Hele pc flipt zwaar!!

[Sarana]

Het loopt weer totaal fout. Spybot kan echter niks vinden. Toch zit er iets op mijn pc dat niet deugt.

Antivir start niet meer mee op en staat dus niet meer rechts in taakbalk.
Antivir kan ook niet meer verwijderd worden met RevoUninstaller. Geeft foutmeldingen dat deïnstallatien niet lukt of niet het juiste deïnstallatieprogramma werd gekozen. Ook Adobe reader die ik wil updaten kan ik niet meer verwijderen. Geeft ook foutmelding.
Bij opstarten van pc komt er ook een foutmelding dat Avira niet kan gevonden worden.
Bij elke opstart komen er foutmeldingen van Spybot dat er registerwaarden en Boot waarden zijn veranderd.
Ook is plots het lettertype van mijn werkbalken en vensters verkleind.
Ik had gisteren systeemherstel naar zondag gedaan. Had alles terug in orde kunnen zetten en vanmorgen bij opstart is alles dus grondig om zeep.
Heb terug hersteld naar zondag maar dit helpt niks. Telkens veranderen andere dingen op de pc. Programma's verdwijnen of vallen uit.
De Flashplayer moet ook opnieuw ge-update worden. Was me gelukt maar ben alles terug kwijt door systeemherstel

Ik had volgende programma's lopen tegen spyware en virussen:
Ad-aware
Spywareblaster
Spybot Search&Destroy
Avira Antivir
Zit er een softwareconflict voor iets tussen?

Spywareblaster viel ook altijd uit.

Help!!


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:41:43, on 6/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\IC Media Corp\ICM532\Launchpad.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\sw g.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Launchpad.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

--
End of file - 6878 bytes

[Rosty]

Download RSIT door random/random en sla het op je Bureaublad op.

• Dubbelklik op RSIT om het te starten.
• Wanneer de tool TrendMicro's HijackThis niet kan localiseren, dan zal het die downloaden.
  Gelieve te verhinderen dat een firewall of soortgelijk programma deze download blokkeert en de installatie ervan toe te staan.
• Klik daarna op Continue in het disclaimer venster van RSIT.
• Zodra de scan beëindigd is, zullen twee logs openen. Post de inhoud van log.txt (<<zal gemaximaliseerd zijn) en info.txt (<<zal geminimaliseerd zijn) in je volgende antwoord

Indien je ook info.txt wilt zien bij de daaropvolgende runs,
dien je ofwel C:\rsit\info.txt te verwijderen ofwel RSIT.exe te runnen met de /info switch.

[Sarana]

Logfile of random's system information tool 1.04 (written by random/random)
Run by Boek at 2008-11-06 18:12:57
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 62 GB (82%) free of 76 GB
Total RAM: 191 MB (10% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:13:01, on 6/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\IC Media Corp\ICM532\Launchpad.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Boek\Bureaublad\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Boek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\sw g.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Launchpad.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Locate Spot on Map by GPS - C:\Program Files\Opanda\IExif 2.3\IExifMap.htm
O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Program Files\Opanda\IExif 2.3\IExifCom.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

--
End of file - 7003 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Help bij koppelingen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-03-02 2423872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\sw g.dll [2007-05-16 324536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-03-02 2423872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.e xe [2001-09-04 28672]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-02-24 335872]
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-07-30 143360]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-06 57344]
"ezShieldProtector for Px"=C:\WINDOWS\system32\ezSP_Px.exe [2002-08-20 40960]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-10-01 111936]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Boek^Start Menu^Programs^Startup^Memeo AutoBackup Launcher.lnk]
C:\Documents and Settings\Boek\Application Data\Microsoft\Installer\{6BCEB97B-F315-455D-BC2D-565A1A6781E8}\NewShortcut4_51A847D327C24F7797772AF 2A4E486ED.exe [2008-07-30 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Boek^Start Menu^Programs^Startup^Memeo AutoSync Launcher.lnk]
C:\PROGRA~1\Memeo\AutoSync\MEMEOL~1.EXE [2007-07-06 125976]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten
Launchpad.lnk - C:\Program Files\IC Media Corp.\ICM532\Launchpad.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-02-24 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier]
WRLogonNTF.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\explorer]
"NoResolveSearch"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32 \sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32 \sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{bc7fdbf4-5e24-11dd-9de2-00112f4cd7e0}]
shell\AutoRun\command - E:\wd_windows_tools\setup.exe


======List of files/folders created in the last 1 months======

2008-11-06 18:03:30 ----D---- C:\rsit
2008-11-06 17:59:29 ----A---- C:\WINDOWS\system32\TBD9D.tmp
2008-11-06 17:16:23 ----D---- C:\ComboFix
2008-11-06 17:15:14 ----D---- C:\Program Files\Uniblue
2008-11-06 17:15:02 ----D---- C:\Documents and Settings\All Users\Application Data\DriverScanner
2008-11-06 17:15:01 ----D---- C:\Documents and Settings\Boek\Application Data\Uniblue
2008-11-06 17:13:45 ----HD---- C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2008-11-06 17:11:22 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-11-06 17:08:30 ----D---- C:\Program Files\SpywareBlaster
2008-11-06 14:24:38 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-06 14:23:37 ----D---- C:\WINDOWS\temp
2008-11-06 12:52:45 ----D---- C:\Documents and Settings\All Users\Application Data\Avira(3)
2008-11-05 21:31:10 ----D---- C:\Documents and Settings\All Users\Application Data\Avira(2)
2008-11-05 20:02:58 ----DC---- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-11-02 19:47:05 ----D---- C:\Program Files\Lavasoft
2008-11-02 19:47:02 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-10-30 18:03:17 ----D---- C:\Program Files\Windows Installer Clean Up
2008-10-30 18:02:42 ----D---- C:\Program Files\MSECACHE
2008-10-30 16:29:43 ----D---- C:\WINDOWS\system32\regdacl
2008-10-30 16:29:43 ----A---- C:\kaflog.txt
2008-10-30 10:59:03 ----A---- C:\rapport.txt
2008-10-29 20:16:32 ----SHD---- C:\RECYCLER
2008-10-29 18:53:57 ----D---- C:\Program Files\Avira
2008-10-29 15:03:57 ----D---- C:\Program Files\Sophos
2008-10-25 13:20:56 ----A---- C:\WINDOWS\ATICIM.INI
2008-10-25 11:47:35 ----D---- C:\ATI
2008-10-24 11:14:39 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-23 14:47:49 ----D---- C:\WINDOWS\SoftwareDistribution
2008-10-22 17:10:44 ----D---- C:\Program Files\Mozilla Firefox
2008-10-18 17:22:59 ----D---- C:\Program Files\iPod
2008-10-18 17:22:47 ----D---- C:\Program Files\iTunes
2008-10-18 17:22:47 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-18 17:17:53 ----D---- C:\Program Files\Bonjour
2008-10-17 14:13:20 ----D---- C:\Documents and Settings\Boek\Application Data\ErrorSmart
2008-10-15 11:17:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-10-15 11:16:59 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-15 11:16:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-15 11:16:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-15 11:16:20 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 11:16:06 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-13 14:58:16 ----A---- C:\WINDOWS\UPGRADE.TXT

======List of files/folders modified in the last 1 months======

2008-11-06 18:06:37 ----D---- C:\Documents and Settings\Boek\Application Data\Skype
2008-11-06 18:03:41 ----D---- C:\WINDOWS\Prefetch
2008-11-06 17:59:34 ----D---- C:\Config.Msi
2008-11-06 17:59:29 ----D---- C:\WINDOWS\system32
2008-11-06 17:58:39 ----RSD---- C:\WINDOWS\assembly
2008-11-06 17:58:10 ----SHD---- C:\WINDOWS\Installer
2008-11-06 17:58:01 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-06 17:57:46 ----D---- C:\WINDOWS\WinSxS
2008-11-06 17:49:54 ----D---- C:\WINDOWS\Debug
2008-11-06 17:49:54 ----D---- C:\WINDOWS
2008-11-06 17:48:58 ----RAD---- C:\Program Files
2008-11-06 17:43:07 ----D---- C:\Program Files\Hardwood Backgammon
2008-11-06 17:28:38 ----D---- C:\Documents and Settings\Boek\Application Data\skypePM
2008-11-06 17:17:01 ----D---- C:\WINDOWS\system32\config
2008-11-06 17:16:42 ----D---- C:\WINDOWS\system32\wbem
2008-11-06 17:16:40 ----D---- C:\WINDOWS\Registration
2008-11-06 17:14:51 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-06 17:14:51 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-06 17:14:34 ----HD---- C:\WINDOWS\inf
2008-11-06 17:14:07 ----D---- C:\Program Files\Common Files\Adobe
2008-11-06 17:14:07 ----D---- C:\Program Files\Adobe
2008-11-06 17:14:07 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-11-06 17:11:27 ----D---- C:\WINDOWS\system32\drivers
2008-11-06 17:11:11 ----D---- C:\WINDOWS\system32\Macromed
2008-11-06 17:08:06 ----N---- C:\WINDOWS\SchedLgU.Txt
2008-11-06 14:30:38 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-11-06 14:26:23 ----RD---- C:\WINDOWS\Web
2008-11-06 14:25:03 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-04 15:32:22 ----D---- C:\Documents and Settings\Boek\Application Data\AdobeUM
2008-11-02 21:02:26 ----SD---- C:\WINDOWS\Tasks
2008-11-02 19:45:38 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-31 09:54:42 ----D---- C:\WINDOWS\Microsoft.NET
2008-10-30 11:08:01 ----AC---- C:\WINDOWS\win.ini
2008-10-30 11:08:01 ----A---- C:\WINDOWS\system.ini
2008-10-30 10:59:21 ----A---- C:\WINDOWS\system32\tmp.txt
2008-10-30 10:44:18 ----D---- C:\Documents and Settings
2008-10-29 20:50:13 ----SHD---- C:\System Volume Information
2008-10-29 20:50:13 ----D---- C:\WINDOWS\system32\Restore
2008-10-29 20:48:48 ----D---- C:\WINDOWS\ERDNT
2008-10-29 20:09:43 ----D---- C:\WINDOWS\AppPatch
2008-10-29 20:09:43 ----D---- C:\Program Files\Common Files
2008-10-29 12:55:42 ----D---- C:\Program Files\UltimateZip
2008-10-25 12:23:36 ----A---- C:\WINDOWS\Ascd_tmp.ini
2008-10-24 23:30:50 ----D---- C:\Mijn documenten
2008-10-24 19:25:26 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-24 11:14:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-24 11:14:11 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-18 17:23:35 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-10-17 16:41:53 ----RASH---- C:\boot.ini
2008-10-15 17:37:40 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-15 11:29:36 ----D---- C:\Program Files\QuickTime
2008-10-13 15:05:24 ----D---- C:\Program Files\Silver Creek Installer
2008-10-13 15:05:24 ----D---- C:\Program Files\Hardwood Spades
2008-10-13 15:05:13 ----D---- C:\Program Files\WinSnap
2008-10-13 15:04:17 ----D---- C:\WINDOWS\Downloaded Installations
2008-10-13 15:04:13 ----D---- C:\Program Files\Bonjour(2)
2008-10-13 15:03:58 ----D---- C:\Program Files\iTunes(5)
2008-10-13 15:03:58 ----D---- C:\Program Files\iPod(4)
2008-10-07 12:19:42 ----AC---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-omgeving voor serviceproviderondersteuning; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-02-24 679424]
R3 EL90Xbc;3Com 3C90X-BC Family PCI EtherLink Adapter; C:\WINDOWS\system32\DRIVERS\el90Xbc5.SYS [2003-07-30 77465]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-10-01 594048]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
S3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
S3 CCDECODE;Closed Caption-decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DCamUSBUVT;ICM532A; C:\WINDOWS\System32\Drivers\usbuvt.sys [2002-07-10 95232]
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\7.tmp []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video-verbinding; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-09-06 6912]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext-codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 vsdatant;vsdatant; C:\WINDOWS\system32\drivers\vsdatant.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-02-24 397312]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
S2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-02-24 516096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe [2007-04-13 68952]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-16 138680]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2004-05-27 53337]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2004-05-27 69718]
S4 AutoSyncService;Memeo AutoSync ; C:\Program Files\Memeo\AutoSync\MemeoService.exe [2007-07-06 31768]

-----------------EOF-----------------

Info:

info.txt logfile of random's system information tool 1.04 2008-11-06 18:03:49

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plug in.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_acti veX.exe
Adobe Reader 8.1.2 - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A81200000003}
Adobe® Photoshop® Album Starter Edition 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft Camera Suite 2.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14FB1C47-B0F2-4DB6-B9C0-1A817862F9A3}\setup.exe" -l0x9
AsusUpdate-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\AsusUpdate\Uninst.isu"
ATI - Software-verwijderprogramma-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallI NFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean
ATI-stuurprogramma's-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A20C66D4-69CE-4421-ADFC-2759CF0A24FD}\setup.exe"
ATI-stuurprogramma's-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A3B9-08C3-4A2F-B2CB-8EAC3F17F440}\setup.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Beveiligingsupdate for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spunin st.exe"
Beveiligingsupdate for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\ spuninst.exe"
Beveiligingsupdate for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\ spuninst.exe"
Beveiligingsupdate for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spunin st.exe"
Beveiligingsupdate voor Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spunin st.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Canon Camera Access Library-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon Camera Window DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.in i"
Canon Camera Window DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.i ni"
Canon Camera Window MC 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini "
Canon G.726 WMP-Decoder-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini"
Canon Internet Library for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini"
Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities PhotoStitch-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Chuzzle Deluxe 1.0-->C:\Program Files\PopCap Games\Chuzzle Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Chuzzle Deluxe\Install.log"
EasyCleaner-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
Encarta Encyclopedie Winkler Prins-->MsiExec.exe /I{034E0010-3975-4267-9F39-1DC4745090B7}
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
GTK+ 2.6.4 runtime environment-->"C:\Program Files\Common Files\GTK\2.0\unins000.exe"
Hardwood Backgammon-->C:\Program Files\Hardwood Backgammon\Backgammon.exe -Uninstall
Hardwood Euchre-->C:\Program Files\Hardwood Euchre\Euchre.exe -Uninstall
Hardwood Solitaire III-->C:\Program Files\Hardwood Solitaire III\Solitaire III.exe -Uninstall
HighMAT-uitbreiding voor de wizard Cd branden van Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix voor Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spunin st.exe"
Ice Age 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{47F0F784-96DD-4213-A0AB-85AF5C4A2E60}\setup.exe" -l0x13 -removeonly
ICM532-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FD3DF65-694C-4F71-97BA-1A70BB2B8B9C}\SETUP.EXE" -l0x9
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kruidvat Fotoservice-->"C:\Program Files\Kruidvat Fotoservice\Kruidvat Fotoservice\uninstall.exe"
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Dutch Language Pack-->MsiExec.exe /X{168F8BAC-A269-48E9-BB7A-A51B594CF6FF}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Upd ates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Upda tes\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Mic rosoft .NET Framework 2.0\install.exe
Microsoft Office XP Professional-->MsiExec.exe /I{90110413-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Journal Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
MobileMe Control Panel-->MsiExec.exe /I{2604C0F9-BFD3-4BA0-9EB5-22537C648F03}
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Nero - Burning Rom-->MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
NTREGOPT 1.1j-->"C:\Program Files\NT Registry Optimizer\unins000.exe"
Opanda IExif 2.3-->"C:\Program Files\Opanda\IExif 2.3\unins000.exe"
OpenMG Limited Patch 4.0-04-08-02-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.0-04-08-02-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.0.00-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\I Driver.exe /M{6F1974D6-4249-43B6-88B0-9A9B8A33956C} /l1033 UNINSTALL
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
Photo Story 3 voor Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Revo Uninstaller 1.75-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update voor Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SonicStage 2.1.00-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}\setup.exe" -l0x9 UNINSTALL
SonicStage Simple Burner 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A0E8EB8-85C9-461A-B0C1-0DB7C21FA89A}\setup.exe" -l0x9 /UNINSTALL
Sophos Anti-Rootkit 1.3.1-->C:\Program Files\Sophos\Sophos Anti-Rootkit\helper.exe remove
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
UltimateZip 3.0 Beta 2-->"C:\Program Files\UltimateZip\unins000.exe"
Uniblue DriverScanner 2009-->"C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\DriverScanner_Setup.exe" REMOVE=TRUE MODIFY=FALSE
Uniblue DriverScanner 2009-->C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\DriverScanner_Setup.exe
Update voor Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update voor Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spunin st.exe"
WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spu ninst.exe"

=====HijackThis Backups=====

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: Avira AntiVir PersonalEdition (outdated)
AV: NOD32 antivirus systeem 2.51 (disabled) (outdated)
FW: COMODO Firewall Pro

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemr oot%\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Common Files\GTK\2.0\bin;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0304
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;. WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"ICM_532_PRODUCT_VER"=1.4.0.0
"ICM_532_INSTALL_DIR"=C:\Program Files\IC Media Corp.\ICM532\Driver
"ICM_532_INF_PATH"=C:\WINDOWS\INF\oem6.inf
"ICM_532_PNF_PATH"=C:\WINDOWS\INF\oem6.pnf
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------

[Sarana]

Heb intussen al opnieuw systeemherstel moeten doen dit keer naar 29 oktober.

Ik vrees dat ik gisteren een fout veroorzaakt heb door te proberen het programma Uniblue driverscanner te wissen. Ik had op "alles verwijderen geklikt" toen hij zocht naar verdere registerresten en blijkbaar zaten daar windowsbestanden bij
Daarna was ik plots alle toetsen op mijn taakbalk kwijt en moest ik dus systeemherstel doen.
Antivir ontbreekt nog steeds bij het opstarten maar alle andere onderdelen ervan staan wel nog op pc maar kunnen niet gewist worden met RevoUninstaller. Bij stap 3 geeft hij foutmelding.
Opnieuw downloaden kan ook niet.

Maar ik heb dus vandaag al opnieuw systeemherstel naar nog vroeger gedaan maar de opstartfouten enzo blijven

[Sarana]

Deze fout krijg ik bij opstart:

CCPLG.XML:

Unable to find file (C:\Program Files\Avira\Antivir Personal Edition

Classic\ccplg.xml)


Intussen heb ik al opnieuw een Windowsupdate van Microsoft Net Framework 2 SP1 kunnen doen na verwijdering van de oude met msicuu2.

Door het systeemherstel staan ook Spybot S&D en Ad-Aware nu niet meer op mijn pc.
Dus nu heb ik geen enkele bescherming tegen malware meer.

[Rosty]

Hoi,

als je van alles gaat doen zonder dat ik de logjes eerst kan bekijken gaan we lang bezig zijn hoor.

Download MBAM (Malwarebytes' Anti-Malware) via hier of hier.

• Dubbelklik op mbam-setup.exe om het programma te installeren.
  • Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".
  • Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.
  • Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.
  • Het scannen kan een tijdje duren, dus wees geduldig.
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder)
  • De log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in MBAM.
  • Kopieer en plak de inhoud van het logje in je volgend antwoord, samen met een nieuw HijackThis log.
  
  Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken.
  Daarna zal het vragen om de Computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

[Sarana]

Malwarebytes' Anti-Malware 1.24
Database versie: 1061
Windows 5.1.2600 Service Pack 3

17:53:31 7/11/2008
mbam-log-11-7-2008 (17-53-31).txt

Scan type: Snelle Scan
Objecten gescand: 42126
Verstreken tijd: 5 minute(s), 22 second(s)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:56:09, on 7/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\IC Media Corp\ICM532\Launchpad.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\sw g.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Launchpad.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Locate Spot on Map by GPS - C:\Program Files\Opanda\IExif 2.3\IExifMap.htm
O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Program Files\Opanda\IExif 2.3\IExifCom.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

--
End of file - 6787 bytes

[Rosty]

Geenmalware te bespeuren hoor. Al het software forum geraadpleegd?

[Sarana]

Bedankt om dit al na te kijken Rosty.
Ik zal een nieuw topic openen bij overige software.