Ik heb volgende melding: (Microsoft windows werkt niet meer : rundll 32 )
Hierbij mijn HijackThis log.Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:39:02, on 26/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Users\beernaert\AppData\Local\Google\Update\Goo gleUpdate.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\mobsync.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=81&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=81&bd=Pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -HPW
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\beernaert\AppData\Local\Google\Update\Goo gleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 6391 bytes

Download http://download.bleepingcomputer.com/sUBs/ComboFix.exe Combofix (http://%5BURL=%22http://download.bleepingcomputer.com/sUBs/ComboFix.exe%5D%5Bb%5D%5Bcolor=blue%5DCombofix%5B/color%5D%5B/b%5D%5B/url%22) naar je Bureaublad en gebruik het volgens http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden deze (http://%5BURL=%22http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden%5Ddeze%22) handleiding
OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

Dubbelklik op Combofix.exe om het te starten.
Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
Klik op OK in het "NirCmd" venstertje.
Klik na afloop terug op Ja om het scannen op malware te starten.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Post dit logje in je volgende antwoord

Ik heb het is met Superantispyware gedaan.SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 02/28/2009 at 03:06 PM

Application Version : 4.25.1012

Core Rules Database Version : 3779
Trace Rules Database Version: 1738

Scan type : Complete Scan
Total Scan Time : 00:30:27

Memory items scanned : 700
Memory threats detected : 0
Registry items scanned : 6081
Registry threats detected : 0
File items scanned : 30284
File threats detected : 3

Adware.Tracking Cookie
C:\Users\beernaert\AppData\Roaming\Microsoft\Windo ws\Cookies\Low\beernaert@2o7[1].txt
C:\Users\beernaert\AppData\Roaming\Microsoft\Windo ws\Cookies\Low\beernaert@atdmt[2].txt
C:\Users\beernaert\AppData\Roaming\Microsoft\Windo ws\Cookies\Low\beernaert@microsoftwindows.112.2o7[1].txt

? daar had ik niet om gevraagd.

wil je alsnog combofix doen aub

ComboFix 09-02-28.01 - beernaert 2009-02-28 21:39:52.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1043.18.2046.1321 [GMT 1:00]
Gestart vanuit: c:\users\beernaert\Documents\Downloads\ComboFix.ex e
AV: Bitdefender Antivirus *On-access scanning disabled* (Updated)
FW: Bitdefender Firewall *disabled*
.

(((((((((((((((((((( Bestanden Gemaakt van 2009-01-28 to 2009-02-28 ))))))))))))))))))))))))))))))
.

2009-02-26 20:38 . 2009-02-26 20:38 <DIR> d-------- c:\program files\Trend Micro
2009-02-26 04:10 . 2009-02-26 04:10 <DIR> d-------- c:\users\beernaert\AppData\Roaming\Uniblue
2009-02-26 04:10 . 2009-02-26 04:13 <DIR> d-------- c:\users\All Users\DriverScanner
2009-02-26 04:10 . 2009-02-26 04:11 <DIR> d--h-c--- c:\users\All Users\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2009-02-26 04:10 . 2009-02-26 04:13 <DIR> d-------- c:\programdata\DriverScanner
2009-02-26 04:10 . 2009-02-26 04:11 <DIR> d--h-c--- c:\programdata\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2009-02-26 04:10 . 2009-02-26 04:10 <DIR> d-------- c:\program files\Uniblue
2009-02-24 21:07 . 2009-02-24 21:07 <DIR> d-------- c:\program files\Lavalys
2009-02-22 15:12 . 2009-02-22 15:12 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-02-21 20:27 . 2009-02-22 18:17 <DIR> d-------- c:\users\beernaert\AppData\Roaming\PeaZip
2009-02-19 19:06 . 2009-02-22 15:12 <DIR> d-------- c:\users\beernaert\AppData\Roaming\SUPERAntiSpywar e.com
2009-02-19 19:06 . 2009-02-19 19:06 <DIR> d-------- c:\users\All Users\SUPERAntiSpyware.com
2009-02-19 19:06 . 2009-02-19 19:06 <DIR> d-------- c:\programdata\SUPERAntiSpyware.com
2009-02-19 19:06 . 2009-02-22 15:12 <DIR> d-------- c:\program files\SUPERAntiSpyware
2009-02-18 20:58 . 2009-02-18 20:58 34 --a------ c:\windows\System32\oeminfo.ini
2009-02-18 15:53 . 2003-01-26 12:41 40,960 --a------ c:\windows\System32\ssubtmr6.dll
2009-02-18 15:53 . 2007-08-31 17:36 36,864 --a------ c:\windows\System32\trayicon_handler.ocx
2009-02-15 13:09 . 2009-02-15 13:09 <DIR> d----c--- c:\windows\System32\DRVSTORE
2009-02-15 13:09 . 2008-04-17 13:12 107,368 --a------ c:\windows\System32\GEARAspi.dll
2009-02-15 13:09 . 2008-04-17 13:12 15,464 --a------ c:\windows\System32\drivers\GEARAspiWDM.sys
2009-02-15 13:08 . 2009-02-15 13:09 <DIR> d-------- c:\users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-02-15 13:08 . 2009-02-15 13:09 <DIR> d-------- c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BC F6}
2009-02-15 13:08 . 2009-02-15 13:09 <DIR> d-------- c:\program files\iTunes
2009-02-15 13:08 . 2009-02-15 13:08 <DIR> d-------- c:\program files\iPod
2009-02-15 13:08 . 2009-02-15 13:08 <DIR> d-------- c:\program files\Bonjour
2009-02-15 13:07 . 2009-02-15 13:07 <DIR> d-------- c:\program files\QuickTime
2009-02-15 13:07 . 2009-02-15 13:07 <DIR> d-------- c:\program files\Apple Software Update
2009-02-15 13:06 . 2009-02-15 13:06 <DIR> d-------- c:\users\All Users\Apple
2009-02-15 13:06 . 2009-02-15 13:06 <DIR> d-------- c:\programdata\Apple
2009-02-15 13:06 . 2009-02-15 13:08 <DIR> d-------- c:\program files\Common Files\Apple
2009-02-11 20:27 . 2009-02-18 21:24 83,296,256 --a------ c:\windows\ocsetup_install_NetFx3.etl
2009-02-11 20:27 . 2009-02-18 21:24 589,824 --a------ c:\windows\ocsetup_cbs_install_NetFx3.perf
2009-02-11 20:27 . 2009-02-18 21:24 65,536 --a------ c:\windows\ocsetup_cbs_install_NetFx3.dpx
2009-02-11 20:26 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll
2009-02-11 20:26 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll
2009-02-11 20:26 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax
2009-02-11 20:26 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
2009-02-11 20:26 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax
2009-02-11 20:20 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-11 20:20 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll
2009-02-11 08:17 . 2009-02-11 20:18 <DIR> d-------- c:\windows\Logs
2009-02-10 13:22 . 2009-02-10 13:32 <DIR> d-------- c:\users\beernaert\AppData\Roaming\DriverCure
2009-02-10 13:22 . 2009-02-10 13:22 <DIR> d-------- c:\users\All Users\ParetoLogic
2009-02-10 13:22 . 2009-02-10 13:32 <DIR> d-------- c:\users\All Users\DriverCure
2009-02-10 13:22 . 2009-02-10 13:22 <DIR> d-------- c:\programdata\ParetoLogic
2009-02-10 13:22 . 2009-02-10 13:32 <DIR> d-------- c:\programdata\DriverCure
2009-02-10 13:22 . 2009-02-10 13:22 <DIR> d-------- c:\program files\Common Files\ParetoLogic
2009-02-07 17:49 . 2009-02-21 05:53 <DIR> d-------- c:\users\beernaert\AppData\Roaming\Ashampoo Photo Commander 5
2009-02-07 12:51 . 2009-02-07 17:45 <DIR> d-------- c:\program files\Ashampoo
2009-02-06 22:28 . 2009-02-06 22:28 <DIR> d-------- c:\users\beernaert\AppData\Roaming\Canneverbe_Limi ted
2009-02-06 22:00 . 2009-02-06 22:00 <DIR> d-------- c:\windows\PCHEALTH
2009-02-06 10:07 . 2009-02-07 12:58 <DIR> d-------- c:\users\beernaert\AppData\Roaming\Ashampoo
2009-02-06 10:00 . 2009-02-06 10:00 <DIR> d-------- c:\users\All Users\ashampoo
2009-02-06 10:00 . 2009-02-06 10:00 <DIR> d-------- c:\programdata\ashampoo
2009-02-04 23:07 . 2009-02-04 23:07 <DIR> d-------- c:\program files\PC Camera
2009-02-04 23:07 . 2006-11-03 10:59 48,128 --a------ c:\windows\System32\Remove.exe
2009-02-04 23:07 . 2007-03-15 11:01 284 --a------ c:\windows\System32\Remover.ini
2009-02-04 19:23 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll
2009-02-04 19:23 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe
2009-02-04 19:23 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe
2009-02-04 19:23 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNativ e_v0300.dll
2009-02-04 19:23 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll
2009-02-04 19:23 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll
2009-02-04 19:23 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl
2009-02-04 19:23 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll
2009-02-04 19:19 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll
2009-02-04 19:19 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll
2009-02-04 19:19 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll
2009-02-04 19:19 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll
2009-02-04 19:19 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32\netfxperf.dll
2009-02-04 14:31 . 2009-02-04 14:31 <DIR> d-------- c:\users\All Users\ATI
2009-02-04 14:31 . 2009-02-04 14:31 <DIR> d-------- c:\programdata\ATI
2009-02-04 13:33 . 2009-02-04 13:33 <DIR> d-------- c:\program files\PC Drivers HeadQuarters(209)

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-02-28 20:37 --------- d-----w c:\users\beernaert\AppData\Roaming\Skype
2009-02-28 15:07 --------- d-----w c:\users\beernaert\AppData\Roaming\uTorrent
2009-02-26 03:07 --------- d-----w c:\programdata\PC Drivers HeadQuarters
2009-02-26 03:06 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-18 09:34 --------- d-----w c:\program files\ISP Monitor
2009-02-18 09:33 737,280 ----a-w c:\windows\iun6002.exe
2009-02-15 12:07 --------- d-----w c:\programdata\Apple Computer
2009-02-15 10:46 410,984 ----a-w c:\windows\System32\deploytk.dll
2009-02-15 10:46 --------- d-----w c:\program files\Java
2009-02-12 18:30 --------- d-----w c:\users\beernaert\AppData\Roaming\dvdcss
2009-02-10 19:47 --------- d-----w c:\programdata\BitDefender
2009-02-08 18:47 --------- d---a-w c:\program files\Common Files\LightScribe
2009-02-08 18:21 --------- d-----w c:\programdata\LightScribe
2009-02-04 22:07 --------- d-----w c:\program files\Common Files\PAC207
2009-02-04 17:34 --------- d-----w c:\users\beernaert\AppData\Roaming\vlc
2009-02-04 17:34 --------- d-----w c:\program files\Samsung
2009-02-04 17:34 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-04 17:34 --------- d-----w c:\program files\CCleaner
2009-02-04 17:33 --------- d-----w c:\program files\ATI
2009-02-04 14:23 --------- d-----w c:\program files\ATI Technologies
2009-01-27 20:42 --------- d-----w c:\program files\Portrait Displays
2009-01-25 17:23 --------- d-----w c:\program files\Hewlett-Packard
2009-01-25 09:35 --------- d-----w c:\programdata\Lavasoft
2009-01-20 09:36 --------- d-----w c:\users\beernaert\AppData\Roaming\Malwarebytes
2009-01-20 09:36 --------- d-----w c:\programdata\Malwarebytes
2009-01-15 20:46 --------- d-----w c:\program files\Windows Mail
2009-01-14 15:11 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 15:11 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-01-13 08:45 954,368 ----a-w c:\windows\system32\drivers\athr.sys
2009-01-05 20:04 --------- d-----w c:\users\beernaert\AppData\Roaming\ISP Monitor
2009-01-04 16:25 --------- d-----w c:\program files\VistaCodecPack
2009-01-04 10:37 --------- d-----w c:\programdata\VistaCodecs
2009-01-03 22:42 81,984 ----a-w c:\windows\System32\bdod.bin
2009-01-03 17:06 --------- d-----w c:\users\beernaert\AppData\Roaming\BitDefender
2009-01-03 17:04 --------- d-----w c:\program files\Common Files\BitDefender
2009-01-03 17:04 --------- d-----w c:\program files\BitDefender
2008-12-31 12:57 --------- d-----r c:\program files\Skype
2008-12-31 07:06 --------- d-----w c:\users\beernaert\AppData\Roaming\skypePM
2008-12-30 15:45 --------- d-----w c:\program files\VS Revo Group
2008-12-29 14:08 --------- d-----w c:\programdata\Skype
2008-12-24 11:05 1,036,288 ----a-w c:\windows\System32\VSFilter.dll
2008-12-08 11:53 57,344 ----a-w c:\windows\System32\ff_vfw.dll
2008-12-07 12:08 795,648 ----a-w c:\windows\System32\xvidcore.dll
2008-12-07 12:08 130,048 ----a-w c:\windows\System32\xvidvfw.dll
2008-12-03 19:15 2,030,080 ----a-w c:\windows\System32\python30.dll
2008-11-21 12:11 160 ----a-w c:\users\beernaert\AppData\Roaming\wklnhst.dat
2008-07-04 19:29 174 --sha-w c:\program files\desktop.ini
2008-06-24 15:28 56 ---ha-w c:\users\All Users\ezsidmv.dat
2008-06-24 15:28 56 ---ha-w c:\programdata\ezsidmv.dat
2008-11-12 15:03 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\History\History.IE5\index.da t
2008-11-12 15:03 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-11-12 15:03 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Ro aming\Microsoft\Windows\Cookies\index.dat
2008-06-15 07:34 22 --sha-w c:\windows\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((( SnapShot@2009-02-28_21.17.32,08 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-02-28 15:19:42 3,308 ----a-w c:\windows\bthservsdp.dat
+ 2009-02-28 20:27:37 3,308 ----a-w c:\windows\bthservsdp.dat
- 2009-02-28 17:44:32 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
+ 2009-02-28 20:28:43 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
- 2009-02-28 17:44:32 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
+ 2009-02-28 20:28:43 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
- 2009-02-28 17:55:11 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-28 20:30:09 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-28 20:30:09 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat .LOG1
- 2009-02-28 17:55:06 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.D AT
+ 2009-02-28 20:30:04 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.D AT
+ 2009-02-28 20:30:04 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.d at.LOG1
- 2009-02-28 18:55:26 101,052 ----a-w c:\windows\System32\perfc009.dat
+ 2009-02-28 20:33:52 101,052 ----a-w c:\windows\System32\perfc009.dat
- 2009-02-28 18:55:26 126,648 ----a-w c:\windows\System32\perfc013.dat
+ 2009-02-28 20:33:52 126,648 ----a-w c:\windows\System32\perfc013.dat
- 2009-02-28 18:55:26 586,980 ----a-w c:\windows\System32\perfh009.dat
+ 2009-02-28 20:33:52 586,980 ----a-w c:\windows\System32\perfh009.dat
- 2009-02-28 18:55:26 667,114 ----a-w c:\windows\System32\perfh013.dat
+ 2009-02-28 20:33:52 667,114 ----a-w c:\windows\System32\perfh013.dat
- 2009-02-28 17:46:27 11,482 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4198273856-2802487723-2920741586-1000_UserData.bin
+ 2009-02-28 20:30:49 11,482 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4198273856-2802487723-2920741586-1000_UserData.bin
- 2009-02-28 17:46:27 80,802 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin
+ 2009-02-28 20:30:49 80,928 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin
- 2009-02-28 17:46:26 54,712 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin
+ 2009-02-28 20:30:48 54,854 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Google Update"="c:\users\beernaert\AppData\Local\Google\Update\Goo gleUpdate.exe" [2008-12-20 133104]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-02-04 23975720]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-19 c:\windows\System32\oobefldr.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
"DT HPW"="c:\program files\Common Files\Portrait Displays\Shared\DT_startup.exe" [2008-07-14 81920]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 61440]
"BDAgent"="c:\program files\BitDefender\BitDefender 2008\bdagent.exe" [2009-01-03 360448]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-15 136600]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 c:\windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"NoResolveTrack"= 0 (0x0)
"NoFileAssociate"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= divxa32.acm

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-11-04 10:30 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2008-01-19 08:38 1008184 c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{3F33BC46-529F-47F8-B659-0F212CB45258}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{710EE531-190F-41D6-83C6-948DE8021B1E}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{D7C8FFB3-1576-4174-93DE-31BB979E7ED7}"= UDP:9420:Red Swoosh
"{C3D49CCD-2E00-4CEE-AE7E-9DEA8D5960E5}"= TCP:5000:Red Swoosh
"TCP Query User{FB54CE7F-3B67-4A1A-8C40-456BB76A21CD}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{532403EA-9E84-4199-B11A-F39F24C8B65B}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{9BB8B88D-4021-4525-BBA1-2580A69A8CC9}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{22686D4F-F0E1-49F0-97F0-3F18FE54CC29}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent
"{C0F268AE-7745-41A3-9336-319E92850F7C}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{044AFADB-F4DA-4F1C-940B-247575AF68A7}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{A7FC72EB-6323-4910-98E1-1CB955A17F04}"= UDP:9420:Akamai NetSession Interface
"{91DFE7A0-52D2-4FD4-B6F1-3104A89BCD4B}"= TCP:5000:Akamai NetSession Interface
"{D87497BD-DE77-4DC4-864C-659760FC4DEC}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{71945091-F188-432A-9C2E-1DDAC52AC88F}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{AA1998A0-1433-47E9-A580-00346364F419}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{2802723E-56EE-452C-B2F6-D29FAA35FCEA}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-01-15 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-01-15 55024]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\System32\drivers\bdfndisf.sys [2008-01-25 85520]
R3 PAC207;SoC PC-Camera;c:\windows\System32\drivers\PFC027.SYS [2006-12-05 507136]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-01-15 7408]
S4 ISPMonitorSrv;ISP Monitor;c:\program files\ISP Monitor\ISPMonitorSrv.exe [2007-08-23 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
bthsvcs REG_MULTI_SZ BthServ
bdx REG_MULTI_SZ scan
.
Inhoud van de 'Gedeelde Taken' map

2009-02-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4198273856-2802487723-2920741586-1000.job
- c:\users\beernaert\AppData\Local\Google\Update\Goo gleUpdate.exe [2008-12-20 13:44]

2009-02-27 c:\windows\Tasks\NeroLiveEpgUpdate-pchuis_beernaert.job
- c:\program files\Nero\Nero 9\Nero Live\NeroLive.exe []
.
.
------- Bijkomende Scan -------
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=81&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-28 21:41:12
Windows 6.0.6001 Service Pack 1 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

************************************************** ************************
.
Voltooingstijd: 2009-02-28 21:42:59
ComboFix-quarantined-files.txt 2009-02-28 20:42:56
ComboFix2.txt 2009-02-28 20:26:35
ComboFix3.txt 2009-02-28 20:20:19

Pre-Run: 433.360.162.816 bytes beschikbaar
Post-Run: 433,326,465,024 bytes beschikbaar

277 --- E O F --- 2009-02-18 20:24:16

S.A.S. heeft zijn best al gedaan. :D

een opmerking.
c:\users\beernaert\Documents\Downloads\ComboFix.ex e

staat niet op de goede plek, hij moet op het bureaublad staan, verplaats het bestand naar het bureaublad.

Doe dan dit.

Verwijder ComboFix via Start > Uitvoeren, kopiëer en plak Combofix /U
Klik op OK of toets Enter.
Dit verwijdert zowel ComboFix, als je oude systeemherstelpunten (met eventuele restanten van malware), en maakt een nieuw systeemherstelpunt aan.

http://i78.photobucket.com/albums/j116/amateur_photos/CFuninstall.png

ComboFix 09-03-02.01 - beernaert 2009-03-02 19:01:32.5 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1043.18.2046.1298 [GMT 1:00]
Gestart vanuit: c:\users\beernaert\Desktop\ComboFix.exe
AV: Bitdefender Antivirus *On-access scanning disabled* (Updated)
FW: Bitdefender Firewall *disabled*
.

(((((((((((((((((((( Bestanden Gemaakt van 2009-02-02 to 2009-03-02 ))))))))))))))))))))))))))))))
.

2009-03-01 18:36 . 2009-03-01 18:36 <DIR> d-------- c:\users\beernaert\AppData\Roaming\TuneUp Software
2009-03-01 18:36 . 2009-03-01 18:36 603,904 --a------ c:\windows\System32\TUProgSt.exe
2009-03-01 18:36 . 2009-03-01 18:36 360,192 --a------ c:\windows\System32\TuneUpDefragService.exe
2009-03-01 18:36 . 2008-12-11 13:31 27,904 --a------ c:\windows\System32\uxtuneup.dll
2009-03-01 18:36 . 2008-12-11 13:31 17,152 --a------ c:\windows\System32\authuitu.dll
2009-03-01 18:35 . 2009-03-01 18:35 <DIR> d-------- c:\users\All Users\TuneUp Software
2009-03-01 18:35 . 2009-03-01 18:35 <DIR> d--hs---- c:\users\All Users\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-01 18:35 . 2009-03-01 18:35 <DIR> d-------- c:\programdata\TuneUp Software
2009-03-01 18:35 . 2009-03-01 18:35 <DIR> d--hs---- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-01 18:35 . 2009-03-01 18:36 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-03-01 17:37 . 2009-03-01 17:37 <DIR> d-------- c:\program files\QuickTime
2009-03-01 17:17 . 2009-03-01 17:17 <DIR> d-------- c:\program files\Secunia
2009-02-26 20:38 . 2009-02-26 20:38 <DIR> d-------- c:\program files\Trend Micro
2009-02-26 04:10 . 2009-03-01 01:28 <DIR> d-------- c:\program files\Uniblue
2009-02-24 21:07 . 2009-02-24 21:07 <DIR> d-------- c:\program files\Lavalys
2009-02-22 15:12 . 2009-02-22 15:12 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-02-21 20:27 . 2009-02-22 18:17 <DIR> d-------- c:\users\beernaert\AppData\Roaming\PeaZip
2009-02-19 19:06 . 2009-02-22 15:12 <DIR> d-------- c:\users\beernaert\AppData\Roaming\SUPERAntiSpywar e.com
2009-02-19 19:06 . 2009-02-19 19:06 <DIR> d-------- c:\users\All Users\SUPERAntiSpyware.com
2009-02-19 19:06 . 2009-02-19 19:06 <DIR> d-------- c:\programdata\SUPERAntiSpyware.com
2009-02-19 19:06 . 2009-02-22 15:12 <DIR> d-------- c:\program files\SUPERAntiSpyware
2009-02-18 20:58 . 2009-02-18 20:58 34 --a------ c:\windows\System32\oeminfo.ini
2009-02-18 15:53 . 2003-01-26 12:41 40,960 --a------ c:\windows\System32\ssubtmr6.dll
2009-02-18 15:53 . 2007-08-31 17:36 36,864 --a------ c:\windows\System32\trayicon_handler.ocx
2009-02-15 13:09 . 2009-02-15 13:09 <DIR> d----c--- c:\windows\System32\DRVSTORE
2009-02-15 13:09 . 2008-04-17 13:12 107,368 --a------ c:\windows\System32\GEARAspi.dll
2009-02-15 13:09 . 2008-04-17 13:12 15,464 --a------ c:\windows\System32\drivers\GEARAspiWDM.sys
2009-02-15 13:08 . 2009-02-15 13:09 <DIR> d-------- c:\users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-02-15 13:08 . 2009-02-15 13:09 <DIR> d-------- c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BC F6}
2009-02-15 13:08 . 2009-02-15 13:09 <DIR> d-------- c:\program files\iTunes
2009-02-15 13:08 . 2009-02-15 13:08 <DIR> d-------- c:\program files\iPod
2009-02-15 13:08 . 2009-02-15 13:08 <DIR> d-------- c:\program files\Bonjour
2009-02-15 13:07 . 2009-02-15 13:07 <DIR> d-------- c:\program files\Apple Software Update
2009-02-15 13:06 . 2009-02-15 13:06 <DIR> d-------- c:\users\All Users\Apple
2009-02-15 13:06 . 2009-02-15 13:06 <DIR> d-------- c:\programdata\Apple
2009-02-15 13:06 . 2009-02-15 13:08 <DIR> d-------- c:\program files\Common Files\Apple
2009-02-11 20:27 . 2009-02-18 21:24 83,296,256 --a------ c:\windows\ocsetup_install_NetFx3.etl
2009-02-11 20:27 . 2009-02-18 21:24 589,824 --a------ c:\windows\ocsetup_cbs_install_NetFx3.perf
2009-02-11 20:27 . 2009-02-18 21:24 65,536 --a------ c:\windows\ocsetup_cbs_install_NetFx3.dpx
2009-02-11 20:26 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll
2009-02-11 20:26 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll
2009-02-11 20:26 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax
2009-02-11 20:26 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
2009-02-11 20:26 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax
2009-02-11 20:20 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-11 20:20 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll
2009-02-11 08:17 . 2009-02-11 20:18 <DIR> d-------- c:\windows\Logs
2009-02-10 13:22 . 2009-02-10 13:32 <DIR> d-------- c:\users\beernaert\AppData\Roaming\DriverCure
2009-02-10 13:22 . 2009-02-10 13:22 <DIR> d-------- c:\users\All Users\ParetoLogic
2009-02-10 13:22 . 2009-02-10 13:32 <DIR> d-------- c:\users\All Users\DriverCure
2009-02-10 13:22 . 2009-02-10 13:22 <DIR> d-------- c:\programdata\ParetoLogic
2009-02-10 13:22 . 2009-02-10 13:32 <DIR> d-------- c:\programdata\DriverCure
2009-02-10 13:22 . 2009-02-10 13:22 <DIR> d-------- c:\program files\Common Files\ParetoLogic
2009-02-07 17:49 . 2009-02-21 05:53 <DIR> d-------- c:\users\beernaert\AppData\Roaming\Ashampoo Photo Commander 5
2009-02-07 12:51 . 2009-02-07 17:45 <DIR> d-------- c:\program files\Ashampoo
2009-02-06 22:28 . 2009-02-06 22:28 <DIR> d-------- c:\users\beernaert\AppData\Roaming\Canneverbe_Limi ted
2009-02-06 22:00 . 2009-02-06 22:00 <DIR> d-------- c:\windows\PCHEALTH
2009-02-06 10:07 . 2009-02-07 12:58 <DIR> d-------- c:\users\beernaert\AppData\Roaming\Ashampoo
2009-02-06 10:00 . 2009-02-06 10:00 <DIR> d-------- c:\users\All Users\ashampoo
2009-02-06 10:00 . 2009-02-06 10:00 <DIR> d-------- c:\programdata\ashampoo
2009-02-04 23:07 . 2009-02-04 23:07 <DIR> d-------- c:\program files\PC Camera
2009-02-04 23:07 . 2006-11-03 10:59 48,128 --a------ c:\windows\System32\Remove.exe
2009-02-04 23:07 . 2007-03-15 11:01 284 --a------ c:\windows\System32\Remover.ini
2009-02-04 19:23 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll
2009-02-04 19:23 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe
2009-02-04 19:23 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe
2009-02-04 19:23 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNativ e_v0300.dll
2009-02-04 19:23 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll
2009-02-04 19:23 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll
2009-02-04 19:23 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl
2009-02-04 19:23 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll
2009-02-04 19:19 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll
2009-02-04 19:19 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll
2009-02-04 19:19 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll
2009-02-04 19:19 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll
2009-02-04 19:19 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32\netfxperf.dll
2009-02-04 14:31 . 2009-02-04 14:31 <DIR> d-------- c:\users\All Users\ATI
2009-02-04 14:31 . 2009-02-04 14:31 <DIR> d-------- c:\programdata\ATI
2009-02-04 13:33 . 2009-02-04 13:33 <DIR> d-------- c:\program files\PC Drivers HeadQuarters(209)

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-03-02 18:03 --------- d-----w c:\users\beernaert\AppData\Roaming\Skype
2009-03-01 13:08 --------- d-----w c:\users\beernaert\AppData\Roaming\uTorrent
2009-03-01 00:13 --------- d-----w c:\program files\Intel
2009-02-26 03:07 --------- d-----w c:\programdata\PC Drivers HeadQuarters
2009-02-26 03:06 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-18 09:34 --------- d-----w c:\program files\ISP Monitor
2009-02-18 09:33 737,280 ----a-w c:\windows\iun6002.exe
2009-02-15 12:07 --------- d-----w c:\programdata\Apple Computer
2009-02-15 10:46 410,984 ----a-w c:\windows\System32\deploytk.dll
2009-02-15 10:46 --------- d-----w c:\program files\Java
2009-02-12 18:30 --------- d-----w c:\users\beernaert\AppData\Roaming\dvdcss
2009-02-10 19:47 --------- d-----w c:\programdata\BitDefender
2009-02-08 18:47 --------- d---a-w c:\program files\Common Files\LightScribe
2009-02-08 18:21 --------- d-----w c:\programdata\LightScribe
2009-02-04 22:07 --------- d-----w c:\program files\Common Files\PAC207
2009-02-04 17:34 --------- d-----w c:\users\beernaert\AppData\Roaming\vlc
2009-02-04 17:34 --------- d-----w c:\program files\Samsung
2009-02-04 17:34 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-04 17:34 --------- d-----w c:\program files\CCleaner
2009-02-04 17:33 --------- d-----w c:\program files\ATI
2009-02-04 14:23 --------- d-----w c:\program files\ATI Technologies
2009-01-27 20:42 --------- d-----w c:\program files\Portrait Displays
2009-01-25 17:23 --------- d-----w c:\program files\Hewlett-Packard
2009-01-25 09:35 --------- d-----w c:\programdata\Lavasoft
2009-01-20 09:36 --------- d-----w c:\users\beernaert\AppData\Roaming\Malwarebytes
2009-01-20 09:36 --------- d-----w c:\programdata\Malwarebytes
2009-01-15 20:46 --------- d-----w c:\program files\Windows Mail
2009-01-14 15:11 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 15:11 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-01-13 08:45 954,368 ----a-w c:\windows\system32\drivers\athr.sys
2009-01-05 20:04 --------- d-----w c:\users\beernaert\AppData\Roaming\ISP Monitor
2009-01-04 16:25 --------- d-----w c:\program files\VistaCodecPack
2009-01-04 10:37 --------- d-----w c:\programdata\VistaCodecs
2009-01-03 22:42 81,984 ----a-w c:\windows\System32\bdod.bin
2009-01-03 17:06 --------- d-----w c:\users\beernaert\AppData\Roaming\BitDefender
2009-01-03 17:04 --------- d-----w c:\program files\Common Files\BitDefender
2009-01-03 17:04 --------- d-----w c:\program files\BitDefender
2008-12-24 11:05 1,036,288 ----a-w c:\windows\System32\VSFilter.dll
2008-12-08 11:53 57,344 ----a-w c:\windows\System32\ff_vfw.dll
2008-12-07 12:08 795,648 ----a-w c:\windows\System32\xvidcore.dll
2008-12-07 12:08 130,048 ----a-w c:\windows\System32\xvidvfw.dll
2008-12-03 19:15 2,030,080 ----a-w c:\windows\System32\python30.dll
2008-11-21 12:11 160 ----a-w c:\users\beernaert\AppData\Roaming\wklnhst.dat
2008-07-04 19:29 174 --sha-w c:\program files\desktop.ini
2008-06-24 15:28 56 ---ha-w c:\users\All Users\ezsidmv.dat
2008-06-24 15:28 56 ---ha-w c:\programdata\ezsidmv.dat
2008-11-12 15:03 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\History\History.IE5\index.da t
2008-11-12 15:03 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-11-12 15:03 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Ro aming\Microsoft\Windows\Cookies\index.dat
2008-06-15 07:34 22 --sha-w c:\windows\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-02-04 23975720]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 61440]
"BDAgent"="c:\program files\BitDefender\BitDefender 2008\bdagent.exe" [2009-01-03 360448]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 c:\windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"NoResolveTrack"= 0 (0x0)
"NoFileAssociate"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= divxa32.acm

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2009-01-05 16:18 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2008-01-19 08:38 1008184 c:\program files\Windows Defender\MSASCui.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run-]
"Google Update"="c:\users\beernaert\AppData\Local\Google\Update\Goo gleUpdate.exe" /c
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe"
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"DT HPW"=c:\program files\Common Files\Portrait Displays\Shared\DT_startup.exe -HPW

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{3F33BC46-529F-47F8-B659-0F212CB45258}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{710EE531-190F-41D6-83C6-948DE8021B1E}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{D7C8FFB3-1576-4174-93DE-31BB979E7ED7}"= UDP:9420:Red Swoosh
"{C3D49CCD-2E00-4CEE-AE7E-9DEA8D5960E5}"= TCP:5000:Red Swoosh
"TCP Query User{FB54CE7F-3B67-4A1A-8C40-456BB76A21CD}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{532403EA-9E84-4199-B11A-F39F24C8B65B}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{9BB8B88D-4021-4525-BBA1-2580A69A8CC9}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{22686D4F-F0E1-49F0-97F0-3F18FE54CC29}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent
"{C0F268AE-7745-41A3-9336-319E92850F7C}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{044AFADB-F4DA-4F1C-940B-247575AF68A7}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{A7FC72EB-6323-4910-98E1-1CB955A17F04}"= UDP:9420:Akamai NetSession Interface
"{91DFE7A0-52D2-4FD4-B6F1-3104A89BCD4B}"= TCP:5000:Akamai NetSession Interface
"{D87497BD-DE77-4DC4-864C-659760FC4DEC}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{71945091-F188-432A-9C2E-1DDAC52AC88F}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{AA1998A0-1433-47E9-A580-00346364F419}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{2802723E-56EE-452C-B2F6-D29FAA35FCEA}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-01-15 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-01-15 55024]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-03-01 603904]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\System32\drivers\bdfndisf.sys [2008-01-25 85520]
R3 PAC207;SoC PC-Camera;c:\windows\System32\drivers\PFC027.SYS [2006-12-05 507136]
S3 PSI;PSI;c:\windows\System32\drivers\psi_mf.sys [2008-12-10 7808]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-01-15 7408]
S4 ISPMonitorSrv;ISP Monitor;c:\program files\ISP Monitor\ISPMonitorSrv.exe [2007-08-23 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
bthsvcs REG_MULTI_SZ BthServ
bdx REG_MULTI_SZ scan

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhoud van de 'Gedeelde Taken' map

2009-03-02 c:\windows\Tasks\1-klik Onderhoud.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 15:12]

2009-03-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4198273856-2802487723-2920741586-1000.job
- c:\users\beernaert\AppData\Local\Google\Update\Goo gleUpdate.exe [2008-12-20 13:44]

2009-02-28 c:\windows\Tasks\NeroLiveEpgUpdate-pchuis_beernaert.job
- c:\program files\Nero\Nero 9\Nero Live\NeroLive.exe []
.
.
------- Bijkomende Scan -------
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=81&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-02 19:03:50
Windows 6.0.6001 Service Pack 1 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

************************************************** ************************
.
Voltooingstijd: 2009-03-02 19:05:51
ComboFix-quarantined-files.txt 2009-03-02 18:05:47
ComboFix2.txt 2009-02-28 21:03:12

Pre-Run: 422.608.683.008 bytes beschikbaar
Post-Run: 421,741,748,224 bytes beschikbaar

259 --- E O F --- 2009-02-28 21:27:42

Dat is niet combofix verwijderen maar runnen ? :eek:

( Dat is niet combofix verwijderen maar runnen ? )
Sorry maar wat bedoeld u.

Doe dan dit.

Verwijder ComboFix via Start > Uitvoeren, kopiëer en plak Combofix /U
Klik op OK of toets Enter.
Dit verwijdert zowel ComboFix, als je oude systeemherstelpunten (met eventuele restanten van malware), en maakt een nieuw systeemherstelpunt aan.

http://i78.photobucket.com/albums/j116/amateur_photos/CFuninstall.png

Sorry voor de late reactie. Maar het probleem is verholpen. Weet niet hoe maar krijg geen waarschuwing meer. Bedankt Juisterr om mij van dienst te zijn. Hartelijk dank u.

Heel fijn, ik zet het topic op ok en zal het sluiten.