:\Nokia Pc Suite\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [EPSON Stylus Photo RX520 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIA GE.EXE /P31 "EPSON Stylus Photo RX520 Series" /M "Stylus Photo RX520" /EF "HKCU"
O4 - HKCU\..\Run: [AnyDVD] C:\AnyDVD\AnyDVD.exe
O4 - Startup: SpywareGuard.lnk = C:\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Coreldraw8\Programs\MFIndexer.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Telenet EasyCare.lnk = C:\Telenet EasyCare\bin\matcli.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\OFFICE~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155326341765
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Adobe Photoshop Elements 3.0 NL\PhotoshopElementsFileAgent.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Comodo Firewall\Comodo\Firewall\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\ewido anti-malware\ewidoctrl.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Adobe Photoshop Elements 3.0 NL\PhotoshopElementsDeviceConnect.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

Ik hoop dat ik nu een propere pc heb ???

proper genoeg maar om helemaal zeker te zijn wil ik je deze scanner even aanbieden. Het scannen kan wel even duren en het zal waarschijnlijk alleen wat cookies vinden.


Download Dr.Web CureIt (ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe) naar je Bureaublad:

Dubbelklik drweb-cureit.exe en sta het toe om de express scan te starten.
Indien een popup verschijnt met het voorstel tot kopen/50% korting,
mag je deze sluiten met het kruisje.
Dit zal de bestanden scannen die momenteel in het geheugen geladen zijn en wanneer er iets gevonden wordt,
klik de Yes to all knop bij de vraag 'cure it?'. Dit is enkel een korte scan.
Eenmaal de korte scan is beeïndigd, kan je de drives selecteren die je wilt laten scannen.
Selecteer hier alle drives. Een rood bolletje zal dan tevoorschijn komen op de drives die je laat scannen.
Klik daarna de groene pijl rechts om de scan te starten.
Klik Yes to all wanneer er gevraagd wordt om cure of move uit te voeren.
Wanneer de scan beëindigd is, kijk of je kunt op het icoontje naast de gevonden bestanden klikken: http://users.telenet.be/bluepatchy/miekiemoes/images/check.gif
Indien ja,klik er op en klik vervolgens op het icoontje er juist onder en selecteer Move incurable zoals je hier ziet:
http://users.telenet.be/bluepatchy/miekiemoes/images/move.gif
Dit verplaatst gevonden bestanden naar de "%userprofile%\DoctorWeb\quarantaine-map" indien herstel niet mogelijk is.
Nadat de scan gedaan is, in het menu bovenaan, klik File en kies Save report List. Bewaar het op je Bureaublad.
Sluit daarna Dr.Web Cureit.
Herstart je computer!! Belangrijke stap, want het kan zijn dat Dr.Web Cureit bestanden zal verplaatsen/verwijderen tijdens herstart.
Na het herstarten, kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post.




Om herinfectie via systeemherstel te voorkomen, is het raadzaam de bestaande systeemherstelpunten te verwijderen door systeemherstel tijdelijk uit te schakelen.

- Ga naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
- Klik in de linkerhelft van het venster op "Instellingen van systeemherstel".
- Zet een vinkje voor "Systeemherstel uitschakelen".
- Klik "Toepassen".
- Windows vraagt of je dat zeker weet.
- Klik "Ja".
- Klik "OK".
- Start de pc opnieuw op.
- Ga weer naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
- Je krijgt de melding: "Systeemherstel is uitgeschakeld. Wilt u systeemherstel nu inschakelen?"
- Klik "Ja".
- Verwijder het vinkje voor "Systeemherstel uitschakelen".
- Klik "Toepassen".
- Klik "OK".
- Start de pc opnieuw op
- Er is nu een nieuw schoon herstel punt aangemaakt

Als je nog klachten hebt of je bent niet zeker plaats dan weerom een nieuw HJT logje.

VBAOL11.CHM\html/olobjAddressEntries.htm C:\Office 2003 NL\OFFICE11\1043\VBAOL11.CHM Modification of VBS.Petik VBAOL11.CHM C:\Office 2003 NL\OFFICE11\1043 Archive contains infected objects Moved.
MCCWrapper_DSR.dll C:\Program Files\Common Files\Motive Probably DLOADER.Trojan Moved.

Dat zou het logje moete zijn dat je vroeg juist???

Hoe sta ik er nu voor ??? ;-)
groetjes

Voor alle zekerheid is hier een nieuwe HJT zodat ik weet dat men pc in orde is en wanneer ik een herstelpunt aanmaak oke is :
Logfile of HijackThis v1.99.1
Scan saved at 13:44:32, on 22/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Adobe Photoshop Elements 3.0 NL\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\TELENE~1\SMARTB~1\MotiveSB.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Telemeter 3.0\telemeter3.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIA GE.EXE
C:\NOKIAP~1\NOKIAP~1\LAUNCH~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\Comodo Firewall\Comodo\Firewall\cmdagent.exe
C:\Advanced WindowsCare V2\Awc.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Comodo Firewall\Comodo\Firewall\CPF.exe
C:\Winamp\winampa.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Adobe Photoshop Elements 3.0 NL\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Nokia Pc Suite\Nokia PC Suite 6\PcSync2.exe
C:\AnyDVD\AnyDVD.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Bluetooth\BlueSoleil.exe
C:\Coreldraw8\Programs\MFIndexer.exe
C:\Logitech\SetPoint\SetPoint.exe
C:\SpywareGuard\sgmain.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\SpywareGuard\sgbhp.exe
C:\Telenet EasyCare\bin\mpbtn.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\locator.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Abeloos Wesley\Bureaublad\hjt.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Snag it\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Snag it\SnagItIEAddin.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Motive SmartBridge] C:\TELENE~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 4.exe
O4 - HKLM\..\Run: [Telemeter 3.0] "C:\Telemeter 3.0\telemeter3.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX520 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIA GE.EXE /P31 "EPSON Stylus Photo RX520 Series" /O6 "USB002" /M "Stylus Photo RX520"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\NOKIAP~1\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Advanced WindowsCare] "C:\Advanced WindowsCare V2\Awc.exe" /startup
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Comodo Firewall] "C:\Comodo Firewall\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [WinampAgent] C:\Winamp\winampa.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [Creative Launcher] c:\surround set 5.1\sound blaster live\Launcher\CTLauncher.exe
O4 - HKLM\..\Run: [AudioHQ] c:\surround set 5.1\sound blaster live\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [NewsUpd] C:\Program Files\Creative\News\NewsUpd.EXE /q
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PcSync] C:\Nokia Pc Suite\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [EPSON Stylus Photo RX520 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIA GE.EXE /P31 "EPSON Stylus Photo RX520 Series" /M "Stylus Photo RX520" /EF "HKCU"
O4 - HKCU\..\Run: [AnyDVD] C:\AnyDVD\AnyDVD.exe
O4 - Startup: SpywareGuard.lnk = C:\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Coreldraw8\Programs\MFIndexer.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Telenet EasyCare.lnk = C:\Telenet EasyCare\bin\matcli.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\OFFICE~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155326341765
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Adobe Photoshop Elements 3.0 NL\PhotoshopElementsFileAgent.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Comodo Firewall\Comodo\Firewall\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\ewido anti-malware\ewidoctrl.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Adobe Photoshop Elements 3.0 NL\PhotoshopElementsDeviceConnect.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

groetjes welsey

zie niet veel bijzonders meer eigenlijk, heb je nog problemen?

nee alles werkt perfect DANK U voor de moeite die je hebt gedaan,het stelt me gerust een " cleane " pc te hebben en daarvan ga ik nu een herstelpunt maken Merci e ;-)

bedankt voor je afmelding , veel surfplezier verder.:good: